~ ZHPDiag v2015.11.23.173 Par Nicolas Coolman (2015/11/23)
~ Démarré par mhd (Administrator) (2015/11/25 21:29:30)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Documents and Settings\mhd\Bureau\ZHPDiag.txt
~ Rapport: C:\Documents and Settings\mhd\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Navigateurs Internet (2) - 1s
OPIE: Opera 33.0.1990.115 v33.0.1990.115
MSIE: Internet Explorer v7.0.5730.13

---\\ Informations sur les produits Windows (3) - 0s
Windows Automatic Updates : OK
Windows Activation Technologies : KO
Windows Genuine Advantage : KO

---\\ Logiciels de protection (1) - 8s
avast! Internet Security v9.0.2021

---\\ Logiciels d'optimisation (1) - 8s
CCleaner v5.10

---\\ Surveillance de Logiciels (2) - 8s
Adobe Flash Player 19 NPAPI
Adobe Reader 9 - Français

---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 15 Model 4 Stepping 9, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 1039.692 MB (5% free)
System Restore: Activé (Enable)
System drive C: has 21 GB () free of 39 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: A6-655B589E94C1
~ User Name: mhd
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 21 GB free of 39 GB (System)
~ Drive D: has 24 GB free of 39 GB

---\\ Etat du Centre de Sécurité Windows (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - 14/04/2008 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [1037824] ©
[MD5.93AD0B78C7357A05F50E594EC7C22300] - 14/04/2008 - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe [33792] ©
[MD5.8E027981DDFFA690D456FE18B37415A0] - 01/03/2008 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [826368] ©
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - 14/04/2008 - (.Microsoft Corporation - Application d'ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [512000] ©
[MD5.F640F61A063DD79BD4D2F6C9509FB958] - 14/04/2008 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [147968] ©
[MD5.322D0E36693D6E24A2398BEE62A268CD] - 14/04/2008 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [138112] ©
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 13/04/2008 - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [96512] ©
[MD5.C885B02847F5D2FD45A24E219ED93B32] - 14/04/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] ©
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - 14/04/2008 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] ©
[MD5.31F923EB2170FC172C81ABDA0045D18C] - 14/04/2008 - (.Microsoft Corporation - Pilote de cryptographie FIPS.) -- C:\WINDOWS\System32\drivers\Fips.sys [44672] ©
[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - 14/04/2008 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144] ©
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 14/04/2008 - (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] ©
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 14/04/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] ©
[MD5.23C74D75E36E7158768DD63D92789A91] - 14/04/2008 - (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] ©
[MD5.68755F0FF16070178B54674FE5B847B0] - 14/04/2008 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456576] ©
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 14/04/2008 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [162816] ©
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - 14/04/2008 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [574976] ©
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - 14/04/2008 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [80384] ©
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 14/04/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] ©
[MD5.15CABD0F7C00C47C70124907916AF3F1] - 13/04/2008 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224] ©
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - 13/04/2008 - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\System32\drivers\redbook.sys [58752] ©
[MD5.46DE1126684369BACE4849E4FC8C43CA] - 14/04/2008 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [53376] ©

---\\ Liste des services NT non Microsoft et non désactivés (7) - 2s
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe ©
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe ©
O23 - Service: C-DillaSrv (C-DillaSrv) . (.C-Dilla Ltd - C-Dilla RTS Service.) - C:\WINDOWS\system32\drivers\CDANTSRV.EXE
O23 - Service: Service Mgr LuckyBright (Service Mgr LuckyBright) . (...) - C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugincontainer.exe =>PUP.Optional.LuckyBright
O23 - Service: Update Mgr LuckyBright (Update Mgr LuckyBright) . (...) - C:\Program Files\Fichiers communs\9466af57-1f38-4973-ab1c-22f7e17e2d6a\updater.exe =>PUP.Optional.LuckyBright

---\\ Tâches planifiées en automatique (2) - 3s
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [808448] ©
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\WINDOWS\Tasks\avast! Emergency Update.job [364] ©

---\\ Processus lancés (27) - 2s
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1864] ©
[MD5.D386D51B1839E208EF7CCFBFA964638E] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [106488] [PID.2020] ©
[MD5.1DC0CC580B6149CE24782B65384F34BD] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [6495144] [PID.796] ©
[MD5.A9AE03362A846898368653E94B6DB1AA] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60720] [PID.1992] ©
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.2012] ©
[MD5.12C13F85BE9D3A58FDB463A6F7DE4E61] - (.C-Dilla Ltd - C-Dilla RTS Service.) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE [46080] [PID.532]
[MD5.8245474FA52EC0BEE11AF9CE57177456] - (...) -- C:\Program Files\Fichiers communs\9466af57-1f38-4973-ab1c-22f7e17e2d6a\updater.exe [544488] [PID.1664]
[MD5.69320EC4FCE0A5BB3467FC66A93723A9] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\33.0.1990.115\opera.exe [883832] [PID.2056] ©
[MD5.25F9D1B948781A063E5FC73B9335306D] - (.Opera Software - Opera crash-reporter.) -- C:\Program Files\Opera\33.0.1990.115\opera_crashreporter.exe [504440] [PID.2088] ©
[MD5.69320EC4FCE0A5BB3467FC66A93723A9] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\33.0.1990.115\opera.exe [883832] [PID.3240] ©
[MD5.69320EC4FCE0A5BB3467FC66A93723A9] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\33.0.1990.115\opera.exe [883832] [PID.3256] ©
[MD5.69320EC4FCE0A5BB3467FC66A93723A9] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\33.0.1990.115\opera.exe [883832] [PID.3296] ©
[MD5.69320EC4FCE0A5BB3467FC66A93723A9] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\33.0.1990.115\opera.exe [883832] [PID.716] ©
[MD5.76058F41A1B8B53E949B54EB2378537A] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugincontainer.exe [636136] [PID.3148] =>PUP.Optional.CrossRider
[MD5.18A4FCD48720CF2E8CCBBC5908FBB548] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\10\Plugin.exe [446696] [PID.2192] =>PUP.Optional.CrossRider
[MD5.0FD72001C553E32AD3E3818C2867BFFA] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\5\Plugin.exe [710376] [PID.2200] =>PUP.Optional.CrossRider
[MD5.31EF7622366CF1F9ABC341AEED32FC6D] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\2\Plugin.exe [1712872] [PID.2344] =>PUP.Optional.CrossRider
[MD5.33C5C379BD5CDFA5BC1EAE50792A9087] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\3\Plugin.exe [600296] [PID.1380] =>PUP.Optional.CrossRider
[MD5.D6C3E355524FE9C7C81C5C03E2AD0356] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\8\Plugin.exe [1245416] [PID.1744] =>PUP.Optional.CrossRider
[MD5.23814AE4484775293E22C53847576489] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\12\Plugin.exe [1007848] [PID.1008] =>PUP.Optional.CrossRider
[MD5.45E4DFBC7625E2E73F7D276A70A0286C] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\7\Plugin.exe [458472] [PID.2640] =>PUP.Optional.CrossRider
[MD5.45E4DFBC7625E2E73F7D276A70A0286C] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\7\Plugin.exe [458472] [PID.3996] =>PUP.Optional.CrossRider
[MD5.23814AE4484775293E22C53847576489] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\12\Plugin.exe [1007848] [PID.1164] =>PUP.Optional.CrossRider
[MD5.33C5C379BD5CDFA5BC1EAE50792A9087] - (...) -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\3\Plugin.exe [600296] [PID.772] =>PUP.Optional.CrossRider
[MD5.69320EC4FCE0A5BB3467FC66A93723A9] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\33.0.1990.115\opera.exe [883832] [PID.3876] ©
[MD5.6A47DAC7CE1D527F3004DCB97FC4EBED] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\mhd\Mes documents\ZHPDiag3.exe [1970176] [PID.1740] ©
[MD5.6A47DAC7CE1D527F3004DCB97FC4EBED] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\mhd\Mes documents\ZHPDiag3.exe [1970176] [PID.2176] ©

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (7) - 2s
M0 - MFSP: prefs.js [mhd - 3d7ynojd.default-1447103269015] http://www.google.fr/
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.FRA
P2 - EXT FILE: (...) -- C:\Documents and Settings\mhd\Application Data\Mozilla\Firefox\Profiles\3d7ynojd.default-1447103269015\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\mhd\Application Data\Mozilla\Firefox\Profiles\3d7ynojd.default-1447103269015\extensions\{e792c86b-2767-4ea3-8fae-a5bb839f6e2f}.xpi
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll ©
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ©
P2 - FPN: [HKLM] [@TelevisionFanatic.com/Plugin] - (.TelevisionFanatic.) -- C:\Program Files\TelevisionFanatic\bar\1.bin\NP64Stub.dll =>PUP.Optional.TelevisionFanatic

---\\ Opera, Démarrage,Recherche,Plugins (2) - 1s
B2 - EXT: [Opera Stable] C:\Documents and Settings\mhd\Application Data\Opera Software\Opera Stable\Extensions\pmpmnoinbkdojlnknogfeoagmhmhgakc
B2 - EXT: [{background:{scripts:[background.js]}content_scrip] C:\Documents and Settings\mhd\Application Data\Opera Software\Opera Stable\Extensions\pogiioopimdkbinddahohmgcinolabkn

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (13) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (20)

---\\ Browser Helper Object de navigateur (BHO) (5) - 0s
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll ©
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll ©
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll ©
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ©
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Orphean)

---\\ Applications lancées au démarrage du système (12) - 0s
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
O4 - HKUS\S-1-5-21-1801674531-2000478354-1644491937-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-21-1801674531-2000478354-1644491937-1003\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©

---\\ Modification Domaine/Adresses DNS (3) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Protocole additionnel (24) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll ©
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll ©
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll ©
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll ©
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll ©
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll ©
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll ©
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL ©

---\\ Logiciels installés (40) - 17s
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0 ©
O42 - Logiciel: Adobe Flash Player 19 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX ©
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A90000000001} ©
O42 - Logiciel: Adobe Shockwave Player 12.1 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player ©
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM] -- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC} ©
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {A75CA58D-DB9C-4D14-9428-E0C7B0F623DC} ©
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF} ©
O42 - Logiciel: avast! Internet Security v9.0.2021 - (.AVAST Software.) [HKLM] -- Avast ©
O42 - Logiciel: B-Link Wireless LAN Driver and Utility - (.SHENZHEN BILIAN ELECTRONIC CO.,LTD.) [HKLM] -- {9C049499-055C-4a0c-A916-1D12314F45EB}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} ©
O42 - Logiciel: Broadcom Management Programs - (.Broadcom Corporation.) [HKLM] -- {7BB045C3-D5E4-4620-B536-DC11AACD5942} ©
O42 - Logiciel: Broadcom NetXtreme Ethernet Controller - (.Broadcom Corporation.) [HKLM] -- {F870B987-18BC-45FC-9BE8-35C02DCDA10F} ©
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner ©
O42 - Logiciel: C-Dilla Licence Management System - (...) [HKLM] -- LMS
O42 - Logiciel: Foxit Reader 5.1 - (.Foxit Corporation.) [HKLM] -- Foxit Reader_is1 ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: honestech TVR - (...) [HKLM] -- {BE27845A-6438-4DCF-AE3D-44EC96CB31CA}
O42 - Logiciel: Hotfix for Windows XP (KB915865) - (.Microsoft Corporation.) [HKLM] -- KB915865 ©
O42 - Logiciel: HP SetRefresh - (.Hewlett-Packard Company.) [HKLM] -- {F5242227-2051-4158-AC42-0F2BAA3CD3D6} ©
O42 - Logiciel: HP USB Smart Card Keyboard - (.Nom de votre société.) [HKLM] -- {E24A2D94-3215-4E81-A8BA-17BC0E577597}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- HDMI
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {868B9974-4F23-494D-B6BC-4FAB92B2755D} ©
O42 - Logiciel: Java(TM) 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050} ©
O42 - Logiciel: Logiciel d'archivage WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: Lucky Bright - (.Lucky Bright.) [HKLM] -- Lucky Bright =>PUP.Optional.LuckyBright
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {AEB9948B-4FF2-47C9-990E-47014492A0FE} ©
O42 - Logiciel: Nero 7 Demo - (.Nero AG.) [HKLM] -- {C985153C-3801-EB63-1432-088E71801033} ©
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {47A0A80F-8DC0-43EB-B9B4-36FD86979DF7} ©
O42 - Logiciel: Opera Stable 33.0.1990.115 - (.Opera Software.) [HKLM] -- Opera 33.0.1990.115 ©
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 ©
O42 - Logiciel: PC Connectivity Solution Lite - (.Nokia.) [HKLM] -- {2997ABF5-E5F6-4E9C-9717-26F208D9ED5E} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: sweet-page uninstall - (.sweet-page.) [HKLM] -- sweet-page uninstall =>PUP.Optional.SweetPage
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ©
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player ©
O42 - Logiciel: XnView 1.98.8 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1 ©
O42 - Logiciel: Youtube Downloader HD v. 2.9.9.25 - (.YoutubeDownloaderHD.com.) [HKLM] -- Youtube Downloader HD_is1 ©

---\\ HKCU & HKLM Software Keys (116) - 17s
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\ahead
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\AVS4YOU
HKLM\SOFTWARE\Broadcom
HKLM\SOFTWARE\C-Dilla
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\ErrorLists-crcodedownloader =>PUP.Optional.CrossRider
HKLM\SOFTWARE\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Foxit Software
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HD-V1.8
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\Honest Technology
HKLM\SOFTWARE\honestech
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\Items Technology Co., Ltd.
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\Listen
HKLM\SOFTWARE\LuckyBright =>PUP.Optional.LuckyBright
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\magnet
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\MDC
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Nokia
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\Pandora.TV
HKLM\SOFTWARE\PC Connectivity Solution
HKLM\SOFTWARE\PCSuite
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\RtWLan
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\Set8188CEVAU
HKLM\SOFTWARE\Set8188CEVAUG
HKLM\SOFTWARE\Set8188CU
HKLM\SOFTWARE\Set8188CUSCOMBO
HKLM\SOFTWARE\Set8188CUSSOLO
HKLM\SOFTWARE\Set8188RU
HKLM\SOFTWARE\Set8191CU
HKLM\SOFTWARE\Set8192CEVAU
HKLM\SOFTWARE\Set8192CU
HKLM\SOFTWARE\Set8192CUT
HKLM\SOFTWARE\SmartCardReader Installation
HKLM\SOFTWARE\SOFTWARE
HKLM\SOFTWARE\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\Xing Technology Corp.
HKLM\SOFTWARE\XnView
HKLM\SOFTWARE\Yahoo
HKCU\SOFTWARE\20f02ad995ab2d9437e89ecbecd3df7d =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\BITSoft
HKCU\SOFTWARE\Broadcom
HKCU\SOFTWARE\CoinisRevShare
HKCU\SOFTWARE\Condut
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\Freeware
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\HD-V1.8
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\honestech
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MetaProducts
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nokia
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Sony Creative Software
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contenu des dossiers Programmes (172) - 14s
O43 - CFD: 13/05/2014 - [] D -- C:\Program Files\Adobe
O43 - CFD: 30/09/2015 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 21/05/2014 - [] D -- C:\Program Files\AVAST Software
O43 - CFD: 20/05/2015 - [0] D -- C:\Program Files\AVS4YOU
O43 - CFD: 04/11/2014 - [] D -- C:\Program Files\B-Link
O43 - CFD: 21/09/2014 - [] D -- C:\Program Files\Bonjour
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Broadcom
O43 - CFD: 24/11/2015 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 24/11/2015 - [] D -- C:\Program Files\CCleaner(2)
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\COMPAQ
O43 - CFD: 12/04/2014 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 12/07/2014 - [] D -- C:\Program Files\DIFX
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files\Fichiers communs
O43 - CFD: 06/03/2015 - [] D -- C:\Program Files\Foxit Software
O43 - CFD: 25/11/2015 - [] D -- C:\Program Files\Google
O43 - CFD: 23/05/2015 - [0] D -- C:\Program Files\GRETECH
O43 - CFD: 04/07/2014 - [] D -- C:\Program Files\HD-V1.8
O43 - CFD: 28/04/2014 - [] D -- C:\Program Files\honestech
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\HP USB Smart Card Keyboard
O43 - CFD: 04/11/2014 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Intel
O43 - CFD: 11/07/2014 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 30/09/2015 - [] D -- C:\Program Files\iPod
O43 - CFD: 30/09/2015 - [] D -- C:\Program Files\iTunes
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Java
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files\Lucky Bright =>PUP.Optional.LuckyBright
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Messenger
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 02/12/2014 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 25/11/2015 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 14/04/2014 - [] D -- C:\Program Files\MUSTEK 1248UB
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Nero
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 21/06/2015 - [] D -- C:\Program Files\Nokia
O43 - CFD: 25/11/2015 - [] D -- C:\Program Files\Opera
O43 - CFD: 13/05/2015 - [] D -- C:\Program Files\Opera Next
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 03/03/2015 - [] D -- C:\Program Files\PANDORA.TV
O43 - CFD: 25/04/2014 - [] D -- C:\Program Files\Participatory Culture Foundation
O43 - CFD: 28/09/2014 - [] D -- C:\Program Files\PC Connectivity Solution
O43 - CFD: 24/05/2015 - [0] D -- C:\Program Files\Real
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Realtek
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Services en ligne
O43 - CFD: 22/09/2015 - [] D -- C:\Program Files\The KMPlayer
O43 - CFD: 12/04/2014 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Windows Media Connect 2
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 12/04/2014 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\xerox
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Xilisoft
O43 - CFD: 13/05/2015 - [] D -- C:\Program Files\XnView
O43 - CFD: 16/06/2014 - [] D -- C:\Program Files\Yahoo!
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files\Youtube Downloader HD
O43 - CFD: 14/04/2014 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 21/05/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avast
O43 - CFD: 04/11/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\B-Link 11n USB Wireless LAN Utility
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Broadcom
O43 - CFD: 24/11/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
O43 - CFD: 24/11/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner(2)
O43 - CFD: 13/02/2015 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 12/05/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Foxit Reader 5.1
O43 - CFD: 28/04/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\honestech
O43 - CFD: 30/09/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
O43 - CFD: 12/04/2014 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office
O43 - CFD: 30/11/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight
O43 - CFD: 17/07/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Nero 7 Ultra Edition
O43 - CFD: 12/04/2014 - [] RD -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 15/06/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 13/05/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\XnView
O43 - CFD: 20/11/2015 - [] D -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Youtube Downloader HD
O43 - CFD: 30/09/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 25/11/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 05/10/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 30/09/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 21/05/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 12/05/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
O43 - CFD: 30/09/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 12/05/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\CyberLink
O43 - CFD: 13/05/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\DivX
O43 - CFD: 16/06/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\Google
O43 - CFD: 11/07/2014 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM
O43 - CFD: 12/07/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\Installations
O43 - CFD: 14/04/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 27/03/2015 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 12/07/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\PC Suite
O43 - CFD: 26/10/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\QuickTime
O43 - CFD: 21/09/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\Real
O43 - CFD: 21/09/2014 - [] D -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 13/05/2015 - [0] HDC -- C:\Documents and Settings\All Users\Application Data\{6DFE6B59-3F4E-45AF-A9D0-5EDC43DD23AF}
O43 - CFD: 25/11/2015 - [] D -- C:\Program Files\Fichiers communs\9466af57-1f38-4973-ab1c-22f7e17e2d6a
O43 - CFD: 13/05/2014 - [] D -- C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 30/09/2015 - [] D -- C:\Program Files\Fichiers communs\Apple
O43 - CFD: 20/05/2015 - [] D -- C:\Program Files\Fichiers communs\AVSMedia
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 26/10/2014 - [] D -- C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Fichiers communs\Java
O43 - CFD: 27/03/2015 - [] D -- C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 24/05/2015 - [] D -- C:\Program Files\Fichiers communs\Real
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Fichiers communs\Services
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 12/04/2014 - [] D -- C:\Program Files\Fichiers communs\System
O43 - CFD: 04/07/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\12745
O43 - CFD: 13/04/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\Adobe
O43 - CFD: 20/04/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\Ahead
O43 - CFD: 04/08/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\Apple Computer
O43 - CFD: 13/05/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\Ask.com =>Toolbar.Ask
O43 - CFD: 21/05/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\AVAST Software
O43 - CFD: 12/05/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\AVS4YOU
O43 - CFD: 11/07/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\DMCache
O43 - CFD: 11/05/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\dvdcss
O43 - CFD: 15/03/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\Foxit Software
O43 - CFD: 21/05/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\Google
O43 - CFD: 16/05/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\gtk-2.0
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\Identities
O43 - CFD: 11/07/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\IDM
O43 - CFD: 13/05/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\InterTrust
O43 - CFD: 11/05/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\Macromedia
O43 - CFD: 26/09/2015 - [] SD -- C:\Documents and Settings\mhd\Application Data\Microsoft
O43 - CFD: 13/04/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\Mozilla
O43 - CFD: 12/05/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\Opera
O43 - CFD: 25/11/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\Opera Software
O43 - CFD: 25/04/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\Participatory Culture Foundation
O43 - CFD: 12/07/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\PC Suite
O43 - CFD: 20/05/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\PCF-VLC
O43 - CFD: 24/05/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\Real
O43 - CFD: 20/11/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\RPEng =>PUP.Optional.Generic
O43 - CFD: 13/05/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\Sony
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\Sun
O43 - CFD: 17/09/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\sweet-page =>PUP.Optional.SweetPage
O43 - CFD: 22/11/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\vlc
O43 - CFD: 16/04/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\WinRAR
O43 - CFD: 23/11/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\XnView
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\mhd\Application Data\Yahoo!
O43 - CFD: 20/11/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\Youtube Downloader HD
O43 - CFD: 25/11/2015 - [] D -- C:\Documents and Settings\mhd\Application Data\ZHP
O43 - CFD: 16/11/2015 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Adobe
O43 - CFD: 12/04/2014 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Ahead
O43 - CFD: 21/09/2014 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Apple
O43 - CFD: 21/09/2014 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Apple Computer
O43 - CFD: 30/11/2014 - [0] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Deployment
O43 - CFD: 10/03/2015 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Foxit Reader
O43 - CFD: 25/11/2015 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Google
O43 - CFD: 22/11/2015 - [] SD -- C:\Documents and Settings\mhd\Local Settings\Application Data\Microsoft
O43 - CFD: 13/04/2014 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Mozilla
O43 - CFD: 12/05/2015 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Opera
O43 - CFD: 25/11/2015 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Opera Software
O43 - CFD: 13/05/2015 - [0] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\PackageAware =>PUP.Optional.BearShare
O43 - CFD: 24/05/2014 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\Temp
O43 - CFD: 04/07/2014 - [] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\TvApp
O43 - CFD: 05/04/2015 - [0] D -- C:\Documents and Settings\mhd\Local Settings\Application Data\WMTools Downloaded Files
O43 - CFD: 12/04/2014 - [] RD -- C:\Documents and Settings\mhd\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 16/06/2014 - [] RD -- C:\Documents and Settings\mhd\Menu Démarrer\Programmes\Démarrage

---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll ©
O106 - SIOI: Offline Files Menu [Fichiers hors connexion] - {750fdf0e-2a26-11d1-a3ea-080036587f03}. (.Microsoft Corporation - IU de cache côté client.) -- C:\WINDOWS\system32\cscui.dll ©

---\\ Enumération des clés StartupReg (6) - 1s
O53 - SMSR:HKLM\...\startupreg\20f02ad995ab2d9437e89ecbecd3df7d [Key] . (.iMobie Inc. - PhoneClean.) -- C:\Documents and Settings\mhd\Application Data\file.exe ©
O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O53 - SMSR:HKLM\...\startupreg\ctfmon.exe [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O53 - SMSR:HKLM\...\startupreg\IAM Imola ModemListener [Key] . (...) -- C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe ©
O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (...) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (.not file.)

---\\ Liste des pilotes du système (64) - 6s
O58 - SDL:2014/08/27 15:47:25 A . (.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\System32\drivers\AegisP.sys [21361] ©
O58 - SDL:2014/07/11 15:50:58 A . (...) -- C:\WINDOWS\System32\drivers\aswHwid.sys [24184]
O58 - SDL:2014/07/11 15:50:47 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\aswKbd.sys [26136] ©
O58 - SDL:2014/07/11 15:50:58 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys [67824] ©
O58 - SDL:2014/05/21 13:48:33 A . (.ALWIL Software - avast! Filtering NDIS driver.) -- C:\WINDOWS\System32\drivers\aswNdis.sys [12112] ©
O58 - SDL:2014/07/11 15:50:40 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\WINDOWS\System32\drivers\aswndis2.sys [252872] ©
O58 - SDL:2014/07/11 15:50:58 A . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\WINDOWS\System32\drivers\aswrdr.sys [55112] ©
O58 - SDL:2014/07/11 15:50:58 A . (...) -- C:\WINDOWS\System32\drivers\aswRvrt.sys [49944]
O58 - SDL:2014/07/11 15:50:58 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswsnx.sys [779536] ©
O58 - SDL:2014/07/11 15:50:58 A . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\System32\drivers\aswsp.sys [414392] ©
O58 - SDL:2014/07/11 15:50:58 A . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\System32\drivers\aswTdi.sys [57800] ©
O58 - SDL:2014/07/11 15:50:58 A . (...) -- C:\WINDOWS\System32\drivers\aswVmm.sys [192352]
O58 - SDL:2008/04/24 13:44:52 A . (.Broadcom Corporation - Broadcom NetXtreme Crash Dump (x86).) -- C:\WINDOWS\System32\drivers\b57cdx.sys [105472] ©
O58 - SDL:2008/07/24 23:18:32 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS5.1.) -- C:\WINDOWS\System32\drivers\b57xp32.sys [176640] ©
O58 - SDL:2008/06/06 07:15:40 A . (.Broadcom Corporation - Broadcom Advanced Server Program Driver for.) -- C:\WINDOWS\System32\drivers\baspxp32.sys [98816] ©
O58 - SDL:2010/02/26 12:32:44 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\System32\drivers\ccdcmb.sys [18176] ©
O58 - SDL:2010/02/26 12:32:44 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys [22528] ©
O58 - SDL:2003/04/01 10:23:22 A . (.Macrovision - C-Dilla Windows NT RTS.) -- C:\WINDOWS\System32\drivers\CDANT.SYS [58288] ©
O58 - SDL:2008/04/14 12:00:00 A . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] ©
O58 - SDL:2008/04/14 12:00:00 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] ©
O58 - SDL:2008/04/14 12:00:00 A . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys [800256] ©
O58 - SDL:2008/04/14 12:00:00 A . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys [154496] ©
O58 - SDL:2008/04/14 12:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] ©
O58 - SDL:2012/08/21 12:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [26840] ©
O58 - SDL:2008/04/14 12:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2009/08/05 04:56:04 A . (.Hewlett-Packard Company - PC-SC Driver for HP USB Smartcard Keyboard.) -- C:\WINDOWS\System32\drivers\HPKBCCID.sys [48256] ©
O58 - SDL:2007/01/13 09:33:18 A . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\igxpmp32.sys [5672032] ©
O58 - SDL:2005/08/15 09:08:26 A . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\System32\drivers\imagedrv.sys [5888] ©
O58 - SDL:2005/08/15 09:08:26 A . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\System32\drivers\imagesrv.sys [127488] ©
O58 - SDL:2008/04/14 12:00:00 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] ©
O58 - SDL:2008/08/26 09:26:12 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [18816] ©
O58 - SDL:2008/04/14 12:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] ©
O58 - SDL:2008/04/14 12:00:00 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] ©
O58 - SDL:2008/04/14 12:00:00 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] ©
O58 - SDL:2008/06/17 14:49:22 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys [4756992] ©
O58 - SDL:2011/07/13 01:29:22 R . (.Realtek Semiconductor Corporation - Realtek RTL8192C USB NDIS Driver.) -- C:\WINDOWS\System32\drivers\rtwlanu.sys [1270120] ©
O58 - SDL:2008/06/17 07:10:48 RA . (.Philips Semiconductors - SAA713x TV Card - Video Capture Driver.) -- C:\WINDOWS\System32\drivers\SAA713x.sys [279552]
O58 - SDL:2008/04/14 12:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480] ©
O58 - SDL:2007/01/24 00:01:00 A . (.SCM Microsystems Inc. - STC DFU Driver.) -- C:\WINDOWS\System32\drivers\STCFUx32.sys [7680]
O58 - SDL:2008/04/14 12:00:00 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] ©
O58 - SDL:2015/06/17 17:04:22 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl.sys [45056] ©
O58 - SDL:2010/02/26 12:32:46 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys [8192] ©
O58 - SDL:2010/02/26 12:32:58 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys [8192] ©
O58 - SDL:2008/04/14 12:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] ©
O58 - SDL:2008/06/17 07:10:48 RA . (.Philips Semiconductors - WDM TV Tuner Driver.) -- C:\WINDOWS\System32\drivers\WDMTuner.sys [25984]
O58 - SDL:2006/01/19 15:33:26 RA . (.ZyDAS Technology Corporation - ZD1211B 802.11 b+g USB LAN Driver.) -- C:\WINDOWS\System32\drivers\WlanBZXP.sys [402432] ©
O58 - SDL:2010/09/28 13:50:50 RA . (.Realtek Semiconductor Corporation - XPTWOPORT Intermediate Miniport Driver.) -- C:\WINDOWS\System32\drivers\XPTWOPORT.SYS [15872] ©
O58 - SDL:2014/04/24 10:25:00 A . (.StdLib - StdLib.) -- C:\WINDOWS\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}t.sys [55232] =>PUP.Optional.LinkiDoo
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9037]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4912]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27916]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [34000]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2008/04/14 12:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]
O58 - SDL:2003/04/16 06:00:36 A . (.Compaq Computer Corporation - Client Management Device Driver.) -- C:\WINDOWS\System32\SP32395.SYS [50520] ©

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (2) - 21s
O61 - LFC: 2015/11/20 23:32:23 A . (..) -- C:\Documents and Settings\mhd\Application Data\RPEng\412275E3FC054702874651F13C4B8242\setup.exe [316168]
O61 - LFC: 2015/11/23 13:10:51 A . (..) -- C:\Documents and Settings\mhd\Application Data\Adobe\Acrobat\9.0\UserCache.bin [67751]

---\\ Associations Shell Spawning (9) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de démarrage Internet (13) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera Next\Opera.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Opera Next\Opera.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Opera Next\Opera.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Opera Next\Opera.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe ©

---\\ Recherche d'infection sur les navigateurs (2) - 11s
O69 - SBI: SearchScopes [HKCU] {AB40D48B-1D41-41D9-9718-CCDD2C7BF1DF} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD} [DefaultScope] - (Ask.com) - http://www.ask.com/

---\\ Enumère les services démarrés par Svchost (40) - 1s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] ©
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77824] ©
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] ©
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576] ©
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [127488] ©
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] ©
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [246272] ©
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] ©
O83 - Search Svchost Services: HidServ (HidServ) . (...) -- C:\WINDOWS\System32\hidserv.dll [0]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [96768] ©
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096] ©
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] ©
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144] ©
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\system32\mswsock.dll [247808] ©
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] ©
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560] ©
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll [18944] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à.) -- C:\WINDOWS\system32\ipnathlp.dll [332800] ©
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\WINDOWS\system32\tapisrv.dll [249856] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] ©
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] ©
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176] ©
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [483840] ©
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685568] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [145408] ©
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] ©
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] ©
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll [293376] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll [61440] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\system32\qmgr.dll [409088] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] ©
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38400] ©
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\mspmsnsv.dll [27136] ©

---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (11) - 28s

SS - Demand [16/11/2015] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [02/09/2015] [ 60720] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
SR - Auto [11/07/2014] [ 50344] avast! Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
SR - Auto [11/07/2014] [ 106488] avast! Firewall (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe ©
SR - Auto [30/08/2011] [ 390504] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe ©
SR - Auto [01/04/2003] [ 46080] C-DillaSrv (C-DillaSrv) . (.C-Dilla Ltd.) - C:\WINDOWS\system32\drivers\CDANTSRV.EXE
SS - Demand [14/04/2014] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe ©
SS - Demand [12/09/2015] [ 540944] Service de l’iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe ©
SR - Auto [25/11/2015] [ 636136] Service Mgr LuckyBright (Service Mgr LuckyBright) . (...) - C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugincontainer.exe =>PUP.Optional.LuckyBright
SR - Auto [25/11/2015] [ 544488] Update Mgr LuckyBright (Update Mgr LuckyBright) . (...) - C:\Program Files\Fichiers communs\9466af57-1f38-4973-ab1c-22f7e17e2d6a\updater.exe =>PUP.Optional.LuckyBright

---\\ Scan Additionnel (30) - 0s
HKLM\SOFTWARE\LuckyBright =>PUP.Optional.LuckyBright
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a =>PUP.Optional.LuckyBright
C:\Program Files\Fichiers communs\9466af57-1f38-4973-ab1c-22f7e17e2d6a =>PUP.Optional.LuckyBright
HKLM\SYSTEM\CurrentControlSet\Services\Service Mgr LuckyBright =>PUP.Optional.LuckyBright
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugincontainer.exe =>PUP.Optional.LuckyBright
HKLM\SYSTEM\CurrentControlSet\Services\Update Mgr LuckyBright =>PUP.Optional.LuckyBright
C:\Program Files\Fichiers communs\9466af57-1f38-4973-ab1c-22f7e17e2d6a\updater.exe =>PUP.Optional.LuckyBright
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugincontainer.exe =>PUP.Optional.CrossRider
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\10\Plugin.exe =>PUP.Optional.CrossRider
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\5\Plugin.exe =>PUP.Optional.CrossRider
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\2\Plugin.exe =>PUP.Optional.CrossRider
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\3\Plugin.exe =>PUP.Optional.CrossRider
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\8\Plugin.exe =>PUP.Optional.CrossRider
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\12\Plugin.exe =>PUP.Optional.CrossRider
C:\Documents and Settings\All Users\Application Data\9466af57-1f38-4973-ab1c-22f7e17e2d6a\plugins\7\Plugin.exe =>PUP.Optional.CrossRider
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lucky Bright =>PUP.Optional.LuckyBright
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstall =>PUP.Optional.SweetPage
HKLM\SOFTWARE\ErrorLists-crcodedownloader =>PUP.Optional.CrossRider
HKLM\SOFTWARE\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\sweet-pageSoftware =>PUP.Optional.SweetPage
HKCU\SOFTWARE\20f02ad995ab2d9437e89ecbecd3df7d =>PUP.Optional.CrossRider
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
C:\Program Files\Lucky Bright =>PUP.Optional.LuckyBright
C:\Documents and Settings\mhd\Application Data\Ask.com =>Toolbar.Ask
C:\Documents and Settings\mhd\Application Data\RPEng =>PUP.Optional.Generic
C:\Documents and Settings\mhd\Application Data\sweet-page =>PUP.Optional.SweetPage
C:\Documents and Settings\mhd\Local Settings\Application Data\PackageAware =>PUP.Optional.BearShare
C:\WINDOWS\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}t.sys =>PUP.Optional.LinkiDoo

---\\ Récapitulatif des éléments trouvés sur votre station (11) - 0s
http://www.nicolascoolman.fr/?p=4907 =>PUP.Optional.LuckyBright
http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=1874 =>PUP.Optional.TelevisionFanatic
http://www.nicolascoolman.fr/?p=596 =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SweetSearch
http://www.nicolascoolman.fr/?p=2156 =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore
http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=343 =>PUP.Optional.BearShare
http://www.nicolascoolman.fr/?p=62 =>PUP.Optional.LinkiDoo

~ End of the scan, 15924 items in 155 seconds (717)(0)