~ Rapport de ZHPDiag v2014.5.19.69 - Nicolas Coolman  (19/05/2014)
~ Lancé par Chloe (20/05/2014 14:45:23)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Blog d'analyse software : http://nicolascoolman.byethost7.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17107 (Defaut)
MFIE: Mozilla Firefox 29.0.1

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1, 64-bit  (Build 9600)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : MKKF3
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.3.350
COMODO Firewall v7.0.53315.4132
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.12

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informations sur le système
~ Processor: AMD64 Family 21 Model 16 Stepping 1, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3279 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 833 GB (93%) free of 893 GB

---\\ Mode de connexion au système
~ Computer Name: PC-CHLOE
~ User Name: Chloe
~ All Users Names: Chloe, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Chloe\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Chloe\AppData\Roaming\
~ %Desktop% : C:\Users\Chloe\Desktop\
~ %Favorites% : C:\Users\Chloe\Favorites\
~ %LocalAppData% : C:\Users\Chloe\AppData\Local\
~ %StartMenu% : C:\Users\Chloe\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 833 Go of 893 Go)
D: Hard drive, Flash drive, Thumb drive (Free 22 Go of 25 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Explorateur Windows.) (.04/03/2014 - 13:25:49.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2014 - 10:11:56.) -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/02/2014 - 10:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.7C7BE474915166B61B84C025F1F10157] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.03/04/2014 - 03:23:11.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 10:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.18/03/2014 - 09:19:14.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 13:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.0696F66E4D423793951A60562F794D14] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.03/04/2014 - 03:23:05.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.20/03/2014 - 04:41:24.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.22/08/2013 - 20:12:11.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/03/2014 - 13:42:44.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes:  Scanned in 00mn 00s





---\\ Processus lancés
[MD5.C049C40CAEE8900130BD5F80B594CC7B] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe   [95192] [PID.3620]
[MD5.A2B38416E98F90DFA270CB8CFF61BE65] - (.Avira Operations GmbH & Co. KG - Avira.OE.Systray.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe   [183376] [PID.4872]
[MD5.241B07FF7F5943B9C1BF3235F49AC1E1] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe   [689744] [PID.4892]
[MD5.322522D6FF36A539CAD732D182FA6D18] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [7878656] [PID.744]
[MD5.6C856C581ACE1785CE3FC2414E9859A3] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe   [881952] [PID.968]
[MD5.4D282B9C5BB05DF92C9F3977DFB9F916] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe   [440400] [PID.1488]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65432] [PID.1648]
[MD5.65AF41A7A2C5B6693E1B4164E7632C3E] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe   [440400] [PID.1708]
[MD5.07D58D5F7839ABA76118BC037C2C63BD] - (.Conexant Systems, Inc. - SmartAudio Service Application.) -- C:\WINDOWS\SysWOW64\SAsrv.exe   [447104] [PID.1960]
[MD5.E4FAD21646088D79F8889B6531396ACF] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe   [93072] [PID.2008]
[MD5.86B8B1F5C1189D68B07666784BE882FE] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe   [323584] [PID.1172]
[MD5.43B18BAA433FD79DFC7D4B25AF6EB2F9] - (.Avira Operations GmbH & Co. KG - Avira.OE.ServiceHost.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe   [123984] [PID.1524]
[MD5.49F4367F0885E9A77210EA9AC5835A16] - (.IObit - Advanced SystemCare 7 DelayLoad.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\DelayLoad.exe   [468768] [PID.4348]
~ Processes Running:  Scanned in 00mn 50s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Chloe\AppData\Roaming\Mozilla\Firefox\Profiles\3vuty7sr.default\prefs.js
M3 - MFPP: Plugins - [Chloe] -- C:\Users\Chloe\AppData\Roaming\Mozilla\Firefox\Profiles\3vuty7sr.default\searchplugins\Google.xml
M3 - MFPP: Plugins - [Chloe] -- C:\Users\Chloe\AppData\Roaming\Mozilla\Firefox\Profiles\3vuty7sr.default\searchplugins\startpage-https---francais.xml
M0 - MFSP: prefs.js [Chloe - 3vuty7sr.default] http://startpage.com
M2 - MFEP: prefs.js [Chloe - 3vuty7sr.default\foxyproxy@eric.h.jung] [] FoxyProxy Basic v3.2.4 (..)  =>Hijacker.Proxy
M2 - MFEP: prefs.js [Chloe - 3vuty7sr.default\https-everywhere@eff.org] [] HTTPS-Everywhere v3.5.1 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
P2 - FPN: [HKCU] [intel.com/AppUp] - (.Intel - Intel AppUp Hyperlink Plugin.) -- C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp.dll
P2 - FPN: [HKCU] [intel.com/AppUpx64] - (.Intel - Intel AppUp Hyperlink Plugin.) -- C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll
~ Firefox Browser: 8 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17031 (winblue_gdr.140221-1952)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 20 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e-Carte Bleue Browser Helper Object [64Bits] - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\WINDOWS\SysWow64\BhoECart.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 3 Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Chloe]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\Chloe\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\Desktop [Chloe]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\Chloe\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 2 Scanned in 00mn 02s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.) 
O4 - HKLM\..\Run: [RtsFT] . (.Realtek semiconductor - RTFTrack.) -- C:\Windows\RTFTrack.exe 
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe 
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe 
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe 
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe 
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe 
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe   =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [Lenovo App Shop] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\ismagent.exe 
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.OE.Systray.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm®Atheros® - Extension Core.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe 
O4 - HKUS\S-1-5-21-1012240589-1334161995-274872538-1002\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe 
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D4261CEC-071C-4CE1-8D3B-27403872A71F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D4261CEC-071C-4CE1-8D3B-27403872A71F}: DhcpDomain = NB
O17 - HKLM\System\CS1\Services\Tcpip\..\{D4261CEC-071C-4CE1-8D3B-27403872A71F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D4261CEC-071C-4CE1-8D3B-27403872A71F}: DhcpDomain = NB
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) . (.IObit - Advanced SystemCare Service.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira.OE.ServiceHost.) - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: C:\WINDOWS\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\WINDOWS\system32\CxAudMsg64.exe
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - Elan Service.) - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Conexant SmartAudio service (SAService) . (.Conexant Systems, Inc. - SmartAudio Service Application.) - C:\Windows\SysWOW64\SAsrv.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: VeriFaceSrv (VeriFaceSrv) . (...) - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent (ZAtheros Bt and Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
~ Services: 16 Scanned in 01mn 01s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.09E7C37DF4A911C8A9AA8BF88ACD10AA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [257712]
[MD5.D07C1C698247639A15A5C8EED4D63A56] [APT] [ASC7_SkipUac_Chloe] (.IObit.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe   [4469536]
[MD5.DB1654ADB276501C44DB0FE5E8A0841D] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [4613912]
[MD5.00000000000000000000000000000000] [APT] [CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}] (...) -- C:\Users\Chloe\AppData\Local\Temp\cis74F9.exe (.not file.)   [0]
[MD5.7AA0257F4F614D91B3E65C8B0009B3C0] [APT] [Driver Booster Scan] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe   [55104]
[MD5.A20EECED6328A2AF43BF1F53B84F868D] [APT] [Driver Booster SkipUAC (Chloe)] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe   [3775808]
[MD5.9F35EC92087D2106232BEDEC2F52840F] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files (x86)\Maxthon\Bin\mxup.exe   [1671480]
[MD5.C049C40CAEE8900130BD5F80B594CC7B] [APT] [PDVDServ Task] (.CyberLink Corp..) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe   [95192]
[MD5.D67C4C1BAE2B6236F21A115E8316D16C] [APT] [{31DDBD37-5DB7-4030-8064-10B0CAA806C3}] (.COMODO.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe   [1275608]
[MD5.9DED6CF0A6053F65A7D74A006A739ABA] [APT] [COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}] (.COMODO.) -- C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe   [5181144]
[MD5.9DED6CF0A6053F65A7D74A006A739ABA] [APT] [COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}] (.COMODO.) -- C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe   [5181144]
[MD5.1A747C4BDABE714E9BA1667BF1A22C41] [APT] [Experience Improvement] (.Lenovo.) -- C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe   [241480]
[MD5.303F49203EDAE149584AFA368268F50F] [APT] [LSCHardwareScan] (...) -- C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe   [148840]
[MD5.7719357B2B93938A0C2D23C4E0FAC570] [APT] [RebootCountTask] (.Lenovo.) -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe   [1663456]
[MD5.7719357B2B93938A0C2D23C4E0FAC570] [APT] [Time72Task] (.Lenovo.) -- C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe   [1663456]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [1002]
O39 - APT: ASC7_SkipUac_Chloe - (.IObit.) -- C:\Windows\Tasks\ASC7_SkipUac_Chloe.job   [260]
O39 - APT: ASC7_SkipUac_Chloe - (.IObit.) -- C:\Windows\System32\Tasks\ASC7_SkipUac_Chloe   [260]
O39 - APT: Driver Booster SkipUAC (Chloe) - (.IObit.) -- C:\Windows\Tasks\Driver Booster SkipUAC (Chloe).job   [266]
O39 - APT: Driver Booster SkipUAC (Chloe) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (Chloe)   [266]
~ Scheduled Task: 23 Scanned in 00mn 07s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver:  (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver:  (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\system32\DRIVERS\avkmgr.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver:  (cmderd) . (.COMODO - COMODO Internet Security Eradication Driver.) - C:\Windows\System32\DRIVERS\cmderd.sys
O41 - Driver:  (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\Windows\System32\DRIVERS\cmdguard.sys
O41 - Driver:  (cmdhlp) . (.COMODO - COMODO Internet Security Helper Driver.) - C:\Windows\system32\DRIVERS\cmdhlp.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: oem62.inf (inspect) . (.COMODO - COMODO Internet Security Firewall Driver.) - C:\Windows\system32\DRIVERS\inspect.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
~ Drivers: 44 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000}
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {93B74B18-1E5A-A366-3AA0-1E6EFA4D8868}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {49717648-68B0-3342-F28B-7DF710E1EBF4}
O42 - Logiciel: AMD Quick Stream - (.AppEx Networks.) [HKLM][64Bits] -- {E9EED4AE-682B-4501-9574-D09A21717599}_is1
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0A3925EA-5B0E-401B-A189-7419149747B2}
O42 - Logiciel: Adobe Flash Player 13 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.06) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Advanced SystemCare 7 - (.IObit.) [HKLM][64Bits] -- Advanced SystemCare 7_is1
O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1
O42 - Logiciel: Auslogics DiskDefrag - (.Auslogics Labs Pty Ltd.) [HKLM][64Bits] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
O42 - Logiciel: Avira Free Antivirus v14.0.3.350 - (.Avira.) [HKLM][64Bits] -- Avira AntiVir Desktop
O42 - Logiciel: Avira v1.1.13.24161 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {68e29fba-92b1-4f6f-a604-1d8679da3a9f}
O42 - Logiciel: Avira v1.1.13.24161 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: COMODO Firewall - (.COMODO Security Solutions Inc..) [HKLM][64Bits] -- {D32EF4F9-1506-434E-A813-3D4C0AA50300}
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {41A72CBC-55C2-7BD9-8773-F43E641D84D4}
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: CyberLink PhotoDirector 3 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}
O42 - Logiciel: CyberLink PhotoDirector 3 - (.CyberLink Corp..) [HKLM][64Bits] -- {39337565-330E-4ab6-A9AE-AC81E0720B10}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: Dolby Digital Plus Advanced Audio - (.Dolby Laboratories Inc.) [HKLM][64Bits] -- {B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}
O42 - Logiciel: Driver Booster - (.IObit.) [HKLM][64Bits] -- Driver Booster_is1
O42 - Logiciel: Energy Management - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}
O42 - Logiciel: Energy Management - (.Lenovo.) [HKLM][64Bits] -- {D0956C11-0F60-43FE-99AD-524E833471BB}
O42 - Logiciel: GIMP 2.8.10 - (.The GIMP Team.) [HKLM][64Bits] -- GIMP-2_is1
O42 - Logiciel: Guide de l’utilisateur - (.Lenovo.) [HKLM][64Bits] -- {F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Lenovo App Shop - (.Lenovo.) [HKLM][64Bits] -- Lenovo App Shop 45246
O42 - Logiciel: Lenovo EasyCamera - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}
O42 - Logiciel: Lenovo Experience Improvement - (.Lenovo.) [HKLM][64Bits] -- LenovoExperienceImprovement
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- {46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Lenovo PowerDVD10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Lenovo PowerDVD10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Lenovo Solution Center - (.Lenovo Group Limited.) [HKLM][64Bits] -- {4041B18B-DE30-4D78-9D60-6ADC586C5E00}
O42 - Logiciel: Lenovo VeriFace - (.Lenovo.) [HKLM][64Bits] -- Lenovo VeriFace
O42 - Logiciel: Lenovo pointing device - (.ELAN Microelectronic Corp..) [HKLM][64Bits] -- Elantech
O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM][64Bits] -- Maxthon3
O42 - Logiciel: Mozilla Firefox 29.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: OEM Application Profile - (.Nom de votre société.) [HKLM][64Bits] -- {70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}
O42 - Logiciel: Package de pilotes Windows - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.77 - (.Lenovo.) [HKLM][64Bits] -- 35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E
O42 - Logiciel: Package de pilotes Windows - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30. - (.Lenovo.) [HKLM][64Bits] -- 6BCA401E9CBEED970D75F55FA5320F60D11984E9
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros Communications.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801}
O42 - Logiciel: Qualcomm Atheros Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Qualcomm Atheros Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}
O42 - Logiciel: South Park Le Bâton de la Vérité version 1.2 - (.REVOLUTiONiT.) [HKLM][64Bits] -- {A4692A1B-28E6-4711-AF98-4A0E9A0BE86C}_is1
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {99072AB4-D795-44D5-9D65-E3C9F8322C97}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: Tony Hawk's Pro Skater 3® - (.Activision Publishing, Inc..) [HKLM][64Bits] -- Tony Hawk's Pro Skater 3®
O42 - Logiciel: UserGuide - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: WinCDEmu - (.Bazis.) [HKLM][64Bits] -- WinCDEmu
O42 - Logiciel: scilab-5.4.1 (64-bit) - (.Scilab Enterprises.) [HKLM][64Bits] -- scilab-5.4.1 (64-bit)_is1
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent  =>P2P.BitTorrent
~ Logic: 34 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Arkane]
[HKCU\Software\Atheros]
[HKCU\Software\Audacity]
[HKCU\Software\Avira]
[HKCU\Software\BitTorrent]  =>P2P.BitTorrent
[HKCU\Software\BugSplat]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ComodoGroup]
[HKCU\Software\Conexant]
[HKCU\Software\CyberLink]
[HKCU\Software\Disc Soft]
[HKCU\Software\Elantech]
[HKCU\Software\FileOpen]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lenovo]
[HKCU\Software\Macromedia]
[HKCU\Software\Mozilla Backup]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NITRO]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SYNCJM]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Scilab]
[HKCU\Software\SysProgs]
[HKCU\Software\TeleCharger]
[HKCU\Software\Valve]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\Ó¦ÓóÌÐòÏòµ¼Éú³ÉµÄ±¾µØÓ¦ÓóÌÐò]
[HKLM\Software\7-Zip]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AppEx Accelerator]
[HKLM\Software\AppEx Networks]
[HKLM\Software\Atheros]
[HKLM\Software\COMODO]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant]
[HKLM\Software\CyberLink]
[HKLM\Software\Dolby]
[HKLM\Software\IObit]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Lenovo]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\PDR_Upgrade]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Scilab]
[HKLM\Software\UIU]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Activision]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Auslogics]
[HKLM\Software\Wow6432Node\Avira]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conexant]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Disc Soft]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IObit]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Lenovo]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nalpeiron]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OpenOffice]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros Inc.]
[HKLM\Software\Wow6432Node\Qualcomm Atheros]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\X-AVCSD]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 212 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/04/2014 - 15:54:59 - [] ----D C:\Program Files (x86)\Activision
O43 - CFD: 02/04/2014 - 11:01:12 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/12/2013 - 14:27:43 - [] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 25/12/2013 - 14:27:42 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 01/04/2014 - 15:39:40 - [] ----D C:\Program Files (x86)\Audacity
O43 - CFD: 01/04/2014 - 15:29:44 - [] ----D C:\Program Files (x86)\Auslogics
O43 - CFD: 17/05/2014 - 02:22:53 - [] ----D C:\Program Files (x86)\Avira
O43 - CFD: 25/12/2013 - 14:30:58 - [] ----D C:\Program Files (x86)\Bluetooth Suite
O43 - CFD: 02/04/2014 - 11:01:12 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 01/04/2014 - 14:04:00 - [0] ----D C:\Program Files (x86)\Comodo
O43 - CFD: 25/12/2013 - 15:07:14 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 27/04/2014 - 15:17:02 - [0] ----D C:\Program Files (x86)\Daygames
O43 - CFD: 01/04/2014 - 18:45:31 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 13/04/2014 - 23:45:42 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 13/04/2014 - 19:04:45 - [] ----D C:\Program Files (x86)\IObit
O43 - CFD: 01/04/2014 - 14:34:38 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 25/12/2013 - 15:23:32 - [] ----D C:\Program Files (x86)\Lenovo
O43 - CFD: 25/12/2013 - 14:56:45 - [] ----D C:\Program Files (x86)\Maxthon
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 17/05/2014 - 01:43:42 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 17/05/2014 - 02:15:34 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 07/10/2013 - 20:29:31 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 01/04/2014 - 14:10:42 - [] ----D C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 25/12/2013 - 14:41:13 - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 25/12/2013 - 14:41:26 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 07/10/2013 - 20:29:31 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 13/04/2014 - 17:55:05 - [] ----D C:\Program Files (x86)\South Park Le Bâton de la Vérité
O43 - CFD: 20/05/2014 - 14:41:20 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 27/04/2014 - 20:20:41 - [] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 27/04/2014 - 20:19:02 - [] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 01/04/2014 - 15:17:13 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 21/04/2014 - 20:21:22 - [] ----D C:\Program Files (x86)\Virtualis
O43 - CFD: 13/04/2014 - 16:33:54 - [] ----D C:\Program Files (x86)\WinCDEmu
O43 - CFD: 17/05/2014 - 02:12:54 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 25/12/2013 - 23:04:52 - [] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 13/04/2014 - 23:45:09 - [] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 13/04/2014 - 23:45:10 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 25/12/2013 - 23:04:52 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 13/04/2014 - 23:45:09 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 22/08/2013 - 17:36:30 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 20/05/2014 - 14:44:23 - [] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 02/04/2014 - 11:01:18 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 01/05/2014 - 21:09:57 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 25/12/2013 - 14:30:55 - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 25/12/2013 - 14:27:43 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 25/12/2013 - 15:10:28 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 01/04/2014 - 14:36:17 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 17/05/2014 - 02:22:37 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 25/12/2013 - 14:58:31 - [] ----D C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 25/12/2013 - 23:04:52 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 02/04/2014 - 11:03:21 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 25/12/2013 - 14:27:44 - [] ----D C:\ProgramData\AMD
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 01/04/2014 - 20:04:46 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 28/04/2014 - 14:35:28 - [] ----D C:\ProgramData\ATI
O43 - CFD: 22/04/2014 - 13:44:19 - [] ----D C:\ProgramData\Auslogics
O43 - CFD: 17/05/2014 - 02:22:53 - [] ----D C:\ProgramData\Avira
O43 - CFD: 14/05/2014 - 20:45:09 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 14/05/2014 - 20:38:40 - [] ----D C:\ProgramData\BlueStacksSetup
O43 - CFD: 01/04/2014 - 19:56:51 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 08/04/2014 - 22:15:32 - [] ----D C:\ProgramData\COMODO
O43 - CFD: 08/04/2014 - 22:14:51 - [] ----D C:\ProgramData\Comodo Downloader
O43 - CFD: 04/04/2014 - 19:00:45 - [] ----D C:\ProgramData\Conexant
O43 - CFD: 02/04/2014 - 17:54:06 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 13/04/2014 - 16:30:25 - [0] ----D C:\ProgramData\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 25/12/2013 - 15:22:55 - [] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 01/04/2014 - 20:02:34 - [] ----D C:\ProgramData\eBay  =>Toolbar.eBay
O43 - CFD: 02/04/2014 - 10:45:42 - [] ----D C:\ProgramData\FileOpen
O43 - CFD: 25/12/2013 - 14:56:58 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 25/12/2013 - 14:55:43 - [] ----D C:\ProgramData\Intel
O43 - CFD: 13/04/2014 - 16:29:07 - [] ----D C:\ProgramData\IObit
O43 - CFD: 25/12/2013 - 14:55:11 - [] ----D C:\ProgramData\Lenovo
O43 - CFD: 01/04/2014 - 14:50:21 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 01/04/2014 - 19:56:51 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 20/05/2014 - 14:40:46 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 01/04/2014 - 19:56:51 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 01/04/2014 - 13:18:54 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 25/12/2013 - 15:02:14 - [] ----D C:\ProgramData\Nitro
O43 - CFD: 01/04/2014 - 13:55:06 - [0] ----D C:\ProgramData\Office2013
O43 - CFD: 25/12/2013 - 15:22:36 - [] ----D C:\ProgramData\OneKey Recovery
O43 - CFD: 09/04/2014 - 20:57:49 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 17/05/2014 - 02:18:44 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 13/04/2014 - 16:29:09 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 25/12/2013 - 14:40:38 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 01/04/2014 - 13:54:59 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 01/04/2014 - 13:59:48 - [] -S--D C:\ProgramData\Shared Space
O43 - CFD: 15/05/2014 - 23:26:42 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 01/04/2014 - 14:36:20 - [] ----D C:\ProgramData\Sun
O43 - CFD: 08/04/2014 - 20:06:57 - [] ----D C:\ProgramData\SUPERSetup
O43 - CFD: 25/12/2013 - 15:21:10 - [] ----D C:\ProgramData\Temp
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 01/04/2014 - 21:32:17 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 02/04/2014 - 18:07:04 - [] ----D C:\Users\Chloe\AppData\Roaming\(94-D7-71-37-B7-EF)
O43 - CFD: 14/05/2014 - 09:14:19 - [] ----D C:\Users\Chloe\AppData\Roaming\.minecraft
O43 - CFD: 02/04/2014 - 11:02:38 - [] ----D C:\Users\Chloe\AppData\Roaming\Adobe
O43 - CFD: 01/04/2014 - 21:32:39 - [] ----D C:\Users\Chloe\AppData\Roaming\Apple Computer
O43 - CFD: 14/05/2014 - 10:44:16 - [] ----D C:\Users\Chloe\AppData\Roaming\Atheros
O43 - CFD: 28/04/2014 - 14:35:28 - [] ----D C:\Users\Chloe\AppData\Roaming\ATI
O43 - CFD: 15/04/2014 - 18:12:10 - [] ----D C:\Users\Chloe\AppData\Roaming\Audacity
O43 - CFD: 17/05/2014 - 02:27:20 - [] ----D C:\Users\Chloe\AppData\Roaming\Avira
O43 - CFD: 15/05/2014 - 23:26:29 - [] ----D C:\Users\Chloe\AppData\Roaming\BitTorrent Sync  =>P2P.BitTorrent
O43 - CFD: 13/04/2014 - 16:30:26 - [0] ----D C:\Users\Chloe\AppData\Roaming\DAEMON Tools Lite  =>.DT Soft Ltd
O43 - CFD: 02/04/2014 - 10:45:42 - [] ----D C:\Users\Chloe\AppData\Roaming\FileOpen
O43 - CFD: 08/04/2014 - 00:05:56 - [] ----D C:\Users\Chloe\AppData\Roaming\IObit
O43 - CFD: 01/04/2014 - 20:03:59 - [] ----D C:\Users\Chloe\AppData\Roaming\Lenovo
O43 - CFD: 01/04/2014 - 20:13:41 - [] ----D C:\Users\Chloe\AppData\Roaming\LSC
O43 - CFD: 25/12/2013 - 15:09:43 - [] ----D C:\Users\Chloe\AppData\Roaming\Macromedia
O43 - CFD: 03/04/2014 - 12:28:25 - [] -S--D C:\Users\Chloe\AppData\Roaming\Microsoft
O43 - CFD: 01/04/2014 - 13:19:16 - [] ----D C:\Users\Chloe\AppData\Roaming\Mozilla
O43 - CFD: 02/04/2014 - 10:45:42 - [] ----D C:\Users\Chloe\AppData\Roaming\Nitro
O43 - CFD: 01/04/2014 - 20:14:35 - [] ----D C:\Users\Chloe\AppData\Roaming\Nitro PDF
O43 - CFD: 01/04/2014 - 18:23:36 - [] ----D C:\Users\Chloe\AppData\Roaming\OpenOffice
O43 - CFD: 09/04/2014 - 20:53:48 - [] ----D C:\Users\Chloe\AppData\Roaming\Oracle
O43 - CFD: 27/04/2014 - 20:21:36 - [] ----D C:\Users\Chloe\AppData\Roaming\TomTom
O43 - CFD: 15/05/2014 - 23:26:44 - [] ----D C:\Users\Chloe\AppData\Roaming\uTorrent  =>P2P.µTorrent
O43 - CFD: 15/05/2014 - 23:26:44 - [] ----D C:\Users\Chloe\AppData\Roaming\vlc
O43 - CFD: 20/05/2014 - 14:48:13 - [] ----D C:\Users\Chloe\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 09/04/2014 - 20:58:11 - [] ----D C:\Users\Chloe\AppData\Local\Adobe
O43 - CFD: 01/04/2014 - 20:02:25 - [] -SH-D C:\Users\Chloe\AppData\Local\Application Data
O43 - CFD: 28/04/2014 - 14:35:28 - [] ----D C:\Users\Chloe\AppData\Local\ATI
O43 - CFD: 01/04/2014 - 20:04:46 - [] ----D C:\Users\Chloe\AppData\Local\BMExplorer
O43 - CFD: 22/04/2014 - 13:51:15 - [0] ----D C:\Users\Chloe\AppData\Local\CrashDumps
O43 - CFD: 20/05/2014 - 13:05:12 - [] ----D C:\Users\Chloe\AppData\Local\Diagnostics
O43 - CFD: 27/04/2014 - 20:18:22 - [] ----D C:\Users\Chloe\AppData\Local\Downloaded Installations
O43 - CFD: 17/05/2014 - 15:30:59 - [] ----D C:\Users\Chloe\AppData\Local\ElevatedDiagnostics
O43 - CFD: 15/04/2014 - 18:09:28 - [] -SH-D C:\Users\Chloe\AppData\Local\EmieSiteList
O43 - CFD: 15/04/2014 - 18:09:28 - [] -SH-D C:\Users\Chloe\AppData\Local\EmieUserList
O43 - CFD: 09/04/2014 - 14:21:13 - [] ----D C:\Users\Chloe\AppData\Local\fontconfig
O43 - CFD: 09/04/2014 - 14:21:08 - [] ----D C:\Users\Chloe\AppData\Local\gegl-0.2
O43 - CFD: 15/05/2014 - 23:26:42 - [] ----D C:\Users\Chloe\AppData\Local\gtk-2.0
O43 - CFD: 01/04/2014 - 20:02:25 - [] -SH-D C:\Users\Chloe\AppData\Local\Historique
O43 - CFD: 01/04/2014 - 20:14:40 - [] ----D C:\Users\Chloe\AppData\Local\LSC
O43 - CFD: 01/04/2014 - 13:34:14 - [] ----D C:\Users\Chloe\AppData\Local\Macromedia
O43 - CFD: 24/04/2014 - 10:56:20 - [] ----D C:\Users\Chloe\AppData\Local\Microsoft
O43 - CFD: 01/04/2014 - 13:19:16 - [] ----D C:\Users\Chloe\AppData\Local\Mozilla
O43 - CFD: 15/04/2014 - 18:11:34 - [] ----D C:\Users\Chloe\AppData\Local\Packages
O43 - CFD: 01/04/2014 - 15:29:22 - [] ----D C:\Users\Chloe\AppData\Local\Programs
O43 - CFD: 01/05/2014 - 21:40:33 - [] ----D C:\Users\Chloe\AppData\Local\SKIDROW
O43 - CFD: 23/04/2014 - 16:19:05 - [0] ----D C:\Users\Chloe\AppData\Local\Skyrim
O43 - CFD: 20/05/2014 - 14:46:43 - [] ----D C:\Users\Chloe\AppData\Local\Temp
O43 - CFD: 01/04/2014 - 20:02:25 - [] -SH-D C:\Users\Chloe\AppData\Local\Temporary Internet Files
O43 - CFD: 27/04/2014 - 20:21:36 - [] ----D C:\Users\Chloe\AppData\Local\TomTom
O43 - CFD: 01/04/2014 - 20:02:59 - [0] ----D C:\Users\Chloe\AppData\Local\VirtualStore
O43 - CFD: 22/08/2013 - 17:36:32 - [] R---D C:\Users\Chloe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - 17:36:32 - [] R---D C:\Users\Chloe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/05/2014 - 02:17:44 - [] R---D C:\Users\Chloe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 22/08/2013 - 17:36:32 - [] ----D C:\Users\Chloe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 17/05/2014 - 02:17:44 - [] R---D C:\Users\Chloe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 22/08/2013 - 17:36:32 - [] R---D C:\Users\Chloe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 22/04/2014 - 15:59:03 - [0] ----D C:\Users\Chloe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tony Hawks Pro Skater 3
~ Program Folder: 156 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A920E1336F9FEA95477763E2CC15891B] - 06/05/2014 - 04:00:47 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll   [84992]
O44 - LFC:[MD5.797E2E5C309AFF76990D5B7AF457EACA] - 06/05/2014 - 05:40:42 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll   [23544320]
O44 - LFC:[MD5.A750229C96A406EE123F43916053F142] - 17/05/2014 - 00:45:32 ---A- . (.Microsoft Corporation - Microsoft SLR Error Reporting Helper.) -- C:\Windows\System32\mrt_map.dll   [86688]
O44 - LFC:[MD5.D178F55D53B9A10FFBDC134C95517846] - 17/05/2014 - 00:45:32 ---A- . (.Microsoft Corporation - System Language Runtime.) -- C:\Windows\System32\mrt100.dll   [28320]
O44 - LFC:[MD5.E859E9B4A0300F56C94D2C69F6F65657] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll   [827392]
O44 - LFC:[MD5.68CB2B575F0C67BB14590D1471285287] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\System32\ubpm.dll   [201728]
O44 - LFC:[MD5.3ECA4A0E0E1F421FFC12BCA4C5A9B479] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - DLL d’exécution de l’infrastructure de test.) -- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll   [249344]
O44 - LFC:[MD5.5F74A7DB62F6D560B0C858A096A37B59] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - TWINUI.APPCORE.) -- C:\Windows\System32\twinui.appcore.dll   [1054208]
O44 - LFC:[MD5.FD3638782572A8281BCF12520F6579F4] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - This tool resets the Windows Store without.) -- C:\Windows\System32\WSReset.exe   [79872]
O44 - LFC:[MD5.E9F333234A5641E2FEF2F5240BDD56B8] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe   [35328]
O44 - LFC:[MD5.850FC6B2E385766B9972CDBE947989F6] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll   [381440]
O44 - LFC:[MD5.736046C9AFD66BA29BA61ACD582E7A7B] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll   [137728]
O44 - LFC:[MD5.C383B71BAAC22CCE37B99339AEB62F1E] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll   [93696]
O44 - LFC:[MD5.1EC3AACDB335533A7470245C683ACF94] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - Windows Update client proxy stub.) -- C:\Windows\System32\wups.dll   [56320]
O44 - LFC:[MD5.7F15F3E0F847D90EB3A2124258E6B1DC] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe   [54776]
O44 - LFC:[MD5.766DCDC7032C4C98E47B8A9F71239E38] - 17/05/2014 - 00:46:54 ---A- . (.Microsoft Corporation - twinapi.appcore.) -- C:\Windows\System32\twinapi.appcore.dll   [555736]
O44 - LFC:[MD5.AF1BC4F5421023D59F1D472C1A4E01CF] - 17/05/2014 - 00:46:55 ---A- . (.Microsoft Corporation - DLL WSShared.) -- C:\Windows\System32\WSShared.dll   [921088]
O44 - LFC:[MD5.4FB80968811FAD6E88ABFAA98E51305C] - 17/05/2014 - 00:46:55 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\System32\wucltux.dll   [1705472]
O44 - LFC:[MD5.7E609FBF50774CC5A239420FE34EBB9C] - 17/05/2014 - 00:46:57 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll   [3464192]
O44 - LFC:[MD5.3DF281C1553A6124DEF875C19D46AC0D] - 17/05/2014 - 00:46:57 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll   [190976]
O44 - LFC:[MD5.6CC1BB8F6851A262E2E824F0E92D5EEF] - 17/05/2014 - 00:47:51 ---A- . (.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) -- C:\Windows\System32\Drivers\WdNisDrv.sys   [123224]
O44 - LFC:[MD5.F5D4FA3E1F4879C361FFF3855259D2C2] - 17/05/2014 - 00:47:51 ---A- . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\Drivers\WdBoot.sys   [35856]
O44 - LFC:[MD5.019CC610AD95FF47EAD7C08B7A683B96] - 17/05/2014 - 00:47:52 ---A- . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\Drivers\WdFilter.sys   [257880]
O44 - LFC:[MD5.326715361A7D1C65983BFE920990E4EF] - 17/05/2014 - 00:48:09 ---A- . (.Microsoft Corporation - Programme d’installation de Windows Update.) -- C:\Windows\System32\wusa.exe   [308224]
O44 - LFC:[MD5.82FE5F302FD7C7EF0E41465BB873EFC7] - 17/05/2014 - 00:51:42 ---A- . (.Microsoft Corporation - Windows Wireless LAN 802.11 Client Side Hel.) -- C:\Windows\System32\wlanhlp.dll   [11264]
O44 - LFC:[MD5.F587513213947A4C7EF47B660DAAFBC5] - 17/05/2014 - 00:51:43 ---A- . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe   [271872]
O44 - LFC:[MD5.B24960B79BDE7D5ED1EA638027F9E8F0] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - BootMenuUX.) -- C:\Windows\System32\BootMenuUX.dll   [143872]
O44 - LFC:[MD5.B6BD22DDEDDD8665080D664749ACFEF5] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - Client de contrainte de quarantaine de la p.) -- C:\Windows\System32\tsgqec.dll   [64512]
O44 - LFC:[MD5.F2895547FC275642A29692DC344A847F] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - DLL de l’API côté client de configuration a.) -- C:\Windows\System32\wlanapi.dll   [296960]
O44 - LFC:[MD5.EF252510DB6C3511E30418BD2AC95A2D] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - DLL du service de configuration automatique.) -- C:\Windows\System32\wlansvc.dll   [1527296]
O44 - LFC:[MD5.886767FD022213F7885416134E9082E5] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - Générateur de points de terminaison du serv.) -- C:\Windows\System32\AudioEndpointBuilder.dll   [201216]
O44 - LFC:[MD5.9465F8E72887AC6CCDD97F738A5AB6B6] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\Windows\System32\srclient.dll   [70656]
O44 - LFC:[MD5.DC61194C93DE9E5D549AEC5064A06BD4] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - OneDrive Sync Engine Host.) -- C:\Windows\System32\SkyDrive.exe   [872448]
O44 - LFC:[MD5.69A374DE46C7BAAE30BFB1E40D69C5C6] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - Panneau de configuration de Dossiers de tra.) -- C:\Windows\System32\WorkfoldersControl.dll   [761856]
O44 - LFC:[MD5.E86E7792A2A0854D5560371BBDDA760B] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - Remote Desktop Services Client for Microsof.) -- C:\Windows\System32\rdvidcrl.dll   [1057280]
O44 - LFC:[MD5.78D26F162E015FF644785C8836B617CA] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - Storage Management Provider for Spaces.) -- C:\Windows\System32\mispace.dll   [1287168]
O44 - LFC:[MD5.8E1866A4E96F1159B6625627860A0454] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - System Settings Admin Flow XAML UI Implemen.) -- C:\Windows\System32\SystemSettingsAdminFlowUI.dll   [2100736]
O44 - LFC:[MD5.E2C26EECF60D9DF94706DF981D074B98] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - Telemetry Library for the OneDrive client.) -- C:\Windows\System32\SkyDriveTelemetry.dll   [721408]
O44 - LFC:[MD5.977D67467950D8048E94651EE6081B99] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - Windows Wireless LAN 802.11 MSM DLL.) -- C:\Windows\System32\wlanmsm.dll   [370176]
O44 - LFC:[MD5.88BCAEABEB2A46DB7B336B8432720AC8] - 17/05/2014 - 00:51:44 ---A- . (.Microsoft Corporation - Windows Wireless LAN 802.11 MSM Security Mo.) -- C:\Windows\System32\wlansec.dll   [443904]
O44 - LFC:[MD5.414B81DE6CE46022ED43051C09EDB00B] - 17/05/2014 - 00:51:45 ---A- . (.Microsoft Corporation - Bibliothèque principale de Restauration du.) -- C:\Windows\System32\srcore.dll   [467968]
O44 - LFC:[MD5.072A99F351C505A45C9FDA32E7324602] - 17/05/2014 - 00:51:45 ---A- . (.Microsoft Corporation - EXE de pipeline protégé par Media Foundatio.) -- C:\Windows\System32\mfpmp.exe   [28408]
O44 - LFC:[MD5.22B8B1F946ACFCB03832793A25216D8C] - 17/05/2014 - 00:51:45 ---A- . (.Microsoft Corporation - Extension d’environnement de Dossiers de tr.) -- C:\Windows\System32\WorkFoldersShell.dll   [186880]
O44 - LFC:[MD5.8FCE57F7E5CDA5751FDE01A316180488] - 17/05/2014 - 00:51:45 ---A- . (.Microsoft Corporation - FWP/IPsec Kernel-Mode API.) -- C:\Windows\System32\Drivers\FWPKCLNT.SYS   [428888]
O44 - LFC:[MD5.BF6FBC9D97A24FABB0AE8B878279CF0B] - 17/05/2014 - 00:51:45 ---A- . (.Microsoft Corporation - Isolation graphique de périphérique audio W.) -- C:\Windows\System32\audiodg.exe   [244880]
O44 - LFC:[MD5.88ACBA95BB55B8226D52117462B76CD4] - 17/05/2014 - 00:51:45 ---A- . (.Microsoft Corporation - Microsoft Trust Verification APIs.) -- C:\Windows\System32\wintrust.dll   [307304]
O44 - LFC:[MD5.64B2A2630C964BF135A84A52FB2EEF9A] - 17/05/2014 - 00:51:45 ---A- . (.Microsoft Corporation - Microsoft® Remote Desktop Services Cryptogr.) -- C:\Windows\System32\tlscsp.dll   [47616]
O44 - LFC:[MD5.01851563CB6FB986A4C0221C15AB6ADC] - 17/05/2014 - 00:51:46 ---A- . (.Microsoft Corporation - Audio Engine.) -- C:\Windows\System32\AudioEng.dll   [463256]
O44 - LFC:[MD5.7B3255A0B833908E4A7ACEA6245D344E] - 17/05/2014 - 00:51:46 ---A- . (.Microsoft Corporation - Bibliothèque d’API de cluster.) -- C:\Windows\System32\clusapi.dll   [426496]
O44 - LFC:[MD5.AE2B9504C975B529D92D9E6603F6D33F] - 17/05/2014 - 00:51:46 ---A- . (.Microsoft Corporation - DLL Media Foundation.) -- C:\Windows\System32\mf.dll   [609448]
O44 - LFC:[MD5.5EE916C3272A19B459717A8D2397B07A] - 17/05/2014 - 00:51:46 ---A- . (.Microsoft Corporation - Energy System Resource Usage Monitor (SRUM).) -- C:\Windows\System32\energyprov.dll   [55296]
O44 - LFC:[MD5.99277BE68298288A0E27CF9E50FAD091] - 17/05/2014 - 00:51:46 ---A- . (.Microsoft Corporation - Media Foundation Platform DLL.) -- C:\Windows\System32\mfplat.dll   [881616]
O44 - LFC:[MD5.92B785213F856EC736673516C54FA791] - 17/05/2014 - 00:51:46 ---A- . (.Microsoft Corporation - Media Foundation Proxy DLL.) -- C:\Windows\System32\mfps.dll   [233912]
O44 - LFC:[MD5.F4E351BB95D473CB55BB7C1A1FEB2798] - 17/05/2014 - 00:51:46 ---A- . (.Microsoft Corporation - Session audio.) -- C:\Windows\System32\AudioSes.dll   [467496]
O44 - LFC:[MD5.6592D192E2823C043EDBC010E7774053] - 17/05/2014 - 00:51:47 ---A- . (.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) -- C:\Windows\System32\Drivers\fltMgr.sys   [360792]
O44 - LFC:[MD5.9654DE19551093CD73874281E1573C94] - 17/05/2014 - 00:51:47 ---A- . (.Microsoft Corporation - Service Centre de sécurité de Windows.) -- C:\Windows\System32\wscsvc.dll   [135168]
O44 - LFC:[MD5.33977549C2CED09936E05BEE7659EAFF] - 17/05/2014 - 00:51:47 ---A- . (.Microsoft Corporation - Storage Spaces Driver.) -- C:\Windows\System32\Drivers\spaceport.sys   [384856]
O44 - LFC:[MD5.4684C8E852065C0A7937C395C165A24F] - 17/05/2014 - 00:51:47 ---A- . (.Microsoft Corporation - Système de propriétés Microsoft.) -- C:\Windows\System32\propsys.dll   [1466856]
O44 - LFC:[MD5.7B12172CCE581F76C9335D7A47E0AD50] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - API client de stratégie de groupe.) -- C:\Windows\System32\gpapi.dll   [130144]
O44 - LFC:[MD5.1517EE52367CABAA5615AC736DC96C7D] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - API du Gestionnaire de fenêtres du Bureau M.) -- C:\Windows\System32\dwmapi.dll   [125496]
O44 - LFC:[MD5.F152D55E497E12256290C43B31C7D0CE] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - BitLocker Drive Encryption Driver.) -- C:\Windows\System32\Drivers\fvevol.sys   [589656]
O44 - LFC:[MD5.87CF824E47489DD972FB4FB9FC4EDD0A] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - DLL MFCaptureEngine.) -- C:\Windows\System32\MFCaptureEngine.dll   [324888]
O44 - LFC:[MD5.95471DDCB3B3FF70015FD9AA13404F44] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - DLL de l’utilitaire de ressource de cluster.) -- C:\Windows\System32\resutils.dll   [281600]
O44 - LFC:[MD5.67176AA6EAF34FF2A962F14EB8F0478B] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - Flux d’administration des paramètres du PC.) -- C:\Windows\System32\SystemSettingsAdminFlows.exe   [263424]
O44 - LFC:[MD5.850EBB87584484DC16F917E7B6F4A304] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - Fournisseur logiciel du service Microsoft®.) -- C:\Windows\System32\swprv.dll   [718336]
O44 - LFC:[MD5.4C1E71E37B56C768900B1FCF81205027] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - Microsoft Storage Port Driver.) -- C:\Windows\System32\Drivers\storport.sys   [372568]
O44 - LFC:[MD5.D90AB68D0FAC9F357F663670FDBB511E] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - Microsoft iSCSI Initiator Driver.) -- C:\Windows\System32\Drivers\msiscsi.sys   [275800]
O44 - LFC:[MD5.1697E09CDA4DD8741B8276F48A8514DE] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - Prelaunch OptIn.) -- C:\Windows\System32\ploptin.dll   [32600]
O44 - LFC:[MD5.2A4177EE5446877BD24DD72504105603] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - RPC HTTP DLL.) -- C:\Windows\System32\rpchttp.dll   [191488]
O44 - LFC:[MD5.CADCE0D6C30427F70A4BFA426256F68C] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\Windows\System32\Drivers\Classpnp.sys   [337240]
O44 - LFC:[MD5.716059F37BCCB1ABEDE99EBE82E8E362] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - Server Network driver.) -- C:\Windows\System32\Drivers\srvnet.sys   [246272]
O44 - LFC:[MD5.E369C59F2C0852DDD090C07E0DDE0051] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - Service de cliché instantané de volumes Mic.) -- C:\Windows\System32\VSSVC.exe   [1436160]
O44 - LFC:[MD5.315502228EB37F36E86EF75CB1DA1D44] - 17/05/2014 - 00:51:48 ---A- . (.Microsoft Corporation - Video Stabilization MFT.) -- C:\Windows\System32\MSVideoDSP.dll   [201920]
O44 - LFC:[MD5.D872C6095AACC13AD897DB5E4D2B5D91] - 17/05/2014 - 00:51:49 ---A- . (.Microsoft Corporation - Fournisseur d’impression de rendu côté clie.) -- C:\Windows\System32\win32spl.dll   [805376]
O44 - LFC:[MD5.498288DD5CA42C2D36D125893E968C53] - 17/05/2014 - 00:51:49 ---A- . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\Drivers\hdaudbus.sys   [77312]
O44 - LFC:[MD5.AF3FF97AC2A73E70F8A8D11FB694175B] - 17/05/2014 - 00:51:49 ---A- . (.Microsoft Corporation - Microsoft\Optimiseur de lecteur.) -- C:\Windows\System32\defragsvc.dll   [449536]
O44 - LFC:[MD5.0696F66E4D423793951A60562F794D14] - 17/05/2014 - 00:51:49 ---A- . (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\Drivers\mrxsmb.sys   [402432]
O44 - LFC:[MD5.BAF51BE2DEB387BD99CAC4E3B7850FEC] - 17/05/2014 - 00:51:49 ---A- . (.Microsoft Corporation - RDPSRAPI COM Objects.) -- C:\Windows\System32\rdpencom.dll   [250368]
O44 - LFC:[MD5.79B134ECE836B406B212E28C24011538] - 17/05/2014 - 00:51:49 ---A- . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll   [834048]
O44 - LFC:[MD5.067CB90C277DB4A737D5DEABA3055972] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\System32\services.exe   [407016]
O44 - LFC:[MD5.CB79B5D367376E7B49E2D95BFFB0BEEB] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Audio Ks Endpoint.) -- C:\Windows\System32\AUDIOKSE.dll   [364640]
O44 - LFC:[MD5.46378ECCB4A29AA81BF296641C2501EF] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [323072]
O44 - LFC:[MD5.98A184F6EC43B178901FCD5D4E2EC43B] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - DLNA DLL.) -- C:\Windows\System32\Windows.Media.Streaming.dll   [1222656]
O44 - LFC:[MD5.DBA635C6398782C549E3BE45CF1D0411] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) -- C:\Windows\System32\Drivers\mrxsmb20.sys   [206848]
O44 - LFC:[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\Drivers\volsnap.sys   [310616]
O44 - LFC:[MD5.7C7BE474915166B61B84C025F1F10157] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\Drivers\afd.sys   [563200]
O44 - LFC:[MD5.78514B073CC5775800A65BFB82A0D66B] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Pilote de miniport WiFi natif.) -- C:\Windows\System32\Drivers\nwifi.sys   [443904]
O44 - LFC:[MD5.FD163F487CBA9C98AFFEB546C80F49A2] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Pilote de serveur SMB 2.0.) -- C:\Windows\System32\Drivers\srv2.sys   [677376]
O44 - LFC:[MD5.ED7C0A11E655CD8B89BE499F99D56098] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Pilote de spouleur Windows.) -- C:\Windows\System32\winspool.drv   [486912]
O44 - LFC:[MD5.0BDD786156C820F49EEF5D348B4ACFF4] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Serveur Lire sur.) -- C:\Windows\System32\MDEServer.exe   [335872]
O44 - LFC:[MD5.626D19F1771E1AE72208AE9A8F3082F7] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - Service d’infrastructure de localisation Wi.) -- C:\Windows\System32\GeofenceMonitorService.dll   [491520]
O44 - LFC:[MD5.9ED0E72966FB08F7E6DB15E5519AF8D1] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - WMPMDE DLL.) -- C:\Windows\System32\wmpmde.dll   [1379064]
O44 - LFC:[MD5.EEC46BC17F28C528AB7FAC20AFDF69E3] - 17/05/2014 - 00:51:50 ---A- . (.Microsoft Corporation - XPS to GDI Converter.) -- C:\Windows\System32\XpsGdiConverter.dll   [462336]
O44 - LFC:[MD5.AE210430A150FF20A58E3C6B381A832F] - 17/05/2014 - 00:51:51 ---A- . (.Microsoft Corporation - DLL de spouleur local.) -- C:\Windows\System32\localspl.dll   [1025024]
O44 - LFC:[MD5.0BBD7EDAEA54D0E30445E9FC1179C60A] - 17/05/2014 - 00:51:51 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll   [1411584]
O44 - LFC:[MD5.7FB9EC74ADFB2353B7782C3EF833F5B7] - 17/05/2014 - 00:51:51 ---A- . (.Microsoft Corporation - Media Foundation MPEG2 Source and Sink DLL.) -- C:\Windows\System32\mfmpeg2srcsnk.dll   [765408]
O44 - LFC:[MD5.A1CD5194ACC156A852136B303F087260] - 17/05/2014 - 00:51:51 ---A- . (.Microsoft Corporation - Media Foundation Simple Video Renderer DLL.) -- C:\Windows\System32\mfsvr.dll   [491744]
O44 - LFC:[MD5.92370F46AF28D54B67C135FA8C2AFCFC] - 17/05/2014 - 00:51:51 ---A- . (.Microsoft Corporation - Pilote de bus Bluetooth.) -- C:\Windows\System32\Drivers\bthport.sys   [1200128]
O44 - LFC:[MD5.5071E71CC05346D88C5A08EB8B5A05E3] - 17/05/2014 - 00:51:51 ---A- . (.Microsoft Corporation - Service Dossiers de travail Microsoft (C).) -- C:\Windows\System32\workfolderssvc.dll   [1584128]
O44 - LFC:[MD5.411DBFCD6ABAB75B6F7950677AEEFB7D] - 17/05/2014 - 00:51:51 ---A- . (.Microsoft Corporation - WinMDE DLL.) -- C:\Windows\System32\winmde.dll   [1403856]
O44 - LFC:[MD5.5661481164A164CAD67DBE5A0191207F] - 17/05/2014 - 00:51:52 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys   [4190720]
O44 - LFC:[MD5.6873D09262D32B95D6AC3026FCF8B424] - 17/05/2014 - 00:51:52 ---A- . (.Microsoft Corporation - Windows Media Runtime DLL.) -- C:\Windows\System32\Windows.Media.dll   [1230336]
O44 - LFC:[MD5.6C6E26E0DB9AB2077F42FBBCDB153C84] - 17/05/2014 - 00:51:53 ---A- . (.Microsoft Corporation - Media Foundation Core DLL.) -- C:\Windows\System32\mfcore.dll   [2140888]
O44 - LFC:[MD5.EAE6ED6C5076CF765EB731B92A237149] - 17/05/2014 - 00:51:53 ---A- . (.Microsoft Corporation - Media Foundation Media Engine DLL.) -- C:\Windows\System32\MFMediaEngine.dll   [955904]
O44 - LFC:[MD5.CFB353B4E33AFE922C3A62DBC9C9B0A8] - 17/05/2014 - 00:51:53 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe   [7425368]
O44 - LFC:[MD5.6B7B2211C293218706D491204FCE8695] - 17/05/2014 - 00:51:53 ---A- . (.Microsoft Corporation - SearchFolder.) -- C:\Windows\System32\SearchFolder.dll   [1126912]
O44 - LFC:[MD5.C2A06D6E746C42E6CE6CA020EE67FFA2] - 17/05/2014 - 00:51:54 ---A- . (.Microsoft Corporation - Microsoft OneDrive Sync Engine.) -- C:\Windows\System32\SyncEngine.dll   [4269056]
O44 - LFC:[MD5.383DA813409316D69603C1D849834D24] - 17/05/2014 - 00:51:56 ---A- . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1308160]
O44 - LFC:[MD5.D7566BE560B040C47F6F35EB980D8377] - 17/05/2014 - 00:51:56 ---A- . (.Microsoft Corporation - Pilote TCP/IP.) -- C:\Windows\System32\Drivers\tcpip.sys   [2518360]
O44 - LFC:[MD5.8ECEBEE92854C6705877911BA75889A8] - 17/05/2014 - 00:51:57 ---A- . (.Microsoft Corporation - Direct3D 9 Runtime.) -- C:\Windows\System32\d3d9.dll   [2124840]
O44 - LFC:[MD5.7E4A8D95B9DBC2CB588B91848A0AE731] - 17/05/2014 - 00:51:57 ---A- . (.Microsoft Corporation - System Settings Handlers Implementation.) -- C:\Windows\System32\SettingsHandlers.dll   [2688000]
O44 - LFC:[MD5.2344C5630F8EFE156BAB786EBD83A839] - 17/05/2014 - 00:52:01 ---A- . (.Microsoft Corporation - DLL RDPCore TS.) -- C:\Windows\System32\rdpcorets.dll   [3359744]
O44 - LFC:[MD5.F4C09C622BC55A80F775DF7D8AB9984F] - 17/05/2014 - 00:52:06 ---A- . (.Microsoft Corporation - Client ActiveX des services Bureau à distan.) -- C:\Windows\System32\mstscax.dll   [6645248]
O44 - LFC:[MD5.AEDD44FDB8B521D443A07146F5CA3A53] - 17/05/2014 - 00:52:07 ---A- . (.Microsoft Corporation - PDF WinRT APIs.) -- C:\Windows\System32\Windows.Data.Pdf.dll   [7173120]
O44 - LFC:[MD5.AD2DE3982C7B6E62346098C7570F6A7D] - 17/05/2014 - 00:52:07 ---A- . (.Microsoft Corporation - TWINUI.) -- C:\Windows\System32\twinui.dll   [13287936]
O44 - LFC:[MD5.151427E526E96471A45FF6CC2257FBA0] - 17/05/2014 - 00:52:08 ---A- . (.Microsoft Corporation - Windows.UI.Search.) -- C:\Windows\System32\Windows.UI.Search.dll   [8652800]
O44 - LFC:[MD5.AE7D8835A29FADB39C0D095BA32A9462] - 17/05/2014 - 00:52:12 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll   [21268952]
O44 - LFC:[MD5.0C5C304C3A2D9E9633A7506CBB04929E] - 17/05/2014 - 00:52:13 ---A- . (.Microsoft Corporation - Windows.UI.Xaml dll.) -- C:\Windows\System32\Windows.UI.Xaml.dll   [16872448]
O44 - LFC:[MD5.AB4A6DF750EBCAEAC12E1E7BF72BBCA2] - 17/05/2014 - 01:10:32 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe   [93223848]
O44 - LFC:[MD5.EE99D70284C797026E48C1516F5E2DBB] - 17/05/2014 - 01:15:52 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [370416]
O44 - LFC:[MD5.7806BFCD1D7FA5EC23F7324D4EAFD25B] - 17/05/2014 - 01:22:57 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys   [108440]
O44 - LFC:[MD5.C3A58DBD18786C338126D30BF8C33D72] - 17/05/2014 - 01:22:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys   [131576]
O44 - LFC:[MD5.390184FAD8FCC1B6DA25AEBAE928C3B6] - 17/05/2014 - 01:22:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys   [28600]
O44 - LFC:[MD5.3B220F0D170EE8EE2B365749B03D73F6] - 17/05/2014 - 11:00:39 ---A- . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\Drivers\avnetflt.sys   [84720]
O44 - LFC:[MD5.13A76964963F048FB3C0EFBB6094F573] - 20/05/2014 - 12:24:34 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1824010]
O44 - LFC:[MD5.2AFED5F8DC17F422F2393FB20DB6B287] - 20/05/2014 - 12:24:34 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [135592]
O44 - LFC:[MD5.9F718D8613E7C6846D11C1F2CBA0C9F2] - 20/05/2014 - 12:24:34 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [159412]
O44 - LFC:[MD5.69043A133CB0F8359EB9FF65A8A1FFB4] - 20/05/2014 - 12:24:34 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [722476]
O44 - LFC:[MD5.D91E87C9710F2F90F6501760427F0725] - 20/05/2014 - 12:24:34 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [812350]
O44 - LFC:[MD5.30A2EC44987E9C501109BF143219F50E] - 20/05/2014 - 13:40:50 ---A- . (...) -- C:\Windows\wininit.ini   [85]
O44 - LFC:[MD5.D9FA6288EDEBBCF0AD0DEDE00B111CF7] - 20/05/2014 - 13:40:57 ---A- . (...) -- C:\Windows\System32\VfService.trf   [4608]
O44 - LFC:[MD5.ADBE97720706644A06D6B130AF2009C5] - 20/05/2014 - 13:41:20 ---A- . (...) -- C:\Windows\PFRO.log   [6050]
O44 - LFC:[MD5.6ECD704116CAE8EA54360947D948AFF5] - 20/05/2014 - 13:44:04 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [2050423]
~ Files: 133 Scanned in 01mn 24s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.05254F5E1E06B34D337707A378E20E87] - 10/05/2014 - 10:55:53 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-3B583321.pf  =>P2P.µTorrent
~ Prefetcher: 1 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
~ LSA: 3 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{025a0cde-b99c-11e3-8256-40f02fba0d82}\AutoRun\command. (...) -- G:\setup\rsrc\Autorun.exe (.not file.)
O51 - MPSK:{3927fa8c-c86b-11e3-827a-40f02fba0d82}\AutoRun\command. (...) -- Z:\setup.exe (.not file.)
O51 - MPSK:{8f4d8c13-c980-11e3-827b-40f02fba0d82}\AutoRun\command. (...) -- Z:\setup\rsrc\Autorun.exe (.not file.)
O51 - MPSK:{8f4d8c31-c980-11e3-827b-40f02fba0d82}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.)
O51 - MPSK:{c5197893-c313-11e3-8272-40f02fba0d82}\AutoRun\command. (...) -- Z:\setup.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite  [Key] . (...) -- c:\program files (x86)\daemon tools lite\dtlite.exe (.not file.)  =>.DT Soft Ltd
O53 - SMSR:HKLM\...\startupreg\SDTray  [Key] . (...) -- c:\program files (x86)\spybot - search & destroy 2\sdtray.exe (.not file.)
~ SMSR Keys: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [108896]
O58 - SDL:25/12/2013 - 14:23:22 ---A- . (.Lenovo Corporation - ACPI Virtual Power Controller Driver.) -- C:\Windows\System32\Drivers\AcpiVpc.sys   [35600]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport  Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys   [782176]
O58 - SDL:04/04/2014 - 17:59:09 ---A- . (.Windows (R) Win 7 DDK provider - KSL Kernel-Mode Dll.) -- C:\Windows\System32\Drivers\amdacpksl.sys   [141312]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys   [79200]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys   [259424]
O58 - SDL:22/08/2013 - 13:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys   [25952]
O58 - SDL:23/07/2013 - 06:37:18 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amd_sata.sys   [80640]
O58 - SDL:23/07/2013 - 06:37:20 ---A- . (.Advanced Micro Devices - Stor Filter Driver.) -- C:\Windows\System32\Drivers\amd_xata.sys   [25344]
O58 - SDL:18/04/2013 - 07:04:28 ---A- . (.AppEx Networks Corporation - AppEx Accelerator LWF/WFP Driver L.E..) -- C:\Windows\System32\Drivers\appexDrv.sys   [219360]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [114016]
O58 - SDL:15/08/2013 - 20:13:30 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athwbx.sys   [3859968]
O58 - SDL:04/04/2014 - 17:59:09 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\AtihdWB6.sys   [222720]
O58 - SDL:11/09/2013 - 05:30:38 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys   [12526592]
O58 - SDL:11/09/2013 - 02:24:42 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys   [619008]
O58 - SDL:25/02/2014 - 14:04:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys   [108440]  =>.Avira Operations GmbH
O58 - SDL:25/02/2014 - 14:04:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys   [131576]  =>.Avira Operations GmbH
O58 - SDL:25/02/2014 - 14:04:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys   [28600]  =>.Avira Operations GmbH
O58 - SDL:17/05/2014 - 11:00:39 ---A- . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\Drivers\avnetflt.sys   [84720]  =>.Avira Operations GmbH
O58 - SDL:08/08/2011 - 19:13:12 ---A- . (.SysProgs.org - WinCDEmu virtual CDROM bus.) -- C:\Windows\System32\Drivers\BazisVirtualCDBus.sys   [198480]
O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2  Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys   [17624]
O58 - SDL:25/09/2013 - 02:45:24 ---A- . (.Qualcomm Atheros - Qualcomm Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys   [338120]
O58 - SDL:25/09/2013 - 02:45:24 ---A- . (.Qualcomm Atheros - Qualcomm Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\Drivers\btath_avdt.sys   [116424]
O58 - SDL:25/09/2013 - 02:45:24 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys   [34384]
O58 - SDL:25/09/2013 - 02:45:24 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys   [89800]
O58 - SDL:25/09/2013 - 02:45:24 ---A- . (.Qualcomm Atheros - Qualcomm Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys   [179432]
O58 - SDL:25/09/2013 - 02:45:24 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys   [77464]
O58 - SDL:25/09/2013 - 02:45:26 ---A- . (.Qualcomm Atheros - Qualcomm Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys   [137928]
O58 - SDL:25/09/2013 - 02:45:26 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys   [594632]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys   [531296]
O58 - SDL:09/01/2014 - 20:02:48 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys   [1469632]
O58 - SDL:16/04/2014 - 22:12:59 ---A- . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\Windows\System32\Drivers\cmderd.sys   [23168]
O58 - SDL:16/04/2014 - 22:12:59 ---A- . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\Windows\System32\Drivers\cmdguard.sys   [748784]
O58 - SDL:16/04/2014 - 22:13:00 ---A- . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\Windows\System32\Drivers\cmdhlp.sys   [37560]
O58 - SDL:18/06/2013 - 15:45:26 ---A- . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\Drivers\e1i63x64.sys   [460288]
O58 - SDL:05/08/2013 - 11:07:27 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys   [380680]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys   [3357024]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys   [64352]
O58 - SDL:30/07/2013 - 19:47:35 ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys   [24568]
O58 - SDL:25/07/2013 - 20:05:39 ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys   [99320]
O58 - SDL:10/08/2013 - 01:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys   [651248]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys   [412000]
O58 - SDL:16/04/2014 - 22:13:00 ---A- . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\Windows\System32\Drivers\inspect.sys   [127664]
O58 - SDL:18/07/2013 - 06:55:42 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C63x64.sys   [130248]
O58 - SDL:25/12/2013 - 14:23:09 ---A- . (.Lenovo. - HD Disk Driver.) -- C:\Windows\System32\Drivers\LhdX64.sys   [39008]
O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [109408]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys   [93536]
O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys   [81760]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys   [82784]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys   [56672]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys   [575840]
O58 - SDL:22/08/2013 - 13:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys   [63840]
O58 - SDL:08/07/2013 - 19:37:41 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwew00.sys   [3344352]
O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [150368]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [168288]
O58 - SDL:19/07/2013 - 09:58:26 ---A- . (.Realtek Semiconductor Corp. - Realtek UVC Driver for XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\rtsuvc.sys   [8247640]
O58 - SDL:18/07/2013 - 09:48:02 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsUVStor.sys   [329944]
O58 - SDL:22/08/2013 - 16:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [23040]
O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys   [44896]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [81760]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys   [31072]
O58 - SDL:08/03/2013 - 09:47:50 ---A- . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\System32\Drivers\usbfilter.sys   [58536]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [19808]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys   [168800]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS   [305504]
O58 - SDL:13/06/2012 - 17:10:32 ---A- . (."CyberLink - Cyberlink Virtual Disk Driver.) -- C:\Windows\System32\Drivers\wsvd.sys   [102376]
O58 - SDL:15/08/2013 - 20:13:30 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athwbx.sys   [3859968]
~ Drivers: 67 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 14/05/2014 - 14:49:59 ---A- . (...) -- C:\Users\Chloe\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll   [49744]
O61 - LFC: 17/05/2014 - 14:50:10 ---A- . (.Avira Operations GmbH & Co. KG.) -- C:\Users\Chloe\Downloads\avira_fr_av___ws.exe   [4536336]
O61 - LFC: 19/05/2014 - 14:49:50 ---A- . (...) -- C:\Users\Chloe\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin   [85772]
O61 - LFC: 20/05/2014 - 14:50:10 ---A- . (.Nicolas Coolman.) -- C:\Users\Chloe\Downloads\ZHPDiag2.exe   [6779961]  =>.Nicolas Coolman
~ 7 Fichiers temporaires (Temporary files)
~ Files: 4 Scanned in 00mn 19s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
~ FASS Keys: 10 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.illimitux_backup_http", "");
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.illimitux_backup_port", 0);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.illimitux_backup_referer", 2);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.illimitux_backup_type", 0);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.illimitux_changed", 1);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.illimitux_last_http", "");
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.illimitux_last_port", 0);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.illimitux_last_type", 0);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_firsttime_4.0_", false);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_firsttime_4.0b_", false);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_mu_auto", "dl");
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_auto", false);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_box", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_captcha", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_divx", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_embed", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_proxy", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_pt_4s", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_pt_captcha", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_pt_mp", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_pt_mu", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_pt_mv", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_pt_rs", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_pt_rs1", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_pt_zs", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_referer", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_rs", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_tab", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.ilx_pref_zapmu", true);
O69 - SBI: prefs.js [Chloe - 3vuty7sr.default] user_pref("extensions.illimitux.locale", "fr");
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [208896]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [155136]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [155136]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [323072]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1308160]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1063424]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [903168]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [109568]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [107008]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1214976]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [220672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [70656]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [220160]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [324096]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [81408]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [339456]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll   [491520]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1576960]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [50688]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [201728]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [164352]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [101376]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [534528]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [223744]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [71680]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [433664]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [306688]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [3464192]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [1017856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [629760]
~ Services: 34 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.3C166BAE84553D4CB27AF8ABDC61712D] [SPRF][01/04/2014] (...) -- C:\Users\Chloe\Desktop\Minecraft.exe   [675988]
~ Files: 1 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{B3D42D3F-88FE-46D0-99C0-6D8548C189D4}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Chloe\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{CEB42392-FEBB-4B10-88F7-8A93C052BC8C}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Chloe\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 01s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS:  - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS:  - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS:  - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS:  - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS:  - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS:  - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 17/05/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/09/2013 344064 |  (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SS - | Disabled 25/02/2014 1017424 |  (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SS - | Demand 25/03/2014 2264280 |  (cmdvirth) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
SS - | Demand 17/05/2014 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 21/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 14/01/2014 881952 |  (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 11/09/2013 239616 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 25/02/2014 440400 |  (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 25/02/2014 440400 |  (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 25/09/2013 312448 |  (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 14/05/2014 123984 |  (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
SR - | Auto 16/04/2014 6817544 |  (CmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SR - | Auto 25/07/2013 206552 |  (CxAudMsg) . (.Conexant Systems Inc..) - C:\WINDOWS\system32\CxAudMsg64.exe
SR - | Auto 29/07/2013 92160 |  (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SR - | Auto 24/04/2012 390632 |  (RichVideo64) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
SR - | Auto 10/07/1658 0 |  (SAService) . (.Conexant Systems, Inc..) - C:\Windows\System32\SAsrv.exe
SR - | Auto 27/08/2013 93072 |  (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 25/12/2013 68368 |  (VeriFaceSrv) . (...) - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
SR - | Demand 10/07/1658 0 |  (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 |  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 25/09/2013 323584 |  (ZAtheros Bt and Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
~ Services:  Scanned in 00mn 10s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Chloe at 20/05/2014 14:51:51
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Chloe at 20/05/2014 14:51:53
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13029 - (19/05/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 4
Fichiers trouvés  (Files found) : 1

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]   =>P2P.BitTorrent^
C:\Users\Chloe\AppData\Roaming\Mozilla\Firefox\Profiles\3vuty7sr.default\extensions\foxyproxy@eric.h.jung   =>Hijacker.Proxy^
C:\ProgramData\eBay   =>Toolbar.eBay^
C:\Users\Chloe\AppData\Roaming\BitTorrent Sync   =>P2P.BitTorrent^
C:\Users\Chloe\AppData\Roaming\uTorrent   =>P2P.µTorrent^
[HKCU\Software\BitTorrent]   =>P2P.BitTorrent^
~ Additionnel Scan: 201566 Items scanned in 00mn 40s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy  =>Hijacker.Proxy
~ MSI: 1 link(s) detected in 00mn 00s



End of the scan (1244 lines in 07mn 13s)(0)