cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.5.5.46 - Nicolas Coolman (05/05/2015)
~ Lancé par Sylvio (05/05/2015 11:00:43)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 37.0.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : PW8V6
Windows License : OK
Windows Automatic Updates : OK
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)

---\\ Logiciels de protection du système
ESET NOD32 Antivirus v8.0.304.3

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.2 - Français

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3582 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 210 GB (68%) free of 304 GB

---\\ Mode de connexion au système
~ Computer Name: DOMI
~ User Name: Sylvio
~ All Users Names: Sylvio, Dominique, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Sylvio\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Sylvio\AppData\Roaming\
~ %Desktop% : C:\Users\Sylvio\Desktop\
~ %Favorites% : C:\Users\Sylvio\Favorites\
~ %LocalAppData% : C:\Users\Sylvio\AppData\Local\
~ %StartMenu% : C:\Users\Sylvio\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 210 Go of 304 Go)
D: Hard drive, Flash drive, Thumb drive (Free 839 Go of 1863 Go)
E: Hard drive, Flash drive, Thumb drive (Free 153 Go of 153 Go)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 42 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 10:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 06:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.19B481D70FBC176AE5D3E91347B0128F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/03/2015 - 02:57:20.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 10:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 10:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 10:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 06:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 08:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 18:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 08:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 06:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 06:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 17:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 08:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 23:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 12:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 06:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 06:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 08:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 08:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 15:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/5
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 1/28428
~ Mon Bureau (My Desktop) : 1/13
~ Menu demarrer (Programs) : 1/38
~ Hidden Files: Scanned in 00mn 19s



---\\ Processus lancés
[MD5.C97AF00F76E085680AE2B1A8FB00527D] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920] [PID.3532]
[MD5.D2124327CB66F3727D26343122DBC4F5] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456] [PID.3568]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.3580]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.3596]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3860]
[MD5.F7593C18BE0493DF2BE3B3245545EB9C] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [299520] [PID.4028]
[MD5.06DCDE310630A7E8BAB528168C29C7AF] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299520] [PID.2760]
[MD5.276AC7BAE1F596A3A1D4B6D43AEF099C] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe [399736] [PID.4880] =>P2P.BitTorrent
[MD5.345B45BE09381D2011EB7F9AC11D8AC4] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [376944] [PID.4608]
[MD5.257FADF909B31DE24177BBD07CC02199] - (.Hola Networks Ltd. - Hola Better Internet Engine.) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\hola_plugin.exe [6457288] [PID.5336]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4676]
[MD5.A299EA000386A57EBAA2699A95FB91E0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8207360] [PID.4228]
[MD5.DE697CA5522739901B17D60E18A48B57] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [209408] [PID.1132]
[MD5.5CE3D0E1D1B3832EE052CFC442EEE0FA] - (.Creative Technology Ltd - Creative Audio Service.) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720] [PID.1368]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1400]
[MD5.E9436FC5E92868FA0A2B3EFE46C50203] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [493056] [PID.1548]
[MD5.58FBDA10FC403CF9F82ABD0A68129BA3] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576] [PID.312]
[MD5.B044BB341E164DA6750A9B8E6A5FF6A1] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.924]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.1572]
[MD5.250B9120C7C103AFDC0C6643F9691055] - (.Fujitsu Siemens Computers - Testhandler Service.) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [303104] [PID.2012]
[MD5.E1B44A75947137F4143308D566889837] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107848] [PID.3044]
[MD5.FFB823D0043D93F3CF3BFFBA6CA355B1] - (.Microsoft Corporation - wpffontcache_v0400.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [770168] [PID.3132]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Sylvio\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Sylvio\AppData\Roaming\Mozilla\Firefox\Profiles\cqpwb926.default\prefs.js
M0 - MFSP: prefs.js [Sylvio - cqpwb926.default] http://www.google.com
M2 - MFEP: prefs.js [Sylvio - cqpwb926.default\jid1-4P0kohSJxU1qGg@jetpack] [] Hola Better Internet v1.7.608 (..)
M2 - MFEP: Extension [Sylvio - cqpwb926.default] jid1-4P0kohSJxU1qGg@jetpack
M2 - MFEP: Extension [Sylvio - cqpwb926.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.40.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.40.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.40.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@hola.org/vlc,version=1.7.681] - (...) -- (.not file.)
~ Firefox Browser: 27 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 10 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
~ BHO: 10 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Sylvio]: uTorrent - Raccourci.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] . (.Fujitsu Siemens - Offline Registration client Version 2.0.) -- C:\ProgramData\fsc-reg\fscreg.exe
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] . (.Fujitsu Siemens - Offline Registration client Version 2.0.) -- C:\ProgramData\fsc-reg\fscreg.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-3872192923-2748410194-895478906-1001\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-3872192923-2748410194-895478906-1001\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} ((no name)) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F71DD59-733C-4587-8258-39B238573C90}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F71DD59-733C-4587-8258-39B238573C90}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8F71DD59-733C-4587-8258-39B238573C90}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{8F71DD59-733C-4587-8258-39B238573C90}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8F71DD59-733C-4587-8258-39B238573C90}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS3\Services\Tcpip\..\{8F71DD59-733C-4587-8258-39B238573C90}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {E31004D1-A431-41B8-826F-E902F9D95C81} . (.Microsoft Corporation - Microsoft Windows 7 Ultimate Extra: Windows.) -- C:\Windows\System32\DreamScene.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Creative Audio Service (CTAudSvcService) . (.Creative Technology Ltd - Creative Audio Service.) - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 174.7.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers - Testhandler Service.) - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
~ Services: 8 Scanned in 00mn 06s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [2300726e-d013-4e97-93b8-82cdb2191e24-1-6] (...) -- C:\Program Files\CinemaP-1.9cV05.03\2300726e-d013-4e97-93b8-82cdb2191e24-1-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [2300726e-d013-4e97-93b8-82cdb2191e24-1-7] (...) -- C:\Program Files\CinemaP-1.9cV05.03\2300726e-d013-4e97-93b8-82cdb2191e24-1-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [2300726e-d013-4e97-93b8-82cdb2191e24-5] (...) -- C:\Program Files\CinemaP-1.9cV05.03\2300726e-d013-4e97-93b8-82cdb2191e24-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [2300726e-d013-4e97-93b8-82cdb2191e24-5_user] (...) -- C:\Program Files\CinemaP-1.9cV05.03\2300726e-d013-4e97-93b8-82cdb2191e24-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [4ceb9e8a-2a26-4ffd-87b6-155d80660b67-5] (...) -- C:\Program Files\SavePass 1.1\4ceb9e8a-2a26-4ffd-87b6-155d80660b67-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [4ceb9e8a-2a26-4ffd-87b6-155d80660b67-5_user] (...) -- C:\Program Files\SavePass 1.1\4ceb9e8a-2a26-4ffd-87b6-155d80660b67-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [7cb3e800-bad1-4bf8-b52f-bd745d4125f8-1-6] (...) -- C:\Program Files\SavePass 1.1\7cb3e800-bad1-4bf8-b52f-bd745d4125f8-1-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [7cb3e800-bad1-4bf8-b52f-bd745d4125f8-1-7] (...) -- C:\Program Files\SavePass 1.1\7cb3e800-bad1-4bf8-b52f-bd745d4125f8-1-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [7cb3e800-bad1-4bf8-b52f-bd745d4125f8-10_user] (...) -- C:\Program Files\SavePass 1.1\7cb3e800-bad1-4bf8-b52f-bd745d4125f8-10.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [7cb3e800-bad1-4bf8-b52f-bd745d4125f8-5] (...) -- C:\Program Files\SavePass 1.1\7cb3e800-bad1-4bf8-b52f-bd745d4125f8-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [7cb3e800-bad1-4bf8-b52f-bd745d4125f8-5_user] (...) -- C:\Program Files\SavePass 1.1\7cb3e800-bad1-4bf8-b52f-bd745d4125f8-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.AAF87A1B230B1E5585EA742C633A5414] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.00000000000000000000000000000000] [APT] [cf93f976-45f6-44ae-bd9a-c79b5f5d2d76-1-7] (...) -- C:\Program Files\Sense\cf93f976-45f6-44ae-bd9a-c79b5f5d2d76-1-7.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [cf93f976-45f6-44ae-bd9a-c79b5f5d2d76-4] (...) -- C:\Program Files\Sense\cf93f976-45f6-44ae-bd9a-c79b5f5d2d76-4.exe (.not file.) [0]
[MD5.87B648A65DCCE249AD787A271D4B38AC] [APT] [FHIGIC] (.Cinema PlusV05.03.) -- C:\Users\Sylvio\AppData\Roaming\FHIGIC.exe [1854464] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineCore1d07f2488c23797] (...) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (.not file.) [0] =>PUP.GlobalUpdate
[MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineCore1d07f2494e75917] (...) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (.not file.) [0] =>PUP.GlobalUpdate
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107848]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107848]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA1d05e43973bee82] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107848]
[MD5.FD75D8CBF37D429A007675B09CA7123D] [APT] [OEM] (.Cinema PlusV05.03.) -- C:\Users\Sylvio\AppData\Roaming\OEM.exe [1371136] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [temp_cf93f976-45f6-44ae-bd9a-c79b5f5d2d76-1-6] (...) -- C:\Program Files\Sense\cf93f976-45f6-44ae-bd9a-c79b5f5d2d76-1-6.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{757E44AD-B7B5-40F7-97EB-99000478BEED}] (...) -- C:\Users\Sylvio\Desktop\sp37093.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BBE961B2-D953-49FC-969F-3F0460C6BB79}] (...) -- C:\Users\Sylvio\Downloads\a4etn05us17.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [trxShakeIcon] (...) -- C:\Program Files\NCH Swift Sound\TRx\TRx.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: FHIGIC - (.Cinema PlusV05.03.) -- C:\Windows\Tasks\FHIGIC.job [1342] =>PUP.CrossRider
O39 - APT: FHIGIC - (.Cinema PlusV05.03.) -- C:\Windows\System32\Tasks\FHIGIC [1342] =>PUP.CrossRider
O39 - APT: globalUpdateUpdateTaskMachineCore1d07f2494e75917 - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1d07f2494e75917.job [888] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineCore1d07f2494e75917 - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore1d07f2494e75917 [888] =>PUP.GlobalUpdate
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1056]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056]
O39 - APT: GoogleUpdateTaskMachineUA1d05e43973bee82 - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d05e43973bee82.job [1056]
O39 - APT: GoogleUpdateTaskMachineUA1d05e43973bee82 - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d05e43973bee82 [1056]
O39 - APT: OEM - (.Cinema PlusV05.03.) -- C:\Windows\Tasks\OEM.job [1336] =>PUP.CrossRider
O39 - APT: OEM - (.Cinema PlusV05.03.) -- C:\Windows\System32\Tasks\OEM [1336] =>PUP.CrossRider
~ Scheduled Task: 35 Scanned in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r124.) -- C:\Windows\system32\Macromed\Flash\Flash9f.ocx
~ Active Setup: 12 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (eamonm) . (.ESET - Amon monitor.) - C:\Windows\System32\DRIVERS\eamonm.sys
O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 66 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM] -- 7-Zip
O42 - Logiciel: AC3Filter 2.6.0b - (.Alexander Vigovsky.) [HKLM] -- AC3Filter_is1
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {BC3053AC-FC4E-2073-FE89-A3C68ABFB134}
O42 - Logiciel: ANT Drivers 0.1.2.0 - (.ANT Drivers.) [HKLM] -- ANT Drivers_is1
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Flash Player 17 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems, Inc..) [HKLM] -- {58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}
O42 - Logiciel: Adobe Reader 8.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Audacity 1.3.13 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1
O42 - Logiciel: Bass Audio Decoder (remove only) - (...) [HKLM] -- Bass Audio Decoder
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM] -- {25A3B953-1423-3F15-640E-B620DD0F419A}
O42 - Logiciel: Creative ASIO (USB) - (.Creative Technology Limited.) [HKLM] -- Creative_ASIO(USB)
O42 - Logiciel: Creative System Information - (.Creative Technology Limited.) [HKLM] -- SysInfo
O42 - Logiciel: DCoder Image Source (remove only) - (...) [HKLM] -- DCoder Image Source
O42 - Logiciel: DirectVobSub (remove only) - (...) [HKLM] -- DirectVobSub
O42 - Logiciel: Dolby Digital Live Pack - (.Creative Technology Limited.) [HKLM] -- Dolby Digital Live Pack
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: FFMPEG Core Files (remove only) - (...) [HKLM] -- FFMPEG Core Files
O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory
O42 - Logiciel: Fujitsu Siemens Computers Recovery - (.Fujitsu Siemens Computers.) [HKLM] -- {AFC454ED-A26F-4816-826B-C35129D82E1F}
O42 - Logiciel: Geonaute Software - (.Geonaute.) [HKLM] -- {548CBD79-054A-42F1-A1DA-B4F3FEF490ED}_is1
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Haali Media Splitter - (...) [HKLM] -- HaaliMkx
O42 - Logiciel: Java 8 Update 40 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218040F0}
O42 - Logiciel: K-Lite Codec Pack 9.1.0 (Full) - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM] -- LAME_is1
O42 - Logiciel: LAV Filters 0.64 - (.Hendrik Leppkes.) [HKLM] -- lavfilters_is1
O42 - Logiciel: MPlayer for Windows (Full Package) - (.LoRd MuldeR.) [HKLM] -- {DB9E4EAB-2717-499F-8D56-4CC8A644AB60}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MadVR (remove only) - (...) [HKLM] -- MadVR
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Mozilla Firefox 37.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 37.0.2 (x86 fr)
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Native Instruments Traktor 2 - (.Native Instruments.) [HKLM] -- Native Instruments Traktor 2
O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {854C47D1-C2A0-4492-8655-C3F8D49C1036}
O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: Realtek HDMI Audio Driver for ATI - (.Realtek Semiconductor Corp..) [HKLM] -- {5449FB4F-1802-4D5B-A6D8-087DB1142147}
O42 - Logiciel: Revo Uninstaller Pro 3.0.8 - (.VS Revo Group, Ltd..) [HKLM] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1
O42 - Logiciel: Silicon Laboratories USBXpress Device (Driver Removal) - (.Silicon Laboratories.) [HKLM] -- SIUSBXP&10C4&EA61
O42 - Logiciel: Sound Blaster X-Fi Surround 5.1 Pro - (.Creative Technology Limited.) [HKLM] -- {0A9DA353-D0CD-4922-A54B-2F5F4EC90986}
O42 - Logiciel: SystemDiagnostics - (.Fujitsu Siemens Computers .) [HKLM] -- {2F926AE7-9FB7-4B34-906F-9C29A6D146A7}
O42 - Logiciel: The KMPlayer v2.9.4.1435 FR - (.www.kmplayer.com/fr.) [HKLM] -- The KMPlayer FR_is1
O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027}
O42 - Logiciel: Virtual COM Port Driver - (.STMicroelectronics.) [HKLM] -- InstallShield_{9853299F-7AD8-4560-9896-60650BD8ACBF}
O42 - Logiciel: VirtualDJ PRO Full - (.Atomix Productions.) [HKLM] -- {82BEEB3F-D0BF-42EE-8739-F4827C4805B7}
O42 - Logiciel: WavePad - Logiciel d'édition audio - (.NCH Software.) [HKLM] -- WavePad
O42 - Logiciel: WinRAR 4.10 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Zoom Player (remove only) - (.Inmatrix LTD.) [HKLM] -- ZoomPlayer
O42 - Logiciel: Zoom Player French language (remove only) - (...) [HKLM] -- ZoomPlayer_French
O42 - Logiciel: calibre - (.Kovid Goyal.) [HKLM] -- {097E183F-FE88-41B8-ABE0-C730DD4AE48F}
O42 - Logiciel: ffdshow v1.3.4533 [2014-09-29] - (...) [HKLM] -- ffdshow_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
~ Logic: 73 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AC3Filter]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Audacity]
[HKCU\Software\Chromium]
[HKCU\Software\CinemaP-1.9cV05.03-nv-ie] =>PUP.CrossRider
[HKCU\Software\Classes]
[HKCU\Software\Clickteam]
[HKCU\Software\Clients]
[HKCU\Software\Clubic]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Creative Tech]
[HKCU\Software\DSP-worx]
[HKCU\Software\ESET]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Ge-Force-nv-ie] =>PUP.CrossRider
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hola]
[HKCU\Software\Icaros]
[HKCU\Software\JavaSoft]
[HKCU\Software\KMPlayer]
[HKCU\Software\LAV]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\MediaInfo]
[HKCU\Software\Mirage]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Native Instruments]
[HKCU\Software\Netscape]
[HKCU\Software\OB]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Policies]
[HKCU\Software\QtProject]
[HKCU\Software\Realtek]
[HKCU\Software\SavePass 1.1-nv-ie] =>PUP.CrossRider
[HKCU\Software\Sense-nv-ie] =>PUP.CrossRider
[HKCU\Software\Trolltech]
[HKCU\Software\VS Revo Group]
[HKCU\Software\VirtuaMedia]
[HKCU\Software\VirtualDJ]
[HKCU\Software\WinRAR]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\AMD]
[HKLM\Software\ASIO]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adblock Plus for IE]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Atheros Communications Inc.]
[HKLM\Software\Audible]
[HKLM\Software\AviSynth]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Creative Labs]
[HKLM\Software\Creative Tech]
[HKLM\Software\DTS]
[HKLM\Software\DirectShowFilters]
[HKLM\Software\Dolby]
[HKLM\Software\Dropbox]
[HKLM\Software\ESET]
[HKLM\Software\Fujitsu Siemens Computers]
[HKLM\Software\GNU]
[HKLM\Software\Ge-Force-nv-ie] =>PUP.CrossRider
[HKLM\Software\Geonaute]
[HKLM\Software\Google]
[HKLM\Software\Inmatrix]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\LAV]
[HKLM\Software\Lame For Audacity]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\National Instruments]
[HKLM\Software\Native Instruments]
[HKLM\Software\NeroDigital]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OpenAL]
[HKLM\Software\Opera Software]
[HKLM\Software\PAS-Products]
[HKLM\Software\Policies]
[HKLM\Software\Prolific Technology INC]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SavePass 1.1-nv-ie] =>PUP.CrossRider
[HKLM\Software\Silicon Laboratories, Inc.]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\TOSHIBA]
[HKLM\Software\VirtualDJ]
[HKLM\Software\Volatile]
[HKLM\Software\W7DSA]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\calibre]
[HKLM\Software\mozilla.org]
~ Key Software: 259 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/03/2015 - 08:34:02 - [] ----D C:\Program Files\7-Zip
O43 - CFD: 24/03/2015 - 08:33:12 - [] ----D C:\Program Files\AC3Filter
O43 - CFD: 14/03/2015 - 09:23:32 - [] ----D C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 13/05/2008 - 03:29:15 - [] ----D C:\Program Files\Adobe
O43 - CFD: 29/03/2015 - 09:16:30 - [] ----D C:\Program Files\ANT Drivers
O43 - CFD: 14/03/2015 - 17:17:05 - [] ----D C:\Program Files\ATI
O43 - CFD: 14/03/2015 - 17:52:36 - [] ----D C:\Program Files\ATI Technologies
O43 - CFD: 10/04/2015 - 11:58:12 - [] ----D C:\Program Files\Audacity 1.3 Beta (Unicode)
O43 - CFD: 24/03/2015 - 08:27:23 - [] ----D C:\Program Files\Bass Audio Decoder
O43 - CFD: 30/03/2015 - 08:38:51 - [] ----D C:\Program Files\Calibre2
O43 - CFD: 25/04/2015 - 11:08:17 - [] ----D C:\Program Files\Common Files
O43 - CFD: 14/03/2015 - 20:52:54 - [] ----D C:\Program Files\Creative
O43 - CFD: 24/03/2015 - 08:34:11 - [] ----D C:\Program Files\DCoder Image Source
O43 - CFD: 24/03/2015 - 08:32:57 - [] ----D C:\Program Files\DirectVobSub
O43 - CFD: 15/03/2015 - 10:58:07 - [] ----D C:\Program Files\Dropbox
O43 - CFD: 27/03/2015 - 07:36:05 - [] ----D C:\Program Files\ESET
O43 - CFD: 24/03/2015 - 08:29:18 - [] ----D C:\Program Files\ffdshow
O43 - CFD: 24/03/2015 - 08:33:48 - [] ----D C:\Program Files\FFMPEG Core Files
O43 - CFD: 14/03/2015 - 09:17:40 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 19/03/2015 - 09:11:39 - [] ----D C:\Program Files\FreeTime
O43 - CFD: 14/03/2015 - 09:22:11 - [] ----D C:\Program Files\Fujitsu Siemens Computers
O43 - CFD: 29/03/2015 - 09:14:20 - [] ----D C:\Program Files\Geonaute Software
O43 - CFD: 26/03/2015 - 10:59:49 - [] ----D C:\Program Files\Google
O43 - CFD: 24/03/2015 - 08:32:34 - [] ----D C:\Program Files\Haali
O43 - CFD: 29/03/2015 - 09:19:12 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/04/2015 - 11:18:33 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 22/03/2015 - 15:33:45 - [] ----D C:\Program Files\Java
O43 - CFD: 19/03/2015 - 14:26:54 - [] ----D C:\Program Files\K-Lite Codec Pack
O43 - CFD: 23/03/2015 - 09:08:50 - [0] ----D C:\Program Files\KMSpico =>PUA.KMSpico
O43 - CFD: 10/04/2015 - 12:09:21 - [] ----D C:\Program Files\Lame For Audacity
O43 - CFD: 24/03/2015 - 08:31:09 - [] ----D C:\Program Files\LAV Filters
O43 - CFD: 24/03/2015 - 08:32:12 - [] ----D C:\Program Files\MadVR
O43 - CFD: 02/11/2006 - 16:37:34 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 09/04/2015 - 11:43:58 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 07/04/2015 - 07:44:13 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 14/03/2015 - 18:57:32 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 21/03/2015 - 08:54:22 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 24/04/2015 - 10:46:42 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 03/05/2015 - 14:04:17 - [] ----D C:\Program Files\MPlayer for Windows
O43 - CFD: 02/11/2006 - 16:37:34 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 14/03/2015 - 15:23:49 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 18/03/2015 - 10:24:10 - [] ----D C:\Program Files\Native Instruments
O43 - CFD: 04/05/2015 - 11:45:05 - [] ----D C:\Program Files\NCH Software
O43 - CFD: 13/05/2008 - 03:32:09 - [] ----D C:\Program Files\Nero
O43 - CFD: 13/05/2008 - 03:33:39 - [0] ----D C:\Program Files\NeroInstall.bak
O43 - CFD: 14/03/2015 - 16:57:43 - [] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 16:37:34 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 29/03/2015 - 09:19:38 - [] ----D C:\Program Files\Silabs
O43 - CFD: 29/03/2015 - 09:19:11 - [] ----D C:\Program Files\STMicroelectronics
O43 - CFD: 15/03/2015 - 09:15:11 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 19/03/2015 - 18:01:20 - [] ----D C:\Program Files\The KMPlayer FR
O43 - CFD: 02/11/2006 - 17:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 22/03/2015 - 15:52:46 - [] ----D C:\Program Files\uTorrent =>P2P.µTorrent
O43 - CFD: 01/04/2015 - 11:41:07 - [] ----D C:\Program Files\VirtualDJ
O43 - CFD: 24/04/2015 - 10:48:52 - [] ----D C:\Program Files\VS Revo Group
O43 - CFD: 21/03/2015 - 08:54:22 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 21/03/2015 - 08:54:21 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 21/03/2015 - 08:54:19 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 27/03/2015 - 07:56:12 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 27/03/2015 - 07:56:05 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 21/03/2015 - 08:54:21 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/03/2015 - 09:17:40 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 21/03/2015 - 08:54:21 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 23/03/2015 - 07:49:31 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 21/03/2015 - 08:54:21 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 14/03/2015 - 11:10:15 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 03/05/2015 - 14:00:56 - [] ----D C:\Program Files\WinThruster
O43 - CFD: 05/05/2015 - 10:58:29 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 24/03/2015 - 08:26:53 - [] ----D C:\Program Files\Zoom Player
O43 - CFD: 13/05/2008 - 03:29:24 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 14/03/2015 - 18:13:25 - [] ----D C:\Program Files\Common Files\Creative Labs Shared
O43 - CFD: 08/04/2015 - 07:43:08 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 14/03/2015 - 09:22:12 - [] ----D C:\Program Files\Common Files\Fujitsu Siemens Computers
O43 - CFD: 29/03/2015 - 09:17:02 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 22/03/2015 - 15:35:05 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 07/04/2015 - 07:38:33 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 18/03/2015 - 10:24:13 - [] ----D C:\Program Files\Common Files\Native Instruments
O43 - CFD: 13/05/2008 - 03:32:41 - [] ----D C:\Program Files\Common Files\Nero
O43 - CFD: 02/11/2006 - 15:18:33 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 15:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 25/04/2015 - 10:51:12 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 13/05/2008 - 03:29:34 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 17:02:03 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 14/03/2015 - 19:22:34 - [] ----D C:\ProgramData\ATI
O43 - CFD: 14/03/2015 - 09:17:40 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 15/03/2015 - 09:09:10 - [] ----D C:\ProgramData\Creative
O43 - CFD: 02/11/2006 - 17:02:03 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 17:02:03 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 27/03/2015 - 07:36:05 - [] ----D C:\ProgramData\ESET
O43 - CFD: 14/03/2015 - 09:17:40 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 17:02:03 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 14/03/2015 - 09:22:03 - [] ----D C:\ProgramData\fsc-reg
O43 - CFD: 29/03/2015 - 09:12:11 - [] ----D C:\ProgramData\Geonaute
O43 - CFD: 14/03/2015 - 13:40:45 - [] ----D C:\ProgramData\Google
O43 - CFD: 14/03/2015 - 09:17:40 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 02/05/2015 - 10:42:41 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 15/04/2015 - 08:33:11 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 20/03/2015 - 12:13:25 - [] ----D C:\ProgramData\Microsoft Toolkit
O43 - CFD: 14/03/2015 - 09:17:40 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 14/03/2015 - 13:48:12 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 18/03/2015 - 10:24:10 - [] ----D C:\ProgramData\Native Instruments
O43 - CFD: 04/05/2015 - 11:32:07 - [] ----D C:\ProgramData\NCH Software
O43 - CFD: 04/05/2015 - 11:30:28 - [] ----D C:\ProgramData\NCH Swift Sound
O43 - CFD: 13/05/2008 - 03:32:10 - [] ----D C:\ProgramData\Nero
O43 - CFD: 13/05/2008 - 03:43:57 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 22/03/2015 - 15:35:14 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 17/03/2015 - 10:17:17 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 02/11/2006 - 17:02:03 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 22/03/2015 - 15:10:23 - [] ----D C:\ProgramData\Sun
O43 - CFD: 02/11/2006 - 17:02:04 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 22/03/2015 - 15:02:47 - [] ----D C:\ProgramData\UMS
O43 - CFD: 14/03/2015 - 17:48:06 - [] ----D C:\ProgramData\VS Revo Group
O43 - CFD: 23/03/2015 - 08:23:04 - [] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 05/05/2015 - 09:57:08 - [] ----D C:\ProgramData\Zoom Player
O43 - CFD: 14/03/2015 - 09:23:32 - [] ----D C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
O43 - CFD: 18/03/2015 - 10:28:46 - [] --H-D C:\ProgramData\{60143F1F-63C8-4CC1-A37B-28EB1FC6C10F}
O43 - CFD: 24/03/2015 - 08:34:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 24/03/2015 - 08:33:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
O43 - CFD: 14/03/2015 - 16:01:03 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/03/2015 - 16:01:03 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/03/2015 - 17:24:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
O43 - CFD: 24/04/2015 - 15:27:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Cat Audio
O43 - CFD: 30/03/2015 - 08:38:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
O43 - CFD: 14/03/2015 - 20:52:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
O43 - CFD: 27/03/2015 - 07:36:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 21/01/2008 - 06:42:47 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
O43 - CFD: 24/03/2015 - 08:29:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
O43 - CFD: 14/03/2015 - 09:22:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fujitsu Siemens Computers
O43 - CFD: 21/01/2008 - 06:42:49 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 29/03/2015 - 09:14:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geonaute Software
O43 - CFD: 24/03/2015 - 08:32:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 22/03/2015 - 15:34:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 19/03/2015 - 14:26:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 24/03/2015 - 08:31:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
O43 - CFD: 02/11/2006 - 16:56:46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/03/2015 - 09:23:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 07/04/2015 - 07:44:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
O43 - CFD: 19/03/2015 - 18:17:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPlayer for Windows
O43 - CFD: 18/03/2015 - 10:24:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
O43 - CFD: 04/05/2015 - 11:30:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
O43 - CFD: 13/05/2008 - 03:33:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
O43 - CFD: 04/05/2015 - 11:32:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programmes de téléphonie
O43 - CFD: 24/04/2015 - 10:48:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
O43 - CFD: 25/03/2015 - 14:05:51 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 02/11/2006 - 16:37:34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 04/05/2015 - 11:30:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telephony Programs
O43 - CFD: 19/03/2015 - 18:01:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The KMPlayer FR
O43 - CFD: 14/03/2015 - 11:10:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 05/05/2015 - 10:58:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 24/03/2015 - 08:25:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom Player
O43 - CFD: 17/03/2015 - 19:06:25 - [] ----D C:\Users\Sylvio\AppData\Roaming\Adobe
O43 - CFD: 14/03/2015 - 19:22:34 - [] ----D C:\Users\Sylvio\AppData\Roaming\ATI
O43 - CFD: 28/04/2015 - 15:31:40 - [] ----D C:\Users\Sylvio\AppData\Roaming\Audacity
O43 - CFD: 30/03/2015 - 16:30:04 - [] ----D C:\Users\Sylvio\AppData\Roaming\calibre
O43 - CFD: 14/03/2015 - 20:50:53 - [] ----D C:\Users\Sylvio\AppData\Roaming\Creative
O43 - CFD: 21/03/2015 - 07:37:34 - [] ----D C:\Users\Sylvio\AppData\Roaming\Dropbox
O43 - CFD: 14/03/2015 - 14:10:24 - [] ----D C:\Users\Sylvio\AppData\Roaming\Google
O43 - CFD: 14/03/2015 - 14:06:14 - [] ----D C:\Users\Sylvio\AppData\Roaming\Identities
O43 - CFD: 18/03/2015 - 11:00:51 - [] ----D C:\Users\Sylvio\AppData\Roaming\Kodi
O43 - CFD: 14/03/2015 - 14:19:56 - [] ----D C:\Users\Sylvio\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 16:37:34 - [0] ----D C:\Users\Sylvio\AppData\Roaming\Media Center Programs
O43 - CFD: 03/05/2015 - 15:51:17 - [] -S--D C:\Users\Sylvio\AppData\Roaming\Microsoft
O43 - CFD: 14/03/2015 - 14:11:13 - [] ----D C:\Users\Sylvio\AppData\Roaming\Mozilla
O43 - CFD: 04/05/2015 - 11:47:17 - [] ----D C:\Users\Sylvio\AppData\Roaming\NCH Software
O43 - CFD: 04/05/2015 - 11:30:23 - [] ----D C:\Users\Sylvio\AppData\Roaming\NCH Swift Sound
O43 - CFD: 04/05/2015 - 19:53:13 - [0] ----D C:\Users\Sylvio\AppData\Roaming\Nico Mak Computing
O43 - CFD: 25/03/2015 - 14:54:47 - [] ----D C:\Users\Sylvio\AppData\Roaming\Opera Software
O43 - CFD: 03/05/2015 - 14:00:59 - [] ----D C:\Users\Sylvio\AppData\Roaming\Solvusoft
O43 - CFD: 26/03/2015 - 10:55:56 - [] ----D C:\Users\Sylvio\AppData\Roaming\Thunderbird =>.Mozilla Corporation
O43 - CFD: 05/05/2015 - 11:01:20 - [] ----D C:\Users\Sylvio\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 15/03/2015 - 10:57:48 - [] ----D C:\Users\Sylvio\AppData\Roaming\VOS
O43 - CFD: 14/03/2015 - 14:21:47 - [] ----D C:\Users\Sylvio\AppData\Roaming\WinRAR
O43 - CFD: 31/03/2015 - 10:28:22 - [] ----D C:\Users\Sylvio\AppData\Roaming\XBMC
O43 - CFD: 05/05/2015 - 11:01:29 - [] ----D C:\Users\Sylvio\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 11/04/2015 - 18:03:40 - [] ----D C:\Users\Sylvio\AppData\Local\Adobe
O43 - CFD: 14/03/2015 - 14:05:59 - [] -SH-D C:\Users\Sylvio\AppData\Local\Application Data
O43 - CFD: 14/03/2015 - 19:22:34 - [] ----D C:\Users\Sylvio\AppData\Local\ATI
O43 - CFD: 30/03/2015 - 08:39:32 - [0] ----D C:\Users\Sylvio\AppData\Local\calibre-cache
O43 - CFD: 25/04/2015 - 10:50:14 - [] ----D C:\Users\Sylvio\AppData\Local\CrashRpt
O43 - CFD: 14/03/2015 - 19:52:25 - [] ----D C:\Users\Sylvio\AppData\Local\ESET
O43 - CFD: 19/03/2015 - 18:06:35 - [] ----D C:\Users\Sylvio\AppData\Local\fontconfig
O43 - CFD: 29/03/2015 - 09:22:17 - [] ----D C:\Users\Sylvio\AppData\Local\Geonaute
O43 - CFD: 25/03/2015 - 14:46:07 - [] ----D C:\Users\Sylvio\AppData\Local\Google
O43 - CFD: 14/03/2015 - 14:05:59 - [] -SH-D C:\Users\Sylvio\AppData\Local\Historique
O43 - CFD: 25/04/2015 - 11:24:38 - [] ----D C:\Users\Sylvio\AppData\Local\Hola
O43 - CFD: 23/03/2015 - 08:06:53 - [] ----D C:\Users\Sylvio\AppData\Local\Macromedia
O43 - CFD: 14/04/2015 - 07:30:50 - [] ----D C:\Users\Sylvio\AppData\Local\Microsoft
O43 - CFD: 22/04/2015 - 19:49:09 - [] ----D C:\Users\Sylvio\AppData\Local\Microsoft Games
O43 - CFD: 14/03/2015 - 14:11:08 - [] ----D C:\Users\Sylvio\AppData\Local\Mozilla
O43 - CFD: 20/03/2015 - 11:35:14 - [] ----D C:\Users\Sylvio\AppData\Local\MSfree Inc
O43 - CFD: 25/03/2015 - 14:54:48 - [] ----D C:\Users\Sylvio\AppData\Local\Opera Software
O43 - CFD: 15/03/2015 - 12:21:44 - [] ----D C:\Users\Sylvio\AppData\Local\Spoon
O43 - CFD: 05/05/2015 - 11:00:04 - [] ----D C:\Users\Sylvio\AppData\Local\Temp
O43 - CFD: 14/03/2015 - 14:05:59 - [] -SH-D C:\Users\Sylvio\AppData\Local\Temporary Internet Files
O43 - CFD: 26/03/2015 - 11:02:28 - [] ----D C:\Users\Sylvio\AppData\Local\Thunderbird =>.Mozilla Corporation
O43 - CFD: 17/03/2015 - 19:06:26 - [] ----D C:\Users\Sylvio\AppData\Local\VirtualStore
O43 - CFD: 14/03/2015 - 17:48:16 - [] ----D C:\Users\Sylvio\AppData\Local\VS Revo Group
O43 - CFD: 21/01/2008 - 06:42:46 - [] R---D C:\Users\Sylvio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/03/2015 - 14:06:25 - [] R---D C:\Users\Sylvio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 15/03/2015 - 10:57:44 - [] ----D C:\Users\Sylvio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 19/03/2015 - 09:12:13 - [] ----D C:\Users\Sylvio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 24/03/2015 - 08:32:34 - [0] ----D C:\Users\Sylvio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 21/01/2008 - 06:42:46 - [] R---D C:\Users\Sylvio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 25/04/2015 - 11:01:03 - [] R---D C:\Users\Sylvio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 01/04/2015 - 11:41:10 - [] ----D C:\Users\Sylvio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
~ Program Folder: 205 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.CF471CB1C91A1E569CDD14FF7F1B9366] - 03/05/2015 - 13:48:51 ---A- . (...) -- C:\RstAssociations.txt [3283]
O44 - LFC:[MD5.88EF8536B1BBED4B9C1EB35D50405AE4] - 03/05/2015 - 15:44:26 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1660932]
O44 - LFC:[MD5.E5D752A6866BCB1617B3537217CB4BE4] - 03/05/2015 - 15:44:26 ---A- . (...) -- C:\Windows\System32\perfc009.dat [125448]
O44 - LFC:[MD5.DE0D0B5F2C43C4C4C57FCFF0E13C8959] - 03/05/2015 - 15:44:26 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [153308]
O44 - LFC:[MD5.8445CFC5F38187582F44C35D1BF02E68] - 03/05/2015 - 15:44:26 ---A- . (...) -- C:\Windows\System32\perfh009.dat [648752]
O44 - LFC:[MD5.1AECA3EB3054826EE63070298BD38184] - 03/05/2015 - 15:44:26 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [738960]
O44 - LFC:[MD5.801AC2BF689CF1E59CEC1C5591297C8A] - 04/05/2015 - 19:46:33 ---A- . (.WinZip Computing, S.L.(WinZip Computing) - WinZip Registry Optimizer.) -- C:\Windows\System32\roboot.exe [17584] =>Crapware.WinZipRegistry
O44 - LFC:[MD5.38D814E0792385E4535E949107CE2E8C] - 05/05/2015 - 07:22:07 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.915BF42AA4E5A3F461C72D6464B6949A] - 05/05/2015 - 07:26:57 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1607797]
O44 - LFC:[MD5.B9BB8E2093C1615AD6EA55AD96214354] - 24/04/2015 - 10:48:54 ---A- . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\Drivers\revoflt.sys [27192]
~ Files: 10 Scanned in 00mn 24s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.237EE27DDD761A4C62C8A9DA95E287EC] - 05/05/2015 - 07:31:25 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-1070971C.pf =>P2P.µTorrent
~ Prefetcher: 1 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll
~ TDSD: 5 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\fsc-reg [Key] . (.Fujitsu Siemens - Offline Registration client Version 2.0.) -- C:\ProgramData\fsc-reg\fscreg.exe
O53 - SMSR:HKLM\...\startupreg\FSCRecovery [Key] . (.Fujitsu Siemens Computers GmbH - Fujitsu Siemens Computers Recovery Reminder.) -- c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
O53 - SMSR:HKLM\...\startupreg\Google EULA Launcher [Key] . (...) -- c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
O53 - SMSR:HKLM\...\startupreg\Module Loader [Key] . (.Creative Technology Ltd. - DLL Module Loader.) -- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
O53 - SMSR:HKLM\...\startupreg\MPlayerForWindows_UpdateReminder [Key] . (...) -- C:\Program Files\MPlayer for Windows\AutoUpdate.exe
O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O53 - SMSR:HKLM\...\startupreg\VolPanel [Key] . (.Creative Technology Ltd - VolPanlu.exe.) -- C:\Program Files\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
~ SMSR Keys: 11 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ MWPE Keys: 1 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:21/01/2008 - 06:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968]
O58 - SDL:21/01/2008 - 06:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [300600]
O58 - SDL:21/01/2008 - 06:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys [101432]
O58 - SDL:21/01/2008 - 06:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [149560]
O58 - SDL:19/12/2007 - 21:45:00 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\ahcix86s.sys [170000]
O58 - SDL:21/01/2008 - 06:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [17464]
O58 - SDL:21/01/2008 - 06:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [79416]
O58 - SDL:21/01/2008 - 06:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [79928]
O58 - SDL:13/08/2004 - 09:56:20 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [5810]
O58 - SDL:05/07/2013 - 12:40:30 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\AtihdLH3.sys [75264]
O58 - SDL:07/12/2013 - 01:51:04 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [11527680]
O58 - SDL:07/12/2013 - 00:20:32 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [501248]
O58 - SDL:02/11/2006 - 12:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:02/11/2006 - 12:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:02/11/2006 - 12:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [71808]
O58 - SDL:02/11/2006 - 12:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:02/11/2006 - 12:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:02/11/2006 - 12:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:21/01/2008 - 06:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [19000]
O58 - SDL:02/11/2006 - 13:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [71272]
O58 - SDL:21/01/2008 - 06:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\System32\Drivers\E1G60I32.sys [118784]
O58 - SDL:22/09/2014 - 08:20:06 ---A- . (.ESET - Amon monitor.) -- C:\Windows\System32\Drivers\eamonm.sys [191928]
O58 - SDL:22/09/2014 - 08:20:06 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\System32\Drivers\ehdrv.sys [135296]
O58 - SDL:21/01/2008 - 06:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:22/09/2014 - 08:20:06 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\Drivers\epfwwfpr.sys [123424]
O58 - SDL:21/01/2008 - 06:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys [40504]
O58 - SDL:30/09/2007 - 02:03:12 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStor.sys [308248]
O58 - SDL:21/01/2008 - 06:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys [235064]
O58 - SDL:02/11/2006 - 13:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41576]
O58 - SDL:02/11/2006 - 13:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:02/11/2006 - 13:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:03/04/2008 - 16:58:46 ---A- . (.JMicron Technology Corp. - JMicron JMB36X RAID Driver.) -- C:\Windows\System32\Drivers\jraid.sys [76688]
O58 - SDL:08/04/2013 - 11:33:46 ---A- . (.Creative Technology Ltd. - WDM USB Audio Driver.) -- C:\Windows\System32\Drivers\ksaud.sys [1255296]
O58 - SDL:25/04/2012 - 14:08:14 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C60x86.sys [87152]
O58 - SDL:21/01/2008 - 06:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [96312]
O58 - SDL:21/01/2008 - 06:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89656]
O58 - SDL:21/01/2008 - 06:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96312]
O58 - SDL:21/01/2008 - 06:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys [31288]
O58 - SDL:21/01/2008 - 06:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [386616]
O58 - SDL:02/11/2006 - 13:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys [33384]
O58 - SDL:02/11/2006 - 13:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [45160]
O58 - SDL:02/11/2006 - 11:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\System32\Drivers\ntrigdigi.sys [20608]
O58 - SDL:19/03/2008 - 21:30:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 174.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [7438432]
O58 - SDL:29/01/2008 - 23:55:00 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvmfdx32.sys [1042464]
O58 - SDL:21/01/2008 - 06:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [102968]
O58 - SDL:16/02/2008 - 01:15:26 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) SMU Microcontroller Driver.) -- C:\Windows\System32\Drivers\nvsmu.sys [14336]
O58 - SDL:21/01/2008 - 06:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [45112]
O58 - SDL:21/01/2008 - 06:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1122360]
O58 - SDL:02/11/2006 - 13:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106088]
O58 - SDL:30/12/2009 - 10:21:18 ---A- . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\Drivers\revoflt.sys [27192]
O58 - SDL:05/06/2012 - 13:45:06 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RtHDMIV.sys [204432]
O58 - SDL:14/06/2011 - 19:38:12 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHDA.sys [3520168]
O58 - SDL:02/11/2006 - 10:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:03/06/2011 - 10:24:00 ---A- . (.Silicon Laboratories - SiLib WDM Support Driver.) -- C:\Windows\System32\Drivers\SiLib.sys [17408]
O58 - SDL:21/01/2008 - 06:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [74808]
O58 - SDL:03/06/2011 - 10:24:00 ---A- . (.Silicon Laboratories - SiUSBXp.sys.) -- C:\Windows\System32\Drivers\SiUSBXp.sys [14592]
O58 - SDL:02/11/2006 - 13:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys [35944]
O58 - SDL:02/11/2006 - 13:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys [31848]
O58 - SDL:02/11/2006 - 13:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys [34920]
O58 - SDL:21/01/2008 - 06:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:02/11/2006 - 13:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:21/01/2008 - 06:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:21/01/2008 - 06:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [20024]
O58 - SDL:21/01/2008 - 06:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [130616]
O58 - SDL:02/11/2006 - 11:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:02/11/2006 - 11:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:02/11/2006 - 11:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:02/11/2006 - 11:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:02/11/2006 - 11:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:02/11/2006 - 11:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:02/11/2006 - 11:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:02/11/2006 - 11:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:02/11/2006 - 11:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:02/11/2006 - 11:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:02/11/2006 - 11:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:02/11/2006 - 11:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:02/11/2006 - 11:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:02/11/2006 - 11:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:02/11/2006 - 11:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:03/08/2005 - 16:05:02 ---A- . (.Prolific Technology Inc. - USB-Serial USB Driver.) -- C:\Windows\System32\SER9PL.sys [35892]
O58 - SDL:03/06/2011 - 10:24:00 ---A- . (.Silicon Laboratories - SiLib WDM Support Driver.) -- C:\Windows\System32\SiLib.sys [17408]
O58 - SDL:03/06/2011 - 10:24:00 ---A- . (.Silicon Laboratories - SiUSBXp.sys.) -- C:\Windows\System32\SIUSBXP.sys [14592]
~ Drivers: 82 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 04/05/2015 - 11:02:15 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Temp\imssetup.exe [1125101]
O61 - LFC: 04/05/2015 - 11:02:15 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Temp\toolbarconduit2.exe [77824]
O61 - LFC: 04/05/2015 - 11:02:15 ---A- . (.NCH Software.) -- C:\Users\Sylvio\AppData\Local\Temp\uninst.exe [1081348]
O61 - LFC: 04/05/2015 - 11:02:18 ---A- . (.NCH Software.) -- C:\Users\Sylvio\Downloads\trxsetup.exe [596624]
O61 - LFC: 04/05/2015 - 11:02:18 ---A- . (.WinZip International LLC.) -- C:\Users\Sylvio\Downloads\wzro24.exe [3662632]
O61 - LFC: 05/05/2015 - 11:02:18 ---A- . (.Nicolas Coolman.) -- C:\Users\Sylvio\Downloads\ZHPDiag2.exe [6880620] =>.Nicolas Coolman
O61 - LFC: 28/04/2015 - 11:02:18 ---A- . (.Zdeněk Navrátil.) -- C:\Users\Sylvio\Downloads\span17.exe [4410054]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\axvlc.dll [534547]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\libvlc.dll [113171]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\libvlccore.dll [2459667]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\access\libaccess_http_plugin.dll [119315]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\access\libfilesystem_plugin.dll [45587]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\access_output\libaccess_output_file_plugin.dll [16915]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\access_output\libaccess_output_http_plugin.dll [16403]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\liba52tospdif_plugin.dll [13331]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libaudio_format_plugin.dll [25619]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libdolby_surround_decoder_plugin.dll [14867]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libdtstospdif_plugin.dll [14355]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libscaletempo_plugin.dll [18963]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libsimple_channel_mixer_plugin.dll [19475]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll [15379]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_filter\libugly_resampler_plugin.dll [14355]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_output\libdirectsound_plugin.dll [27667]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\audio_output\libwaveout_plugin.dll [31251]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liba52_plugin.dll [19475]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libadpcm_plugin.dll [20499]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (.Hola Networks Ltd..) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\hola_plugin.exe [6457288]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (.Hola Networks Ltd..) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\image\Hola-Setup-1.7.681.1.exe [14883784]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (.Hola Networks Ltd..) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\image\Hola-Setup-1.7.681.exe [14883784]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (.Hola.) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\hola_br.exe [127432]
O61 - LFC: 29/04/2015 - 11:02:05 ---A- . (.VideoLAN.) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\npvlc.dll [376851]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libaes3_plugin.dll [15891]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libaraw_plugin.dll [26131]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libavcodec_plugin.dll [10447379]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcc_plugin.dll [23571]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcdg_plugin.dll [17939]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcrystalhd_plugin.dll [19987]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libcvdsub_plugin.dll [18963]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdmo_plugin.dll [31251]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdts_plugin.dll [18451]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdvbsub_plugin.dll [108051]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libdxva2_plugin.dll [69139]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libfaad_plugin.dll [344595]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libg711_plugin.dll [27155]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liblibass_plugin.dll [1393171]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liblibmpeg2_plugin.dll [130579]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\liblpcm_plugin.dll [22035]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libmpeg_audio_plugin.dll [18963]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libpng_plugin.dll [292371]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libscte27_plugin.dll [30227]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libspudec_plugin.dll [19987]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libstl_plugin.dll [37395]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libsubsdec_plugin.dll [47123]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libsubsusf_plugin.dll [24595]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libsvcdsub_plugin.dll [17427] =>Adware.InstallBrain
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libt140_plugin.dll [13331]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libuleaddvaudio_plugin.dll [15379]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libvorbis_plugin.dll [733203]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\codec\libx264_plugin.dll [1212947]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\control\libhotkeys_plugin.dll [54291]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libaiff_plugin.dll [17427]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libasf_plugin.dll [67603]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libau_plugin.dll [15891]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libavi_plugin.dll [91667]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdemux_cdg_plugin.dll [14355]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdemux_stl_plugin.dll [17939]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdemuxdump_plugin.dll [14867]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libdirac_plugin.dll [15379]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libes_plugin.dll [25619]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libflacsys_plugin.dll [77331]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libh264_plugin.dll [14867]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libimage_plugin.dll [23059]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmjpeg_plugin.dll [18963]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmkv_plugin.dll [1194003]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmp4_plugin.dll [189971]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libmpgv_plugin.dll [14355]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libnsc_plugin.dll [50195]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libnsv_plugin.dll [18963]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libnuv_plugin.dll [23059]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libogg_plugin.dll [144403]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libplaylist_plugin.dll [133139]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libps_plugin.dll [37907]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libpva_plugin.dll [18451]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\librawaud_plugin.dll [16403]
O61 - LFC: 29/04/2015 - 11:02:06 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\librawdv_plugin.dll [16403]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\librawvid_plugin.dll [19987]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libsmf_plugin.dll [19987]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libsubtitle_plugin.dll [87059]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libts_plugin.dll [127507]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libtta_plugin.dll [16403]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libty_plugin.dll [34835]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libvc1_plugin.dll [15379]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libvobsub_plugin.dll [75283]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libvoc_plugin.dll [18451]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libwav_plugin.dll [21523]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\demux\libxa_plugin.dll [14355]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\gui\libqt4_plugin.dll [11148307]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\gui\libskins2_plugin.dll [1932819]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\meta_engine\libfolder_plugin.dll [36371]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\misc\liblogger_plugin.dll [64531]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\misc\libxml_plugin.dll [1248787]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\stream_filter\libdash_plugin.dll [708627]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\stream_filter\librecord_plugin.dll [14867]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\stream_filter\libsmooth_plugin.dll [60947]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\text_renderer\libfreetype_plugin.dll [746515]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\video_filter\libscale_plugin.dll [15379]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\video_filter\libswscale_plugin.dll [587283]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\video_filter\libyuvp_plugin.dll [13843]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdirect2d_plugin.dll [53779]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdirect3d_plugin.dll [68115]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdirectdraw_plugin.dll [66579]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libdrawable_plugin.dll [14355]
O61 - LFC: 29/04/2015 - 11:02:07 ---A- . (...) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\plugins\video_output\libvmem_plugin.dll [16915]
O61 - LFC: 29/04/2015 - 11:02:08 ---A- . (.Hola Networks Ltd..) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\zplugin.dll [46024]
O61 - LFC: 29/04/2015 - 11:02:08 ---A- . (.VideoLAN.) -- C:\Users\Sylvio\AppData\Local\Hola\firefox\app\vlc\vlc.exe [126995]
O61 - LFC: 29/04/2015 - 11:02:15 ---A- . (.Hola Networks Ltd..) -- C:\Users\Sylvio\AppData\Local\Temp\Hola-Setup-Plugin-1.7.681.exe [14883784]
~ 58 Fichiers temporaires (Temporary files)
~ 41 Fichiers cookies (Cookies files)
~ Files: 116 Scanned in 00mn 13s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 07/12/2013 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 22/09/2014 - C:\Windows\System32\DRIVERS\eamonm.sys (eamonm) .(.ESET - Amon monitor.) - LEGACY_EAMONM
O64 - Services: CurCS - 22/09/2014 - C:\Windows\System32\DRIVERS\ehdrv.sys (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV
O64 - Services: CurCS - 22/09/2014 - C:\Windows\System32\DRIVERS\epfwwfpr.sys (epfwwfpr) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFWWFPR
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 68 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 10 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
D:\Film 2\Atomix Virtual DJ Pro Full V7.0 cracked by Belin (les crackers).rar =>.Crack,Keygen
D:\Film 2\Native.Instruments.Traktor.Scratch.Pro.2.v2.6.3.Cracked-REViSE\Traktor 2 2.6.3 Setup PC.exe =>.Crack,Keygen
D:\Film 2\Native.Instruments.Traktor.Scratch.Pro.2.v2.6.3.Cracked-REViSE\Traktor.exe =>.Crack,Keygen
D:\Film 2\VirtualDJ 8 Infinity + controllers\Patch\Keygen.exe =>.Crack,Keygen
D:\Installations\keygen.exe =>.Crack,Keygen
D:\Installations\mixed in key\Keygen.exe =>.Crack,Keygen
D:\Installations\rarmaradio\Keygen.rar =>.Crack,Keygen
D:\Installations\traktor\Traktor Dj Studio 3.2.2 + Crack\crack 4\Keygen.exe =>.Crack,Keygen
D:\torrents\Quick-PDF.PDF.To.Word.Converter.v2.0.Cracked-KiMERA.rar.torrent =>.Crack,Keygen
~ Files: Scanned in 00mn 48s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [444928]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [316928]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449536]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153600]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [68096]
~ Services: 31 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.87B648A65DCCE249AD787A271D4B38AC] [SPRF][15/03/2015] (.Cinema PlusV05.03 - CinemaP-1.9cV05.03 exe.) -- C:\Users\Sylvio\AppData\Roaming\FHIGIC.exe [1854464] =>PUP.CrossRider
[MD5.FD75D8CBF37D429A007675B09CA7123D] [SPRF][15/03/2015] (.Cinema PlusV05.03 - CinemaP-1.9cV05.03 exe.) -- C:\Users\Sylvio\AppData\Roaming\OEM.exe [1371136] =>PUP.CrossRider
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][14/04/2015] (...) -- C:\Users\Sylvio\AppData\Roaming\wklnhst.dat [0]
~ Files: 3 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{1976AE40-186C-4D0F-A6E0-5C2ED73364CA}" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{0BD0CF75-93A0-42B9-AE4C-530C045DAA16}" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 01s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{b512f94e-18af-4a79-b775-8945fcf1fedb}] (NMBAppPluginMediaBrowserVideo Class) =>PUP.CrossRider
~ BCK: 6909 Scanned in 00mn 17s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 15/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 14/03/2015 79360 | (Creative ALchemy AL6 Licensing Service) . (.Creative Labs.) - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
SS - | Demand 14/03/2015 79360 | (Creative Audio Engine Licensing Service) . (.Creative Labs.) - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
SS - | Auto 14/03/2015 107848 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 14/03/2015 107848 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 14/03/2015 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 28/02/2008 529704 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
SS - | Auto 19/03/2008 118784 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 07/12/2013 209408 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 12/02/2010 286720 | (CTAudSvcService) . (.Creative Technology Ltd.) - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
SR - | Auto 01/10/2014 1349576 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
SR - | Auto 29/04/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 18s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Sylvio at 05/05/2015 11:03:38
device: opened successfully
user: MBR read successfully
Disk trace:
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 9 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Sylvio at 05/05/2015 11:03:40
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (05/05/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 19

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files\KMSpico =>PUA.KMSpico^
C:\Program Files\uTorrent =>P2P.µTorrent^
C:\Users\Sylvio\AppData\Roaming\uTorrent =>P2P.µTorrent^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Program Files\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Users\Sylvio\AppData\Roaming\FHIGIC.exe =>PUP.CrossRider^
C:\Users\Sylvio\AppData\Roaming\OEM.exe =>PUP.CrossRider^
C:\Windows\Tasks\FHIGIC.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\FHIGIC =>PUP.CrossRider^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1d07f2494e75917.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore1d07f2494e75917 =>PUP.GlobalUpdate^
C:\Windows\Tasks\OEM.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\OEM =>PUP.CrossRider^
[HKCU\Software\CinemaP-1.9cV05.03-nv-ie] =>PUP.CrossRider^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\Ge-Force-nv-ie] =>PUP.CrossRider^
[HKCU\Software\SavePass 1.1-nv-ie] =>PUP.CrossRider^
[HKCU\Software\Sense-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Ge-Force-nv-ie] =>PUP.CrossRider^
[HKLM\Software\SavePass 1.1-nv-ie] =>PUP.CrossRider^
[HKCR\CLSID\{b512f94e-18af-4a79-b775-8945fcf1fedb}] (NMBAppPluginMediaBrowserVideo Class) =>PUP.CrossRider^
~ Additionnel Scan: 276301 Items scanned in 00mn 27s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 4 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>Hijacker.Application
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/pup-kmspico =>PUA.KMSpico
http://www.nicolascoolman.fr/blog/ =>Crapware.WinZipRegistry
http://nicolascoolman.fr/adware-installbrain =>Adware.InstallBrain
~ MSI: 7 link(s) detected in 00mn 00s



End of the scan (1376 lines in 03mn 31s)(9.7)

Publicité


Signaler le contenu de ce document

Publicité