Rapport de ZHPDiag v1.3.5.92 par Nicolas Coolman, Update du 17/02/2013
Run by caisse15 at 18/02/2013 15:00:18
State : Problème connexion internet
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 6P6GT
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3984 MB (64% free)
System Restore: Désactivé (Disabled)
System drive C: has 423 GB (92%) free of 457 GB

---\\ Logged in mode
~ Computer Name: CAISSE15
~ User Name: caisse15
~ All Users Names: cyrille.guerin, caisse15, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\caisse15\AppData\Roaming\
~ %Desktop% : C:\Users\caisse15\Desktop\
~ %Favorites% : C:\Users\caisse15\Favorites\
~ %LocalAppData% : C:\Users\caisse15\AppData\Local\
~ %StartMenu% : C:\Users\caisse15\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 423 Go of 457 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 9 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.435E9C764E1EF70058580996452BE6A2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.09/01/2013 - 02:12:03.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.15/06/2011 - 09:57:36.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
Mes images (My Pictures) : 3/3   (Modified) 
~ Mes musiques (My Musics) : 22/80
~ Mes Videos (My Videos) : 1/26
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 1/2
~ Mon Bureau (My Desktop) : 1/206
~ Menu demarrer (Programs) : 1/25
~ Scan Hidden Files in 00mn 00s



---\\ Processus lancés
[MD5.09A206F2F94F48334E576402260990BE] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe   [821584] [PID.1464]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4297136] [PID.3428]
[MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe   [3825176] [PID.3472]
[MD5.F7DB6336DEFE82D7EAE25A6B656ED64A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [5685760] [PID.3436]
[MD5.7200502E12AC3293D73B8FB11B55CE9E] - (.Hewlett-Packard - HPFSService Application.) -- c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe   [320512] [PID.888]
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [44808] [PID.1252]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65192] [PID.1604]
[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe   [94264] [PID.1652]
[MD5.6C85719A21B3F62C2C76280F4BD36C7B] - (.Intel Corporation - Intel  IPT Host Interface Service.) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe   [212944] [PID.1748]
[MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe   [398184] [PID.1772]
[MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe   [1103392] [PID.1816]
[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe   [1369624] [PID.2188]
[MD5.CB63BDB77BB86549FC3303C2F11EDC18] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe   [168384] [PID.2412]
[MD5.F415A88162D23977B5EDAE4F0410E903] - (.InterVideo - RegMgr Module.) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe   [110736] [PID.1396]
[MD5.97F9EAAC985A663394CD8F54DCD3E73A] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe   [326168] [PID.3296]
[MD5.A69CD6BDB82872999D2E46F9324ADA83] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe   [2656280] [PID.3540]
~ Scan Processes Running in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.13.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.13.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.13.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url=http://www.google.fr]Google[/url]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url=http://g.uk.msn.com]MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France[/url]
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = [url=http://g.uk.msn.com]MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France[/url]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com]Search Microsoft.com[/url]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://g.uk.msn.com]MSN Hotmail.fr, Messenger, Skype, Actualité, Sport, People, Femmes - MSN France[/url]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 03s
~ Nombre de lignes (Lines number): 15354



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup [64Bits] - {3134413B-49B4-425C-98A5-893C1F195601} . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Spybot-S&D IE Protection [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 
O4 - HKUS\S-1-5-21-2270358671-1984333997-3346786110-1004\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\cyrille.guerin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\cyrille.guerin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\cyrille.guerin\Desktop\Microsoft Excel 2010.lnk . (...)  -- C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
O4 - Global Startup: C:\Users\cyrille.guerin\Desktop\Shortcut to The Logo Creator v5.exe.lnk . (...)  -- C:\Program Files (x86)\The Logo Creator v5\The Logo Creator v5.exe (.not file.)
O4 - Global Startup: C:\Users\cyrille.guerin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\caisse15\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\caisse15\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\caisse15\Desktop\Excel.lnk . (...)  -- C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
O4 - Global Startup: C:\Users\caisse15\Desktop\Océan.lnk . (...)  -- C:\Océan\Ocean.exe
O4 - Global Startup: C:\Users\caisse15\Desktop\Options Internet - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\caisse15\Desktop\Outlook 2010.lnk . (...)  -- C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
O4 - Global Startup: C:\Users\caisse15\Desktop\PLANNING - Raccourci.lnk . (...)  -- K:\EQUIPE ACCUEIL\ACCUEIL PACHA\PLANNING (.not file.)
O4 - Global Startup: C:\Users\caisse15\Desktop\PowerPoint 2010.lnk . (...)  -- C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
O4 - Global Startup: C:\Users\caisse15\Desktop\Standard (S).lnk - Clé orpheline
O4 - Global Startup: C:\Users\caisse15\Desktop\Statistiques Tennis et Squash - Raccourci.lnk . (...)  -- K:\EQUIPE ACCUEIL\ACCUEIL PACHA\TENNIS SQUASH\Statistiques Tennis et Squash (.not file.)
O4 - Global Startup: C:\Users\caisse15\Desktop\SUPERBCA.lnk . (.IREC SAS.)  -- C:\Irec2000\Exe\SUPERBCA.EXE
O4 - Global Startup: C:\Users\caisse15\Desktop\Word.lnk . (...)  -- C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
O4 - Global Startup: C:\Users\caisse15\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\caisse15\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
~ Scan Global Startup in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - [url=http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/url]
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{01482979-0429-4743-8AC4-06680FF95CBE}: NameServer = 132.236.191.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{01482979-0429-4743-8AC4-06680FF95CBE}: NameServer = 132.236.191.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{01482979-0429-4743-8AC4-06680FF95CBE}: NameServer = 132.236.191.222
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service:  (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) . (.Hewlett-Packard - HPFSService Application.) - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) . (.Intel Corporation - Intel® PROSet Monitoring Service.) - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel(R) Identity Protection Technology  (jhi_service) . (.Intel Corporation - Intel  IPT Host Interface Service.) - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service:  (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: uvnc_service (uvnc_service) . (.UltraVNC - VNC server for win32.) - C:\Program Files\UltraVNC\WinVNC.exe
~ Scan Services in 02mn 11s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean64.exe) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\HPCeeScheduleForCAISSE15$.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\HPCeeScheduleForcaisse15.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
[MD5.563CDCFEEAEF97163E206AF71A61AA6E] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.7F19838AC317C34FCED020BE529AF71E] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForCAISSE15$] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-2270358671-1984333997-3346786110-1004] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2270358671-1984333997-3346786110-1004] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe (.not file.)
[MD5.9A7F1691F76E019C11481B6355125072] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-2270358671-1984333997-3346786110-1004] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
[MD5.9A7F1691F76E019C11481B6355125072] [APT] [RealUpgradeScheduledTaskS-1-5-21-2270358671-1984333997-3346786110-1004] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.)
[MD5.1DB8C2220EFDBA97F671F46F6A8DE51E] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
[MD5.7A14C25B7EC229B7F8B3E457779C83CC] [APT] [HP Total Care Tune-Up] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe
[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.D1A6C59A484BA0F2420C1F0E230AF1DC] [APT] [Update Check] (.Hewlett-Packard.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe
[MD5.452DB84283EB2F043827AC95D62CE19C] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
[MD5.36A82C214B46787385F3B0CD02ECAA88] [APT] [Refresh immunization] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
[MD5.E4A0900CF535888DDD85B10040CA3E34] [APT] [Scan the system] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
~ Scan Scheduled Task in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.5) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Corel WinDVD - (.Corel Inc..) [HKLM][64Bits] -- {5C1F18D2-F6B7-4242-B803-B5A78648185D}
O42 - Logiciel: Device Access Manager for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {55B52830-024A-443E-AF61-61E1E71AFA1B}
O42 - Logiciel: Drive Encryption For HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}
O42 - Logiciel: File Sanitizer For HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}
O42 - Logiciel: HP Auto - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- HPProtectTools
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {D856C86A-6D49-4A32-BBC2-54714EAF2CA0}
O42 - Logiciel: HP Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {05BA6A83-C7A7-4F85-88F1-150142305229}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F44AF95-3CDE-4513-AD3F-6D45F17BF324}
O42 - Logiciel: HP Vision Hardware Diagnostics - (.Hewlett-Packard.) [HKLM][64Bits] -- {D79A02E9-6713-4335-9668-AAC7474C0C0E}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.2.0 - (.Hewlett-Packard.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Identity Protection Technology 1.1.2.0 - (.Intel Corporation.) [HKLM][64Bits] -- {C01A86F5-56E7-101F-9BC9-E3F1025EB779}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Network Connections 15.7.176.0 - (.Intel.) [HKLM][64Bits] -- PROSetDX
O42 - Logiciel: Intel(R) Network Connections 15.7.176.0 - (.Intel.) [HKLM][64Bits] -- {8C9B6B1F-0A8E-402A-A60C-110BBB38D67E}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Java 7 Update 13 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417013FF}
O42 - Logiciel: Java 7 Update 13 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217013FF}
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D0774B8F-13DF-11E2-A943-005056C00008}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Privacy Manager for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: Theft Recovery for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}
O42 - Logiciel: Theft Recovery for HP ProtectTools - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {ADC70B7A-530B-46E3-8384-48D22681A41E}
O42 - Logiciel: UltraVnc - (.uvnc bvba.) [HKLM][64Bits] -- Ultravnc2_is1
O42 - Logiciel: VIP Access SDK (1.0.0.55)  - (.Symantec Inc..) [HKLM][64Bits] -- VIP Access SDK
O42 - Logiciel: avast! Free Antivirus v7.0.1474.0 - (.AVAST Software.) [HKLM][64Bits] -- avast

---\\ HKCU & HKLM Software Keys
[HKCU\Software\5f088d8b635ed49]
[HKCU\Software\Adobe]
[HKCU\Software\Agence-Exclusive]
[HKCU\Software\AppDataLow\Software\DigitalPersona]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\RealNetworks]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avast Software]
[HKCU\Software\Borland]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Corel]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\Datamngr]
[HKCU\Software\DigitalPersona]
[HKCU\Software\FileScout]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\Iminent]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore]
[HKCU\Software\Intel]
[HKCU\Software\Irec2000]
[HKCU\Software\JavaSoft]
[HKCU\Software\KONICA MINOLTA]
[HKCU\Software\Lake]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\ORL]
[HKCU\Software\PCTuto]
[HKCU\Software\PTECH]
[HKCU\Software\PerformerSoft LLC]
[HKCU\Software\Policies]
[HKCU\Software\RICOH]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Seagate Software]
[HKCU\Software\Softonic]
[HKCU\Software\Softwrap]
[HKCU\Software\Sony Creative Software]
[HKCU\Software\Torch]
[HKCU\Software\Turbopoker.fr]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\iMesh]
[HKCU\Software\mozilla]
[HKCU\Software\www.sharedirect.com]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DataMngr]
[HKLM\Software\DigitalPersona]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee EndPoint Encryption]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\One Time Password Providers]
[HKLM\Software\Policies]
[HKLM\Software\RICOH]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sonic]
[HKLM\Software\Tarma Installer]
[HKLM\Software\Web Assistant]
[HKLM\Software\Wow6432Node\5f088d8b635ed49]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Adobee]
[HKLM\Software\Wow6432Node\Agence-Exclusive]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\Borland]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Corel]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DigitalPersona]
[HKLM\Software\Wow6432Node\FLEXnet]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\Iminent]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee EndPoint Encryption]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\MusicNet]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\PCTuto]
[HKLM\Software\Wow6432Node\PDFComplete]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RealNetworks]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Sage]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Sony Creative Software]
[HKLM\Software\Wow6432Node\Sony Media Software]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Torch]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\Web Assistant]
[HKLM\Software\Wow6432Node\Xing Technology Corp.]
[HKLM\Software\Wow6432Node\iMeshSRTB]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/07/2012 - 18:07:50 - [113,547] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 21/06/2012 - 11:23:05 - [0,447] ----D C:\Program Files (x86)\Bing Bar Installer
O43 - CFD: 18/02/2013 - 14:51:26 - [266,230] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 15/06/2011 - 10:08:17 - [202,542] ----D C:\Program Files (x86)\Corel
O43 - CFD: 07/12/2012 - 18:05:46 - [0,247] ----D C:\Program Files (x86)\File Scout
O43 - CFD: 13/02/2013 - 20:13:48 - [0] ----D C:\Program Files (x86)\Google
O43 - CFD: 25/06/2012 - 10:46:24 - [351,744] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 10/12/2012 - 14:38:49 - [0] ----D C:\Program Files (x86)\iMesh Applications
O43 - CFD: 25/06/2012 - 10:49:16 - [23,004] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 08/02/2013 - 19:26:59 - [62,473] ----D C:\Program Files (x86)\Intel
O43 - CFD: 14/02/2013 - 16:38:11 - [4,935] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 08/02/2013 - 18:48:45 - [123,633] ----D C:\Program Files (x86)\Java
O43 - CFD: 28/01/2013 - 16:56:57 - [12,222] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 21/06/2012 - 11:23:04 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 21/06/2012 - 17:45:30 - [38,002] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 21/06/2012 - 17:50:00 - [640,844] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 13/11/2012 - 09:04:37 - [40,838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 21/06/2012 - 17:47:13 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 12/09/2012 - 09:42:55 - [0,000] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 06:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 21/06/2012 - 15:42:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 21/06/2012 - 10:56:28 - [0,500] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 08/11/2012 - 09:51:27 - [0,825] ----D C:\Program Files (x86)\Real
O43 - CFD: 15/06/2011 - 10:07:11 - [3,205] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 12/11/2012 - 10:25:02 - [1,079] ----D C:\Program Files (x86)\Software
O43 - CFD: 13/02/2013 - 18:43:22 - [163,109] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 15/06/2011 - 10:07:20 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 12/11/2012 - 10:25:04 - [14,673] ----D C:\Program Files (x86)\VideoConverter
O43 - CFD: 21/06/2012 - 15:02:51 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 21/06/2012 - 15:02:51 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 21/06/2012 - 15:02:51 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 21/06/2012 - 15:02:51 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 04:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 21/06/2012 - 15:02:51 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 18/02/2013 - 15:00:26 - [15,553] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 21/07/2012 - 18:07:55 - [3,797] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 13/02/2013 - 14:27:01 - [0,004] ----D C:\Program Files (x86)\Common Files\Borland Shared
O43 - CFD: 21/06/2012 - 17:47:18 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 13/02/2013 - 13:33:33 - [8,171] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 15/06/2011 - 10:08:30 - [0,168] ----D C:\Program Files (x86)\Common Files\InterVideo
O43 - CFD: 21/06/2012 - 18:20:50 - [202,666] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 15/06/2011 - 10:06:21 - [0,155] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 15/06/2011 - 10:08:21 - [1,600] ----D C:\Program Files (x86)\Common Files\Protexis
O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 21/06/2012 - 15:59:23 - [10,373] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 09/12/2012 - 20:05:43 - [0,004] --H-D C:\ProgramData\2B117
O43 - CFD: 31/12/2012 - 13:27:11 - [0,007] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 08/02/2013 - 18:48:33 - [213,025] ----D C:\ProgramData\Adobe
O43 - CFD: 08/02/2013 - 18:26:21 - [30,048] ----D C:\ProgramData\Apple
O43 - CFD: 26/08/2012 - 12:56:13 - [0,002] --H-D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 13/02/2013 - 13:33:47 - [56,297] ----D C:\ProgramData\AVAST Software
O43 - CFD: 07/12/2012 - 18:30:19 - [0,000] --H-D C:\ProgramData\boost_interprocess
O43 - CFD: 13/02/2013 - 13:34:54 - [12,025] ----D C:\ProgramData\Ciel
O43 - CFD: 08/02/2013 - 18:26:21 - [66,998] ----D C:\ProgramData\Corel
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 21/06/2012 - 10:56:49 - [0,024] --H-D C:\ProgramData\DigitalPersona
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 08/02/2013 - 18:26:21 - [2,461] ----D C:\ProgramData\FLEXnet
O43 - CFD: 08/02/2013 - 18:27:54 - [4,150] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 15/06/2011 - 10:06:57 - [0,000] --H-D C:\ProgramData\HPQLOG
O43 - CFD: 08/02/2013 - 18:26:22 - [0,002] ----D C:\ProgramData\Intel
O43 - CFD: 08/02/2013 - 18:26:22 - [2,240] ----D C:\ProgramData\Macrovision
O43 - CFD: 08/02/2013 - 18:26:22 - [16,487] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 13/02/2013 - 18:43:21 - [182,784] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14/02/2013 - 16:24:11 - [0,057] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 08/02/2013 - 18:36:53 - [0,000] ----D C:\ProgramData\Norton
O43 - CFD: 08/11/2012 - 11:31:28 - [1,359] --H-D C:\ProgramData\NortonInstaller
O43 - CFD: 21/06/2012 - 11:23:33 - [0,000] --H-D C:\ProgramData\PDFC
O43 - CFD: 18/02/2013 - 14:51:27 - [0,117] ----D C:\ProgramData\Real
O43 - CFD: 18/02/2013 - 14:50:47 - [0,000] ----D C:\ProgramData\RealNetworks
O43 - CFD: 13/02/2013 - 20:08:04 - [0,314] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 12/11/2012 - 16:38:10 - [0,000] --H-D C:\ProgramData\Sun
O43 - CFD: 08/11/2012 - 11:31:33 - [0] --H-D C:\ProgramData\Symantec
O43 - CFD: 08/02/2013 - 18:26:27 - [0,281] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 08/02/2013 - 18:26:27 - [0,035] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 15/06/2011 - 10:11:38 - [0] --H-D C:\ProgramData\WinZip
O43 - CFD: 26/08/2012 - 12:56:27 - [0,004] --H-D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 25/06/2012 - 10:45:53 - [45,653] ----D C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
O43 - CFD: 15/06/2011 - 10:08:57 - [34,794] ----D C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
O43 - CFD: 08/02/2013 - 18:27:14 - [4,067] ----D C:\Users\caisse15\AppData\Roaming\Adobe
O43 - CFD: 23/07/2012 - 10:07:53 - [0] --H-D C:\Users\caisse15\AppData\Roaming\Agence-Exclusive
O43 - CFD: 31/12/2012 - 13:14:03 - [0,938] --H-D C:\Users\caisse15\AppData\Roaming\Apple Computer
O43 - CFD: 08/02/2013 - 18:27:58 - [0,000] ----D C:\Users\caisse15\AppData\Roaming\Corel
O43 - CFD: 08/02/2013 - 18:27:14 - [0,000] ----D C:\Users\caisse15\AppData\Roaming\DigitalPersona
O43 - CFD: 14/09/2012 - 12:44:22 - [0] --H-D C:\Users\caisse15\AppData\Roaming\Google
O43 - CFD: 25/07/2012 - 11:26:00 - [0,003] --H-D C:\Users\caisse15\AppData\Roaming\Hewlett-Packard
O43 - CFD: 18/07/2012 - 16:47:12 - [0] --H-D C:\Users\caisse15\AppData\Roaming\Identities
O43 - CFD: 18/07/2012 - 16:49:50 - [0,000] --H-D C:\Users\caisse15\AppData\Roaming\Macromedia
O43 - CFD: 08/02/2013 - 18:27:14 - [0,652] ----D C:\Users\caisse15\AppData\Roaming\Malwarebytes
O43 - CFD: 21/11/2010 - 08:16:58 - [0] --H-D C:\Users\caisse15\AppData\Roaming\Media Center Programs
O43 - CFD: 14/02/2013 - 19:00:10 - [20,499] -S--D C:\Users\caisse15\AppData\Roaming\Microsoft
O43 - CFD: 07/12/2012 - 18:30:15 - [0,017] --H-D C:\Users\caisse15\AppData\Roaming\MusicNet
O43 - CFD: 10/12/2012 - 14:42:44 - [0] --H-D C:\Users\caisse15\AppData\Roaming\PerformerSoft
O43 - CFD: 18/02/2013 - 14:51:25 - [87,111] ----D C:\Users\caisse15\AppData\Roaming\Real
O43 - CFD: 08/02/2013 - 18:27:22 - [0,028] ----D C:\Users\caisse15\AppData\Roaming\RealNetworks
O43 - CFD: 28/01/2013 - 15:16:50 - [0,249] --H-D C:\Users\caisse15\AppData\Roaming\Sony
O43 - CFD: 21/07/2012 - 18:11:52 - [14,736] --H-D C:\Users\caisse15\AppData\Local\Adobe
O43 - CFD: 21/07/2012 - 17:40:37 - [0,740] --H-D C:\Users\caisse15\AppData\Local\Agence-Exclusive
O43 - CFD: 26/08/2012 - 12:54:41 - [0] --H-D C:\Users\caisse15\AppData\Local\Apple
O43 - CFD: 26/08/2012 - 12:56:33 - [16,409] --H-D C:\Users\caisse15\AppData\Local\Apple Computer
O43 - CFD: 18/07/2012 - 16:47:07 - [0] ----D C:\Users\caisse15\AppData\Local\Application Data
O43 - CFD: 08/02/2013 - 18:27:07 - [0,772] ----D C:\Users\caisse15\AppData\Local\Apps
O43 - CFD: 26/12/2012 - 14:14:40 - [0] --H-D C:\Users\caisse15\AppData\Local\Deployment
O43 - CFD: 15/02/2013 - 13:27:59 - [5,316] --H-D C:\Users\caisse15\AppData\Local\Diagnostics
O43 - CFD: 18/07/2012 - 16:47:20 - [0] --H-D C:\Users\caisse15\AppData\Local\DigitalPersona
O43 - CFD: 17/02/2013 - 10:46:49 - [0,775] ----D C:\Users\caisse15\AppData\Local\ElevatedDiagnostics
O43 - CFD: 13/02/2013 - 20:12:49 - [0] ----D C:\Users\caisse15\AppData\Local\Google
O43 - CFD: 08/02/2013 - 18:27:10 - [0,739] ----D C:\Users\caisse15\AppData\Local\Hewlett-Packard
O43 - CFD: 18/07/2012 - 16:47:07 - [0] ----D C:\Users\caisse15\AppData\Local\Historique
O43 - CFD: 17/02/2013 - 12:18:04 - [53,921] ----D C:\Users\caisse15\AppData\Local\Microsoft
O43 - CFD: 16/02/2013 - 16:11:24 - [0,845] ----D C:\Users\caisse15\AppData\Local\Microsoft Games
O43 - CFD: 08/02/2013 - 18:27:57 - [0,287] ----D C:\Users\caisse15\AppData\Local\Microsoft Help
O43 - CFD: 07/12/2012 - 18:29:22 - [0] --H-D C:\Users\caisse15\AppData\Local\PackageAware
O43 - CFD: 13/02/2013 - 14:27:42 - [0,001] ----D C:\Users\caisse15\AppData\Local\PokerStars.FR
O43 - CFD: 28/01/2013 - 15:52:11 - [0] --H-D C:\Users\caisse15\AppData\Local\Programs
O43 - CFD: 08/11/2012 - 09:31:02 - [0] --H-D C:\Users\caisse15\AppData\Local\Real
O43 - CFD: 12/11/2012 - 10:25:02 - [0] --H-D C:\Users\caisse15\AppData\Local\Software
O43 - CFD: 28/01/2013 - 15:24:08 - [0] --H-D C:\Users\caisse15\AppData\Local\Sony
O43 - CFD: 18/02/2013 - 15:02:44 - [1,735] ----D C:\Users\caisse15\AppData\Local\Temp
O43 - CFD: 18/07/2012 - 16:47:07 - [0] ----D C:\Users\caisse15\AppData\Local\Temporary Internet Files
O43 - CFD: 08/02/2013 - 18:27:13 - [13,176] ----D C:\Users\caisse15\AppData\Local\Torch
O43 - CFD: 08/02/2013 - 18:27:13 - [0] ----D C:\Users\caisse15\AppData\Local\VirtualStore
O43 - CFD: 08/02/2013 - 18:37:21 - [0,015] R---D C:\Users\caisse15\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 18/07/2012 - 17:27:57 - [0,000] R---D C:\Users\caisse15\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 13/02/2013 - 20:18:26 - [0,002] ----D C:\Users\caisse15\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 08/02/2013 - 18:27:58 - [0,001] R---D C:\Users\caisse15\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/07/2012 - 17:27:57 - [0,000] R---D C:\Users\caisse15\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Scan Program Folder in 00mn 06s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.541E45459E68E34D8B1E9C92DE4E8214] - 18/02/2013 - 14:59:16 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1661710]
O44 - LFC:[MD5.F8E745632553D4F95A03BF322D5913A3] - 18/02/2013 - 14:59:16 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [120870]
O44 - LFC:[MD5.692AC53C9757437EC09423E07ECE2B97] - 18/02/2013 - 14:59:16 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [148574]
O44 - LFC:[MD5.4713014D4F523E39D58B73F5B4D9FBE6] - 18/02/2013 - 14:59:16 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [651938]
O44 - LFC:[MD5.FED8EA8A2669A4A9DA247ED259EFD4D3] - 18/02/2013 - 14:59:16 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [745056]
O44 - LFC:[MD5.541E45459E68E34D8B1E9C92DE4E8214] - 18/02/2013 - 14:59:16 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1661710]
O44 - LFC:[MD5.25EC1462FDFFA15AD821003FA3806E95] - 18/02/2013 - 14:56:36 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1231448]
O44 - LFC:[MD5.EA57641B9B03657455E411C24176B545] - 18/02/2013 - 14:53:16 ---A- . (...) -- C:\Windows\setupact.log   [1720]
O44 - LFC:[MD5.DD62FE9EDCBEFD1DAB52412C26FD9932] - 18/02/2013 - 14:53:13 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.C613763599E90568490462EA2B97D7F0] - 18/02/2013 - 14:53:06 ---A- . (...) -- C:\Windows\PFRO.log   [100496]
O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 18/02/2013 - 14:52:05 ---A- . (...) -- C:\Windows\epplauncher.mif   [1912]
O44 - LFC:[MD5.AB47969AA20B2C6E88BA4ABC6B11A249] - 14/02/2013 - 16:39:33  . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\FNTCACHE.DAT   [963488]
O44 - LFC:[MD5.AB47969AA20B2C6E88BA4ABC6B11A249] - 14/02/2013 - 16:39:33 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [354856]
O44 - LFC:[MD5.23948829C6D049B8ADE0E0FB87305AC3] - 13/02/2013 - 18:43:15 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\Windows\SysNative\sdnclean64.exe   [17272]
O44 - LFC:[MD5.B764F0F8B0D7FF2FFC3FB4C063F5F52A] - 13/02/2013 - 13:34:17 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe   [285328]
O44 - LFC:[MD5.B764F0F8B0D7FF2FFC3FB4C063F5F52A] - 13/02/2013 - 13:34:17 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe   [285328]
O44 - LFC:[MD5.74D55DED81C61871F0DB7F3A63A4D312] - 13/02/2013 - 13:33:57 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr   [41224]
O44 - LFC:[MD5.A768D621E8B2A600BBA78BC89C98DC40] - 08/02/2013 - 18:47:13 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll   [108448]
O44 - LFC:[MD5.E48EA241F5428F413F1942A555B6066A] - 08/02/2013 - 18:47:11 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\javaw.exe   [188832]
O44 - LFC:[MD5.E48EA241F5428F413F1942A555B6066A] - 08/02/2013 - 18:47:11 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe   [188832]
O44 - LFC:[MD5.E1B7A4AE2E09C159BE286B7183D2167D] - 08/02/2013 - 18:47:11 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe   [310688]
O44 - LFC:[MD5.E1B7A4AE2E09C159BE286B7183D2167D] - 08/02/2013 - 18:47:11 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe   [310688]
O44 - LFC:[MD5.70DAA34AEC2C760622521C9EF15347A2] - 08/02/2013 - 18:47:10 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\java.exe   [188320]
O44 - LFC:[MD5.70DAA34AEC2C760622521C9EF15347A2] - 08/02/2013 - 18:47:10 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe   [188320]
O44 - LFC:[MD5.BE38073D2710DDAEFDBB8389FBB85AC5] - 08/02/2013 - 18:47:07 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll   [963488]
O44 - LFC:[MD5.BE38073D2710DDAEFDBB8389FBB85AC5] - 08/02/2013 - 18:47:07 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll   [963488]
O44 - LFC:[MD5.1E51B9ED66558F33EA094C9799310FA3] - 08/02/2013 - 18:47:07 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\SysNative\npDeployJava1.dll   [1085344]
O44 - LFC:[MD5.1E51B9ED66558F33EA094C9799310FA3] - 08/02/2013 - 18:47:07 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npDeployJava1.dll   [1085344]
O44 - LFC:[MD5.8F69EE5E0EB0779DC3E90DFD8D8E8683] - 23/08/2012 - 10:51:57  . (...) -- C:\Windows\System32\rdpcorets.dll   [1661710]
~ Scan Files in 00mn 05s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Scan Keys in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (...) -- C:\Windows\System32\EpePcNp64.dll
O48 - LSA:Local Security Authority Notification Packages . (.DigitalPersona, Inc. - Password Filter.) -- C:\Windows\System32\DPPassFilter.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{27b90104-5645-11e2-9f95-2c27d72ed3ea}\AutoRun\command. (...) -- H:\Startme.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\APSDaemon  [Key] . (...) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\File Sanitizer  [Key] . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds  [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\hpsysdrv  [Key] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray  [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\IMSS  [Key] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper  [Key] . (...) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MfeEpePcMonitor  [Key] . (.Pas de propriétaire - McAfee Endpoint Encryption Encryption Monit.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
O53 - SMSR:HKLM\...\startupreg\Persistence  [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl  [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O53 - SMSR:HKLM\...\startupreg\TkBellExe  [Key] . (...) -- c:\program files (x86)\real\realplayer\Update\realsched.exe (.not file.)
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
~ Scan Drivers in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk)  .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 30/10/2012 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt)  .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 15/10/2012 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr)  .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx)  .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswSP.sys (aswSP)  .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi)  .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 17/09/2010 - C:\Windows\system32\Drivers\iqvw64e.sys (NAL)  .(.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) - LEGACY_NAL
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Scan Services in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - [url=http://search.babylon.com]Babylon Search[/url]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [url=http://www.google.com]Google[/url]
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} - (Search Results) - [url=http://dts.search-results.com]http://dts.search-results.com[/url]
O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - () - [url=http://mystart.incredibar.com]http://mystart.incredibar.com[/url]
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll   [193536]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.E5D0ADB529501DD975F27066534A3FD9] [SPRF][08/01/2013] (...) -- C:\ProgramData\KGyGaAvL.sys   [848]
[MD5.047F7CE122736221AF0B87030407AA46] [SPRF][18/02/2013] (...) -- C:\Users\caisse15\AppData\Local\Temp\dump.dat   [1753088]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{2B9BC79D-3B1C-4EBA-B9B2-7CA7229B547B}" | In - Private - P6 - TRUE | .(.UltraVNC - VNCViewer.) -- C:\Program Files\UltraVNC\vncviewer.exe
O87 - FAEL: "{29511883-4C43-463D-B52C-4F92521694A1}" | In - Private - P17 - TRUE | .(.UltraVNC - VNCViewer.) -- C:\Program Files\UltraVNC\vncviewer.exe
O87 - FAEL: "{F695F3B6-D417-459D-A8FB-C5E3B9C17621}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{9D18C979-701C-4618-8097-3070CBFABE35}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{CA9909C1-29DB-4FC3-97C1-A11456AA7A34}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{141AB608-1E73-4BB9-AA2A-8320AC7A3A57}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{77521030-E506-4DB9-9AA9-F6CA30AA4BA9}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{C1CF48D1-BAB1-4A1A-8CAB-605BEB2FE9AE}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{FB7EA233-020F-43B6-B02D-75A2D6803E5F}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{9ED7E925-2215-48F1-AD22-7DF03A2D28DC}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.)
O87 - FAEL: "{BEA58017-4077-4844-B177-12AEE5076281}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.)
O87 - FAEL: "{5524099B-149A-4EE3-81A1-6F7ED4D483FE}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.)
O87 - FAEL: "TCP Query User{CAE6C803-C44B-47E9-BEDC-4A55A3F79545}C:\program files (x86)\imesh applications\imesh\imesh.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\imesh applications\imesh\imesh.exe (.not file.)
O87 - FAEL: "UDP Query User{B7AF66AD-FC64-48A3-B650-56F65E3FB154}C:\program files (x86)\imesh applications\imesh\imesh.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\imesh applications\imesh\imesh.exe (.not file.)
~ Scan Firewall in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : v2.10777 - (17/02/2013)
Clés trouvées (Keys found) : 166
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 6
Fichiers trouvés  (Files found) : 0

[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}]   =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}]   =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}]   =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]   =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]   =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}]   =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}]   =>Toolbar.Babylon
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}]   =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}]   =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}]   =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}]   =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}]   =>Adware.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]   =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}]   =>Adware.Agent
[HKLM\Software\Classes\AppID\{759F1421-4D31-4C1F-8C51-E4956A037676}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{759F1421-4D31-4C1F-8C51-E4956A037676}]   =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{759F1421-4D31-4c1f-8C51-E4956A037676}]   =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Classes\AppID\{759F1421-4D31-4c1f-8C51-E4956A037676}]   =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}]   =>Adware.Agent
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}]   =>Adware.Agent
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}]   =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}]   =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}]   =>Hijacker.Seeearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}]   =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}]   =>Adware.Agent
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}]   =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}]   =>Adware.Agent
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E2ED56B6-35FC-4484-9530-EC87FB458E78}]   =>PUP.Eorezo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}]   =>Adware.Agent
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}]   =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}]   =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}]   =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}]   =>Toolbar.PricePeep
[HKLM\Software\Classes\AppID\PCTutoBHO.DLL]   =>Spyware.AgenceExclusive
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL]   =>Toolbar.Agent
[HKLM\Software\Classes\Software.OneClickCtrl.8]   =>Adware.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils]   =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1]   =>Toolbar.Agent
[HKLM\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd]   =>Adware.IncrediBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24]   =>Adware.PredictAd
[HKCU\Software\Agence-Exclusive]   =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Agence-Exclusive]   =>Spyware.AgenceExclusive
[HKCU\Software\DataMngr]   =>Adware.Bandoo
[HKLM\Software\DataMngr]   =>Adware.Bandoo
[HKCU\Software\iMesh]   =>PUP.iMesh
[HKCU\Software\Iminent]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent]   =>Adware.IMBooster
[HKCU\Software\PCTuto]   =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\PCTuto]   =>Spyware.AgenceExclusive
[HKCU\Software\Softonic]   =>Toolbar.Conduit
[HKLM\Software\Tarma Installer]   =>Toolbar.Agent
[HKLM\Software\Web Assistant]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Web Assistant]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASAPI32]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASMANCS]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP]   =>Adware.IMBooster
[HKLM\Software\Classes\Prod.cap]   =>Adware.Bandoo
[HKLM\Software\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKLM\Software\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKCU\Software\InstallCore]   =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings]   =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}]   =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]   =>Adware.Boxore^
C:\Program Files (x86)\iMesh Applications   =>PUP.iMesh
C:\Program Files (x86)\Software   =>Adware.Boxore
C:\Users\caisse15\AppData\Roaming\Agence-Exclusive   =>Spyware.AgenceExclusive
C:\Users\caisse15\AppData\Local\Agence-Exclusive   =>Spyware.AgenceExclusive
C:\Users\caisse15\AppData\Local\Software   =>Adware.Boxore
C:\Users\caisse15\AppData\LocalLow\Toolbar4   =>Toolbar.Conduit
~ Scan Additionnel in 00mn 09s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "03825B55A420E344FA16161E7EA1AFB1" . (.Device Access Manager for HP ProtectTools.) -- c:\Windows\Installer\{55B52830-024A-443E-AF61-61E1E71AFA1B}\ARPPRODUCTICON.exe
O90 - PUC: "0694AF70830BBE9498B1F95939A05A44" . (.HP Customer Experience Enhancements.) -- C:\Windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe
O90 - PUC: "2D81F1C57B6F24248B305B7A688481D5" . (.Corel WinDVD.) -- C:\Windows\Installer\{5C1F18D2-F6B7-4242-B803-B5A78648185D}\ARPPRODUCTICON.exe
O90 - PUC: "30FDA6D6752B5AE4BB1CD141A58F5D41" . (.File Sanitizer For HP ProtectTools.) -- c:\Windows\Installer\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}\ARPPRODUCTICON.exe
O90 - PUC: "59FA44F6EDC33154DAF3D6541FB73F42" . (.HP Support Assistant.) -- C:\Windows\Installer\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\ARPPRODUCTICON.exe
O90 - PUC: "5F68A10C7E65F101B99C3E1F20E57B97" . (.Intel(R) Identity Protection Technology 1.1.2.0.) -- C:\Windows\Installer\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.5) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" . (.Hewlett-Packard ACLM.NET v1.1.2.0.) -- C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe
O90 - PUC: "7B65D4CC81F6B0747843BADC57CB4F1F" . (.HP Auto.) -- C:\Windows\Installer\{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}\ARPPRODUCTICON.exe
O90 - PUC: "86F35ACA300BE0D4C9D3C0E40ED9808A" . (.Privacy Manager for HP ProtectTools.) -- c:\Windows\Installer\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}\ARPPRODUCTICON.exe
O90 - PUC: "90B53772EFE9F9143A7701AA18113CA0" . (.VC90_CRT_x64.) -- c:\Windows\Installer\{27735B09-9EFE-419F-A377-10AA8111C30A}\ARPPRODUCTICON.exe
O90 - PUC: "9E20A97D317653346986AA7C74C4C0E0" . (.HP Vision Hardware Diagnostics.) -- c:\Windows\Installer\{D79A02E9-6713-4335-9668-AAC7474C0C0E}\HPICON
O90 - PUC: "A68C658D94D623A4BB2C4517E4FAC20A" . (.HP ProtectTools Security Manager.) -- c:\Windows\Installer\{D856C86A-6D49-4A32-BBC2-54714EAF2CA0}\ARPPRODUCTICON.exe
O90 - PUC: "A7B07CDAB0353E643848842D62184AE1" . (.Theft Recovery for HP ProtectTools.) -- C:\Windows\Installer\{ADC70B7A-530B-46E3-8384-48D22681A41E}\ARPPRODUCTICON.exe
O90 - PUC: "BA0A2B44E214C8F40B851D8EEACCFD5F" . (.PowerRecover.) -- c:\Windows\Installer\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DC1400A8C772F1C4FB4EA75C802BB0C4" . (.Drive Encryption For HP ProtectTools.) -- C:\Windows\Installer\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}\HpClient.ico
O90 - PUC: "F1B6B9C8E8A0A2046AC011B0BB836DE7" . (..) -- c:\Windows\Installer\{8C9B6B1F-0A8E-402A-A60C-110BBB38D67E}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\5f088d8b635ed49\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:dllName="browsemngr.dll"
[HKCU\Software\5f088d8b635ed49\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:exeName="browsemngr.exe"
[HKCU\Software\5f088d8b635ed49\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:folderName="Browser Manager"
[HKCU\Software\5f088d8b635ed49\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5f088d8b635ed49\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:serviceName="Browser Manager"
[HKCU\Software\5f088d8b635ed49\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:version="2.3.796.11"
[HKCU\Software\5f088d8b635ed49\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:dllName="mngr.dll"
[HKCU\Software\5f088d8b635ed49\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:exeName="mngr.exe"
[HKCU\Software\5f088d8b635ed49\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:folderName="Browser Manager"
[HKCU\Software\5f088d8b635ed49\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5f088d8b635ed49\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:serviceName="Browser Manager"
[HKCU\Software\5f088d8b635ed49\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:version="2.5.976.107"
[HKLM\Software\Wow6432Node\5f088d8b635ed49] => Clé orpheline
~ Scan Export Key Software in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 14/02/2013 251248 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 30/10/2012 44808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 14/12/2012 277616 |  (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 24/03/2011 485712 |  (DpHost) . (.DigitalPersona, Inc..) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
SS - | Demand 24/03/2011 464440 |  (FLCDLOCK) . (.Hewlett-Packard Company.) - c:\Windows\SysWOW64\flcdlock.exe
SS - | Demand 15/03/2011 30776 |  (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P.) - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
SR - | Auto 09/09/2011 86072 |  (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - | Auto 28/03/2011 94264 |  (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Auto 23/03/2011 320512 |  (HPFSService) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
SS - | Demand 28/03/2011 799800 |  (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SS - | Demand 14/11/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SR - | Auto 22/09/2010 165032 |  (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
SR - | Auto 21/05/2010 110736 |  (IviRegMgr) . (.InterVideo.) - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SR - | Auto 24/02/2011 212944 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
SR - | Auto 17/01/2011 326168 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 14/12/2012 398184 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 14/12/2012 682344 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Disabled  1318912 |  (McAfee Endpoint Encryption Agent) . (...) - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
SS - | Disabled 11/03/2010 193824 |  (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 13/11/2012 1103392 |  (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 13/11/2012 1369624 |  (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 13/11/2012 168384 |  (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Auto 17/01/2011 2656280 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 18/05/2011 2169592 |  (uvnc_service) . (.UltraVNC.) - C:\Program Files\UltraVNC\WinVNC.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 00s



End of the scan (1263 lines in 02mn 54s)(0)