~ Rapport de ZHPDiag v2015.6.4.54 - Nicolas Coolman  (31/05/2015)
~ Lancé par Tu y yo (11/06/2015 17:56:32)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17842 (Defaut)
GCIE: Google Chrome v43.0.2357.81

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.1.4.1018
Spybot - Search & Destroy v2.4.40
Windows Defender W8 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v5.03

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Reader XI
Java 7 Update 79

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 166 GB (57%) free of 290 GB

---\\ Mode de connexion au système
~ Computer Name: TUYYO
~ User Name: Tu y yo
~ All Users Names: Tu y yo, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Tu y yo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Tu y yo\AppData\Roaming\
~ %Desktop% : C:\Users\Tu y yo\Desktop\
~ %Favorites% : C:\Users\Tu y yo\Favorites\
~ %LocalAppData% : C:\Users\Tu y yo\AppData\Local\
~ %StartMenu% : C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 166 Go of 290 Go)
D: Hard drive, Flash drive, Thumb drive (Free 100 Go of 208 Go)
G: CD-ROM drive (Not Inserted)
H: CD-ROM drive (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 46 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.91E24273FCA076EA9E65DAFA98901225] - (.Microsoft Corporation - Explorateur Windows.) (.28/01/2015 - 00:41:17.) -- C:\Windows\Explorer.exe [2207488]
[MD5.DC02677945BDABD6B0C6A29914AA21EF] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29/10/2014 - 02:02:57.) -- C:\Windows\System32\Wininit.exe [115712]
[MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/05/2015 - 03:20:35.) -- C:\Windows\System32\wininet.dll [1950720]
[MD5.E36FB29A2158B7D5DCA0F4E08DE75442] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.29/10/2014 - 02:01:18.) -- C:\Windows\System32\Winlogon.exe [465408]
[MD5.BFB9E1202225113991F981D29BFB9029] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:08:12.) -- C:\Windows\System32\sppcomapi.dll [438272]
[MD5.D75FB05E8DBF21FA0EF313C7503243F1] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 04:05:35.) -- C:\Windows\system32\Drivers\AFD.sys [461312]
[MD5.72FCAE2CE6DFEAB2AB072435017F3417] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 06:33:25.) -- C:\Windows\system32\Drivers\atapi.sys [23392]
[MD5.CE232BB0965C0C0B786C3F976CCBFB7D] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 05:11:55.) -- C:\Windows\system32\Drivers\Cdfs.sys [73728]
[MD5.E2FC132D48EA4E8B04432C33EFB77801] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 02:59:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [124928]
[MD5.55758EBBC45E1628161121D7CFEAD4A1] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 09:23:11.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.7E0EDA9EE53E344D1604EB2A7E8DED47] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 11:45:58.) -- C:\Windows\system32\Drivers\HDAudBus.sys [69632]
[MD5.5043E69532392A43549E5D41E22638AA] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 05:10:59.) -- C:\Windows\system32\Drivers\i8042prt.sys [82944]
[MD5.FA6C94C754A566EA8A61D658932F32DE] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 12:03:35.) -- C:\Windows\system32\Drivers\IpNat.sys [126976]
[MD5.6FFD467F3BF3E3044E9B212CCD488DE1] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.08/10/2014 - 07:45:55.) -- C:\Windows\system32\Drivers\MRxSmb.sys [330752]
[MD5.BC242922B0D08F61CF7C87FD08FAFA8B] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 05:08:26.) -- C:\Windows\system32\Drivers\netBT.sys [218624]
[MD5.C52E578E3F8182C2EE6AAF0AC2B61C9B] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.15/10/2014 - 09:37:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1689408]
[MD5.4F30970F15ADCC382544B31D5D7E368E] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 05:11:49.) -- C:\Windows\system32\Drivers\Parport.sys [81408]
[MD5.C51AB62AB41A2E8560D12472B204CC00] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 05:07:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [81920]
[MD5.67E91843B0344411820A012063E876B2] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.30/09/2013 - 04:49:31.) -- C:\Windows\system32\Drivers\rdpdr.sys [143872]
[MD5.DB0C184142CF9FA1746F598A16EE92B2] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 07:13:54.) -- C:\Windows\system32\Drivers\tdx.sys [87040]
[MD5.31A2AA48C1ECD390E2707E5C21B75DCE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 01:56:11.) -- C:\Windows\system32\Drivers\volsnap.sys [264512]
~ Generic Processes:  Scanned in 00mn 11s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/224
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/28
~ Mon Bureau (My Desktop) : 1/5392
~ Menu demarrer (Programs) : 1/30
~ Hidden Files:  Scanned in 00mn 58s



---\\ Processus lancés
[MD5.5B7288EA34AB9B1BD91633737933E100] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) -- C:\WINDOWS\system32\taskhostex.exe   [67656] [PID.2440]
[MD5.129D0F259718F72632B14501CDE0E757] - (.Pas de propriétaire - ScanToPc MFC Application.) -- C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe   [1990144] [PID.3628]
[MD5.E96C2C53E1C1C1688D8841EE94320B8C] - (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe   [2694320] [PID.3680]
[MD5.7EE68A122ED08E4AAD8DA551E34D2515] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe   [4101576] [PID.3700]
[MD5.F4E3D5003DE8FB0D6C4EC11B4DFC5F77] - (.Microsoft Corporation - GWX.) -- C:\WINDOWS\system32\GWX\GWX.exe   [406528] [PID.3832]
[MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe   [813896] [PID.3868]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8214016] [PID.3904]
[MD5.2B24F194FC5B657397ECB2923A68350E] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe   [5503768] [PID.4000]
[MD5.B94A9C5A30D3358CA4C1EC29BEBAEE1B] - (...) -- C:\Program Files\media center Bbox\media center\external\MediaServerTray.exe   [846848] [PID.4024]
[MD5.1F540E698C9E7B1558D64F863C9B04D8] - (.Adobe Systems Incorporated - Adobe IPC Broker.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe   [769696] [PID.3104]
[MD5.94EFDAF24C98B680977E93BDE94BB980] - (...) -- C:\ProgramData\{07dca450-270a-fbae-07dc-ca4502709140}\dsixda_cygwin_install.zip.exe   [2061824] [PID.3428]
[MD5.015E68285E40855100E0EDD18AC4AFEE] - (.Pas de propriétaire - Core Sync.) -- C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe   [5739680] [PID.2628]
~ Processes Running:  Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Tu y yo\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Tu y yo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__]
G2 - EXT: C:\Users\Tu y yo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [__MSG_name__]
G2 - EXT: C:\Users\Tu y yo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__]
G2 - EXT: C:\Users\Tu y yo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [__MSG_CHROME_EXT_SHORT_NAME__]
G2 - EXT: C:\Users\Tu y yo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\Tu y yo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__]
~ Google Lines Browser: 12 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.40.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.40.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.40.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Share.) -- C:\Program Files\Microsoft Office\Office15\NPSPWRAP.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.11.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) -- C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
~ Firefox Browser: 9 Scanned in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) (No version) -- (.not file.)
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File:  Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [CLX3180_Scan2Pc] . (.Pas de propriétaire - ScanToPc MFC Application.) -- C:\WINDOWS\Twain_32\Samsung\CLX3180\Scan2pc.exe 
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe 
O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe   =>.Piriform Ltd
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C6EA3EB4A8F5717EDC48D988BD513DB8] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe 
O4 - HKUS\S-1-5-21-2803995656-3907551314-2027165841-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe   =>.Piriform Ltd
O4 - HKUS\S-1-5-21-2803995656-3907551314-2027165841-1001\..\Run: [GoogleChromeAutoLaunch_C6EA3EB4A8F5717EDC48D988BD513DB8] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe 
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{284484C9-97EC-471B-86F6-45449CD6BA00}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A0AFBED-70E7-4A92-9933-12C575F3A75C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{284484C9-97EC-471B-86F6-45449CD6BA00}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{284484C9-97EC-471B-86F6-45449CD6BA00}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{9A0AFBED-70E7-4A92-9933-12C575F3A75C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{284484C9-97EC-471B-86F6-45449CD6BA00}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (...) - C:\Program Files\Google\Update\GoogleUpdate.exe (.not file.)
O23 - Service: media center Bouygues Telecom (media center Bouygues Telecom) . (.Bouygues Telecom - DMS.) - C:\ProgramData\media center Bouygues Telecom\MediaServer.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 347.5.) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: Qualcomm MTU Service (qcmtusvc) . (.QUALCOMM, Inc. - qcmtusvc.) - C:\Program Files\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
~ Services: 8 Scanned in 00mn 10s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [1022152]
[MD5.00000000000000000000000000000000] [APT] [BLZYASW] (...) -- C:\ProgramData\3e2a3a4b2e7d4a2ca793dd4127047b9e\3e2a3a4b2e7d4a2ca793dd4127047b9e.exe (.not file.)   [0]
[MD5.2B24F194FC5B657397ECB2923A68350E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [5503768]
[MD5.2CF091F449CC7507BEF1ECC2662B1D01] [APT] [ContradeMirror] (...) -- c:\programdata\{b2bd79b5-b603-6faa-b2bd-d79b5b60e6d6}\4308891925316739666b.exe   [2584064]
[MD5.00000000000000000000000000000000] [APT] [{1D8755D3-9CCC-4DB6-8809-644053D37AAA}] (...) -- C:\Users\Tu y yo\Downloads\360RootSetup (1).exe (.not file.)   [0]
[MD5.9CCE733E5262FB92C2331E8578512B49] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe   [4747720]
[MD5.48FAE038F51676A795CEFAD780448D94] [APT] [Refresh immunization] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe   [4460472]
[MD5.280C014187E24860A7C860329513208F] [APT] [Scan the system] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe   [4818848]
O39 - APT: ContradeMirror - (...) -- C:\Windows\Tasks\ContradeMirror.job   [370]
O39 - APT: ContradeMirror - (...) -- C:\Windows\System32\Tasks\ContradeMirror   [370]
~ Scheduled Task: 9 Scanned in 00mn 09s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\WINDOWS\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\43.0.2357.81\Installer\chrmstp.exe
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (aknrhdev) . (. - .) - C:\WINDOWS\system32\drivers\aknrhdev.sys (.not file.)
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (MpKsl6c760d0d) . (. - .) - C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7279F8FB-C607-4C85-8A32-422377CEA4B1}\MpKsl6c760d0d.sys (.not file.)
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: (pcmnfaeq) . (. - .) - C:\WINDOWS\system32\drivers\pcmnfaeq.sys (.not file.)
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 42 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 1 Media Player version 1.7.8 - (.OneFloorApp Ltd..) [HKLM] -- {6C566E3B-CBFB-4A3C-A8B6-88EA54DE7CA9}_is1
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Creative Cloud
O42 - Logiciel: Adobe InDesign CC 2014 (32-bit) - (.Adobe Systems Incorporated.) [HKLM] -- {37BEE0A4-72B9-1014-A77C-C46F3F2C3207}
O42 - Logiciel: Adobe Photoshop CC 2014 (32 Bit) - (.Adobe Systems Incorporated.) [HKLM] -- {7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}
O42 - Logiciel: Adobe Reader XI (11.0.11) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Android SDK Tools - (.Google Inc..) [HKLM] -- Android SDK Tools
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: DriverIdentifier 4.2.8 - (.DriverIdentifier.) [HKLM] -- {40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Java 7 Update 79 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F03217079FF}
O42 - Logiciel: Java 8 Update 40 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218040F0}
O42 - Logiciel: Java SE Development Kit 7 Update 75 - (.Oracle.) [HKLM] -- {32A3A4F4-B792-11D6-A78A-00B0D0170750}
O42 - Logiciel: Java SE Development Kit 7 Update 79 - (.Oracle.) [HKLM] -- {32A3A4F4-B792-11D6-A78A-00B0D0170790}
O42 - Logiciel: Java SE Development Kit 8 Update 40 - (.Oracle Corporation.) [HKLM] -- {32A3A4F4-B792-11D6-A78A-00B0D0180400}
O42 - Logiciel: Maintenance de Samsung CLX-3180 Series - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung CLX-3180 Series
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.4.1018 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0090-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00BA-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00A1-040C-0000-0000000FF1CE}  =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Mozilla Thunderbird 31.7.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird 31.7.0 (x86 fr)  =>.Mozilla Corporation
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM] -- Notepad++
O42 - Logiciel: Qualcomm USB Drivers For Windows - (.QUALCOMM Incorporated.) [HKLM] -- {D9FB7F91-9687-4B09-894D-072903CADEA4}
O42 - Logiciel: RIDGE 4G_V28 version 1.0 - (...) [HKLM] -- {F377D371-C4FB-4255-80E2-ABDDDED07CE5}_is1
O42 - Logiciel: Samsung Scan Assistant - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung Scan Assistant
O42 - Logiciel: SmarThru 4 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {90F1943D-EA4A-4460-B59F-30023F3BA69A}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{AE1BB975-11D1-49A0-82E8-1D26DD62AFE7}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{04ADDEC1-208F-4295-AA61-16789EA56814}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{04ADDEC1-208F-4295-AA61-16789EA56814}
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: iRoot - (.Shenzhen Xinyi Network Co.,Ltd..) [HKLM] -- {1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1
O42 - Logiciel: media center Bbox - (.Bouygues Télécom.) [HKLM] -- {FFBE505B-2644-432A-836A-6170AD3A9B61}
~ Logic: 29 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}]  =>Adware.Graftor
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Clubic]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\Cygwin]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\MTK]
[HKCU\Software\Macromedia]
[HKCU\Software\Mozilla Backup]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Opera Software]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\RootGenius]
[HKCU\Software\SSPrint]
[HKCU\Software\SSScan]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WebApp]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\XinYi Network]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\"echo_installer"/n]
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867]  =>PUP.CrossRider
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\AppDataLow]
[HKLM\Software\Bouygues Télécom]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\Cygwin]
[HKLM\Software\Google]
[HKLM\Software\Insoft]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SSPrint]
[HKLM\Software\SSScan]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Samsung]
[HKLM\Software\Systray]
[HKLM\Software\Volatile]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\XinYi Network]
~ Key Software: 148 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/03/2015 - 00:13:13 - [] ----D C:\Program Files\1 Media Player
O43 - CFD: 02/03/2015 - 00:29:33 - [] ----D C:\Program Files\Adobe
O43 - CFD: 04/04/2015 - 22:20:17 - [] ----D C:\Program Files\Android
O43 - CFD: 10/03/2015 - 21:29:31 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 06/04/2015 - 21:26:23 - [] ----D C:\Program Files\Common Files
O43 - CFD: 19/04/2015 - 23:25:59 - [] ----D C:\Program Files\Driver Identifier
O43 - CFD: 18/04/2015 - 11:49:08 - [] ----D C:\Program Files\Enigma Software Group  =>PUP.EnigmaSoftware
O43 - CFD: 28/02/2015 - 16:46:40 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 28/02/2015 - 20:14:48 - [] ----D C:\Program Files\Google
O43 - CFD: 01/03/2015 - 21:30:08 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/06/2015 - 13:18:33 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 24/05/2015 - 10:28:49 - [] ----D C:\Program Files\iRoot
O43 - CFD: 13/05/2015 - 14:58:55 - [] ----D C:\Program Files\Java
O43 - CFD: 08/05/2015 - 23:52:39 - [] ----D C:\Program Files\Kingo ROOT
O43 - CFD: 08/06/2015 - 13:17:06 - [0] ----D C:\Program Files\LighterModulator
O43 - CFD: 01/04/2015 - 20:46:44 - [] ----D C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 28/03/2015 - 22:25:57 - [] ----D C:\Program Files\media center Bbox
O43 - CFD: 28/02/2015 - 20:37:56 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 28/02/2015 - 20:43:08 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 28/02/2015 - 20:44:53 - [] ----D C:\Program Files\Microsoft SQL Server
O43 - CFD: 05/03/2015 - 13:36:12 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 07/06/2015 - 21:38:08 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 24/05/2015 - 13:50:10 - [] ----D C:\Program Files\Mozilla Thunderbird  =>.Mozilla Corporation
O43 - CFD: 19/04/2015 - 22:01:49 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 13/05/2015 - 14:55:06 - [] ----D C:\Program Files\Notepad++
O43 - CFD: 28/02/2015 - 20:36:15 - [] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 08/05/2015 - 22:01:47 - [] ----D C:\Program Files\QUALCOMM Incorporated
O43 - CFD: 19/04/2015 - 22:01:49 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 10/05/2015 - 22:54:10 - [] ----D C:\Program Files\RIDGE 4G_V28
O43 - CFD: 01/03/2015 - 21:23:18 - [] ----D C:\Program Files\Samsung
O43 - CFD: 01/03/2015 - 21:26:18 - [] ----D C:\Program Files\SamsungPrinterLiveUpdate
O43 - CFD: 02/03/2015 - 11:05:17 - [] ----D C:\Program Files\Scan Assistant
O43 - CFD: 01/03/2015 - 21:30:43 - [] ----D C:\Program Files\SmarThru 4
O43 - CFD: 18/04/2015 - 16:29:50 - [] ----D C:\Program Files\Spybot - Search & Destroy 2
O43 - CFD: 13/05/2015 - 15:16:36 - [] ----D C:\Program Files\Top Password
O43 - CFD: 08/06/2015 - 13:15:50 - [] ----D C:\Program Files\TrashMailcom for  Chrome
O43 - CFD: 22/08/2013 - 09:24:44 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 12/03/2015 - 23:19:53 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 14/05/2015 - 19:59:06 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 25/04/2015 - 14:22:11 - [] ----D C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 25/04/2015 - 14:22:11 - [] ----D C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 25/04/2015 - 14:22:11 - [] ----D C:\Program Files\Windows Multimedia Platform
O43 - CFD: 28/02/2015 - 16:46:40 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 25/04/2015 - 14:22:10 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 25/04/2015 - 14:22:11 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 22/08/2013 - 10:17:26 - [] -SH-D C:\Program Files\Windows Sidebar
O43 - CFD: 08/06/2015 - 09:31:14 - [] --H-D C:\Program Files\WindowsApps
O43 - CFD: 25/04/2015 - 14:21:16 - [] ----D C:\Program Files\WindowsPowerShell
O43 - CFD: 08/06/2015 - 12:29:46 - [] ----D C:\Program Files\WinRAR
O43 - CFD: 11/06/2015 - 14:26:40 - [] ----D C:\Program Files\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 02/03/2015 - 00:31:17 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 28/02/2015 - 20:45:20 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 01/03/2015 - 21:30:06 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 19/03/2015 - 00:48:43 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 06/03/2015 - 23:36:16 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 22/08/2013 - 10:17:35 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 25/04/2015 - 14:22:07 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 07/06/2015 - 18:29:09 - [] ----D C:\ProgramData\5779942003423183494
O43 - CFD: 01/03/2015 - 22:08:20 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 22/08/2013 - 09:23:42 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 28/02/2015 - 16:46:39 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 22/08/2013 - 09:23:42 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 09:23:42 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 28/02/2015 - 23:59:52 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 28/03/2015 - 22:26:44 - [] ----D C:\ProgramData\media center Bouygues Telecom
O43 - CFD: 28/02/2015 - 16:46:39 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 01/05/2015 - 23:37:35 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/06/2015 - 11:39:52 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 28/02/2015 - 16:46:40 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 28/02/2015 - 20:12:53 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 11/06/2015 - 17:55:10 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 28/02/2015 - 20:37:00 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 19/03/2015 - 00:45:46 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 01/03/2015 - 21:44:32 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 29/03/2015 - 20:38:42 - [0] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 25/04/2015 - 14:21:23 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 06/03/2015 - 23:02:50 - [] ---AD C:\ProgramData\Reprise
O43 - CFD: 23/03/2015 - 23:39:33 - [] ----D C:\ProgramData\Shuame
O43 - CFD: 06/03/2015 - 22:58:23 - [] ----D C:\ProgramData\SketchUp
O43 - CFD: 18/04/2015 - 18:27:31 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/05/2015 - 22:15:58 - [] ----D C:\ProgramData\SP_FT_Logs
O43 - CFD: 22/08/2013 - 09:23:42 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 22/08/2013 - 09:23:42 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 13/05/2015 - 20:12:56 - [] ----D C:\ProgramData\{07dca450-270a-fbae-07dc-ca4502709140}
O43 - CFD: 28/03/2015 - 21:59:33 - [] ----D C:\ProgramData\{4e3f110e-c102-9f6e-4e3f-f110ec10443b}
O43 - CFD: 10/03/2015 - 21:57:40 - [] ----D C:\ProgramData\{a8977123-2d6c-d6e7-a897-771232d6c48c}
O43 - CFD: 08/06/2015 - 12:26:00 - [] ----D C:\ProgramData\{b2bd79b5-b603-6faa-b2bd-d79b5b60e6d6}
O43 - CFD: 29/03/2015 - 00:13:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1 Media Player
O43 - CFD: 25/04/2015 - 14:22:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 25/04/2015 - 14:22:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/06/2015 - 13:23:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 04/04/2015 - 19:35:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
O43 - CFD: 19/03/2015 - 01:13:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
O43 - CFD: 28/02/2015 - 23:48:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 19/04/2015 - 23:25:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Identifier
O43 - CFD: 28/02/2015 - 20:15:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 24/05/2015 - 10:28:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRoot
O43 - CFD: 04/04/2015 - 18:48:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 04/04/2015 - 18:48:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 22/08/2013 - 10:17:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 01/04/2015 - 20:46:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 28/03/2015 - 22:26:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\media center Bbox
O43 - CFD: 11/06/2015 - 11:26:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 13/05/2015 - 14:54:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 01/03/2015 - 11:53:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 08/05/2015 - 21:56:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIDGE 4G_V28
O43 - CFD: 01/03/2015 - 21:30:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
O43 - CFD: 18/04/2015 - 16:25:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
O43 - CFD: 28/03/2015 - 22:26:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 25/04/2015 - 14:22:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/09/2013 - 05:49:36 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 28/02/2015 - 20:23:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 11/06/2015 - 14:26:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP  =>.Nicolas Coolman
O43 - CFD: 02/05/2015 - 00:18:21 - [] ----D C:\Users\Tu y yo\AppData\Roaming\AdbDriverInstaller
O43 - CFD: 29/03/2015 - 20:41:18 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Adobe
O43 - CFD: 28/03/2015 - 22:26:44 - [] ----D C:\Users\Tu y yo\AppData\Roaming\com.bouyguestelecom.mediacenter
O43 - CFD: 19/04/2015 - 23:26:14 - [] ----D C:\Users\Tu y yo\AppData\Roaming\driveridentifier
O43 - CFD: 25/04/2015 - 20:59:01 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Identities
O43 - CFD: 01/03/2015 - 21:26:32 - [] ----D C:\Users\Tu y yo\AppData\Roaming\InstallShield
O43 - CFD: 20/03/2015 - 23:39:17 - [] ----D C:\Users\Tu y yo\AppData\Roaming\JetBrains
O43 - CFD: 11/03/2015 - 21:21:05 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Kingosoft
O43 - CFD: 28/02/2015 - 20:10:30 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Macromedia
O43 - CFD: 24/05/2015 - 10:28:49 - [] ----D C:\Users\Tu y yo\AppData\Roaming\mgyun
O43 - CFD: 10/03/2015 - 20:47:09 - [] -S--D C:\Users\Tu y yo\AppData\Roaming\Microsoft
O43 - CFD: 28/02/2015 - 20:13:08 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Mozilla
O43 - CFD: 13/05/2015 - 14:54:42 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Notepad++
O43 - CFD: 29/03/2015 - 20:40:55 - [] ----D C:\Users\Tu y yo\AppData\Roaming\NVIDIA
O43 - CFD: 28/02/2015 - 21:19:05 - [0] ----D C:\Users\Tu y yo\AppData\Roaming\Opera Software
O43 - CFD: 29/03/2015 - 20:39:23 - [] ----D C:\Users\Tu y yo\AppData\Roaming\PDAppFlex
O43 - CFD: 23/03/2015 - 23:17:24 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Shuame
O43 - CFD: 28/02/2015 - 20:13:07 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Thunderbird  =>.Mozilla Corporation
O43 - CFD: 28/02/2015 - 20:23:09 - [] ----D C:\Users\Tu y yo\AppData\Roaming\WinRAR
O43 - CFD: 11/06/2015 - 17:58:30 - [] ----D C:\Users\Tu y yo\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 10/06/2015 - 22:03:44 - [] ----D C:\Users\Tu y yo\AppData\Local\Adobe
O43 - CFD: 19/03/2015 - 00:57:18 - [] ----D C:\Users\Tu y yo\AppData\Local\Android
O43 - CFD: 28/02/2015 - 16:45:20 - [] -SH-D C:\Users\Tu y yo\AppData\Local\Application Data
O43 - CFD: 17/05/2015 - 13:18:15 - [] ----D C:\Users\Tu y yo\AppData\Local\Diagnostics
O43 - CFD: 10/03/2015 - 21:39:35 - [] -SH-D C:\Users\Tu y yo\AppData\Local\EmieBrowserModeList
O43 - CFD: 10/03/2015 - 21:39:35 - [] -SH-D C:\Users\Tu y yo\AppData\Local\EmieSiteList
O43 - CFD: 10/03/2015 - 21:39:35 - [] -SH-D C:\Users\Tu y yo\AppData\Local\EmieUserList
O43 - CFD: 28/02/2015 - 20:15:18 - [] ----D C:\Users\Tu y yo\AppData\Local\Google
O43 - CFD: 07/06/2015 - 21:41:22 - [] ----D C:\Users\Tu y yo\AppData\Local\GWX
O43 - CFD: 28/02/2015 - 16:45:20 - [] -SH-D C:\Users\Tu y yo\AppData\Local\Historique
O43 - CFD: 11/03/2015 - 21:21:02 - [] ----D C:\Users\Tu y yo\AppData\Local\Kingosoft
O43 - CFD: 01/05/2015 - 23:37:35 - [] ----D C:\Users\Tu y yo\AppData\Local\Microsoft
O43 - CFD: 28/02/2015 - 20:37:13 - [0] ----D C:\Users\Tu y yo\AppData\Local\Microsoft Help
O43 - CFD: 28/02/2015 - 21:01:47 - [] ----D C:\Users\Tu y yo\AppData\Local\Microsoft Toolkit
O43 - CFD: 28/02/2015 - 21:19:05 - [0] ----D C:\Users\Tu y yo\AppData\Local\Opera Software
O43 - CFD: 18/05/2015 - 18:01:12 - [] ----D C:\Users\Tu y yo\AppData\Local\Packages
O43 - CFD: 28/02/2015 - 21:12:56 - [] ----D C:\Users\Tu y yo\AppData\Local\Programs
O43 - CFD: 01/03/2015 - 21:28:47 - [] ----D C:\Users\Tu y yo\AppData\Local\S2PC
O43 - CFD: 11/06/2015 - 17:58:05 - [] ----D C:\Users\Tu y yo\AppData\Local\Temp
O43 - CFD: 28/02/2015 - 16:45:20 - [] -SH-D C:\Users\Tu y yo\AppData\Local\Temporary Internet Files
O43 - CFD: 28/02/2015 - 20:13:09 - [] ----D C:\Users\Tu y yo\AppData\Local\Thunderbird  =>.Mozilla Corporation
O43 - CFD: 28/02/2015 - 16:47:56 - [0] ----D C:\Users\Tu y yo\AppData\Local\VirtualStore
O43 - CFD: 22/08/2013 - 10:17:27 - [] R---D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - 10:17:27 - [] R---D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 12/03/2015 - 23:23:33 - [] R---D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 19/03/2015 - 00:54:37 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
O43 - CFD: 22/08/2013 - 10:17:27 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 13/05/2015 - 14:54:28 - [0] ----D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 13/05/2015 - 14:47:21 - [] R---D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 22/08/2013 - 10:17:27 - [] R---D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 28/02/2015 - 20:23:01 - [] ----D C:\Users\Tu y yo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 164 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9B3EE3F42109B4115FFE053C225FC1C6] - 03/06/2015 - 17:18:09 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe   [792568]
O44 - LFC:[MD5.38D724C261738F1C3FD90D21B130E06A] - 03/06/2015 - 17:18:09 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl   [178168]
O44 - LFC:[MD5.1AB702B6ED34EBC83EF8967806D348C5] - 07/06/2015 - 17:25:56 ---A- . (...) -- C:\Windows\System32\ntwdblib.dll   [4096]
O44 - LFC:[MD5.04B309A1A653177994630C2773E659F1] - 08/06/2015 - 11:25:43 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys   [119512]
O44 - LFC:[MD5.2D435FC4993D110A19BFB5CA556378AF] - 10/06/2015 - 21:00:03 ---A- . (...) -- C:\Windows\PFRO.log   [11968]
O44 - LFC:[MD5.02BE9F037101364A565D224194337B0C] - 10/06/2015 - 21:21:50 ---A- . (.Microsoft Corporation - Remote Access TAPI Compliance Layer.) -- C:\Windows\System32\rastapi.dll   [207872]
O44 - LFC:[MD5.14B5D6506A366585F8D6B6097530F7F2] - 10/06/2015 - 21:21:52 ---A- . (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) -- C:\Windows\System32\SearchProtocolHost.exe   [272896]
O44 - LFC:[MD5.50B6B1D4EFCB81298DE7F9415879C51B] - 10/06/2015 - 21:21:52 ---A- . (.Microsoft Corporation - Plateforme de recherche Microsoft Vista.) -- C:\Windows\System32\mssvp.dll   [699392]
O44 - LFC:[MD5.8D4CEAEE747097A70342B80EA32E018D] - 10/06/2015 - 21:21:53 ---A- . (.Microsoft Corporation - Indexeur Microsoft Windows Search.) -- C:\Windows\System32\SearchIndexer.exe   [710144]
O44 - LFC:[MD5.B95D112E19CFEC74692F7791ABBB03BE] - 10/06/2015 - 21:21:53 ---A- . (.Microsoft Corporation - Microsoft Search Protocol Handler.) -- C:\Windows\System32\mssph.dll   [391680]
O44 - LFC:[MD5.E9A91A0A589AED5328E30D8C7E59E5AE] - 10/06/2015 - 21:21:53 ---A- . (.Microsoft Corporation - Microsoft Tripoli Query.) -- C:\Windows\System32\tquery.dll   [2749952]
O44 - LFC:[MD5.5027CAF4BFB31E4CD2918B2C2DFFC4CB] - 10/06/2015 - 21:21:53 ---A- . (.Microsoft Corporation - Recherche intégrée Microsoft.) -- C:\Windows\System32\mssrch.dll   [1920000]
O44 - LFC:[MD5.8AE1E22527BC203BAD89212F6D09F038] - 10/06/2015 - 21:22:08 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll   [880128]
O44 - LFC:[MD5.6B7210618D7E2CE0404ECF748701253A] - 10/06/2015 - 21:22:09 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll   [76288]
O44 - LFC:[MD5.7467B0605897898F8F32B4B9B9041F51] - 10/06/2015 - 21:22:09 ---A- . (.Microsoft Corporation - Objets homologues Internet Explorer.) -- C:\Windows\System32\iepeers.dll   [128000]
O44 - LFC:[MD5.3B850134010B7CCC546C29D51405C9DA] - 10/06/2015 - 21:22:10 ---A- . (.Microsoft Corporation - ActiveX Interface Marshaling Library.) -- C:\Windows\System32\actxprxy.dll   [1042944]
O44 - LFC:[MD5.AE8F02C9B1DC7364A94ABEB6E396611C] - 10/06/2015 - 21:22:10 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll   [327168]
O44 - LFC:[MD5.B6D8148C1C697A7BF04EE0FE82408B6A] - 10/06/2015 - 21:22:11 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll   [710144]
O44 - LFC:[MD5.4ABEEF30EA5B9F4718312DCB60B6C9BC] - 10/06/2015 - 21:22:11 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl   [2052608]
O44 - LFC:[MD5.EF853EA2A6A7BD891CCF31B0C2915352] - 10/06/2015 - 21:22:12 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec   [341504]
O44 - LFC:[MD5.C27C8CACEBC712BE2AD791715E9734EC] - 10/06/2015 - 21:22:12 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll   [664064]
O44 - LFC:[MD5.2DED8A99E45053C42DD21D6937D3960C] - 10/06/2015 - 21:22:12 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll   [689152]
O44 - LFC:[MD5.96837E5864777688477AF6DE2332C06D] - 10/06/2015 - 21:22:12 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll   [503808]
O44 - LFC:[MD5.53E9614ADFA6A40A452BA014CEF6F261] - 10/06/2015 - 21:22:13 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll   [1309696]
O44 - LFC:[MD5.7DBCBB1647B7CD71E2039C1B50A12717] - 10/06/2015 - 21:22:13 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll   [620032]
O44 - LFC:[MD5.927E38A35E4DFC4E294BD130BAA6F759] - 10/06/2015 - 21:22:13 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll   [2278912]
O44 - LFC:[MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - 10/06/2015 - 21:22:14 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll   [1950720]
O44 - LFC:[MD5.3FD7E6DB5D81FE400DB4D81D278596E6] - 10/06/2015 - 21:22:14 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll   [4305920]
O44 - LFC:[MD5.DB254D50B4527C2821C537E0587B44E8] - 10/06/2015 - 21:22:16 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll   [12829696]
O44 - LFC:[MD5.975421AC32F9F6E27A58F75DAB4B5871] - 10/06/2015 - 21:22:22 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll   [19607040]
O44 - LFC:[MD5.00ED6F8562702A00D8AEC9F70CA7DDFE] - 10/06/2015 - 21:22:32 ---A- . (.Microsoft Corporation - Programme principal d’automation de l’inter.) -- C:\Windows\System32\UIAutomationCore.dll   [1018880]
O44 - LFC:[MD5.CE87FDE56F9D687477A94FD7F5C00ED2] - 10/06/2015 - 21:22:33 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\diagtrack.dll   [977920]
O44 - LFC:[MD5.59A896242FCD7525F0EBBAC13FDBCC0E] - 10/06/2015 - 21:22:33 ---A- . (.Microsoft Corporation - Pilote XHCI USB.) -- C:\Windows\System32\Drivers\USBXHCI.SYS   [259928]
O44 - LFC:[MD5.7C854B320B9F0B32E37D34567915AFD9] - 10/06/2015 - 21:22:34 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\UtcResources.dll   [36864]
O44 - LFC:[MD5.1460586374FDD7E4C76C8B900FC6C8B9] - 10/06/2015 - 21:22:35 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys   [3532288]
O44 - LFC:[MD5.B0EDCA1168C874812A180EBCD1A43EB5] - 10/06/2015 - 21:22:37 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\System32\comctl32.dll   [549888]
O44 - LFC:[MD5.296AF82E8096E3300AF6A6DBE2AD09FA] - 10/06/2015 - 21:22:39 ---A- . (.Microsoft Corporation - Compatibility Upgrade Migration Host.) -- C:\Windows\System32\acmigration.dll   [37888]
O44 - LFC:[MD5.BF072ED3EDFCDCB5CAB660559BFAE197] - 10/06/2015 - 21:22:39 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\aepdu.dll   [202752]
O44 - LFC:[MD5.047146E831EA517A1B65AD6646FF4909] - 10/06/2015 - 21:22:40 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll   [163840]
O44 - LFC:[MD5.7F13396282C0DD2A0853CC22608DCA8E] - 10/06/2015 - 21:22:40 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll   [901120]
O44 - LFC:[MD5.5BEBC31685102622DE8CB825FC4D9659] - 10/06/2015 - 21:22:40 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll   [333312]
O44 - LFC:[MD5.4ED4A895A402EB1319B3E7782F364BE2] - 10/06/2015 - 21:22:40 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll   [571392]
O44 - LFC:[MD5.E50031F96B6BE2AA4C472AA206E7AD41] - 10/06/2015 - 21:22:40 ---A- . (.Microsoft Corporation - Inventory Agent.) -- C:\Windows\System32\invagent.dll   [621056]
O44 - LFC:[MD5.B4374FA71E64012DFAE22AB3086421EF] - 10/06/2015 - 21:22:41 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll   [878592]
O44 - LFC:[MD5.574F2184043FAF24B588BA12B3CC99CC] - 10/06/2015 - 21:22:42 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml   [410336]
O44 - LFC:[MD5.4555A323D971C23046A8F4F0D9F3FAEF] - 10/06/2015 - 21:22:43 ---A- . (.Microsoft Corporation - DLL de spouleur local.) -- C:\Windows\System32\localspl.dll   [873984]
O44 - LFC:[MD5.7F78583D91D0FCA9678778F45328C99F] - 10/06/2015 - 21:22:43 ---A- . (.Microsoft Corporation - DLL d’objets PrintUI.) -- C:\Windows\System32\puiobj.dll   [367104]
O44 - LFC:[MD5.BD7E7AC5639FFE7CDDAA5A3F7A05D4A7] - 10/06/2015 - 21:22:45 ---A- . (.Microsoft Corporation - Contrôle d’édition de texte enrichi, v7.5.) -- C:\Windows\System32\msftedit.dll   [2483712]
O44 - LFC:[MD5.628F87288466FBC0826FFE97B33D0B5A] - 11/06/2015 - 10:43:00 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe   [136900096]
O44 - LFC:[MD5.950AD38A865A222DE6585A40EC14553E] - 11/06/2015 - 12:22:10 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [407872]
O44 - LFC:[MD5.E48D94D26D337813BCF549CE8306DE07] - 11/06/2015 - 13:27:20 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1103756]
O44 - LFC:[MD5.A615C1626A88599ED6C17A968ADC06A1] - 11/06/2015 - 16:55:11 ---A- . (...) -- C:\Windows\setupact.log   [22186]
O44 - LFC:[MD5.00A80267096544EC4C2D38F56EB25D6C] - 11/06/2015 - 16:57:09 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
~ Files: 54 Scanned in 00mn 30s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.52C8DC21A851BDD852AB0A67F3B748F2] - 18/04/2015 - 10:48:48 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-211CC8D7.pf  =>Crapware.SpyHunter
O45 - LFCP:[MD5.74403B72EC01B2103BE2A7DCD0140760] - 18/04/2015 - 10:51:02 ---A- - C:\Windows\Prefetch\SPYHUNTER4.EXE-7BD5E907.pf  =>Crapware.SpyHunter
~ Prefetcher: 2 Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Keys Export: 4 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
~ LSA: 3 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\iaioi2c.sys . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaioi2c.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 18 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{b7386cba-bf57-11e4-9716-806e6f6e6963}\AutoRun\command. (...) -- F:\MicroLauncher.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:22/08/2013 - 06:33:26 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [86368]
O58 - SDL:22/08/2013 - 06:33:25 ---A- . (.PMC-Sierra - PMC-Sierra Storport  Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys   [773472]
O58 - SDL:22/08/2013 - 06:33:25 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys   [72544]
O58 - SDL:22/08/2013 - 06:33:26 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys   [215392]
O58 - SDL:22/08/2013 - 06:33:24 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys   [22880]
O58 - SDL:29/04/2010 - 04:58:18 ---A- . (.Google Inc - ADB Interface.) -- C:\Windows\System32\Drivers\androidusb.sys   [26112]
O58 - SDL:22/08/2013 - 06:33:26 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [101728]
O58 - SDL:13/08/2013 - 00:25:32 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2  Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys   [16088]
O58 - SDL:13/07/2009 - 09:13:52 ---A- . (.Samsung Electronics Co., Ltd. - Windows 2k,XP IEEE-1284 parallel class driver for ECP, Byte, an.) -- C:\Windows\System32\Drivers\DgivEcp.sys   [38400]
O58 - SDL:22/08/2013 - 06:33:29 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys   [56672]
O58 - SDL:23/07/2013 - 22:18:30 ---A- . (.Intel Corporation - Intel(R) Atom(TM) Processor GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaiogpio.sys   [22016]
O58 - SDL:23/07/2013 - 22:18:30 ---A- . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaioi2c.sys   [61936]
O58 - SDL:10/08/2013 - 01:39:44 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x86.) -- C:\Windows\System32\Drivers\iaStorAV.sys   [524784]
O58 - SDL:22/08/2013 - 06:33:29 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys   [333664]
O58 - SDL:22/08/2013 - 06:33:29 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [94048]
O58 - SDL:22/08/2013 - 06:33:30 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys   [79712]
O58 - SDL:22/08/2013 - 06:33:30 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys   [68960]
O58 - SDL:22/08/2013 - 06:33:29 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys   [69472]
O58 - SDL:17/03/2015 - 05:15:22 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys   [23256]
O58 - SDL:17/03/2015 - 05:15:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys   [92888]
O58 - SDL:08/06/2015 - 11:25:43 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys   [119512]
O58 - SDL:22/08/2013 - 06:33:30 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys   [51552]
O58 - SDL:22/08/2013 - 06:33:29 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys   [464736]
O58 - SDL:22/08/2013 - 06:33:32 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys   [58208]
O58 - SDL:17/03/2015 - 05:15:38 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys   [51928]
O58 - SDL:20/02/2015 - 01:19:34 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda32v.sys   [161424]
O58 - SDL:20/02/2015 - 01:19:38 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 347.52.) -- C:\Windows\System32\Drivers\nvlddmkm.sys   [8473928]
O58 - SDL:22/08/2013 - 06:33:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [120160]
O58 - SDL:22/08/2013 - 06:33:33 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [141664]
O58 - SDL:16/10/2014 - 08:47:38 ---A- . (.QUALCOMM Incorporated - Filter Driver for the Qualcomm USB Driver Stack.) -- C:\Windows\System32\Drivers\qcusbfilter.sys   [30720]
O58 - SDL:16/10/2014 - 08:45:42 ---A- . (.Qualcomm Inc. - USB/Serial Device Driver.) -- C:\Windows\System32\Drivers\qcusbser.sys   [205824]
O58 - SDL:16/10/2014 - 08:47:02 ---A- . (.Qualcomm Inc. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\qcusbwwan.sys   [425472]
O58 - SDL:18/06/2013 - 13:23:13 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 32-bit Driver.) -- C:\Windows\System32\Drivers\Rt630x86.sys   [490496]
O58 - SDL:31/07/2013 - 19:25:17 ---A- . (.Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver.) -- C:\Windows\System32\Drivers\RTWlanU.sys   [1698520]
O58 - SDL:22/08/2013 - 09:16:47 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [20480]
O58 - SDL:22/08/2013 - 06:32:56 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys   [41312]
O58 - SDL:22/08/2013 - 06:32:57 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [79200]
O58 - SDL:12/07/2009 - 04:16:00 ----- . (.Samsung Electronics - 32bit Port Contention Driver.) -- C:\Windows\System32\Drivers\SSPORT.SYS   [5120]
O58 - SDL:22/08/2013 - 06:32:57 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x86.) -- C:\Windows\System32\Drivers\stexstor.sys   [26976]
O58 - SDL:22/08/2013 - 06:33:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [18272]
O58 - SDL:22/08/2013 - 06:33:01 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\System32\Drivers\vsmraid.sys   [148832]
O58 - SDL:22/08/2013 - 06:33:01 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS   [276832]
~ Drivers: 42 Scanned in 00mn 04s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 07/06/2015 - 18:01:47 ---A- . (...) -- C:\Users\Tu y yo\AppData\Local\Temp\4308891925316739666b.exe   [2584064]
O61 - LFC: 07/06/2015 - 18:01:57 ---A- . (...) -- C:\Users\Tu y yo\AppData\Local\Temp\A140\temp\BoostWareVersionX.xyz.exe   [2507264]
O61 - LFC: 07/06/2015 - 18:01:59 ---A- . (...) -- C:\Users\Tu y yo\AppData\Local\Temp\ntwdblib.dll   [4096]
O61 - LFC: 11/06/2015 - 18:01:36 ---A- . (...) -- C:\Users\Tu y yo\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin   [1113849]
O61 - LFC: 11/06/2015 - 18:02:01 ---A- . (...) -- C:\Users\Tu y yo\AppData\Roaming\appdataFr25.bin   [24]
O61 - LFC: 11/06/2015 - 18:02:38 ---A- . (.Nicolas Coolman.) -- C:\Users\Tu y yo\Desktop\ZHPDiag2.exe   [6880102]  =>.Nicolas Coolman
~ 686 Fichiers temporaires (Temporary files)
~ Files: 6 Scanned in 03mn 33s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} - (Bing) - http://www.bing.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [161792]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [126976]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [126976]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [250368]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1212928]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [733696]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [822784]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [24064]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [89600]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [115712]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [93696]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1015808]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [185856]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [74752]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [108032]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [187904]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [296448]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [64512]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [75264]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [41984]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1245184]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll   [367104]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [297984]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [167424]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [142848]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [95232]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [461824]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [183296]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [58368]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [390144]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [254464]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [3040768]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [734208]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [576512]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll   [155648]
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filter.) -- C:\Windows\System32\KeyboardFilterSvc.dll   [76096]
~ Services: 36 Scanned in 00mn 01s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.F9E23BA67DB546EB7FE0DC0F69143887] [SPRF][11/06/2015] (...) -- C:\Users\Tu y yo\AppData\Roaming\appdataFr25.bin   [24]
[MD5.715E02A45CB7B701CBF1B8F78A8CDF11] [SPRF][16/05/2015] (...) -- C:\Users\Tu y yo\AppData\Roaming\appdataFr3.bin   [20]
[MD5.86DBC7BAFC155A9A0AC53F9A4479BC9B] [SPRF][05/11/2014] (...) -- C:\Users\Tu y yo\Desktop\HIGHWAY SIGNS_V5.exe   [925198848]
[MD5.9ACAD307FCDE045362DA14D36FB50718] [SPRF][24/04/2015] (.Pas de propriétaire - RIDGE 4G_V28 Setup.) -- C:\Users\Tu y yo\Desktop\setup_RIDGE 4G_V28.exe   [590661851]
[MD5.BD8B6763E77D3317FFC5FBC639E784BD] [SPRF][11/06/2015] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\Tu y yo\Desktop\ZHPDiag2.exe   [6880102]
~ Files: 5 Scanned in 01mn 13s



---\\ Export de clés de registre aléatoires (O91)
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:060df2cd="c/Au/XV/H/Ap/X2/GP/j/Xt/axAv/X6////%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:0c230bcb="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:1c311243="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:2e22d94e="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:3c09c42b="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:414bc593="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:51d2f2ea="PxAk/X6/blAh/Wb/FPAf/XJ/KxAu/YZ/blAp/X6/axAF////"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:65114b36="Vl/l////"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:72758a5d="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:7367429f="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:a2e3b941="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:bbf88800="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:c24899a6="VP/g/CV/Vl/2/Cx////%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:d94388d2="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:e46c271e="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867\60962299983187680\eae10f9d]:fe94ce1e="V/////%%"
~ Export Key Software:  Scanned in 00mn 00s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS:  - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS:  - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS:  - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS:  - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS:  - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS:  - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 22/07/1658 0 |  (gupdate) . (...) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 22/07/1658 0 |  (gupdatem) . (...) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 24/05/2015 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 19/12/2014 81088 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 04/07/2013 4177408 |  (media center Bouygues Telecom) . (.Bouygues Telecom.) - C:\ProgramData\media center Bouygues Telecom\MediaServer.exe
SR - | Auto 05/02/2015 670536 |  (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe
SR - | Auto 16/10/2014 83456 |  (qcmtusvc) . (.QUALCOMM, Inc..) - C:\Program Files\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe
SR - | Auto 24/06/2014 1738168 |  (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 27/06/2014 2088408 |  (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 25/04/2014 171928 |  (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Auto 05/02/2015 410952 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 04/02/2015 22200 |  (WinDefend) . (.Microsoft Corporation.) - C:\Program Files\Windows Defender\MsMpEng.exe
SR - | Demand 29/10/2014 33088 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 22s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Tu y yo at 11/06/2015 18:07:33
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 1
Fichiers trouvés  (Files found) : 2

C:\Program Files\Enigma Software Group   =>PUP.EnigmaSoftware^
[HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}]   =>Adware.Graftor^
[HKLM\Software\563d0b9d-5ac3-cdb0-9707-600d4a720867]   =>PUP.CrossRider^
~ Additionnel Scan: 331914 Items scanned in 02mn 12s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/  =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/  =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/  =>Adware.Graftor
http://nicolascoolman.fr/pup-crossrider  =>PUP.CrossRider
http://www.nicolascoolman.fr/blog/  =>PUP.EnigmaSoftware
http://nicolascoolman.fr/crapware-spyhunter  =>Crapware.SpyHunter
~ MSI: 4 link(s) detected in 00mn 00s



End of the scan (1063 lines in 13mn 16s)(0.2)