cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.6.4.54 - Nicolas Coolman (31/05/2015)
~ Lancé par Enguehard Erick (15/06/2015 03:32:58)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox 38.0.5
GCIE: Google Chrome v43.0.2357.124
OPIE: Opera Stable v30.0.1835.59 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Logiciels de protection du système
Avast Free Antivirus v10.2.2218
Microsoft Security Client FR-FR Language Pack v2.1.1116.0

---\\ Logiciels d'optimisation du système
CCleaner v3.14

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.7 - Français

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 4 Stepping 8, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 121 GB (65%) free of 186 GB

---\\ Mode de connexion au système
~ Computer Name: ERICK
~ User Name: Enguehard Erick
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Enguehard Erick, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Enguehard Erick\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Enguehard Erick\Application Data\
~ %Desktop% : C:\Documents and Settings\Enguehard Erick\Bureau\
~ %Favorites% : C:\Documents and Settings\Enguehard Erick\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Enguehard Erick\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 121 Go of 186 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
K: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.C95CAC9E1322713AAC888DED4A748EEC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/02/2014 - 04:30:54.) -- C:\WINDOWS\system32\wininet.dll [672768]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.02/05/2008 - 11:49:39.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 18:47:24.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/215
~ Mes musiques (My Musics) : 0/2
~ Mes Videos (My Videos) : 0/1
~ Mes Favoris (My Favorites) : 0/9
~ Mes Documents (My Documents) : 1/1965
~ Mon Bureau (My Desktop) : 0/1061
~ Menu demarrer (Programs) : 0/25
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336] [PID.1580]
[MD5.F623507669224F96F1C11184BF2C31A1] - (...) -- C:\Program Files\Sony\PlayMemories Home\dfs.exe [149528] [PID.136]
[MD5.B0C9FFF54F16DF2012F53A34736A0975] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [69632] [PID.176]
[MD5.755519F49906B73C1FE9CBBF75E347EA] - (.Pas de propriétaire - Inkjet Printer/Scanner Extended Servey Prog.) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.exe [103808] [PID.472]
[MD5.B8AA36AB051D45220FD9E4CCD8DFF399] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816] [PID.536]
[MD5.0C28BCC9A8A9E8CAC62A348D93DE8A46] - (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\slserv.exe [73796] [PID.1244]
[MD5.5B6DA8F4F5047D6DF51E1C38FC57D4D9] - (.Microsoft Corporation - WMDM PMSP Service.) -- C:\WINDOWS\System32\MsPMSPSv.exe [53520] [PID.1448]
[MD5.EF300CB0820B7EFF888E239A999FD232] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\ATI Technologies\ATI Control Panel\atiptaxx.exe [335872] [PID.1816]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.1912]
[MD5.65C6AA484AD2287D20541C7735989437] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496] [PID.1272]
[MD5.7C6B5065E7326E3C91A62800DF3A31FA] - (.HP - Pas de description.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [196608] [PID.1960]
[MD5.C47BAC4DDBB10D8CFEA03D8AA16794A3] - (.Smart Link - SLRunDll.) -- C:\WINDOWS\system32\slrundll.exe [32866] [PID.1204]
[MD5.EA9CEF2760F42D0BED7AC8F4ED2026DA] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\30.0.1835.59\opera.exe [866424] [PID.1068]
[MD5.52F263DC7F16A58491B409427557D32A] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\30.0.1835.59\opera_crashreporter.exe [866936] [PID.2544]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Temp\ZHPDiag\ZHPDiag.exe [8214016] [PID.1212]
~ Processes Running: Scanned in 00mn 04s



---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation (written by Digital R - Npdsplay dll.) -- C:\Program Files\Opera\Program\Plugins\npdsplay.dll
P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation - DRM Store Netscape Plugin.) -- C:\Program Files\Opera\Program\Plugins\npwmsdrm.dll
~ Opera Browser: 219 Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__]
G2 - EXT: C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [Avast Online Security]
G2 - EXT: C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module]
G2 - EXT: C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
~ Google Lines Browser: 8 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Enguehard Erick\Application Data\Mozilla\Firefox\Profiles\iqjw9z74.default-1403738749218\prefs.js
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll
P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3] - (.Yahoo! Inc. - Yahoo Application State Plugin.) -- C:\Program Files\Yahoo!\Shared\npYState.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.10.835] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.2.1136] - (.RealNetworks - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.11.847] - (.RealNetworks, Inc. - 6.0.11.847.) -- C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.6] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.3] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
~ Firefox Browser: 19 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.1.3.) (No version) -- (.not file.) =>.VideoLAN
~ IE Browser: 10 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} Clé orpheline
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ BHO: 6 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{0494D0D9-F8E0-41ad-92A3-14154ECE70AC} Clé orpheline
O3 - Toolbar: (no name) - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] . (.ATI Technologies, Inc. - ATI 2D Mode component.) -- C:\WINDOWS\system32\Ati2mdxx.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] . (.HP - Pas de description.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Avast-Browser-Cleanup] . (.AVAST Software - avast! Browser Cleanup User Interface.) -- C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-2738842548-1488236897-1456668690-1010\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2738842548-1488236897-1456668690-1010\..\Run: [Avast-Browser-Cleanup] . (.AVAST Software - avast! Browser Cleanup User Interface.) -- C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
~ Winsock: 3 Scanned in 00mn 00s



---\\ Internet Explorer Plugins (O12)
O12 - Plugin for .mid .(.Apple Computer, Inc. - The QuickTime Plugin allows you to view a wide variety of multi.) -- C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
~ IE Extra Buttons: 1 Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: DirectAnimation Java Classes - (DirectAnimation Java Classes) - (.not file.) - file:\\C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} ((no name)) - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaFWBInitialSetup1.0.0.15-3.cab =>Adware.MyWebSearch
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1380575601456
O16 - DPF: {D27CDB6E-AE6D-0000-0000-000000000000} ((no name)) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{54B062FF-CEDC-4DF0-A1BA-D195575B3EC5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{54B062FF-CEDC-4DF0-A1BA-D195575B3EC5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{54B062FF-CEDC-4DF0-A1BA-D195575B3EC5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ SSODL: 6 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Ati HotKey Poller) . (...) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DeviceFinderService (DeviceFinderService) . (...) - C:\Program Files\Sony\PlayMemories Home\dfs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Orange Connection Kit.) - C:\Program Files\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner Extended Servey Prog.) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
~ Services: 8 Scanned in 00mn 13s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\MICROS~4\OFFICE11\WORDVIEW.exe (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\avast! Emergency Update.job [364]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [242]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [236]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1380573889.job [408]
~ Scheduled Task: 7 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- C:\WINDOWS\System32\msjava.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\43.0.2357.124\Installer\chrmstp.exe
O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (...) -- C:\WINDOWS\INF\fxsocm.inf
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Macromedia, Inc. - Macromedia Flash Player 6.0 r79.) -- C:\WINDOWS\system32\macromed\flash\flash.ocx
O40 - ASIC: Installed Component - S-1-5-21-2738842548-1488236897-1456668690-1010 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID
O40 - ASIC: Installed Component - S-1-5-21-2738842548-1488236897-1456668690-1010 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 23 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK7) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\amdk7.sys
O41 - Driver: (aswRdr) . (.Avast Software s.r.o. - avast! TDI Redirect Driver.) - C:\WINDOWS\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.Avast Software s.r.o. - avast! Virtualization Driver.) - C:\WINDOWS\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.Avast Software s.r.o. - avast! self protection module.) - C:\WINDOWS\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.Avast Software s.r.o. - avast! TDI Filter Driver.) - C:\WINDOWS\system32\drivers\aswTdi.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (Tcpip6) . (.Microsoft Corporation - IPv6 driver.) - C:\WINDOWS\system32\DRIVERS\tcpip6.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 81 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (...) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Display Driver - (...) [HKLM] -- ATI Display Driver
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM] -- ShockwaveFlash
O42 - Logiciel: Adobe Photoshop Album 2.0 Edition Découverte - (.Adobe Systems, Inc..) [HKLM] -- {11B569C2-4BF6-4ED0-9D17-A4273943CB24}
O42 - Logiciel: Adobe Reader 7.0.7 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A70700000002}
O42 - Logiciel: ArcSoft PhotoStudio 5.5 - (.ArcSoft.) [HKLM] -- {85309D89-7BE9-4094-BB17-24999C6118FC}
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- Avast
O42 - Logiciel: Belkin Desktop PCI Card Driver - (.Belkin.) [HKLM] -- {50D47CE8-9C16-42D1-A8D8-B143B22E232A}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CanoScan LiDE 100 Scanner Driver - (...) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413
O42 - Logiciel: Canon MP Navigator EX 2.0 - (...) [HKLM] -- MP Navigator EX 2.0
O42 - Logiciel: Canon Utilities Solution Menu - (...) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: CodeX - (...) [HKLM] -- {0FDF8176-6514-40FD-AED0-B683C3F309CF}
O42 - Logiciel: Connexion Internet Orange - (...) [HKLM] -- {ORAHSS}.UninstallSuite
O42 - Logiciel: ContentSAFER for Wizmax - (...) [HKLM] -- {C19BE821-89B1-4A96-AC7C-873810C0CB5F}
O42 - Logiciel: Creative Live! Cam Vista IM Driver (1.01.03.1104) - (...) [HKLM] -- Creative VF0260
O42 - Logiciel: Creative WebCam Center - (...) [HKLM] -- Creative WebCam Center
O42 - Logiciel: DivX Codec - (.DivXNetworks, Inc..) [HKLM] -- DivX Codec
O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- DivX Player
O42 - Logiciel: EPSON Photo Print - (...) [HKLM] -- {C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}
O42 - Logiciel: EPSON PhotoQuicker3.2 - (...) [HKLM] -- {B2EFE303-A594-11D5-95EB-005004BC1C65}
O42 - Logiciel: EPSON Smart Panel - (...) [HKLM] -- {6C11D561-620B-47DA-A693-4C597F3CDF40}
O42 - Logiciel: EPSON TWAIN 5 - (...) [HKLM] -- {9A3EABC0-CA06-11D4-BF77-00104B130C19}
O42 - Logiciel: FormatFactory 3.3.5.0 - (.Format Factory.) [HKLM] -- FormatFactory
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Inkjet Printer/Scanner Extended Survey Program - (...) [HKLM] -- CANONIJPLM100
O42 - Logiciel: LimeWire 4.12.6 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML4 Parser - (.Microsoft Game Studios.) [HKLM] -- {01501EBA-EC35-4F9F-8889-3BE346E5DA13}
O42 - Logiciel: Manuel d'utilisation de Creative Live! Cam Vista IM (Français) - (...) [HKLM] -- Manuel d'utilisation de Creative Live! Cam Vista IM French
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 38.0.5 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: My Search Bar - (.My Search.) [HKLM] -- My Way Speedbar Uninstall
O42 - Logiciel: NiceMC Media Plug-in For Winamp v1.8 - (...) [HKLM] -- NiceMC Media Plug-in For Winamp_is1
O42 - Logiciel: Opera - (...) [HKLM] -- Opera
O42 - Logiciel: Opera Stable 30.0.1835.59 - (.Opera Software.) [HKLM] -- Opera 30.0.1835.59
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PPP over Ethernet - (...) [HKLM] -- fhlpppoe
O42 - Logiciel: PlayMemories Home - (.Sony Corporation.) [HKLM] -- {7EA1A4E8-A5CE-4626-87DC-6DEF99BAE931}
O42 - Logiciel: PowerDVD - (...) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044}
O42 - Logiciel: Sonic RecordNow! - (.Sonic Solutions.) [HKLM] -- {9541FED0-327F-4DF0-8B96-EF57EF622F19}
O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: VNC 3.3.4 - (.RealVNC Ltd..) [HKLM] -- WinVNC_is1
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: XnView 1.68.1 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1
O42 - Logiciel: Yahoo! Messenger - (...) [HKLM] -- Yahoo! Messenger
O42 - Logiciel: devolo Informer - (.devolo AG.) [HKLM] -- dslmon
O42 - Logiciel: devolo dLAN - Assistant de configuration - (.devolo AG.) [HKLM] -- dlanconf
O42 - Logiciel: hp deskjet 930c series (Supprimer uniquement) - (...) [HKLM] -- hp deskjet 930c series
O42 - Logiciel: hp deskjet 990c series (Supprimer uniquement) - (...) [HKLM] -- hp deskjet 990c series
~ Logic: 68 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Canon]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Creative Tech]
[HKCU\Software\CyberLink]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Intel]
[HKCU\Software\LogMeInRescueCallingCard]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\ORL]
[HKCU\Software\Opera Software]
[HKCU\Software\Override]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Softwrap]
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\TR2]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\XnView]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\devolo]
[HKLM\Software\55aa]
[HKLM\Software\781]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Altnet]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\AviSynth]
[HKLM\Software\BeachSoccer]
[HKLM\Software\Belkin]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\ComputerAssociates]
[HKLM\Software\Creative Tech]
[HKLM\Software\CyberLink]
[HKLM\Software\Data Store]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON Photo Print]
[HKLM\Software\EPSON]
[HKLM\Software\Elaborate Bytes]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\GNU]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\HdAvchd]
[HKLM\Software\Hercules]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\Kazaa]
[HKLM\Software\Licenses]
[HKLM\Software\LogMeInRescueCallingCard]
[HKLM\Software\MDC]
[HKLM\Software\MDMOptions]
[HKLM\Software\Macromedia]
[HKLM\Software\Magnet]
[HKLM\Software\MarkAny]
[HKLM\Software\MicroVision]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MyWay]
[HKLM\Software\NEC Computers International]
[HKLM\Software\ODBC]
[HKLM\Software\PDFCreator]
[HKLM\Software\PerfectNav]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Python]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\SEIKO EPSON CORP.]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sharman Networks Ltd]
[HKLM\Software\SlimWare Utilities Inc]
[HKLM\Software\SmartLink]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Symantec]
[HKLM\Software\VIA Technologies, Inc.]
[HKLM\Software\VIA Technologies, Inc]
[HKLM\Software\Via4in1Driver]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\devolo]
[HKLM\Software\mozilla.org]
~ Key Software: 265 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/10/2006 - 17:34:29 - [] ----D C:\Program Files\Adobe
O43 - CFD: 22/11/2006 - 21:23:29 - [] ----D C:\Program Files\Alwil Software
O43 - CFD: 30/09/2013 - 21:53:33 - [] ----D C:\Program Files\Ant Movie Catalog
O43 - CFD: 05/05/2014 - 17:04:59 - [] ----D C:\Program Files\ArcSoft
O43 - CFD: 23/03/2004 - 20:38:34 - [] ----D C:\Program Files\Aruba Studios
O43 - CFD: 18/05/2013 - 21:42:41 - [] ----D C:\Program Files\ATI Technologies
O43 - CFD: 01/05/2014 - 16:38:50 - [] ----D C:\Program Files\AVAST Software
O43 - CFD: 18/05/2013 - 19:14:46 - [] ----D C:\Program Files\Belkin
O43 - CFD: 05/05/2014 - 17:06:32 - [] ----D C:\Program Files\Canon
O43 - CFD: 05/05/2014 - 17:00:50 - [] ----D C:\Program Files\CanonBJ
O43 - CFD: 30/09/2013 - 22:19:46 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 31/05/2006 - 12:03:27 - [] ---AD C:\Program Files\Common Files
O43 - CFD: 30/09/2002 - 14:01:32 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 12/05/2014 - 11:15:24 - [] ----D C:\Program Files\Creative
O43 - CFD: 04/02/2004 - 18:26:40 - [] ----D C:\Program Files\CyberLink
O43 - CFD: 30/09/2013 - 22:30:43 - [] ----D C:\Program Files\devolo
O43 - CFD: 15/05/2004 - 18:46:47 - [] ----D C:\Program Files\DivX
O43 - CFD: 28/04/2004 - 23:41:16 - [] ----D C:\Program Files\DivX_311alpha
O43 - CFD: 16/04/2014 - 21:20:42 - [] ----D C:\Program Files\Elaborate Bytes
O43 - CFD: 22/04/2007 - 16:27:01 - [] ----D C:\Program Files\eMule
O43 - CFD: 01/01/2003 - 01:09:31 - [] ----D C:\Program Files\EPSON
O43 - CFD: 10/12/2014 - 16:22:19 - [] ----D C:\Program Files\Fichiers communs
O43 - CFD: 03/10/2006 - 01:06:37 - [] ----D C:\Program Files\Free
O43 - CFD: 15/08/2014 - 22:20:17 - [] ----D C:\Program Files\FreeTime
O43 - CFD: 01/05/2015 - 10:16:12 - [] ----D C:\Program Files\Google
O43 - CFD: 16/06/2014 - 19:06:42 - [] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 28/05/2014 - 20:01:04 - [] ----D C:\Program Files\hp deskjet 930c series
O43 - CFD: 16/06/2014 - 19:08:16 - [] ----D C:\Program Files\hp deskjet 990c series
O43 - CFD: 02/11/2014 - 15:12:07 - [] ----D C:\Program Files\InstallShield Installation Information
O43 - CFD: 01/01/2003 - 01:27:34 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 22/04/2007 - 16:25:00 - [] ----D C:\Program Files\Kazaa
O43 - CFD: 03/12/2006 - 17:45:26 - [] ----D C:\Program Files\LimeWire
O43 - CFD: 11/05/2014 - 22:09:59 - [] ----D C:\Program Files\MarkAny
O43 - CFD: 19/03/2004 - 21:26:30 - [] ----D C:\Program Files\Maxis
O43 - CFD: 01/10/2013 - 00:21:38 - [] ----D C:\Program Files\Messenger
O43 - CFD: 30/09/2002 - 14:05:00 - [] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 12/03/2004 - 18:03:38 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 20/04/2014 - 17:15:21 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 29/05/2015 - 21:57:54 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 16/04/2014 - 22:40:55 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 16/04/2014 - 22:36:28 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 16/04/2014 - 22:39:57 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 30/09/2013 - 23:20:36 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 04/06/2015 - 09:23:46 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 04/06/2015 - 15:09:08 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 16/04/2014 - 22:41:42 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 01/01/2003 - 01:54:16 - [] ----D C:\Program Files\MSN
O43 - CFD: 30/09/2002 - 14:00:36 - [] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 22/12/2006 - 16:16:49 - [0] ----D C:\Program Files\MSN Messenger
O43 - CFD: 17/04/2014 - 18:50:14 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 20/03/2004 - 15:08:21 - [] ----D C:\Program Files\MyWay
O43 - CFD: 01/01/2003 - 01:27:44 - [] ----D C:\Program Files\NetMeeting
O43 - CFD: 01/01/2003 - 01:57:21 - [] ----D C:\Program Files\Norton Internet Security
O43 - CFD: 12/06/2015 - 09:16:29 - [] ----D C:\Program Files\Opera
O43 - CFD: 20/03/2010 - 18:31:47 - [] ----D C:\Program Files\Orange
O43 - CFD: 01/10/2013 - 00:12:00 - [] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 10/06/2015 - 20:21:29 - [] ----D C:\Program Files\PDFCreator
O43 - CFD: 08/06/2014 - 21:15:53 - [] ----D C:\Program Files\QuickTime
O43 - CFD: 04/02/2004 - 18:25:25 - [] ----D C:\Program Files\Real
O43 - CFD: 18/05/2013 - 19:56:27 - [] ----D C:\Program Files\Realtek AC97
O43 - CFD: 06/05/2004 - 22:03:43 - [] ----D C:\Program Files\RealVNC
O43 - CFD: 16/04/2014 - 22:19:50 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 11/05/2014 - 22:10:10 - [] ----D C:\Program Files\Samsung
O43 - CFD: 30/09/2002 - 14:00:48 - [] ----D C:\Program Files\Services en ligne
O43 - CFD: 04/02/2004 - 18:25:37 - [] ----D C:\Program Files\Sonic
O43 - CFD: 01/05/2014 - 17:10:58 - [] ----D C:\Program Files\Sony
O43 - CFD: 30/09/2002 - 14:09:36 - [] ----D C:\Program Files\Uninstall Information
O43 - CFD: 18/05/2013 - 18:33:28 - [] ----D C:\Program Files\VIA
O43 - CFD: 19/05/2013 - 14:21:48 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 29/04/2004 - 13:50:31 - [] ----D C:\Program Files\Winamp
O43 - CFD: 01/05/2014 - 17:32:45 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 01/01/2003 - 01:26:14 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 03/09/2005 - 17:52:07 - [] ----D C:\Program Files\WindowsUpdate
O43 - CFD: 16/04/2014 - 22:30:48 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 30/09/2002 - 14:05:00 - [] ----D C:\Program Files\xerox
O43 - CFD: 06/05/2004 - 22:12:56 - [] ----D C:\Program Files\XnView
O43 - CFD: 16/04/2008 - 12:22:01 - [] ----D C:\Program Files\Yahoo!
O43 - CFD: 19/04/2014 - 12:07:59 - [] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 19/05/2013 - 14:06:07 - [] ----D C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 06/03/2004 - 14:38:03 - [] ----D C:\Program Files\Fichiers communs\AOL
O43 - CFD: 05/05/2014 - 17:03:55 - [] ----D C:\Program Files\Fichiers communs\CANON
O43 - CFD: 15/05/2014 - 01:33:19 - [] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 11/06/2015 - 08:29:31 - [0] ----D C:\Program Files\Fichiers communs\EPSON
O43 - CFD: 01/01/2003 - 01:07:50 - [] ----D C:\Program Files\Fichiers communs\France Telecom
O43 - CFD: 20/05/2004 - 12:59:15 - [] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 16/08/2014 - 16:27:02 - [] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 30/09/2002 - 14:02:12 - [] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 30/09/2002 - 13:55:36 - [] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 17/03/2004 - 00:21:49 - [] ----D C:\Program Files\Fichiers communs\Python
O43 - CFD: 04/02/2004 - 18:25:28 - [] ----D C:\Program Files\Fichiers communs\Real
O43 - CFD: 30/09/2002 - 14:02:16 - [] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 30/09/2002 - 13:55:32 - [] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 04/02/2004 - 18:25:40 - [] ----D C:\Program Files\Fichiers communs\SureThing Shared
O43 - CFD: 16/04/2014 - 22:49:43 - [] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 04/02/2004 - 18:25:29 - [] ----D C:\Program Files\Fichiers communs\xing shared
O43 - CFD: 03/10/2006 - 17:35:40 - [] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 20/04/2004 - 15:43:37 - [] ----D C:\Documents and Settings\All Users\Application Data\Ahead
O43 - CFD: 08/06/2014 - 21:14:53 - [] ----D C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 01/05/2014 - 16:38:05 - [] ----D C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 06/04/2015 - 21:55:16 - [] ----D C:\Documents and Settings\All Users\Application Data\CanonIJ
O43 - CFD: 24/11/2014 - 17:25:34 - [] --H-D C:\Documents and Settings\All Users\Application Data\CanonIJEGV
O43 - CFD: 08/06/2015 - 14:47:54 - [] ----D C:\Documents and Settings\All Users\Application Data\CanonIJPLM
O43 - CFD: 05/05/2014 - 18:02:31 - [] --H-D C:\Documents and Settings\All Users\Application Data\CanonIJScan
O43 - CFD: 05/05/2014 - 17:56:56 - [] --H-D C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
O43 - CFD: 04/02/2004 - 18:26:42 - [] ----D C:\Documents and Settings\All Users\Application Data\CyberLink
O43 - CFD: 29/05/2015 - 21:58:35 - [] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 10/06/2015 - 20:25:45 - [] ----D C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 18/05/2013 - 16:03:15 - [] ----D C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 09/03/2004 - 22:38:29 - [] ----D C:\Documents and Settings\All Users\Application Data\MSN6
O43 - CFD: 04/02/2004 - 18:25:10 - [] ----D C:\Documents and Settings\All Users\Application Data\QuickTime
O43 - CFD: 30/09/2002 - 15:00:04 - [] ----D C:\Documents and Settings\All Users\Application Data\SBSI
O43 - CFD: 01/05/2014 - 17:14:33 - [] ----D C:\Documents and Settings\All Users\Application Data\Sony Corporation
O43 - CFD: 01/01/2003 - 01:57:21 - [] ----D C:\Documents and Settings\All Users\Application Data\Symantec
O43 - CFD: 18/05/2013 - 18:14:03 - [] ----D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
O43 - CFD: 18/06/2007 - 15:03:43 - [] ----D C:\Documents and Settings\All Users\Application Data\Yahoo!
O43 - CFD: 17/04/2014 - 00:54:06 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 19/05/2013 - 14:10:10 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe
O43 - CFD: 05/05/2014 - 17:05:05 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ArcSoft PhotoStudio 5.5
O43 - CFD: 10/06/2015 - 20:08:01 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Assistance PC
O43 - CFD: 01/05/2015 - 02:48:31 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AVAST Software
O43 - CFD: 05/05/2014 - 17:02:40 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Canon CanoScan LiDE 100 Manual
O43 - CFD: 05/05/2014 - 17:03:38 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Canon Utilities
O43 - CFD: 05/05/2014 - 17:01:23 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CanoScan LiDE 100
O43 - CFD: 12/05/2014 - 11:15:24 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Creative
O43 - CFD: 30/09/2013 - 23:23:17 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DEVOLO
O43 - CFD: 15/05/2004 - 18:46:49 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\DivX
O43 - CFD: 16/04/2014 - 22:39:17 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 16/04/2014 - 21:20:43 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Elaborate Bytes
O43 - CFD: 01/05/2015 - 10:20:01 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Chrome
O43 - CFD: 16/06/2014 - 19:06:57 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Hewlett-Packard
O43 - CFD: 30/09/2002 - 14:00:50 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 04/02/2004 - 18:26:45 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Loisirs
O43 - CFD: 19/04/2014 - 00:26:07 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office
O43 - CFD: 29/05/2015 - 21:58:02 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight
O43 - CFD: 04/02/2004 - 18:25:43 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\My CD writer
O43 - CFD: 18/05/2013 - 17:49:42 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 30/09/2013 - 22:19:13 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PDFCreator
O43 - CFD: 01/05/2014 - 17:29:38 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PlayMemories Home
O43 - CFD: 08/06/2014 - 21:15:53 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
O43 - CFD: 06/05/2004 - 22:03:43 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\RealVNC
O43 - CFD: 12/05/2014 - 10:26:28 - [0] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Samsung
O43 - CFD: 02/05/2014 - 12:39:48 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 16/04/2014 - 21:04:11 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 06/05/2004 - 21:20:25 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\XnView
O43 - CFD: 15/06/2015 - 03:32:13 - [] ----D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP =>.Nicolas Coolman
O43 - CFD: 13/04/2015 - 19:02:26 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Adobe
O43 - CFD: 19/04/2014 - 12:08:42 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\AdobeUM
O43 - CFD: 01/12/2014 - 17:15:45 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\ArcSoft
O43 - CFD: 18/05/2013 - 21:36:11 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\ATI
O43 - CFD: 16/04/2014 - 22:59:38 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\AVAST Software
O43 - CFD: 05/05/2014 - 18:02:32 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Canon
O43 - CFD: 11/05/2014 - 22:48:27 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Creative
O43 - CFD: 18/05/2013 - 22:25:45 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\CyberLink
O43 - CFD: 11/05/2014 - 22:10:10 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\DataCast
O43 - CFD: 05/08/2014 - 19:09:07 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\dvdcss
O43 - CFD: 18/05/2013 - 21:58:36 - [0] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Help
O43 - CFD: 18/05/2013 - 18:04:01 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Identities
O43 - CFD: 18/05/2013 - 18:05:00 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Macromedia
O43 - CFD: 24/08/2014 - 20:57:53 - [] -S--D C:\Documents and Settings\Enguehard Erick\Application Data\Microsoft
O43 - CFD: 18/05/2013 - 18:04:33 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Mozilla
O43 - CFD: 30/09/2013 - 22:40:29 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Opera
O43 - CFD: 30/09/2013 - 22:02:44 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Opera Software
O43 - CFD: 29/08/2014 - 22:24:38 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Real
O43 - CFD: 01/05/2014 - 17:31:00 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\Sony Corporation
O43 - CFD: 04/05/2015 - 23:12:11 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\U3
O43 - CFD: 31/05/2015 - 16:59:54 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\vlc
O43 - CFD: 18/05/2013 - 18:33:21 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\WinRAR
O43 - CFD: 15/06/2015 - 03:33:15 - [] ----D C:\Documents and Settings\Enguehard Erick\Application Data\ZHP =>.Nicolas Coolman
O43 - CFD: 19/04/2014 - 01:45:25 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Adobe
O43 - CFD: 08/06/2014 - 21:14:36 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Apple Computer
O43 - CFD: 18/05/2013 - 21:36:11 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\ATI
O43 - CFD: 01/05/2015 - 10:21:28 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Google
O43 - CFD: 18/05/2013 - 21:58:36 - [0] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Help
O43 - CFD: 01/01/2003 - 00:25:07 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Identities
O43 - CFD: 10/06/2015 - 20:07:33 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Microsoft
O43 - CFD: 16/04/2014 - 22:35:39 - [0] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Microsoft Help
O43 - CFD: 18/05/2013 - 18:04:25 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Mozilla
O43 - CFD: 30/09/2013 - 22:02:46 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Opera Software
O43 - CFD: 18/05/2013 - 18:20:17 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\SlimWare Utilities Inc
O43 - CFD: 01/05/2014 - 17:03:17 - [] ----D C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Temp
O43 - CFD: 18/05/2013 - 17:48:22 - [] R---D C:\Documents and Settings\Enguehard Erick\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 19/08/2014 - 19:19:16 - [] R---D C:\Documents and Settings\Enguehard Erick\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 15/08/2014 - 22:22:51 - [] ----D C:\Documents and Settings\Enguehard Erick\Menu Démarrer\Programmes\FormatFactory
O43 - CFD: 26/06/2014 - 05:39:32 - [] R---D C:\Documents and Settings\Enguehard Erick\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 16/04/2014 - 21:04:11 - [] ----D C:\Documents and Settings\Enguehard Erick\Menu Démarrer\Programmes\WinRAR
~ Program Folder: 185 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.DE03D52A69F7F73B843C9B93AE034629] - 10/06/2015 - 00:06:20 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [142512]
O44 - LFC:[MD5.A414E74D8EA0C3E446BF776667D16387] - 10/06/2015 - 00:06:21 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerApp.exe [778416]
O44 - LFC:[MD5.628F87288466FBC0826FFE97B33D0B5A] - 10/06/2015 - 19:05:58 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\WINDOWS\system32\MRT.exe [136900096]
O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 10/06/2015 - 19:25:58 ---A- . (...) -- C:\WINDOWS\setupact.log [60]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 10/06/2015 - 19:25:58 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.B3FD613137E54D7936F23090F61B91DE] - 15/06/2015 - 01:55:42 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32446]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 15/06/2015 - 01:56:47 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.C869D808C298EDEDA18F6D0EFBDA99F9] - 15/06/2015 - 01:56:50 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [12716]
O44 - LFC:[MD5.85BF593C63040997BCD79B7A5FF76DCE] - 15/06/2015 - 01:57:15 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.58CA4A027B99B9ECC46279EB1FE7B458] - 15/06/2015 - 01:57:25 ---A- . (...) -- C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem.txt [4156]
O44 - LFC:[MD5.C8446FEBFD169D1C8009300D97AE2D25] - 15/06/2015 - 01:57:26 ---A- . (...) -- C:\WINDOWS\wiadebug.log [157]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/06/2015 - 01:57:30 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.2C9A6A82CA8D4A29B7445F8521189893] - 15/06/2015 - 02:02:28 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1287179]
O44 - LFC:[MD5.D8F044C21EAE6DF2880C5C8F4DC0F3EA] - 15/06/2015 - 02:02:38 ---A- . (...) -- C:\WINDOWS\msnavpklog.txt [394998]
O44 - LFC:[MD5.695449C6CD9D382AB7FB784E39C2097A] - 15/06/2015 - 02:21:42 -SHA- . (...) -- C:\WINDOWS\Thumbs.db [7168]
~ Files: 16 Scanned in 00mn 56s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\ETRANGER\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe" [Enabled] .(.IncrediMail Ltd..) -- C:\Documents and Settings\ETRANGER\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\P2P Networking\P2P Networking.exe" [Enabled] .(...) -- C:\WINDOWS\system32\P2P Networking\P2P Networking.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files\Orange\Connexion Internet Orange\Connectivity\ConnectivityManager.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\devolo\informer\devinf.exe" [Enabled] .(.devolo AG.) -- C:\Program Files\devolo\informer\devinf.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe
O47 - AAKE:Key Export SP - "I:\Program Files\devolo\informer\devinf.exe" [Enabled] .(...) -- I:\Program Files\devolo\informer\devinf.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\muzapp.exe" [Enabled] .(.Musiccity Co.Ltd..) -- C:\WINDOWS\system32\muzapp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Tango\Tango.exe" [Enabled] .(...) -- C:\Program Files\Tango\Tango.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Chrome\Application\chrome.exe" [Enabled] .(.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\firefox.exe" [Enabled] .(.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Keys Export: 16 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll
~ LSA: 6 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys . (...) -- C:\WINDOWS\system32\Drivers\nm.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ CSB: 22 Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivXNetworks, Inc. - DivX® Codec for Windows.) -- C:\WINDOWS\system32\DivX.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
~ TDSD: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Creative WebCam Tray [Key] . (.Creative Technology Ltd - Creative Camera Launcher Application.) -- C:\Program Files\Creative\Shared Files\CamTray.exe
O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (...) -- c:\Program Files\Microsoft Security Client\msseces.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O53 - SMSR:HKLM\...\startupreg\P2P Networking [Key] . (...) -- C:\WINDOWS\System32\P2P Networking\P2P Networking.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PMBVolumeWatcher [Key] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe =>.RealNetworks, Inc
O53 - SMSR:HKLM\...\startupreg\Trickler [Key] . (...) -- c:\windows\temp\adware\fsg_4104.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\updmgr [Key] . (...) -- C:\Program Files\Common files\updmgr\updmgr.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\VirtualCloneDrive [Key] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG
~ SMSR Keys: 10 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
~ MWPS: 6 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
~ MWPE Keys: 1 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/05/2010 - 16:26:25 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\Drivers\AegisP.sys [21419]
O58 - SDL:08/12/2003 - 12:53:38 ---A- . (.THOMSON - Helper.) -- C:\WINDOWS\system32\Drivers\alcacr.sys [3968]
O58 - SDL:08/12/2003 - 11:53:50 ---A- . (.THOMSON - LAN Driver.) -- C:\WINDOWS\system32\Drivers\alcan5ln.sys [36256]
O58 - SDL:08/12/2003 - 12:53:46 ---A- . (.THOMSON - WDM Driver.) -- C:\WINDOWS\system32\Drivers\alcaudsl.sys [70688]
O58 - SDL:08/12/2003 - 12:53:42 ---A- . (.THOMSON - Helper.) -- C:\WINDOWS\system32\Drivers\alcawh.sys [5280]
O58 - SDL:01/01/2000 - 01:00:00 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\Drivers\ALCXWDM.SYS [4122368]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\Drivers\aliide.sys [5248]
O58 - SDL:13/04/2008 - 11:36:40 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\Drivers\amdagp.sys [43008]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\Drivers\asc.sys [26496]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\system32\Drivers\asc3550.sys [14848]
O58 - SDL:01/05/2015 - 01:47:03 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24144] =>.ALWIL Software
O58 - SDL:01/05/2015 - 01:47:03 ---A- . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2003/Vista.) -- C:\WINDOWS\system32\Drivers\aswMonFlt.sys [74976]
O58 - SDL:01/05/2015 - 01:47:03 ---A- . (.Avast Software s.r.o. - avast! TDI Redirect Driver.) -- C:\WINDOWS\system32\Drivers\aswRdr.sys [55200]
O58 - SDL:01/05/2014 - 15:46:33 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\WINDOWS\system32\Drivers\aswrdr.sys.1400171618203 [54832]
O58 - SDL:01/05/2015 - 01:47:03 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904] =>.ALWIL Software
O58 - SDL:01/05/2015 - 01:45:53 ---A- . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\WINDOWS\system32\Drivers\aswSnx.sys [787760]
O58 - SDL:01/05/2014 - 15:46:33 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\Drivers\aswsnx.sys.1400171618203 [776976]
O58 - SDL:01/05/2015 - 01:47:03 ---A- . (.Avast Software s.r.o. - avast! self protection module.) -- C:\WINDOWS\system32\Drivers\aswSP.sys [427992]
O58 - SDL:01/05/2015 - 01:47:03 ---A- . (.Avast Software s.r.o. - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\Drivers\aswTdi.sys [57888]
O58 - SDL:01/05/2015 - 01:47:03 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [209048] =>.ALWIL Software
O58 - SDL:03/08/2004 - 21:29:30 ----- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\Drivers\ati1btxx.sys [56623]
O58 - SDL:03/08/2004 - 21:29:30 ----- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\system32\Drivers\ati1mdxx.sys [11615]
O58 - SDL:03/08/2004 - 21:29:30 ----- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\system32\Drivers\ati1pdxx.sys [12047]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\Drivers\ati1raxx.sys [30671]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1rvxx.sys [63663]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1snxx.sys [26367]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\Drivers\ati1ttxx.sys [21343]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1tuxx.sys [36463]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1xbxx.sys [29455]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\system32\Drivers\ati1xsxx.sys [34735]
O58 - SDL:19/08/2004 - 14:53:40 ----- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\Drivers\ati2mtaa.sys [327168]
O58 - SDL:13/04/2008 - 17:55:34 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\Drivers\ati2mtag.sys [701440]
O58 - SDL:03/08/2004 - 21:29:28 ----- . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\system32\Drivers\atinbtxx.sys [57856]
O58 - SDL:03/08/2004 - 21:29:30 ----- . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\system32\Drivers\atinmdxx.sys [13824]
O58 - SDL:03/08/2004 - 21:29:30 ----- . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\system32\Drivers\atinpdxx.sys [14336]
O58 - SDL:03/08/2004 - 21:29:30 ----- . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\system32\Drivers\atinraxx.sys [52224]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\system32\Drivers\atinrvxx.sys [104960]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\system32\Drivers\atinsnxx.sys [28672]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\system32\Drivers\atinttxx.sys [13824]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\system32\Drivers\atintuxx.sys [73216]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\system32\Drivers\atinxbxx.sys [31744]
O58 - SDL:03/08/2004 - 21:29:32 ----- . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\system32\Drivers\atinxsxx.sys [63488]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\system32\Drivers\cmdide.sys [6656]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\Drivers\cpqdap01.sys [11776]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\system32\Drivers\dac2w2k.sys [179584]
O58 - SDL:13/04/2008 - 18:05:08 ---A- . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys [800256]
O58 - SDL:13/04/2008 - 18:05:14 ---A- . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys [154496]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys [5888]
O58 - SDL:04/03/2013 - 10:25:00 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\Drivers\ElbyCDIO.sys [30616]
O58 - SDL:02/03/2003 - 17:44:26 ---A- . (...) -- C:\WINDOWS\system32\Drivers\enodpl.sys [7552]
O58 - SDL:20/10/2004 - 13:23:34 ---A- . (.FreeBox SA - Carte réseau virtuelle FreeBox USB.) -- C:\WINDOWS\system32\Drivers\fbxusb32.sys [21344]
O58 - SDL:03/10/2002 - 15:14:50 R--A- . (.F.H.L.P - PPPOE/ADSL driver.) -- C:\WINDOWS\system32\Drivers\fhlpppoe.sys [49200]
O58 - SDL:13/04/2008 - 08:36:06 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:03/08/2004 - 21:41:48 ----- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\Drivers\hsfbs2s2.sys [220032]
O58 - SDL:03/08/2004 - 21:41:50 ----- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\Drivers\hsfcxts2.sys [685056]
O58 - SDL:03/08/2004 - 21:41:56 ----- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\Drivers\hsfdpsp2.sys [1041536]
O58 - SDL:03/08/2004 - 21:41:56 ----- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\Drivers\mdmxsdk.sys [11868]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows Whistler 32.) -- C:\WINDOWS\system32\Drivers\mraid35x.sys [17280]
O58 - SDL:03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlmnt5.sys [126686]
O58 - SDL:03/08/2004 - 21:41:38 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlstrm.sys [1309184]
O58 - SDL:03/08/2004 - 21:29:38 ----- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\Drivers\mtxparhm.sys [452736]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\nikedrv.sys [12032]
O58 - SDL:13/07/2009 - 16:57:04 ---A- . (.CACE Technologies - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\Drivers\npf_devolo.sys [35840]
O58 - SDL:03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\ntmtlfax.sys [180360]
O58 - SDL:03/08/2004 - 21:29:56 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\Drivers\nv4_mini.sys [1897408]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:27/08/2003 - 02:02:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\Drivers\pxhelp20.sys [17232]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\Drivers\ql1080.sys [40320]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\Drivers\ql12160.sys [45312]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\Drivers\ql1280.sys [49024]
O58 - SDL:04/10/2002 - 10:04:10 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139/810x Family NDIS 5.1 Drv.) -- C:\WINDOWS\system32\Drivers\R8139n51.sys [46976]
O58 - SDL:03/08/2004 - 21:41:40 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\recagent.sys [13776]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\Drivers\rio8drv.sys [12032]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\riodrv.sys [12032]
O58 - SDL:03/08/2004 - 21:29:52 ----- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\Drivers\s3gnbm.sys [166912]
O58 - SDL:13/04/2008 - 08:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\Drivers\secdrv.sys [20480]
O58 - SDL:13/04/2008 - 11:36:40 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\Drivers\sisagp.sys [40960]
O58 - SDL:03/08/2004 - 21:41:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnt7554.sys [129535]
O58 - SDL:03/08/2004 - 21:41:44 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slntamr.sys [404990]
O58 - SDL:03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnthal.sys [95424]
O58 - SDL:03/08/2004 - 21:41:46 ---A- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slwdmsup.sys [13240]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\system32\Drivers\sparrow.sys [19072]
O58 - SDL:07/12/2002 - 17:35:44 ---A- . (.SigmaTel, Inc. - SigmaTel Audio Driver (WDM).) -- C:\WINDOWS\system32\Drivers\STAC97.sys [199088]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\Drivers\symc810.sys [16256]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\Drivers\symc8xx.sys [32640]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\Drivers\sym_hi.sys [28384]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\Drivers\sym_u3.sys [30688]
O58 - SDL:19/04/2003 - 00:32:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\tandpl.sys [4736]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\Drivers\tsbvcap.sys [21376]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\system32\Drivers\ultra.sys [36736]
O58 - SDL:03/11/2006 - 11:16:44 R--A- . (.Creative Technology Ltd. - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\Drivers\V0260Cmd.sys [24872]
O58 - SDL:03/11/2006 - 23:45:48 R--A- . (.Creative Technology Ltd. - Video streaming and Capture Device Driver.) -- C:\WINDOWS\system32\Drivers\V0260Vid.sys [178913]
O58 - SDL:11/03/2013 - 01:49:06 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\Drivers\VClone.sys [30208]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:01/01/2000 - 01:00:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\Drivers\VIAAGP1.SYS [27904]
O58 - SDL:01/01/2000 - 01:00:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\system32\Drivers\videX32.sys [13976]
O58 - SDL:01/01/2000 - 01:00:00 ---A- . (.VIA Technologies, Inc. - VIA USB Host Controller Lower Filter Driver.) -- C:\WINDOWS\system32\Drivers\vulfnth.sys [6912]
O58 - SDL:01/01/2000 - 01:00:00 ---A- . (.VIA Technologies, Inc. - VIA USB Roothub Lower Filter Driver.) -- C:\WINDOWS\system32\Drivers\vulfntr.sys [11264]
O58 - SDL:03/08/2004 - 21:29:40 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\wadv07nt.sys [11807]
O58 - SDL:03/08/2004 - 21:29:40 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\wadv08nt.sys [11295]
O58 - SDL:03/08/2004 - 21:29:42 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\wadv09nt.sys [11871]
O58 - SDL:03/08/2004 - 21:29:42 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\wadv11nt.sys [11935]
O58 - SDL:03/08/2004 - 21:29:46 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\watv06nt.sys [22271]
O58 - SDL:03/08/2004 - 21:29:46 ----- . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Graphics Driver.) -- C:\WINDOWS\system32\Drivers\watv10nt.sys [25471]
O58 - SDL:17/01/2003 - 02:26:02 ---A- . (.Pas de propriétaire - winddx driver.) -- C:\WINDOWS\system32\Drivers\winddx.sys [14976]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:13/04/2008 - 08:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:24/08/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:13/04/2008 - 08:49:52 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:13/04/2008 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:13/04/2008 - 08:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:13/04/2008 - 08:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:13/04/2008 - 08:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
O58 - SDL:24/08/2009 - 13:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\WINDOWS\system32\pcampr5.sys [34688]
O58 - SDL:24/08/2009 - 13:22:58 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\pcandis5.sys [32128]
~ Drivers: 123 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 15/06/2015 - 03:34:34 ---A- . (...) -- C:\Documents and Settings\Enguehard Erick\Application Data\ZHP\ZHPCleaner.exe [1843200] =>.Nicolas Coolman
O61 - LFC: 15/06/2015 - 03:34:35 ---A- . (...) -- C:\Documents and Settings\Enguehard Erick\Local Settings\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 15/06/2015 - 03:34:38 ---A- . (...) -- C:\Documents and Settings\Enguehard Erick\Mes documents\ZHPCleaner.exe [1843200] =>.Nicolas Coolman
O61 - LFC: 15/06/2015 - 03:34:38 ---A- . (...) -- C:\Documents and Settings\Enguehard Erick\Mes documents\adwcleaner_4.206 (1).exe [2231296]
O61 - LFC: 15/06/2015 - 03:34:38 ---A- . (...) -- C:\Documents and Settings\Enguehard Erick\Mes documents\adwcleaner_4.206 (2).exe [2231296]
O61 - LFC: 15/06/2015 - 03:34:38 ---A- . (...) -- C:\Documents and Settings\Enguehard Erick\Mes documents\adwcleaner_4.206.exe [2231296]
O61 - LFC: 15/06/2015 - 03:34:38 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Enguehard Erick\Mes documents\ZHPDiag2.exe [6880102] =>.Nicolas Coolman
O61 - LFC: 15/06/2015 - 03:34:38 ---A- . (.SQLite Development Team.) -- C:\Documents and Settings\Enguehard Erick\Local Settings\Temp\sqlite3.dll [665682]
~ 113 Fichiers temporaires (Temporary files)
~ 8 Fichiers cookies (Cookies files)
~ Files: 8 Scanned in 00mn 04s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 14/05/2010 - C:\WINDOWS\system32\DRIVERS\AegisP.sys (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\aliide.sys (AliIde) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\amdagp.sys (amdagp) .(.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) - LEGACY_AMDAGP
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\asc.sys (asc) .(.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) - LEGACY_ASC
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\asc3550.sys (asc3550) .(.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) - LEGACY_ASC3550
O64 - Services: CurCS - 01/05/2015 - C:\WINDOWS\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 01/05/2015 - C:\WINDOWS\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 01/05/2015 - C:\WINDOWS\system32\drivers\aswRdr.sys (aswRdr) .(.Avast Software s.r.o. - avast! TDI Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 01/05/2015 - C:\WINDOWS\system32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 01/05/2015 - C:\WINDOWS\system32\drivers\aswSnx.sys (aswSnx) .(.Avast Software s.r.o. - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 01/05/2015 - C:\WINDOWS\system32\drivers\aswSP.sys (aswSP) .(.Avast Software s.r.o. - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 01/05/2015 - C:\WINDOWS\system32\drivers\aswTdi.sys (aswTdi) .(.Avast Software s.r.o. - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 01/05/2015 - C:\WINDOWS\system32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 01/05/2015 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (avast! Antivirus) .(.Avast Software s.r.o. - avast! Service.) - LEGACY_AVAST!_ANTIVIRUS
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\cmdide.sys (CmdIde) .(.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) - LEGACY_CMDIDE
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (dac2w2k) .(.Mylex Corporation - Mylex Disk Array Controller Driver.) - LEGACY_DAC2W2K
O64 - Services: CurCS - 23/04/2014 - C:\Program Files\Sony\PlayMemories Home\dfs.exe (DeviceFinderService) .(...) - LEGACY_DEVICEFINDERSERVICE
O64 - Services: CurCS - 04/03/2013 - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO
O64 - Services: CurCS - 02/03/2003 - C:\WINDOWS\system32\drivers\enodpl.sys (enodpl) .(...) - LEGACY_ENODPL
O64 - Services: CurCS - 24/08/2009 - C:\Program Files\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) .(.France Telecom SA - Orange Connection Kit.) - LEGACY_FTRTSVC
O64 - Services: CurCS - 22/01/2008 - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe (IJPLMSVC) .(.Pas de propriétaire - Inkjet Printer/Scanner Extended Servey Prog.) - LEGACY_IJPLMSVC
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\mraid35x.sys (mraid35x) .(.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X
O64 - Services: CurCS - 13/07/2009 - C:\WINDOWS\system32\drivers\npf_devolo.sys (NPF_devolo) .(.CACE Technologies - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF_DEVOLO
O64 - Services: CurCS - 23/04/2014 - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (PMBDeviceInfoProvider) .(.Sony Corporation - Device Information Provider.) - LEGACY_PMBDEVICEINFOPROVIDER
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\ql1080.sys (ql1080) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1080
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\ql12160.sys (ql12160) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL12160
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\ql1280.sys (ql1280) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1280
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\DRIVERS\RecAgent.sys (RecAgent) .(.Smart Link - Pas de description.) - LEGACY_RECAGENT
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\sisagp.sys (sisagp) .(.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) - LEGACY_SISAGP
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\slserv.exe (SLService) .(.Smart Link - Pas de description.) - LEGACY_SLSERVICE
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys (SlWdmSup) .(.Smart Link - Pas de description.) - LEGACY_SLWDMSUP
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\sparrow.sys (Sparrow) .(.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) - LEGACY_SPARROW
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\symc8xx.sys (symc8xx) .(.LSI Logic - Symbios 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_hi.sys (sym_hi) .(.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_u3.sys (sym_u3) .(.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) - LEGACY_SYM_U3
O64 - Services: CurCS - 19/04/2003 - C:\WINDOWS\system32\drivers\tandpl.sys (tandpl) .(...) - LEGACY_TANDPL
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\DRIVERS\ultra.sys (ultra) .(.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) - LEGACY_ULTRA
~ Legacy: 211 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
~ FASS Keys: 10 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Opera.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: 6to4 (6to4) . (.Microsoft Corporation - Service that offers IPv6 connectivity over an IPv4 network..) -- C:\WINDOWS\system32\6to4svc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (...) -- C:\WINDOWS\system32\appmgmts.dll [0]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [127488]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll [247808] =>.Microsoft Corporation
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\system32\ipnathlp.dll [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\system32\tapisrv.dll [249856]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [483840]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024]
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll [293376]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll [61440]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400]
~ Services: 39 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.150BF3DD2689B58943358DF19E9CCFA7] [SPRF][31/12/2002] (.Opera Software ASA - 7z Setup SFX.) -- C:\Documents and Settings\Enguehard Erick\Bureau\Opera_16.0.1196.80_Setup.exe [2972244]
[MD5.24E140813B633E9C989070D9F88C764C] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\catalog.dat [2390]
[MD5.8AA59DC1EE8F774C79737AD330FBA1B2] [SPRF][17/03/2004] (.Symantec Corporation - AV Engine.) -- C:\WINDOWS\Downloaded Program Files\naveng32.dll [119976]
[MD5.E31ECFEEB3314A0BA7D36F82198C615B] [SPRF][17/03/2004] (.Symantec Corporation - AV Engine.) -- C:\WINDOWS\Downloaded Program Files\navex32a.dll [652456]
[MD5.65BC23450AEE19CD6FCC1146A0F52144] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\scrauth.dat [82208]
[MD5.272379F0650E1DE82A5B88FCB325EFB3] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\tcdefs.dat [2661]
[MD5.8FC89526FB6B4B01B9B22B664FCB822C] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\tcscan7.dat [25327]
[MD5.99432C3F95D7170E6CC82010FF8B3B49] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\tcscan8.dat [47092]
[MD5.90DC7B89AEC73EE1513DBB42B3493D4A] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\tcscan9.dat [124696]
[MD5.7C81534E02CE95C342A639DCA13B2F5B] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\tinf.dat [453]
[MD5.F482930D99D74BCD79CB09F2E88BB7F7] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\tinfidx.dat [148]
[MD5.F7C5821FCFEA223981027807FBD7DE2D] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\tinfl.dat [1957]
[MD5.092CF6641E99789494E2B7A6959CA36C] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\tscan1.dat [33484]
[MD5.FBE4F577D371A1FC5D2E7E7319CECDF3] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\tscan1hd.dat [1179]
[MD5.EEC5D70AD29DC87D7A55E503728D691B] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscan1.dat [858512]
[MD5.637AF4CA047587461549178D873393B9] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscan2.dat [527010]
[MD5.A3BBC653BDF918DD280010C5F4C9F4BE] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscan3.dat [143336]
[MD5.C583E0FB29DEBFC40D865CF7A46A002F] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscan4.dat [316434]
[MD5.F75C388E6603A060BBF80B98D3E3D912] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscan5.dat [70684]
[MD5.8E881530D5B33C9E0883A93D423F684F] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscan6.dat [374721]
[MD5.9E4F7EDA7E3DBFF553C05A25A28F6365] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscan7.dat [1031547]
[MD5.F91DF0C330D20B92063FF0DBBE7883E8] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscan8.dat [1036269]
[MD5.737B2465AC7DAFE8B9DE32779F940BBE] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscan9.dat [1155648]
[MD5.A93871E068C171A55AF3B767CAEA47B2] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\virscant.dat [32]
[MD5.2EA09C8B4B4669C516433AE31982E259] [SPRF][17/03/2004] (...) -- C:\WINDOWS\Downloaded Program Files\zdone.dat [224]
~ Files: 25 Scanned in 00mn 06s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: Web Folders - {BDEADF00-C265-11D0-BCED-00A0C90AB50F}
~ MNS: 1 Scanned in 00mn 00s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}] (Web Browser Applet Control) =>PUP.CrossRider
[HKCR\CLSID\{206DAA08-0036-11D5-80D8-0050DA5F08E3}] (Groove WebBrowserView2) =>PUP.CrossRider
[HKCR\CLSID\{BCB7B0A0-94D3-11d4-9064-00C04F78ACF9}] (Notation Class) =>Hijacker.Proxy
~ BCK: 4629 Scanned in 00mn 18s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 10/06/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 12/12/2003 397312 | (Ati HotKey Poller) . (...) - C:\WINDOWS\system32\Ati2evxx.exe
SS - | Auto 10/02/2010 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 01/05/2015 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 01/05/2015 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 03/06/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 01/05/2015 343336 | (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 23/04/2014 149528 | (DeviceFinderService) . (...) - C:\Program Files\Sony\PlayMemories Home\dfs.exe
SR - | Auto 24/08/2009 69632 | C:\Program Files\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) - C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
SR - | Auto 22/01/2008 103808 | (IJPLMSVC) . (...) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 23/04/2014 481816 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 13/04/2008 73796 | (SLService) . (.Smart Link.) - C:\WINDOWS\system32\slserv.exe
~ Services: Scanned in 00mn 19s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Enguehard Erick at 15/06/2015 03:36:20
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys
C:\WINDOWS\system32\drivers\videX32.sys VIA Technologies, Inc. VIA PCI IDE MINI Driver
1 ntkrnlpa!IofCallDriver[0x804EE1A0] >> \Device\Harddisk0\DR0[0x8A53FAB8]
3 CLASSPNP[0xBA188FD7] >> ntkrnlpa!IofCallDriver[0x804EE1A0] >> \Device\00000097[0x8A581270]
5 ACPI[0xB9F7E620] >> ntkrnlpa!IofCallDriver[0x804EE1A0] >> \Device\Ide\IdeDeviceP0T0L0-4[0x8A54BD98]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 14 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Enguehard Erick at 15/06/2015 03:36:22
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/2015)
Clés trouvées (Keys found) : 13
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 3

[HKLM\Software\Classes\TypeLib\{0494d0d0-f8e0-41ad-92a3-14154ece70ac}] =>Adware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0494d0d9-f8e0-41ad-92a3-14154ece70ac}] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f}] =>Adware.Zango
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226}] =>Adware.Hotbar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\my way speedbar uninstall] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]:spamblockerutility 4.8.4 =>Adware.Hotbar
[HKLM\Software\Classes\MyWayToolBar.NetscapeShutdown] =>Adware.MyWaySearch
[HKLM\Software\Classes\MyWayToolBar.NetscapeShutdown.1] =>Adware.MyWaySearch
[HKLM\Software\Classes\MyWayToolBar.NetscapeStartup] =>Adware.MyWaySearch
[HKLM\Software\Classes\MyWayToolBar.NetscapeStartup.1] =>Adware.MyWaySearch
[HKLM\Software\Classes\MyWayToolBar.SettingsPlugin] =>Adware.MyWaySearch
[HKLM\Software\Classes\MyWayToolBar.SettingsPlugin.1] =>Adware.MyWaySearch
C:\Program Files\myway =>Adware.MyWaySearch
[HKCR\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}] (Web Browser Applet Control) =>PUP.CrossRider^
[HKCR\CLSID\{206DAA08-0036-11D5-80D8-0050DA5F08E3}] (Groove WebBrowserView2) =>PUP.CrossRider^
[HKCR\CLSID\{BCB7B0A0-94D3-11d4-9064-00C04F78ACF9}] (Notation Class) =>Hijacker.Proxy^
~ Additionnel Scan: 220025 Items scanned in 00mn 24s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50)
~ AMI: 6 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy
http://www.nicolascoolman.fr/blog/ =>Adware.BHO
http://www.nicolascoolman.fr/blog/ =>Adware.Zango
http://nicolascoolman.fr/adware-hotbar =>Adware.Hotbar
http://www.nicolascoolman.fr/blog/ =>Adware.MyWaySearch
~ MSI: 7 link(s) detected in 00mn 00s



End of the scan (1396 lines in 03mn 58s)(0.4)

Publicité


Signaler le contenu de ce document

Publicité