~ Rapport de ZHPDiag v2014.8.6.114 - Nicolas Coolman  (06/08/2014)
~ Lancé par Audrey (10/08/2014 11:07:01)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7601.17514
MFIE: Mozilla Firefox 32.0 (Defaut)
GCIE: Google Chrome v35.0.1916.114

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.0.2.1012
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v4.10

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader 9.5.5 MUI
Java 7 Update 9

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4024 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 472 GB (80%) free of 584 GB

---\\ Mode de connexion au système
~ Computer Name: AUDREY-PC
~ User Name: Audrey
~ All Users Names: HomeGroupUser$, Audrey, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Audrey\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Audrey\AppData\Roaming\
~ %Desktop% : C:\Users\Audrey\Desktop\
~ %Favorites% : C:\Users\Audrey\Favorites\
~ %LocalAppData% : C:\Users\Audrey\AppData\Local\
~ %StartMenu% : C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 472 Go of 584 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowControlPanel: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowNetConn: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.4EFC156290537BB9706D3A7A1A4B8733] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/11/2011 - 06:41:43.) -- C:\Windows\System32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:34:03.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/350
~ Mes musiques (My Musics) : 1/3158
~ Mes Favoris (My Favorites) : 1/29
~ Mes Documents (My Documents) : 8/2898
~ Mon Bureau (My Desktop) : 5/1656
~ Menu demarrer (Programs) : 1/58
~ Hidden Files:  Scanned in 00mn 03s



---\\ Processus lancés
[MD5.5FA4401F37935D633B1379F2E98A19A8] - (...) -- C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock\FinderMacroSnapshot.exe   [226853] [PID.2616]
[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe   [186904] [PID.1532]
[MD5.449E6CD914920B84DDDF0F12880411EE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [21444224] [PID.2136]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe   [270336] [PID.2492]
[MD5.6A75E6BFCCC6BBE6F7CEEEF082214DE1] - (...) -- C:\Program Files (x86)\Remote Mouse Server\RemoteMouse.exe   [7647203] [PID.1812]
[MD5.5AEA1DB5490429EEB0989A0CE2A52D5E] - (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe   [262912] [PID.1612]
[MD5.3D853EA1CF42040D2E0123174797C81F] - (.Chicony - traybar.) -- C:\Program Files (x86)\Video Web Camera\traybar.exe   [630784] [PID.2932]
[MD5.2B7F2DC5741BB18F7F5EC7558DA68197] - (.Lime Wire, LLC - LimeWire.) -- C:\Program Files (x86)\LimeWire\LimeWire.exe   [503808] [PID.3032]
[MD5.C7A9C4FDCEA704A34A5997FE0A8A0A38] - (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe   [1194504] [PID.2952]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe   [91432] [PID.2948]
[MD5.94866E9A193120260840B2E3B551E434] - (.Chicony - Video Web Camera.) -- C:\Program Files (x86)\Video Web Camera\CEC_MAIN.exe   [2913792] [PID.3052]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254696] [PID.1784]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe   [49208] [PID.1968]
[MD5.A3EFC2B8532A574139C84C0182B46A6B] - (.Canal+ Distribution - CanalPlayer.exe.) -- C:\Program Files (x86)\Lecteur CANALPLAY\CanalPlayer.exe   [2259344] [PID.2760]
[MD5.6BCE4EB6C750C13494B92949856194F5] - (...) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\CANALPLUS-CANALSAT-ALADEMANDE.exe   [142336] [PID.1252]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe   [168960] [PID.2384]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe   [559104] [PID.2508]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe   [362496] [PID.3608]
[MD5.6CD9CC04C3D9D0E83ABF0D268B91CF91] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [275568] [PID.4964]
[MD5.02BD7DE6EB550F11671A5C21EF70155B] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe   [18544] [PID.4404]
[MD5.038053B5DB6B0DCFB32B7682334B7625] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe   [1863856] [PID.2408]
[MD5.3706CC0C7A9737CE7166164AC0BFE735] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8087040] [PID.4344]
[MD5.6D9FC1E7EA3C548F4D3455F0C3FEEF8C] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe   [169312] [PID.1232]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176] [PID.1540]
[MD5.7386369438B4CBB3F9713300711F32B1] - (...) -- C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock\ArchiveSoftwareWinsock.exe   [98340] [PID.1764]
[MD5.A6B41F3044B2C099BBB5531CAA0551D5] - (.Canal+ Active - CanalPlus.VOD.Service.) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe   [188416] [PID.1796]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe   [1150496] [PID.1936]
[MD5.70E3EB0CEF795D348F05E5A9B115F491] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe   [62720] [PID.2032]
[MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe   [1320496] [PID.1676]
[MD5.B90A279073A815A4AA2C45A09EE004FA] - (.pdfforge GmbH - PDF Architect Conversion Service.) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe   [799280] [PID.1696]
[MD5.70DDE3A86DBEB1D6C3C30AD687B1877A] - (.Acer - Acer Update Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe   [240160] [PID.2084]
[MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe   [354840] [PID.2120]
[MD5.1C69DE3FD60403ACCFDC738BE5EDA09B] - (.Canal+ Distribution - CanalPlayService.exe.) -- C:\Program Files (x86)\Lecteur CANALPLAY\CanalPlayService.exe   [932240] [PID.3688]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://rts.dsrlte.com

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 1 Scanned in 00mn 19s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Audrey\AppData\Roaming\Mozilla\Firefox\Profiles\Audrey\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - APIX Mozilla Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPAPIX.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - fluxDVD Browser Helper Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPFluxBrowserHelper.dll
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - MPDRM License Acquisition Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPMPDRM.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.5".) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - WMDRM License Acquisition Wrapper.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPWMDRMWrapper.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.9.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.9.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.9.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\Audrey\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll  =>.Facebook
~ Firefox Browser: 19 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 21 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>;*origin.com;*ea.com;*akamaihd.net  =>PUP.AkamaiHD
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:32239   =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 214



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Download Manager Browser Helper Object [64Bits] - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} . (.Protect Software GmbH - Download Manager Helper.) -- C:\Program Files (x86)\Common Files\fluxDVD\Download Manager\XEBDLHelper.dll
O2 - BHO: PDF Architect Helper [64Bits] - {3A2D5EBA-F86D-4BD3-A177-019765996711} . (.pdfforge GmbH - PDF Architect Helper.) -- C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: LuckyShoppeR [64Bits] - {74904F58-1176-7FB1-441C-5285E88CB94F} . (...) -- C:\ProgramData\LuckyShoppeR\D4.dll  =>PUP.LuckyShopper
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
~ BHO: 11 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [Audrey]: genesis.lnk - Clé orpheline  =>PUP.Genesis
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe 
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe 
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe 
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe 
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe 
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\Audrey\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe (.not file.) 
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe 
O4 - HKLM\..\Wow6432Node\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files (x86)\Video Web Camera\traybar.exe 
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe 
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [CANAL+ CANALSAT A LA DEMANDE] . (.Canal+ - Lancer CANAL+ CANALSAT A LA DEMANDE.) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe 
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [CanalPlayer] . (.Canal+ Distribution - CanalPlayer.exe.) -- C:\Program Files (x86)\Lecteur CANALPLAY\CanalPlayer.exe 
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe 
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-489699717-112529968-1088025083-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-489699717-112529968-1088025083-1001\..\Run: [Yahoo! Search] C:\Users\Audrey\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe (.not file.) 
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.canalplay.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4793462-88C8-40B9-8987-4BAC3BFA73F5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6527EFA-5D62-4DB1-B43C-1C8BEE207311}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E4793462-88C8-40B9-8987-4BAC3BFA73F5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E6527EFA-5D62-4DB1-B43C-1C8BEE207311}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E4793462-88C8-40B9-8987-4BAC3BFA73F5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E6527EFA-5D62-4DB1-B43C-1C8BEE207311}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) -- 
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: 0580bc2010c6cb3cc1f4a298c3e08a5c.exe (0580bc2010c6cb3cc1f4a298c3e08a5c.exe) . (...) - C:\Users\Audrey\AppData\Local\0580bc2010c6cb3cc1f4a298c3e08a5c\0580bc2010c6cb3cc1f4a298c3e08a5c.exe (.not file.)
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe  =>.Adobe Systems Incorporated
O23 - Service: ArchiveSoftwareWinsock.exe (ArchiveSoftwareWinsock.exe) . (...) - C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock\ArchiveSoftwareWinsock.exe
O23 - Service: CanalPlus.VOD (CanalPlus.VOD) . (.Canal+ Active - CanalPlus.VOD.Service.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
O23 - Service: ClassCompilerMetafile.exe (ClassCompilerMetafile.exe) . (...) - C:\Users\Audrey\AppData\Local\737cb9b671dd9293a47dd49f27300c48\ClassCompilerMetafile.exe (.not file.)
O23 - Service: e2731bae2e84854.exe (e2731bae2e84854.exe) . (...) - C:\Users\Audrey\AppData\Local\d4729c8bbf6e51b71760b3778fad0c06\e2731bae2e84854.exe (.not file.)
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: PDF Architect Helper Service (PDF Architect Helper Service) . (.pdfforge GmbH - PDF Architect Helper Service.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service (PDF Architect Service) . (.pdfforge GmbH - PDF Architect Conversion Service.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
~ Services: 12 Scanned in 00mn 14s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176]
[MD5.00000000000000000000000000000000] [APT] [{7CBE5BB0-6EFA-4D24-8CB1-706673792E9F}] (...) -- E:\installprogress.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C94B7B7E-32ED-4F40-8629-8D4500725064}] (...) -- C:\Program Files (x86)\Widestream6\WideStream.exe (.not file.)   [0]  =>Adware.SPointer
[MD5.00000000000000000000000000000000] [APT] [{D7300C81-68CA-412F-B5D1-C47AB16986B9}] (...) -- C:\Program Files\Alwil Software\Avast5\aswRundll.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (...) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce16eddf1d961.job   [1066]
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6e0dc87a746d.job   [1066]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1068]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1068]
O39 - APT:  - (..) -- C:\Windows\Tasks\SpeedUpMyPC Maintenance.job   [232]  =>PUP.SpeedUpMyPC
O39 - APT:  - (..) -- C:\Windows\Tasks\SpeedUpMyPC Startup.job   [226]  =>PUP.SpeedUpMyPC
~ Scheduled Task: 12 Scanned in 00mn 05s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 60 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {FF21C3E6-97FD-474F-9518-8DCBE94C2854}
O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 13 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Photoshop Elements 7  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5511C07D-A83C-45AD-92B6-42DF99729A3C}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {CB6075D9-F912-40AE-BEA6-E590DA24F16B}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader 9.5.5 MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d}
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Amazonia - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Backup Manager Basic - (.NewTech Infosystems.) [HKLM][64Bits] -- {72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: CANAL+ CANALSAT A LA DEMANDE - (.CanalPlus.) [HKLM][64Bits] -- {04DA096D-6236-4A5D-8FB6-3081E67009BA}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
O42 - Logiciel: Comptes - (...) [HKLM][64Bits] -- ST6UNST #1
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: CopyTrans Suite désinstallation uniquement - (.WindSolutions.) [HKCU][64Bits] -- CopyTrans Suite
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU][64Bits] -- Facebook Plug-In
O42 - Logiciel: Farm Frenzy 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
O42 - Logiciel: GotClip Downloader - (...) [HKLM][64Bits] -- GotClip
O42 - Logiciel: Granny In Paradise - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}
O42 - Logiciel: Grasvue - (...) [HKLM][64Bits] -- Grasvue
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions
O42 - Logiciel: HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4 - (.HP.) [HKLM][64Bits] -- {AA6F009F-0CCD-4DD6-A462-28419C101D54}  =>.Hewlett-Packard Co
O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM][64Bits] -- HP Photosmart Essential  =>.Hewlett-Packard Co
O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM][64Bits] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {97486FBE-A3FC-4783-8D55-EA37E9D171CC}
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM][64Bits] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 9 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417009FF}
O42 - Logiciel: Java(TM) 6 Update 26 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- LManager
O42 - Logiciel: Lecteur CANALPLAY 2.6 - (.Canal+ Distribution.) [HKLM][64Bits] -- {E9E37358-E3E1-47BA-9E21-375EF3616BC9}
O42 - Logiciel: LimeWire 5.5.16 - (.Lime Wire, LLC.) [HKLM][64Bits] -- LimeWire
O42 - Logiciel: LuckyShoppeR - (.LucKyShoppiEr.) [HKLM][64Bits] -- {AE9B04F2-E9E8-162C-829B-52C116B3EFCC}  =>PUP.LuckyShopper
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.2.1012 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: MaxiCompte - (.EuroSoft Software Development.) [HKLM][64Bits] -- MaxiCompte 3.17_is1
O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}
O42 - Logiciel: Metaboli - (.Packard Bell.) [HKLM][64Bits] -- Metaboli
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Mozilla Firefox 32.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 32.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM][64Bits] -- {8ed5c8a6-2aee-40dd-8df4-26cd57921222}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {f4041dce-3fe1-4e18-8a9e-9de65231ee36}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM][64Bits] -- {869200db-287a-4dc0-b02b-2b6787fbcd4c}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {cc019e3f-59d2-4486-8d4b-878105b62a71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM][64Bits] -- {33cf58f5-48d8-4575-83d6-96f574e4d83a}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {e5c7d048-f9b4-4219-b323-8bdb01a2563d}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM][64Bits] -- {83202942-84b3-4c50-8622-b8c0aa2d2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM][64Bits] -- {20400dbd-e6db-45b8-9b6b-1dd7033818ec}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM][64Bits] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM][64Bits] -- {dba84796-8503-4ff0-af57-1747dd9a166d}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM][64Bits] -- {7748ac8c-18e3-43bb-959b-088faea16fb2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM][64Bits] -- {2348b586-c9ae-46ce-936c-a68e9426e214}
O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM][64Bits] -- {4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}
O42 - Logiciel: PDF Architect - (.pdfforge GmbH.) [HKLM][64Bits] -- {064A929A-4DE8-40CF-A901-BD40C14E4D25}
O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Packard Bell GameZone Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {9242564e-02e9-4ea8-9d2d-351f6f728e1c}_is1
O42 - Logiciel: Packard Bell InfoCentre - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell InfoCentre
O42 - Logiciel: Packard Bell MyBackup - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: Packard Bell Power Management - (.Packard Bell.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Registration
O42 - Logiciel: PackardBell ScreenSaver - (.PackardBell.) [HKLM][64Bits] -- PackardBell Screensaver
O42 - Logiciel: PerfectTablePlan 4.2.6 - (.Oryx Digital Ltd.) [HKLM][64Bits] -- {E845BCFF-C327-42AD-B839-A644D5E94A26}_is1
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: Quick Zip 5.1 - (.Quick Zip Dev.) [HKLM][64Bits] -- {87AF4C0E-D953-424B-8108-3127CA217E6F}
O42 - Logiciel: QuuEenCoupon - (.QuEEEnCouoponn.) [HKLM][64Bits] -- {3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}  =>PUP.QueenCoupon
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Remote Mouse Server version 1.05 - (.Remote Mouse Server.) [HKLM][64Bits] -- {F34EE6D2-9356-4294-B3B3-AE04428C8C43}_is1
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM][64Bits] -- Shop for HP Supplies
O42 - Logiciel: SiteFinder - (.SiteFinder.) [HKLM][64Bits] -- SiteFinder  =>Adware.ShoppingReport
O42 - Logiciel: Skype™ 6.16 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: Softwarenetz Agenda2 - (...) [HKLM][64Bits] -- Terminkalender2
O42 - Logiciel: Star Defender 4 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}
O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: Video Web Camera - (.Chicony Electronics Co.,Ltd..) [HKLM][64Bits] -- {12A1B519-5934-4508-ADBD-335347B0DC87}
O42 - Logiciel: VirtualDJ Home FREE - (.Atomix Productions.) [HKLM][64Bits] -- {B515962D-C979-44AC-9912-F7BB499B4B2C}
O42 - Logiciel: Vodafone Mobile Connect Lite Runtime Components - (.Vodafone.) [HKLM][64Bits] -- {CFA76A76-03CF-43AC-AAB4-E2E3DACE4E02}
O42 - Logiciel: Watermark Software - (.Watermark Software. All Rights Reserved..) [HKCU][64Bits] -- WatermarkSoftware
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Welcome Center
O42 - Logiciel: WinGrosMaigre - (...) [HKLM][64Bits] -- WinGrosMaigre
O42 - Logiciel: WinRAR 4.01 (64 bits) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: WinSCP 4.3.4 - (.Martin Prikryl.) [HKLM][64Bits] -- winscp3_is1
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}  =>.Microsoft Corporation
O42 - Logiciel: eDealsPop version 1.0 - (.eDealsPop.) [HKLM][64Bits] -- eDealsPop_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
~ Logic: 74 Scanned in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\Acer]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\FDA]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BrowserTemp]
[HKCU\Software\CEC_CM_SW]
[HKCU\Software\Canal+ Active]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Dnldstr_Aggregator]
[HKCU\Software\EuroSoft Software Development]
[HKCU\Software\Google]
[HKCU\Software\GotClip Downloader]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Martin Prikryl]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\OB]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenXML-ODF Translator]
[HKCU\Software\OryxDigital]
[HKCU\Software\PDF Architect]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Pvm]
[HKCU\Software\Quick Zip Dev]
[HKCU\Software\Skype]
[HKCU\Software\SoftwareNetz]
[HKCU\Software\Software]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VirtualDJ]
[HKCU\Software\Vodafone]
[HKCU\Software\WinGrosMaigre]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\WinkHandler]  =>Adware.IMBooster
[HKCU\Software\Wistron]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\adobe]
[HKCU\Software\fluxDVD]
[HKCU\Software\keyhole.com]
[HKCU\Software\yahooinstall]
[HKLM\Software\<company>]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer]
[HKLM\Software\Alps]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Audible]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant Systems Inc  ]
[HKLM\Software\Conexant]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\Martin Prikryl]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RST]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SI-App]
[HKLM\Software\Sonic]
[HKLM\Software\Upt]
[HKLM\Software\Volatile]
[HKLM\Software\WinRAR]
[HKLM\Software\WinUpd]
[HKLM\Software\Wow6432Node\ALWIL Software]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Acer Incorporated]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Audible]
[HKLM\Software\Wow6432Node\Canal+ Active]
[HKLM\Software\Wow6432Node\Chicony Electronics Co.,Ltd.]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Digital River]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HP]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\Martin Prikryl]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Oberon Media]
[HKLM\Software\Wow6432Node\PDFCreator]
[HKLM\Software\Wow6432Node\Packard Bell]
[HKLM\Software\Wow6432Node\Pirrit Solutions]  =>PUP.PirritSuggestor
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RST]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SI-App]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\SecureDigitalServices]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Solutions]
[HKLM\Software\Wow6432Node\Sonic]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\Upt]
[HKLM\Software\Wow6432Node\VirtualDJ]
[HKLM\Software\Wow6432Node\Vodafone]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WinUpd]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Wistron]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\mpDRM]
[HKLM\Software\Wow6432Node]
~ Key Software: 356 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/05/2013 - 16:16:05 - [] ----D C:\Program Files (x86)\3DVIA
O43 - CFD: 03/11/2009 - 06:20:29 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 05/05/2012 - 17:02:46 - [] ----D C:\Program Files (x86)\Canal+
O43 - CFD: 10/08/2014 - 09:33:43 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 03/11/2009 - 06:14:11 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 14/12/2013 - 09:40:52 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 11/11/2011 - 11:24:59 - [] ----D C:\Program Files (x86)\GotClip
O43 - CFD: 21/06/2012 - 17:49:36 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 28/09/2012 - 21:44:15 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 16/08/2009 - 07:45:39 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 18/12/2011 - 11:27:12 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 26/07/2011 - 08:29:05 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 03/11/2009 - 06:12:40 - [] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 11/10/2012 - 20:17:23 - [] ----D C:\Program Files (x86)\Lecteur CANALPLAY
O43 - CFD: 04/07/2012 - 14:57:41 - [] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 10/08/2014 - 10:09:54 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 15/05/2013 - 10:19:28 - [] ----D C:\Program Files (x86)\MaxiCompte 3
O43 - CFD: 22/06/2012 - 14:19:55 - [] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 07/07/2011 - 14:22:26 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 22/08/2009 - 08:04:37 - [] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 19/09/2013 - 09:36:41 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 03/11/2009 - 06:25:00 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 03/11/2009 - 06:17:42 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 19/12/2010 - 11:12:48 - [] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 02/11/2010 - 09:44:56 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 23/01/2014 - 15:00:03 - [] ----D C:\Program Files (x86)\Movie Maker 2.6
O43 - CFD: 10/08/2014 - 09:06:57 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 10/08/2014 - 09:13:56 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 20/01/2010 - 22:56:30 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 16/08/2009 - 08:00:40 - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 22/08/2009 - 08:23:52 - [] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 17/11/2010 - 18:24:12 - [] ----D C:\Program Files (x86)\OpenXML-ODF Translator
O43 - CFD: 19/01/2010 - 20:17:32 - [] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 22/08/2009 - 08:18:08 - [] ----D C:\Program Files (x86)\Packard Bell GameZone
O43 - CFD: 18/03/2014 - 17:07:43 - [] ----D C:\Program Files (x86)\PDF Architect
O43 - CFD: 14/05/2014 - 11:50:54 - [] ----D C:\Program Files (x86)\PDFCreator
O43 - CFD: 01/04/2014 - 20:33:39 - [] ----D C:\Program Files (x86)\PerfectTablePlan
O43 - CFD: 28/01/2010 - 18:08:35 - [] ----D C:\Program Files (x86)\Pvm
O43 - CFD: 17/11/2010 - 18:39:49 - [] ----D C:\Program Files (x86)\QuickZip
O43 - CFD: 16/08/2009 - 07:46:13 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 03/09/2011 - 21:40:30 - [] ----D C:\Program Files (x86)\Remote Mouse Server
O43 - CFD: 10/06/2014 - 10:16:27 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 22/06/2012 - 11:12:47 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 10/08/2014 - 09:33:37 - [] ----D C:\Program Files (x86)\ToggleMark
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 03/11/2009 - 06:11:47 - [] ----D C:\Program Files (x86)\Video Web Camera
O43 - CFD: 25/01/2013 - 21:46:03 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 26/01/2013 - 15:03:00 - [] ----D C:\Program Files (x86)\VirtualDJ
O43 - CFD: 22/02/2010 - 20:04:46 - [] ----D C:\Program Files (x86)\Vodafone
O43 - CFD: 03/11/2009 - 14:58:15 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 08/11/2011 - 15:28:59 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 15/03/2011 - 23:38:00 - [] ----D C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 09/06/2011 - 09:51:03 - [] ----D C:\Program Files (x86)\WinGrosMaigre
O43 - CFD: 23/08/2011 - 16:22:36 - [] ----D C:\Program Files (x86)\WinSCP
O43 - CFD: 07/08/2014 - 23:30:31 - [] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 19/01/2010 - 13:51:29 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 22/08/2009 - 09:49:58 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 09/10/2013 - 17:47:44 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 03/11/2009 - 06:14:11 - [] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 22/08/2009 - 08:00:39 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 01/10/2012 - 16:39:24 - [] ----D C:\Program Files (x86)\Common Files\fluxDVD
O43 - CFD: 08/03/2010 - 16:55:04 - [] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 08/03/2010 - 16:54:30 - [] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 28/09/2012 - 21:43:45 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/07/2011 - 08:29:40 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 03/11/2009 - 06:21:47 - [] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 17/03/2012 - 14:09:43 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 28/09/2012 - 21:50:40 - [] ----D C:\Program Files (x86)\Common Files\mpDRM
O43 - CFD: 16/08/2009 - 08:02:42 - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 22/08/2009 - 08:07:46 - [] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 03/11/2009 - 06:21:25 - [] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 22/08/2009 - 09:50:18 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 10/06/2014 - 10:16:27 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 03/11/2009 - 06:21:25 - [] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 16/03/2012 - 08:42:26 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 03/11/2009 - 06:23:01 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 22/02/2010 - 20:04:54 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 09/10/2013 - 16:00:27 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 09/06/2014 - 20:22:17 - [] ----D C:\ProgramData\8381b5be430a9343
O43 - CFD: 28/05/2013 - 17:25:16 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 22/03/2010 - 19:47:38 - [] ----D C:\ProgramData\Alwil Software
O43 - CFD: 18/08/2011 - 11:45:13 - [] ----D C:\ProgramData\Apple
O43 - CFD: 10/01/2013 - 19:32:11 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 15/02/2011 - 13:19:04 - [] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 07/08/2014 - 23:22:11 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 22/08/2009 - 08:24:05 - [] ----D C:\ProgramData\BackupManager
O43 - CFD: 19/01/2010 - 20:17:06 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 12/01/2012 - 22:42:40 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 10/08/2014 - 10:30:40 - [] ----D C:\ProgramData\deal2dealliat  =>PUP.Deal2Dealit
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 10/11/2011 - 10:46:53 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 19/01/2010 - 20:17:06 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 16/02/2012 - 17:38:31 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 28/09/2012 - 21:50:35 - [] ----D C:\ProgramData\fluxDVD
O43 - CFD: 21/06/2012 - 16:44:16 - [] ----D C:\ProgramData\Google
O43 - CFD: 23/05/2013 - 15:46:23 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 23/05/2013 - 14:37:41 - [] ----D C:\ProgramData\HP
O43 - CFD: 08/03/2010 - 16:55:58 - [] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 23/05/2013 - 14:36:52 - [] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 19/11/2011 - 16:20:56 - [] ----D C:\ProgramData\InstallMate  =>PUP.Tarma
O43 - CFD: 10/08/2014 - 09:13:56 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 03/06/2014 - 10:15:41 - [] ----D C:\ProgramData\LuckyShoppeR  =>PUP.LuckyShopper
O43 - CFD: 10/08/2014 - 10:09:52 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 28/11/2012 - 19:15:02 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 19/01/2010 - 20:17:06 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 10/08/2014 - 11:02:50 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 10/05/2012 - 08:08:40 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 19/01/2010 - 20:17:06 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 12/06/2012 - 08:15:34 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 28/09/2012 - 21:50:40 - [] ----D C:\ProgramData\mpDRM
O43 - CFD: 16/08/2009 - 07:59:30 - [] ----D C:\ProgramData\Nero
O43 - CFD: 11/07/2011 - 10:40:46 - [] ----D C:\ProgramData\Norton
O43 - CFD: 16/08/2009 - 07:53:24 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 03/11/2009 - 06:15:49 - [] ----D C:\ProgramData\OEM
O43 - CFD: 16/08/2009 - 08:10:22 - [] ----D C:\ProgramData\Packard Bell
O43 - CFD: 10/06/2014 - 10:16:05 - [] ----D C:\ProgramData\Skype
O43 - CFD: 22/06/2012 - 11:12:47 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 04/05/2010 - 21:45:09 - [] ----D C:\ProgramData\Sun
O43 - CFD: 15/06/2014 - 20:59:46 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 08/03/2010 - 17:13:06 - [] ----D C:\ProgramData\WEBREG
O43 - CFD: 09/10/2013 - 16:32:13 - [] ----D C:\ProgramData\WindSolutions
O43 - CFD: 15/03/2011 - 13:04:40 - [0] ----D C:\ProgramData\WinZip
O43 - CFD: 12/08/2010 - 18:05:22 - [] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 19/01/2011 - 11:34:00 - [0] -SH-D C:\Users\Audrey\AppData\Roaming\.#
O43 - CFD: 08/08/2014 - 11:57:15 - [] ----D C:\Users\Audrey\AppData\Roaming\Adobe
O43 - CFD: 22/06/2012 - 16:38:21 - [] ----D C:\Users\Audrey\AppData\Roaming\Apple Computer
O43 - CFD: 22/02/2010 - 22:24:38 - [] ----D C:\Users\Audrey\AppData\Roaming\CyberLink
O43 - CFD: 18/06/2010 - 17:34:28 - [] ----D C:\Users\Audrey\AppData\Roaming\Facebook
O43 - CFD: 19/01/2010 - 20:20:19 - [] ----D C:\Users\Audrey\AppData\Roaming\Google
O43 - CFD: 08/03/2010 - 17:30:50 - [] ----D C:\Users\Audrey\AppData\Roaming\HP
O43 - CFD: 23/07/2013 - 10:22:01 - [] ----D C:\Users\Audrey\AppData\Roaming\HpUpdate
O43 - CFD: 19/01/2010 - 20:17:47 - [] ----D C:\Users\Audrey\AppData\Roaming\Identities
O43 - CFD: 10/08/2014 - 10:35:11 - [] ----D C:\Users\Audrey\AppData\Roaming\LimeWire
O43 - CFD: 20/01/2010 - 16:58:22 - [] ----D C:\Users\Audrey\AppData\Roaming\Macromedia
O43 - CFD: 22/06/2012 - 11:16:37 - [] ----D C:\Users\Audrey\AppData\Roaming\Malwarebytes
O43 - CFD: 16/08/2009 - 08:31:47 - [0] ----D C:\Users\Audrey\AppData\Roaming\Media Center Programs
O43 - CFD: 06/12/2013 - 17:39:16 - [] -S--D C:\Users\Audrey\AppData\Roaming\Microsoft
O43 - CFD: 08/11/2011 - 15:36:21 - [] ----D C:\Users\Audrey\AppData\Roaming\Mozilla
O43 - CFD: 11/01/2013 - 15:42:18 - [] ----D C:\Users\Audrey\AppData\Roaming\Nero
O43 - CFD: 18/03/2014 - 17:22:26 - [] ----D C:\Users\Audrey\AppData\Roaming\PDF Architect
O43 - CFD: 01/04/2014 - 20:37:20 - [] ----D C:\Users\Audrey\AppData\Roaming\PerfectTablePlan
O43 - CFD: 10/08/2014 - 10:34:44 - [] ----D C:\Users\Audrey\AppData\Roaming\Skype
O43 - CFD: 14/12/2013 - 10:15:41 - [] ----D C:\Users\Audrey\AppData\Roaming\vlc
O43 - CFD: 14/03/2011 - 18:58:53 - [0] ----D C:\Users\Audrey\AppData\Roaming\Windows Live Writer
O43 - CFD: 09/10/2013 - 17:47:56 - [] ----D C:\Users\Audrey\AppData\Roaming\WindSolutions
O43 - CFD: 14/03/2011 - 19:07:43 - [] ----D C:\Users\Audrey\AppData\Roaming\WinRAR
O43 - CFD: 10/08/2014 - 11:07:50 - [] ----D C:\Users\Audrey\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 25/05/2013 - 16:15:07 - [] ----D C:\Users\Audrey\AppData\Local\3DVIA
O43 - CFD: 26/06/2014 - 20:19:51 - [] ----D C:\Users\Audrey\AppData\Local\737cb9b671dd9293a47dd49f27300c48
O43 - CFD: 08/08/2014 - 12:03:09 - [] ----D C:\Users\Audrey\AppData\Local\Adobe
O43 - CFD: 22/02/2012 - 21:16:18 - [] ----D C:\Users\Audrey\AppData\Local\adslTV
O43 - CFD: 09/02/2010 - 17:32:32 - [] ----D C:\Users\Audrey\AppData\Local\Apple
O43 - CFD: 09/02/2010 - 18:16:48 - [] ----D C:\Users\Audrey\AppData\Local\Apple Computer
O43 - CFD: 19/01/2010 - 20:17:19 - [] -SH-D C:\Users\Audrey\AppData\Local\Application Data
O43 - CFD: 24/07/2014 - 21:02:30 - [] ----D C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock
O43 - CFD: 24/07/2014 - 21:02:31 - [0] ----D C:\Users\Audrey\AppData\Local\CheckCode
O43 - CFD: 05/06/2014 - 13:56:12 - [] ----D C:\Users\Audrey\AppData\Local\d4729c8bbf6e51b71760b3778fad0c06
O43 - CFD: 13/02/2014 - 11:36:14 - [0] ----D C:\Users\Audrey\AppData\Local\Diagnostics
O43 - CFD: 02/06/2013 - 11:44:27 - [] ----D C:\Users\Audrey\AppData\Local\Downloaded Installations
O43 - CFD: 30/06/2013 - 13:38:08 - [0] ----D C:\Users\Audrey\AppData\Local\ElevatedDiagnostics
O43 - CFD: 15/05/2013 - 11:17:17 - [0] ----D C:\Users\Audrey\AppData\Local\FastReport
O43 - CFD: 21/06/2012 - 16:44:16 - [] ----D C:\Users\Audrey\AppData\Local\Google
O43 - CFD: 19/01/2010 - 20:17:19 - [] -SH-D C:\Users\Audrey\AppData\Local\Historique
O43 - CFD: 08/03/2010 - 17:30:49 - [] ----D C:\Users\Audrey\AppData\Local\HP
O43 - CFD: 19/06/2012 - 19:03:06 - [] ----D C:\Users\Audrey\AppData\Local\Macromedia
O43 - CFD: 23/01/2014 - 15:00:38 - [] ----D C:\Users\Audrey\AppData\Local\Microsoft
O43 - CFD: 01/04/2013 - 12:36:25 - [] ----D C:\Users\Audrey\AppData\Local\Microsoft Games
O43 - CFD: 06/09/2010 - 16:08:53 - [] ----D C:\Users\Audrey\AppData\Local\Microsoft Help
O43 - CFD: 20/08/2013 - 20:53:50 - [] ----D C:\Users\Audrey\AppData\Local\Mozilla
O43 - CFD: 26/05/2014 - 06:33:38 - [] ----D C:\Users\Audrey\AppData\Local\Packages
O43 - CFD: 15/05/2013 - 10:19:18 - [] ----D C:\Users\Audrey\AppData\Local\Programs
O43 - CFD: 17/11/2010 - 18:40:25 - [] ----D C:\Users\Audrey\AppData\Local\Quick_Zip_Dev
O43 - CFD: 02/05/2014 - 10:24:49 - [] ----D C:\Users\Audrey\AppData\Local\Skype
O43 - CFD: 10/08/2014 - 10:44:59 - [] ----D C:\Users\Audrey\AppData\Local\Temp
O43 - CFD: 19/01/2010 - 20:17:19 - [] -SH-D C:\Users\Audrey\AppData\Local\Temporary Internet Files
O43 - CFD: 15/05/2014 - 19:45:55 - [] ----D C:\Users\Audrey\AppData\Local\VirtualStore
O43 - CFD: 14/03/2011 - 18:58:51 - [] ----D C:\Users\Audrey\AppData\Local\Windows Live
O43 - CFD: 14/03/2011 - 18:59:00 - [] ----D C:\Users\Audrey\AppData\Local\Windows Live Writer
O43 - CFD: 23/01/2014 - 15:02:22 - [0] ----D C:\Users\Audrey\AppData\Local\WMTools Downloaded Files
O43 - CFD: 22/08/2009 - 09:52:43 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/11/2010 - 18:24:12 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Add-in ODF pour Microsoft Office
O43 - CFD: 10/07/2011 - 11:30:19 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 09/10/2013 - 15:53:46 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
O43 - CFD: 19/01/2010 - 20:19:50 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
O43 - CFD: 11/11/2011 - 11:24:59 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
O43 - CFD: 18/09/2012 - 14:54:14 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 04/07/2012 - 10:44:38 - [0] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LimeWire
O43 - CFD: 22/08/2009 - 09:52:43 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 28/01/2010 - 18:08:35 - [0] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pvm
O43 - CFD: 17/11/2010 - 18:39:55 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Zip 5.1
O43 - CFD: 23/09/2010 - 11:18:52 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftwareNetz
O43 - CFD: 05/05/2014 - 15:50:15 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/01/2013 - 15:03:04 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
O43 - CFD: 25/06/2013 - 08:27:42 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watermark Software
O43 - CFD: 09/06/2011 - 09:51:03 - [0] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinGrosMaigre
O43 - CFD: 01/07/2011 - 09:47:47 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 210 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6FD0DA30D14D34018E9541E77F1D1ADB] - 08/08/2014 - 13:01:36 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.BDFFF8FDDC0DB53B52AB273607BB03CC] - 10/08/2014 - 08:33:57 ---A- . (...) -- C:\Windows\win.ini   [713]
O44 - LFC:[MD5.F92B0E478C0FAA6D6661E6E977247E60] - 10/08/2014 - 09:09:52 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25816]
O44 - LFC:[MD5.9D9ED48F841EA37AA5310D54B9E5D3C7] - 10/08/2014 - 09:09:52 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys   [91352]
O44 - LFC:[MD5.15E8ABC06843672955CE26A009533BAD] - 10/08/2014 - 09:09:52 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys   [63704]
O44 - LFC:[MD5.03193846AD776384DD764E31FDA4995E] - 10/08/2014 - 09:31:30 ---A- . (...) -- C:\Windows\PFRO.log   [58488]
O44 - LFC:[MD5.1E427A2676B4D3EB98ECC8F7338E37B7] - 10/08/2014 - 09:31:46 ---A- . (...) -- C:\Windows\setupact.log   [29209]
O44 - LFC:[MD5.D7A9CBB00B6476029A04F14DBE64799D] - 10/08/2014 - 09:31:46 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.7131F9AAB58BBDE173601486DEB95974] - 10/08/2014 - 10:00:51 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1900840]
O44 - LFC:[MD5.8A50D5304E6AE48664CF5838EC32F647] - 10/08/2014 - 10:01:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys   [122584]
~ Files: 10 Scanned in 00mn 33s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.2EC09CCA2D9A41A344B2289FEF843AAD] - 10/08/2014 - 08:16:16 ---A- - C:\Windows\Prefetch\BLOCKANDSURF.EXE-4E7ADA95.pf  =>PUP.BlockAndSurf
O45 - LFCP:[MD5.49B3C3E050140BCDAE2600CE30D94E86] - 10/08/2014 - 08:19:03 ---A- - C:\Windows\Prefetch\UPFST_FR_244.EXE-324E3055.pf  =>Adware.FreeSoftToday
O45 - LFCP:[MD5.6766E913934BE95369AEC73B5F687109] - 06/08/2014 - 19:40:00 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-CA64286E.pf  =>Adware.Downware
~ Prefetcher: 3 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{3554fafb-1ae9-11df-b253-00262d61db87}\AutoRun\command. (...) -- E:\USBAutoRun.exe (.not file.)
O51 - MPSK:{e50ff4c8-1e3b-11df-b108-00262d61db87}\AutoRun\command. (...) -- E:\VMC_PBStarter.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2
O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 20 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=28
~ MWPE Keys: 5 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys   [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys   [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys   [15440]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys   [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys   [194128]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys   [27008]
O58 - SDL:25/05/2009 - 04:57:42 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys   [243760]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys   [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [97856]
O58 - SDL:05/10/2009 - 15:34:00 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys   [1542656]
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys   [270848]
O58 - SDL:10/06/2009 - 21:34:38 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL664.SYS   [1311232]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys   [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys   [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys   [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys   [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys   [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys   [14720]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys   [468480]
O58 - SDL:11/08/2009 - 21:59:50 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys   [686080]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys   [17488]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys   [3286016]
O58 - SDL:21/08/2012 - 13:01:20 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys   [33240]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys   [78720]
O58 - SDL:05/06/2009 - 02:54:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys   [408600]
O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys   [410496]
O58 - SDL:02/09/2009 - 17:54:20 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys   [7369728]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys   [44112]
O58 - SDL:26/05/2009 - 13:13:10 ---A- . (.Intel(R) Corporation - Intel(R) High Definition Audio HDMI.) -- C:\Windows\System32\Drivers\IntcHdmi.sys   [138752]
O58 - SDL:10/06/2009 - 21:34:36 ---A- . (.Broadcom Corporation - Broadcom NetLink (TM) Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\k57nd60a.sys   [270848]
O58 - SDL:20/06/2009 - 03:09:57 ---A- . (.Atheros Communications, Inc. - Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20.) -- C:\Windows\System32\Drivers\L1E62x64.sys   [54272]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys   [114752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [106560]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys   [65600]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys   [115776]
O58 - SDL:12/05/2014 - 06:25:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [25816]
O58 - SDL:12/05/2014 - 06:26:00 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys   [91352]
O58 - SDL:10/08/2014 - 10:01:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys   [122584]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys   [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys   [284736]
O58 - SDL:12/05/2014 - 06:26:10 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys   [63704]
O58 - SDL:10/06/2009 - 21:35:28 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\netw5v64.sys   [5434368]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys   [51264]
O58 - SDL:06/05/2009 - 00:46:08 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\System32\Drivers\NTIDrvr.sys   [18432]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [148352]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [166272]
O58 - SDL:16/06/2008 - 03:00:00 ----- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\Drivers\PxHlpa64.sys   [55024]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys   [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys   [128592]
O58 - SDL:05/06/2009 - 01:46:50 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\System32\Drivers\RtsUStor.sys   [216064]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [23040]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys   [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [80464]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:06/05/2009 - 00:46:08 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\System32\Drivers\UBHelper.sys   [16896]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [54784]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys   [161872]
O58 - SDL:10/06/2009 - 22:01:11 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\System32\Drivers\VSTAZL6.SYS   [292864]
O58 - SDL:10/06/2009 - 22:01:11 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\System32\Drivers\VSTCNXT6.SYS   [740864]
O58 - SDL:10/06/2009 - 22:01:11 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\System32\Drivers\VSTDPV6.SYS   [1485312]
O58 - SDL:26/03/2009 - 20:16:06 ---A- . (.Dritek System Inc. - Dritek 64-bit PS/2 Keyboard Filter Driver.) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys   [25608]
~ Drivers: 65 Scanned in 00mn 04s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 06/08/2014 - 11:08:53 ----- . (...) -- C:\Users\Audrey\AppData\Local\Temp\is45637729\137547047_stp\Generic_vo.exe   [172272]
O61 - LFC: 07/08/2014 - 11:09:00 ---A- . (.AVAST Software.) -- C:\Users\Audrey\Downloads\avast_free_antivirus_setup_online.exe   [4862664]
O61 - LFC: 07/08/2014 - 11:09:00 ---A- . (.Nicolas Coolman.) -- C:\Users\Audrey\Downloads\ZHPDiag2.exe   [6854876]  =>.Nicolas Coolman
O61 - LFC: 08/08/2014 - 11:08:53 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\Quarantine.exe   [384485]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\pywintypes26.dll   [110592]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\wxbase28uh_net_vc.dll   [122368]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\wxbase28uh_vc.dll   [1306112]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\wxmsw28uh_adv_vc.dll   [730112]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\wxmsw28uh_core_vc.dll   [3168768]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\wxmsw28uh_html_vc.dll   [479744]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Java(TM) Native Access (JNA).) -- C:\Users\Audrey\AppData\Local\Temp\jna2258872616158890767.dll   [347258]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Java(TM) Native Access (JNA).) -- C:\Users\Audrey\AppData\Local\Temp\jna5442645695274944734.dll   [347258]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Microsoft Corporation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\Microsoft.VC90.CRT\msvcm90.dll   [224768]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Microsoft Corporation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\Microsoft.VC90.CRT\msvcp90.dll   [568832]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Microsoft Corporation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\Microsoft.VC90.CRT\msvcr90.dll   [655872]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Microsoft Corporation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\gdiplus.dll   [1700352]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Microsoft Corporation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\Microsoft.VC90.CRT\msvcm90.dll   [224768]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Microsoft Corporation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\Microsoft.VC90.CRT\msvcp90.dll   [568832]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Microsoft Corporation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\Microsoft.VC90.CRT\msvcr90.dll   [655872]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Microsoft Corporation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\gdiplus.dll   [1700352]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Python Software Foundation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI18122\python26.dll   [2145280]
O61 - LFC: 10/08/2014 - 11:08:53 ---A- . (.Python Software Foundation.) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\python26.dll   [2145280]
O61 - LFC: 10/08/2014 - 11:08:54 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\pywintypes26.dll   [110592]
O61 - LFC: 10/08/2014 - 11:08:54 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\wxbase28uh_net_vc.dll   [122368]
O61 - LFC: 10/08/2014 - 11:08:54 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\wxbase28uh_vc.dll   [1306112]
O61 - LFC: 10/08/2014 - 11:08:54 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\wxmsw28uh_adv_vc.dll   [730112]
O61 - LFC: 10/08/2014 - 11:08:54 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\wxmsw28uh_core_vc.dll   [3168768]
O61 - LFC: 10/08/2014 - 11:08:54 ---A- . (...) -- C:\Users\Audrey\AppData\Local\Temp\_MEI40322\wxmsw28uh_html_vc.dll   [479744]
O61 - LFC: 10/08/2014 - 11:09:00 ---A- . (...) -- C:\Users\Audrey\Downloads\adwcleaner_3.304.exe   [1366203]
O61 - LFC: 10/08/2014 - 11:09:00 ---A- . (.Malwarebytes Corporation.) -- C:\Users\Audrey\Downloads\mbam-setup-2.0.2.1012.exe   [17292760]
O61 - LFC: 10/08/2014 - 11:09:00 ---A- . (.Thisisu.) -- C:\Users\Audrey\Downloads\JRT.exe   [1016261]
~ 1212 Fichiers temporaires (Temporary files)
~ 395 Fichiers cookies (Cookies files)
~ Files: 31 Scanned in 00mn 10s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 78 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll   [2420736]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136192]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
~ Services: 31 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe   [36136]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][03/04/2012] (...) -- C:\Users\Audrey\AppData\Roaming\wklnhst.dat   [0]
[MD5.087E3A7D8752CEB81A274E971C3FD805] [SPRF][26/01/2011] (.Remote Mouse Server - Remote Mouse Server Setup.) -- C:\Users\Audrey\Desktop\RemoteMouse.exe   [8107752]
~ Files: 3 Scanned in 00mn 00s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32  =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS  =>Adware.PredictAd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BuzzSearch_RASAPI32  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BuzzSearch_RASMANCS  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASAPI32  =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASMANCS  =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32  =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS  =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven Pro-chromeinstaller_RASAPI32  =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven Pro-chromeinstaller_RASMANCS  =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\fst_fr_244_RASAPI32  =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\fst_fr_244_RASMANCS  =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASAPI32  =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASMANCS  =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PirritDesktop_RASAPI32  =>PUP.PirritSuggestor
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PirritDesktop_RASMANCS  =>PUP.PirritSuggestor
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PirritSuggestor_0104-1d309b60_RASAPI32  =>PUP.PirritSuggestor
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PirritSuggestor_0104-1d309b60_RASMANCS  =>PUP.PirritSuggestor
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-3_RASAPI32  =>Adware.PlusHD
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-3_RASMANCS  =>Adware.PlusHD
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QtraxInstaller_RASAPI32  =>P2P.Qtrax
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QtraxInstaller_RASMANCS  =>P2P.Qtrax
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_fr_38_RASAPI32  =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_fr_38_RASMANCS  =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tuto4PC_widget_RASAPI32  =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tuto4PC_widget_RASMANCS  =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASAPI32  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASMANCS  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upfst_fr_244_RASAPI32  =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upfst_fr_244_RASMANCS  =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upt4pc_fr_38_RASAPI32  =>PUP.Eorezo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upt4pc_fr_38_RASMANCS  =>PUP.Eorezo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASAPI32  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASMANCS  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASAPI32  =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASMANCS  =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-074C_RASAPI32  =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-074C_RASMANCS  =>Adware.Yontoo
~ BTK: 547 Scanned in 00mn 02s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 10/07/1658 0 |  (0580bc2010c6cb3cc1f4a298c3e08a5c.exe) . (...) - C:\Users\Audrey\AppData\Local\0580bc2010c6cb3cc1f4a298c3e08a5c\0580bc2010c6cb3cc1f4a298c3e08a5c.exe
SS - | Demand 07/06/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/07/1658 0 |  (ClassCompilerMetafile.exe) . (...) - C:\Users\Audrey\AppData\Local\737cb9b671dd9293a47dd49f27300c48\ClassCompilerMetafile.exe
SS - | Auto 10/07/1658 0 |  (e2731bae2e84854.exe) . (...) - C:\Users\Audrey\AppData\Local\d4729c8bbf6e51b71760b3778fad0c06\e2731bae2e84854.exe
SS - | Demand 03/11/2009 651720 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 05/04/2010 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/04/2010 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/08/2009 182768 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 10/08/2014 114288 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 28/07/2009 935208 |  (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Auto 23/10/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 08/12/2008 169312 |  (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
SR - | Auto 24/07/2014 98340 |  (ArchiveSoftwareWinsock.exe) . (...) - C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock\ArchiveSoftwareWinsock.exe
SR - | Auto 06/07/2010 188416 |  (CanalPlus.VOD) . (.Canal+ Active.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
SR - | Auto 05/08/2009 844320 |  (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Auto 04/06/2009 1150496 |  (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 05/06/2009 354840 |  (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/08/2009 62720 |  (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
SR - | Auto 08/04/2013 1320496 |  (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
SR - | Auto 08/04/2013 799280 |  (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Demand 06/03/2012 932240 |  (Service CANALPLAY) . (.Canal+ Distribution.) - C:\Program Files (x86)\Lecteur CANALPLAY\CanalPlayService.exe
SR - | Auto 04/07/2009 240160 |  (Updater Service) . (.Acer.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 18s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Audrey at 10/08/2014 11:10:20
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Audrey at 10/08/2014 11:10:22
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (06/08/2014)
Clés trouvées (Keys found) : 26
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 3
Fichiers trouvés  (Files found) : 4

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74904F58-1176-7FB1-441C-5285E88CB94F}]   =>PUP.LuckyShopper^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AE9B04F2-E9E8-162C-829B-52C116B3EFCC}]   =>PUP.LuckyShopper^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}]   =>PUP.QueenCoupon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SiteFinder]   =>Adware.ShoppingReport^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420]   =>PUP.SweetIM
[HKCU\Software\Classes\keepmysearch]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E7F552EF334C802D75A55F0F6344722]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156]   =>PUP.SweetIM^
C:\ProgramData\deal2dealliat   =>PUP.Deal2Dealit^
C:\ProgramData\InstallMate   =>PUP.Tarma^
C:\ProgramData\LuckyShoppeR   =>PUP.LuckyShopper^
C:\Windows\Tasks\SpeedUpMyPC Maintenance.job   =>PUP.SpeedUpMyPC^
C:\Windows\Tasks\SpeedUpMyPC Startup.job   =>PUP.SpeedUpMyPC^
[HKCU\Software\WinkHandler]   =>Adware.IMBooster^
[HKLM\Software\Wow6432Node\Pirrit Solutions]   =>PUP.PirritSuggestor^
~ Additionnel Scan: 310551 Items scanned in 01mn 06s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/  =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/  =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
~ AMI: 4 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/hijacker-proxy  =>Hijacker.Proxy
http://nicolascoolman.fr/pup-genesis  =>PUP.Genesis
http://nicolascoolman.fr/adware-spointer  =>Adware.SPointer
http://nicolascoolman.fr/adware-shoppingreport  =>Adware.ShoppingReport
http://nicolascoolman.fr/adware-imbooster  =>Adware.IMBooster
http://nicolascoolman.fr/pup-pirritsuggestor  =>PUP.PirritSuggestor
http://nicolascoolman.fr/40296242-pup-deal2dealit  =>PUP.Deal2Dealit
http://nicolascoolman.fr/pup-tarma  =>PUP.Tarma
http://nicolascoolman.fr/pup-blockandsurf  =>PUP.BlockAndSurf
http://nicolascoolman.fr/adware-freesofttoday  =>Adware.FreeSoftToday
http://nicolascoolman.fr/adware-downware  =>Adware.Downware
http://nicolascoolman.fr/adware-predictad  =>Adware.PredictAd
http://nicolascoolman.fr/pup-buzzsearch  =>PUP.BuzzSearch
http://nicolascoolman.fr/hijacker-22find  =>Hijacker.22Find
http://nicolascoolman.fr/adware-incredibar  =>Adware.Incredibar
http://nicolascoolman.fr/pup-crossrider  =>PUP.CrossRider
http://nicolascoolman.fr/rogue-pcspeedmaximizer  =>Rogue.PCSpeedMaximizer
http://nicolascoolman.fr/adware-plushd  =>Adware.PlusHD
http://nicolascoolman.fr/spyware-agenceexclusive  =>PUP.AgenceExclusive
http://nicolascoolman.fr/pup-eorezo  =>PUP.Eorezo
http://nicolascoolman.fr/adware-yontoo  =>Adware.Yontoo
http://nicolascoolman.fr/pup-sweetim  =>PUP.SweetIM
http://nicolascoolman.fr/adware-mywebsearch  =>Adware.MyWebSearch
~ MSI: 23 link(s) detected in 00mn 00s



End of the scan (1433 lines in 04mn 36s)(0)