Résolu Fichier reçu sur Facebook et dézippé

[Eneour22]

Bonjour, et merci d'avance de votre aide.

Ce matin, j'étais sur Face Book et j'ai reçu un message avec une pièce jointe hahaha photo_526.cab

J'ai cliqué dessus et winrare m'a extrait la chose que je n'ai pu ouvrir.

J'ai envoyé un message à l'ami FB en question qui m'a répondu de ne pas ouvrir, car ça ne venait pas de lui.

Je suis allé sur Winrare et ai essayé d'effacer ces fichiers (naïvement); ces fichiers étaient datés d'aujourd'hui et je ne pouvais les effacer: on me disait ce fichier est en cours d'utilisation par Microsoft Money, ou pas Dropbox, ou par Explorateur windows.....

Je crains d'être l'objet d'une attaque. Que puis-je faire pour me débarasser de cela et que ne dois-je pas faire?

Merci d'avance de votre aide!

Herve

 

Modifié le 10 juin 2014 par Eneour22

[pear]

Bonjour

Lancez cet outil de diagnostic:

Téchargement de Zhpdiag
Autre lien en cas de défaiillance du précédent

Double-cliquer sur ZHPDiag.exe pour installer l'outil
Il devrait y avoir 2 icônes sur le bureau ou dans le fichier d'installation de Zhpdiag.



Sous XP, double clic sur l'icône ZhpDiag
Sous Vista et +, faire un clic droit et Exécuter en tant qu'administrateur

Cliquez sur le bouton Complet

Patientez quelques instants
Le rapport ZhpDiag.txt apparaitra sur le bureau


Comment poster les rapports
Aller sur le site :Ci-Joint
Appuyez sur Parcourir et chercher les rapports sur le bureau
Cliquer sur Ouvrir
Cliquer sur Créer le lien CJoint,
>> dans la page suivante --> ,,
une adresse http//.. sera créée
Copier /coller cette adresse dans votre prochain message.

[Eneour22]

http://cjoint.com/?3Fdr7k0aXue

 

Bonsoir, voici le lien que j'ai obtenu. Merci d'avance!

[pear]

Il y a du monde!!!

 

Suivez cette procédure attentivement, point par point, et postez en les rapports dans l'ordre
Comment poster les rapports
Aller sur le site :Ci-Joint
Appuyez sur Parcourir et chercher les rapports sur le disque,
Cliquer sur Ouvrir
Cliquer sur Créer le lien CJoint,
>> dans la page suivante --> ,,
une adresse http//.. sera créée
Copier /coller cette adresse dans votre prochain message.

1)Si vous avez Adwcleaner depuis quelque temps, désinstallez le et installez la dernière version

Télécharger AdwCleaner
Sous Vista et Windows 7_ 8-> Exécuter en tant qu'administrateur
Afin de ne pas fausser les rapports,Scanner et Nettoyer ne doivent être lancés qu'une seule fois
Cliquez sur Scanner et postez le rapport généré C:\AdwCleaner[R1].txt


Nettoyage A faire sans délai
Relancez AdwCleaner avec droits administrateur
Cliquez sur Nettoyer Une seule fois pour ne pas perturber la procédure
et postez le rapport C:\AdwCleaner[s1].txt

2)Télécharger Junkware Removal Tool de thisisu
OS:Windows XP/Vista/7/8
Utilisable sur systèmes 32-bits et 64-bits

Clquez sur Jrt.exe avec droits administrateur.
Si votre antvirus râle,Vous le signalez comme acceptable dans les exceptions de votre antivirus
Une fenêtre noire s'ouvre qui vous dit de cliquer une touche pour lancer le scan.

L'outil va prendre quelques minutes pour fouiller votre machine.
Patientez jusqu'à l'apparition de Jrt.txt dont vous posterez le contenu.

3)Téléchargez Malwarebytes Anti-Malware
Ici

ou là:
et enregistrez-le sur le Bureau.
Faites un double clic sur mbam-setup-2.0.0.1000.exe et suivez les invites pour installer le programme.
Cliquer Setting pour le mettre en Français
vérifiez que cette cases Lancer Malwarebytes Anti-Malware est bien cochée.
Un essai gratuit de 14 jours des fonctions de la version Premium(payante) est pré-sélectionné, décochez le.
Cela ne diminuera pas les capacités d'analyse et de suppression du programme.
Cliquez sur Terminer.



Dans l'onglet Paramètres > Sous-onglet Détection et Protection, Options de détection, cochez la case située devant Recherche de Rootkits
Sur le Tableau de bord, cliquez sur le lien Mettre à jour .
Si , par la suite, vos bases de données sont obsolètes vous en serez averti et invtié à Corriger maintenant.

Après la mise à jour,Connecter les supports amovibles (USB) et cliquer sur Examen-> Examen personnalisé
Cochez tout
cliquez sur le bouton Examiner maintenant .

Si des éléments sont détectés, cliquez sur Appliquer les actions pour que MBAM nettoye ce qu'il a détecté.
Dans la plupart des cas, un redémarrage sera nécessaire.
Attendez l'affichage du message vous invitant à faire redémarrer le PC, puis cliquez sur Oui

(Copier dans le Presse-papiers pour coller dans une réponse sur le forum)
Après le redémarrage, quand vous êtes de retour sur le Bureau, ouvrez de nouveau MBAM.
Cliquez sur l'onglet Historique > Journaux de l'application.
Faites un double clic sur le Journal d'examen dont les date et heure correspondent à l'analyse qui vient d'être effectuée.
Cliquez sur Afficher puis Copier dans le Presse-papiers
Collez le contenu du Presse-papiers dans votre prochaine réponse.

4)Il faut Réinitialiser votre Navigateur
en cliquant ici

Cela désinstallera plugins et extensions que vous pourrez réinstaller avec la prudence nécessaire

5)Nouveau rapport Zhpdiag
Téchargement de Zhpdiag
Autre lien en cas de défaiillance du précédent

Double-cliquer sur ZHPDiag.exe pour installer l'outil
Il devrait y avoir 2 icônes sur le bureau ou dans le fichier d'installation de Zhpdiag.



Sous XP, double clic sur l'icône ZhpDiag
Sous Vista et +, faire un clic droit et Exécuter en tant qu'administrateur

Cliquez sur le bouton Complet

Patientez quelques instants
Le rapport ZhpDiag.txt apparaitra sur le bureau

[Eneour22]

Voici Adwcleaner

# AdwCleaner v3.211 - Rapport créé le 03/06/2014 à 19:06:35
# Mis à jour le 26/05/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : HSK - URZHIATAERIG
# Exécuté depuis : C:\Users\HSK\Desktop\adwcleaner_3.211.exe
# Option : Nettoyer

***** [ Services ] *****

Service Supprimé : InternetUpdater
Service Supprimé : NewPlayerUpdaterService
[#] Service Supprimé : util spring smart

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\374311380
Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\BoxUpdChk
Dossier Supprimé : C:\ProgramData\InternetUpdater
Dossier Supprimé : C:\ProgramData\Partner
Dossier Supprimé : C:\ProgramData\RHelpers
Dossier Supprimé : C:\ProgramData\TubeDimmer
Dossier Supprimé : C:\ProgramData\Uniblue
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Dossier Supprimé : C:\Program Files (x86)\AnyProtectEx
Dossier Supprimé : C:\Program Files (x86)\Browser Helper Object
Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Program Files (x86)\Flash Player Pro
Dossier Supprimé : C:\Program Files (x86)\Fluendo
Dossier Supprimé : C:\Program Files (x86)\globalUpdate
Dossier Supprimé : C:\Program Files (x86)\NewPlayer
Dossier Supprimé : C:\Program Files (x86)\Optimizer Pro
Dossier Supprimé : C:\Program Files (x86)\predm
Dossier Supprimé : C:\Program Files (x86)\Spring Smart
Dossier Supprimé : C:\Program Files (x86)\Uniblue
Dossier Supprimé : C:\Program Files\Conduit
Dossier Supprimé : C:\Program Files\Level Quality Watcher
Dossier Supprimé : C:\Program Files\SavingsBull
Dossier Supprimé : C:\Users\HSK\AppData\Local\Conduit
Dossier Supprimé : C:\Users\HSK\AppData\Local\DownBook
Dossier Supprimé : C:\Users\HSK\AppData\Local\Freesofttoday
Dossier Supprimé : C:\Users\HSK\AppData\Local\genienext
Dossier Supprimé : C:\Users\HSK\AppData\Local\globalUpdate
Dossier Supprimé : C:\Users\HSK\AppData\Local\Ilivid Player
Dossier Supprimé : C:\Users\HSK\AppData\Local\lollipop
Dossier Supprimé : C:\Users\HSK\AppData\Local\Mobogenie
Dossier Supprimé : C:\Users\HSK\AppData\Local\moovida air
Dossier Supprimé : C:\Users\HSK\AppData\Local\NewPlayer
Dossier Supprimé : C:\Users\HSK\AppData\Local\PackageAware
Dossier Supprimé : C:\Users\HSK\AppData\Local\SwvUpdater
Dossier Supprimé : C:\Users\HSK\AppData\LocalLow\Searchqutoolbar
Dossier Supprimé : C:\Users\HSK\AppData\Roaming\Activeris
Dossier Supprimé : C:\Users\HSK\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\HSK\AppData\Roaming\moovida-1
Dossier Supprimé : C:\Users\HSK\AppData\Roaming\newnext.me
Dossier Supprimé : C:\Users\HSK\AppData\Roaming\Optimizer Elite Max
Dossier Supprimé : C:\Users\HSK\AppData\Roaming\Uniblue
Dossier Supprimé : C:\Users\HSK\AppData\Roaming\ValueApps
Dossier Supprimé : C:\Users\HSK\Documents\Flash Player Pro
Dossier Supprimé : C:\Users\HSK\Documents\Mobogenie
Dossier Supprimé : C:\Users\HSK\Documents\Optimizer Pro
Dossier Supprimé : C:\Users\HSK\AppData\Roaming\Mozilla\Firefox\Profiles\tia63al5.default\ValueApps
Dossier Supprimé : C:\Program Files (x86)\Software
Dossier Supprimé : C:\Users\HSK\AppData\Roaming\Mozilla\Firefox\Profiles\tia63al5.default\Extensions\{94CD2CC3-083F-49BA-A218-4CDA4B4829FD}
Dossier Supprimé : C:\Users\HSK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon
Dossier Supprimé : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa
Fichier Supprimé : C:\Users\HSK\AppData\Roaming\Mozilla\Firefox\Profiles\tia63al5.default\Extensions\HelperFramework@ZoneMedia.com.xpi
Fichier Supprimé : C:\END
Fichier Supprimé : C:\Users\Public\Desktop\NewPlayer.lnk
Fichier Supprimé : C:\Users\HSK\daemonprocess.txt
Fichier Supprimé : C:\Users\HSK\AppData\Roaming\Mozilla\Firefox\Profiles\tia63al5.default\searchplugins\Web Search.xml
Fichier Supprimé : C:\Windows\Tasks\AmiUpdXp.job
Fichier Supprimé : C:\Windows\System32\Tasks\AmiUpdXp
Fichier Supprimé : C:\Windows\Tasks\APSnotifierCA.job
Fichier Supprimé : C:\Windows\System32\Tasks\APSnotifierCA
Fichier Supprimé : C:\Windows\System32\Tasks\BoxSoftwareUpdate
Fichier Supprimé : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Fichier Supprimé : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Fichier Supprimé : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Fichier Supprimé : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
Fichier Supprimé : C:\Windows\System32\Tasks\LaunchApp
Fichier Supprimé : C:\Windows\Tasks\PCHelpers_period.job
Fichier Supprimé : C:\Windows\System32\Tasks\PCHelpers_period
Fichier Supprimé : C:\Windows\Tasks\PCHelpers1st.job
Fichier Supprimé : C:\Windows\System32\Tasks\PCHelpers1st

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\fgeapihpgbepllencafcpkfbjlkogfan
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\kkkeikdkpjenmoiicggnnodbkebafgpc
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [updater]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Clé Supprimée : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Clé Supprimée : HKLM\SOFTWARE\Classes\driverscanner
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\SearchBar.Client
Clé Supprimée : HKLM\SOFTWARE\Classes\speedupmypc
Clé Supprimée : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Clé Supprimée : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\offerbox_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [updater]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DCE997C8-5920-4C09-99EE-59F46634FE2C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{47B614AF-B4CC-485B-B331-BE26F02ED4CC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
Valeur Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Clé Supprimée : HKCU\Software\AnyProtect
Clé Supprimée : HKCU\Software\BabylonToolbar
Clé Supprimée : HKCU\Software\Boxore
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\FreeSoftToday
Clé Supprimée : HKCU\Software\ilivid
Clé Supprimée : HKCU\Software\lollipop
Clé Supprimée : HKCU\Software\SmartBar
Clé Supprimée : HKCU\Software\Spointer
Clé Supprimée : HKCU\Software\Spring Smart
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKCU\Software\AppDataLow\Software
Clé Supprimée : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clé Supprimée : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\BabylonToolbar
Clé Supprimée : HKLM\Software\Boxore
Clé Supprimée : HKLM\Software\free_soft_to_day
Clé Supprimée : HKLM\Software\NewPlayer
Clé Supprimée : HKLM\Software\Software
Clé Supprimée : HKLM\Software\Spring Smart
Clé Supprimée : HKLM\Software\Tutorials
Clé Supprimée : HKLM\Software\Uniblue
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser Helper Object1.4
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer
Clé Supprimée : [x64] HKLM\SOFTWARE\Savings Bull
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spring Smart

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17041

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [search Bar]
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant]
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v26.0 (br)

[ Fichier : C:\Users\HSK\AppData\Roaming\Mozilla\Firefox\Profiles\tia63al5.default\prefs.js ]

Ligne Supprimée : user_pref("browser.BabylonToolbar_i.newTab", "");
Ligne Supprimée : user_pref("browser.BabylonToolbar_i.newTabUrl", "");
Ligne Supprimée : user_pref("browser.babylon.HPOnNewTab", "");
Ligne Supprimée : user_pref("browser.search.order.1", "Ask.com");

Ligne Supprimée : user_pref("extensions.BabylonToolbar.admin", false);
Ligne Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.babExt", "");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.babTrack", "affID=120862");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.bbDpng", "8");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.cntry", "FR");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.dp_alert", "0");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.dpk", "");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.excTlbr", false);
Ligne Supprimée : user_pref("extensions.BabylonToolbar.hdrMd5", "9F3C8C10EC2BF80237CF20E46E9B61E6");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.hmpg", false);
Ligne Supprimée : user_pref("extensions.BabylonToolbar.id", "84e64d7b000000000000002314156a09");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15744");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1222:01:59");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.newTab", false);
Ligne Supprimée : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"63\",\"lastVrsn\":\"63\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.sg", "czb");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.smplGrp", "czb");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "base");

Ligne Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1222:01:59");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=120862");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", false);

Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1222:01:59");
Ligne Supprimée : user_pref("extensions.crossrider.bic", "1444fb26e53b03d13fe9f6b44b51e738");
Ligne Supprimée : user_pref("extensions.helperbar.DockingPositionDown", false);
Ligne Supprimée : user_pref("extensions.helperbar.SmartbarDisabled", false);
Ligne Supprimée : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Ligne Supprimée : user_pref("extensions.helperbar.Visibility", true);
Ligne Supprimée : user_pref("extensions.helperbar.countryiso", "fr");
Ligne Supprimée : user_pref("extensions.helperbar.downloadprovider", "adknowledgeyb");
Ligne Supprimée : user_pref("extensions.helperbar.installationid", "750a3ef1-29be-6858-c8ea-63d5adb8f6ba");
Ligne Supprimée : user_pref("extensions.helperbar.installdate", "14/11/2013");
Ligne Supprimée : user_pref("extensions.helperbar.publisher", "adknowledgeyb");

Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E+x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E,x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E-x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E.:2z527", "2423");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E.:2z527.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E.x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E/x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E06CG5EL8:", "6E6C71716C6C75726F71");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E06CG5EL8:.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E06CG5EL;8I:K", "247E2D2F226A7472777772727B787577242F4B49474F42357D5D5C3D");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E06CG5EL;8I:K.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E0x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E1x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E2x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJ3F99I=B<DJEG)QF", "247E61393F236B2574757474792B222D6F4250454E337B3540534646564A4F4951575254365E53453C472A675C575F5A5D575039522F24554C573A777A685C455E4F5261586[...]
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJ3F99I=B<DJEG)QF.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJ7@3=I\"MBE.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJ;9K?GJ#K@.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJ=F8LHIGEIR@LGI+VKN", "247E61393F236B25757579787B2B222D6F4250454E337B354A53455955565452565F4D5954563863585B483F4A2D6A5F5A625D605A533C553227584F5A6C6B6F7B6B7E6E[...]
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJ=F8LHIGEIR@LGI+VKN.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJI>=8<J;9%PEH.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJI>K3?A#K@.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJI?@=?<<L@@'OD.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJIF:DMHODM@'RGJ", "247E61393F236B2574777072722B222D6F4250454E337B35565347515A555C515A4D345F5457443B4629665B565E595C564F38512220544B5668676B77677A6A5E4766614471[...]
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E31;CJIF:DMHODM@'RGJ.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E3x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E4x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E5x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E6x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E7x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E8x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E9x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E:x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E;x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E<x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E=x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E>x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E?x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7E@x305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7EAx305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7EBE3G=;D9N9=D.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7EBx305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7ECx305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7EDx305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B+7Etx305.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B-0?3G>D", "6D3E6C6C717141737A46737445204B76797D257E4F207E2A54295722562C5A5C592E2B31");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B-0?3G>D.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B-0?3G@6:5;", "");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B-0?3G@6:5;.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B-0?3GFA7EF", "2B2E2C3D");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B-0?3GFA7EF.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B466068576C5E6857705A6C60606B6668563F73796F697861");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B-3=3ECCJA=F>.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B/>01=9A6K6<IM;KRIE@PDAWM", "6A696B7273747576");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B3=>@44I48?.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B5BA==9CJAG", "3B6C716C714343717A6F464847477A4D4978204C4E");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B5BA==9CJAG.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B6B11G4C56B>F;P;ANR@P", "6E6C71716C6C75726E78767973");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B6B11G4C56B>F;P;ANR@P.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B9643G3/9E", "6A");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B9643G3/9E.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B;45>:BI9I7IE", "2B2E2C3D");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B;45>:BI9I7IE.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B<:222H64<", "393F352F3E");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B<:222H64<.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B<:222H64<L8DAJ", "6D70706E7674727975742A797B727A7A752120");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B<:222H64<L8DAJ.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B=+03EH8H8J?:", "4443");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B=+03EH8H8J?:.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B?+E2A52D8.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9B?B0D:8AJ62<H", "6D");
Ligne Supprimée : user_pref("valueApps.ct3319214./9B?B0D:8AJ62<H.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214./9BA@0<0BI6A7GN:6@L?", "6C");
Ligne Supprimée : user_pref("valueApps.ct3319214./9BA@0<0BI6A7GN:6@L?.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.PG_ENABLE", "74727565");
Ligne Supprimée : user_pref("valueApps.ct3319214.PG_ENABLE.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.SF_JUST_INSTALLED", "46414C5345");
Ligne Supprimée : user_pref("valueApps.ct3319214.SF_JUST_INSTALLED.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.SF_STATUS", "454E41424C4544");
Ligne Supprimée : user_pref("valueApps.ct3319214.SF_STATUS.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.SF_USER_ID", "6369645F3234333230313431313334343735353230333730");
Ligne Supprimée : user_pref("valueApps.ct3319214.SF_USER_ID.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214._key_cl_active", "38383863643362382D383062622D346662622D393531622D656663616535613461616238");
Ligne Supprimée : user_pref("valueApps.ct3319214._key_cl_active.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.cb_experience_000", "33");
Ligne Supprimée : user_pref("valueApps.ct3319214.cb_experience_000.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.cb_firstuse0100", "31");
Ligne Supprimée : user_pref("valueApps.ct3319214.cb_firstuse0100.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.cb_user_id_000", "43423739393632373535343139385F313339393635303830303931345F46697265666F78");
Ligne Supprimée : user_pref("valueApps.ct3319214.cb_user_id_000.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.cbfirsttime", "4D6F6E204D617220323420323031342031313A33343A303620474D542B30313030");
Ligne Supprimée : user_pref("valueApps.ct3319214.cbfirsttime.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_appStateReportTime", "31343031373935353330393035");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_appStateReportTime.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_appState_Clarity_Active", "6F6E");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_appState_Clarity_Active.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_appsConfig.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_appsDefaultEnabled", "6E756C6C");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_appsDefaultEnabled.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_calledSetupService", "31");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_calledSetupService.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_currentVersion", "312E31332E302E3137");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_currentVersion.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_first_time", "31");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_first_time.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_lastInstallationSessionGuid", "7B38383739373132332D363939342D346133362D383063642D6161643334653762393063637D");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_lastInstallationSessionGuid.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_lastLoginTime", "31343031373935353331363435");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_lastLoginTime.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_localization.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_mamEnabled", "74727565");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_mamEnabled.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_settings1.13.0.17.storedInFile", true);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_showWelcomeGadget", "66616C7365");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_showWelcomeGadget.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_stamp", "313033345F30");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_stamp.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_userBornDate", "3230313430333234");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_userBornDate.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_userId", "37636161323530322D336665632D343530632D393832332D353335346566653264376637");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_userId.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_user_approval_interacted", "");
Ligne Supprimée : user_pref("valueApps.ct3319214.mam_gk_user_approval_interacted.storedInFile", false);
Ligne Supprimée : user_pref("valueApps.ct3319214.url_history0001", "687474703A2F2F657370616365696E73637269742E636E65642E66722F3A3A3A636C69636B68616E646C65723A3A3A313339353635373234383839372C2C2C687474703A2F2F6573706163[...]
Ligne Supprimée : user_pref("valueApps.ct3319214.url_history0001.storedInFile", true);

-\\ Google Chrome v24.0.1312.57

[ Fichier : C:\Users\HSK\AppData\Local\Google\Chrome\User Data\Default\preferences ]


Supprimée [Extension] : pbpohikckhbcljgombipcdoinkaedlfa
Supprimée [Extension] : pxpohikckhbcljgombipcdoinkaedlfa
Supprimée [Extension] : aaaaojmikegpiepcfdkkjaplodkpfmlo
Supprimée [Extension] : fgeapihpgbepllencafcpkfbjlkogfan
Supprimée [Extension] : lcnnhcneegeeojhgpfijnlnocjdmlaon

*************************

AdwCleaner[R0].txt - [35323 octets] - [03/06/2014 19:01:10]
AdwCleaner[s0].txt - [33730 octets] - [03/06/2014 19:06:35]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [33791 octets] ##########

 

Merci!

Herve

PS: je ne suis pas sur d'avoir ouvert en tant qu'administrateur....

Sinon

[Eneour22]

Sinon tout à l'heure j'avais lancé mon antivirus, que j'avais mis en pause à 56% avant de commencer à suive vos instructions et il m'a trouvé 3 virus.... que dois-je faire?

Merci

Herve

[Eneour22]

Voici la suite

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by HSK on 03/06/2014 at 20:18:49,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [service] update spring smart
Successfully deleted: [service] update spring smart



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\regclean pro_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BabylonIMSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\BabylonIMSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\BabylonIMSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\BabylonIMSetup_RASMANCS



~~~ Files

Failed to delete: [File] C:\Windows\Tasks\amiupdxp.job
Failed to delete: [File] "C:\Windows\Tasks\RegClean Pro_DEFAULT.job"
Failed to delete: [File] "C:\Windows\Tasks\RegClean Pro_UPDATES.job"
Successfully deleted: [File] "C:\Users\Public\Desktop\open it!.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\software"
Successfully deleted: [Folder] "C:\ProgramData\systweak"
Successfully deleted: [Folder] "C:\Users\HSK\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\advanced system protector"
Successfully deleted: [Folder] "C:\Program Files (x86)\openit"
Successfully deleted: [Folder] "C:\Program Files (x86)\regclean pro"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\advanced system protector"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\regclean pro"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{00A79A74-D989-44F9-931F-0D88FFA1588E}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{010B9015-C205-49BF-A59E-90F830EB58A3}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{034EB517-3FF8-48E2-BB1F-CF8F92225734}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{03DE7674-FAEB-419F-BFDF-E486C6ECB615}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{054BADA0-27F0-4E88-A829-D1A3C9B98966}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{063F12ED-2ABB-491F-AF3B-EE515EFAB870}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{072FA98B-CB3E-442E-B3B9-67C75C2C2DB2}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{07DA8A15-32E7-4F96-A536-2DE0BBAC7AD3}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{07F97641-9AB6-4A81-B6EB-851EE030BA10}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{0A1D2AC0-0721-426D-A1F2-1EC159CC457E}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{0A237237-8BF1-4509-BA3C-EDCCAFB4D8B6}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{0C56CBE4-8368-4D60-A506-107B9367704F}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{0DB833F2-398F-417D-835A-A6B36E5B9EB2}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{0E7E4FE7-A9D9-4206-9B2F-8B466B2F6436}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{11E40666-7DA9-4651-BABE-24B3B8D8B010}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{146D2F62-1B00-4048-90E6-2FB9834D834C}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{17A2DF76-51E9-4AC1-AC19-E6FEDC629C6C}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{19D00146-A3BE-48F8-8CB9-453C4118D192}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{19DF85AE-23ED-468B-975E-A4DD1950C458}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{1ACD81C9-AA51-468E-8053-4DDC74EA725A}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{1B6A3CF2-92A0-4810-91BE-D975833B4733}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{1C183978-0F58-490A-B0E5-1631FC92C0F8}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{1E151E5E-2D73-4FFC-BEED-05ADAA759E62}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{1F4C0A60-5271-48B3-9483-36273731E287}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{21EA8977-F8D1-4B2B-90EE-8A7F449903CA}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{224CDBB1-432A-49B4-A2C2-B0DE190903E0}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{2561158E-608E-4CC9-A713-EA706370505C}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{258CE420-C69D-43D4-906C-39C9F4C1EC32}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{28484487-88DF-4F8D-B6B1-1AFEE1F3E25F}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{28CAE38F-99A4-4FC8-B507-7A62F2722684}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{28F37F59-AA35-4BE7-AC4D-5918A867F6B7}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{29499B6D-A5D5-4DC6-A4A2-0A7AB500BF1E}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{2AFF6D59-925F-4B45-B62D-E2E1E0CAEACC}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{2B8BF905-A08A-4FE8-A4C2-1A71D35D836C}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{309796A1-F043-4187-9F85-B991AA77ED4C}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{31EAAEE8-5320-46D4-81A3-B344691F5987}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3274C2B9-7854-4765-A07A-A0E305ED0BF6}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{32869625-0A2D-40D9-B0AE-2343A34B6A8B}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{32F62FCD-369C-4447-9B69-ADAE78C99E7B}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{33240E4F-A8D1-4361-B004-FD81F0654670}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3547BBFA-79B1-4FA2-94DD-C60C93B4CEA5}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{35686021-FC44-4CE7-994C-A5ECEC23D4A4}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{36126661-8B3E-41F3-8EE1-63D204FCCEEE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{36D4FC34-991A-4341-BEDC-95EE140189EE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{395C7F8E-5747-445C-B7BE-5F834C8B1E59}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3B2F3195-2BB7-4924-92B3-967D6475C021}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3B990399-22EA-485B-8062-CFFFA5469940}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3BEFE682-3E47-4076-A4D4-4D11EAAF8D62}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3CEB99E0-C777-4A22-9CCA-6E5FEE1E40E1}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3CF0C52C-F56D-4FC8-BBA0-441DDCE81056}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3D1A8AA6-B39F-4F52-8342-0DBFD04D2C43}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3DD97F2E-B77A-4D88-807D-E09892623335}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{3FFC7379-25A2-4768-8C8D-F32D25559B9F}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{456D428E-B3BD-4FCA-8935-598C8A0A4FEA}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{45F6F3C5-4B06-4F74-9CD4-08716C8A748F}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{49FCDA69-5E36-43B1-ADBA-280EC5775147}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{4CBD1EE7-0163-479F-B804-20B26FC7AB40}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{4D476170-6D3F-45D6-BB3D-C376C0DEE2C8}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{4DAE46F3-7F80-4612-A0FB-3A9C66CA629A}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{4DE86D66-88E2-4D5B-9D94-DD79C9C1899E}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{54E744D3-0720-4224-8F6A-4DEBD606FBAE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{5881A24B-BE78-419F-B902-D90A5D013CA9}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{59FEB74A-ED0F-45E6-93FE-62B2DD32BEA9}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{5AE32633-442C-4099-A321-72C42DF52397}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{5AEB4242-2D88-44C9-8634-5368E1328B3F}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{5B24DA2F-F479-48DE-B6FB-AF2F7FB25334}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{5D28684E-EF18-49A4-B16B-FD0D40CC99D0}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{5D8E7ED5-D52A-4C1B-98D6-0882016ED970}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{608690C5-F0B3-4492-BADA-D0D6FAB371D5}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{60DD7D1F-5BC1-4467-8E68-CF4BD90C8B25}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{6148D27C-E2D5-4E2A-BA63-DF6EA3CF9A3B}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{671A7F11-FF77-471B-9481-A3B52382E244}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{678F7028-CFE4-4EBE-9109-809F023B5A16}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{67F515EC-B8EF-4EEE-8518-50155BF8BAF2}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{68EE3C36-E464-4913-9467-62D68063DC6D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{6ABB42BD-C5DE-4211-A45F-A46FAEE9E6EF}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{6D32A597-113D-49C8-8943-91F3384CE1A2}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{7276FA17-8E50-4C3C-A26E-31328D1E2912}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{742CD773-32CB-4C4A-890F-79CF4D3C23B5}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{7640A7A5-6172-4840-A2D9-6C92C93C002F}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{7A7196D0-9FD5-4272-A793-1A6A7FEF200B}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{7B34650F-5980-4EF2-96A9-C26F907AB881}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{7BA50C44-2C40-462B-BAD6-6D6620ADAD2E}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{7C03FDD0-00CC-47B1-92CF-BACDCEB0CF73}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{7DF37B09-37CA-442B-B21B-B12162146EDE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{7ED8F29C-641A-4C3B-A03B-42F56E640367}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{7F7A79CC-4C37-43C3-BF44-3E07ED892878}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{81B77EF3-F86C-42A0-BD26-192396C451BE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{83010815-0952-4C2A-92BC-F0CC7C4A49F5}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{838F3F3A-BCEC-42E4-BD33-9A313BE67DB0}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{8435B199-E70A-48D4-8C88-085ECF6A207E}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{8549BCC3-3B96-4410-8970-0B44F0593365}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{861AEB54-FF44-4CD3-A8F3-EC4D23AA1916}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{86A892FF-6269-4BCE-B80E-1292B527115E}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{878C1344-654D-4DA9-BCA6-073D2F90282D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{8A0C66C2-E873-41FB-ABF9-CD5BF0FECEA3}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{8C04D74E-F0C8-40CD-A843-4ABFBC0B552F}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{8CBF2E69-E860-4439-8928-CC194AEF4E25}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{8D02D36A-ED9D-40F1-A2C9-C3CC299E92BE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{8DB83289-9F9B-4663-BE51-27E379B0E54D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{8DF11A2A-DA98-46FB-A28B-486AA9BE0D8B}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{9077127A-1945-4F14-BBCC-1699260C0B5B}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{91281E48-F3D9-4836-989B-40761E9B71B6}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{91283C2D-83AE-460A-BBD3-CD6B247FBC5B}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{91BCBE36-B9F2-4BEE-A3F1-64100912D082}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{91DEAEB6-3BE9-42C4-8402-817A2FD6499C}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{93F89EC4-D61B-4D16-9DF4-E65514405D89}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{94B58305-2BE8-4241-8C07-D2079670C5FC}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{9585B0A6-CDDC-4EF3-BB60-A7502EE61CA4}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{95D9F1E2-191B-4EB6-8D96-75530B4EFC64}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{96833103-366D-4546-A68E-A4ED18302408}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{9839AD06-1F1D-4E7E-AE0D-AAD37BB4E317}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{984DF4BB-485E-405E-A364-4E8A34FFDB8C}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{9958BFF9-BAD2-4408-B6DB-77EE156A2EC4}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{9AB3C259-F574-42E3-B76C-AAEE6BE1A0BB}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{9C598850-2850-48F6-9FE4-71287EC437DD}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{9D6169E0-B2D4-4934-94E4-403F2675CBB0}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{9EF5BC4C-D2A3-4BC2-87E9-9D21CE731DEB}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{9F33D028-1D0B-45B7-B9D6-549B9FABEE6B}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A00539B7-A076-4E17-91A8-4A7F6C149383}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A09C7B99-28E9-4097-A06E-061EDC9C490D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A139C855-0A4E-4A38-913E-7A7AB1E7444C}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A16877EA-1A82-4EC6-8586-F78C2CED5625}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A1FB9B27-1099-4D87-822B-193AEE0F6D67}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A2E01EAE-7A00-48AD-A76E-3716D30AE2EB}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A2F2EF50-B709-44B6-A464-81B5F50363A7}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A529D878-4548-4F19-9946-19FA0A25D4CA}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A5D0F9C4-649F-424C-8496-0053FF38512F}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A5D16FD5-B608-4F3A-85C8-960F688D142D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A5D7A296-F5D6-4FC1-B631-205ADA9BD2CC}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A6F32B4E-578C-4636-957C-716F4A4AF49D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{A9841BAC-F753-41E9-AF38-B626A316B7AD}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{AA2D01E6-A555-4018-97A2-273F90DB6DA9}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{AB0357AA-BFE1-4101-8F75-4F68E481EBAE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{AC1AB00A-E329-4CC2-91DB-51988CEDB691}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{ADCB0D38-0A6A-455B-9F7E-AC18F9E205BA}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{B03243CF-7717-454B-AD96-7B0AE19F4490}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{B041D314-8FDE-43AD-BB8F-1EA6AC96C01A}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{B15B6CE2-AA28-445A-88CC-729F98C584BF}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{B3856AC3-DFF4-4C89-AF86-41B311EFF808}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{B4B7A581-561C-4376-B427-18EAA27F11A7}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{B5A0D983-BE75-463B-B630-AA434CD70386}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{B72FC1A9-4485-486B-A093-CDBBE37863BE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{B7F7594B-1539-41F4-80E8-A980BC056141}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{B84B136D-BB52-4A22-BEFA-8A991E003E17}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{BB38AB2E-8E12-4E66-9FD0-673037ABA28A}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{BBDF9233-ACE6-4DB4-BA98-20C7AC1BB422}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{BCF1460E-C4E4-4F07-A9CB-6C870943C4FC}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{BD0AF1F9-B829-4C02-8D33-F718FB81D6AD}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{BD5384A2-4D2A-45AC-8EFA-41673EED5EC1}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{BDB6E432-84AE-4C79-9908-FA349D1C34B6}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{C130831C-C253-4D35-9F40-73097528C502}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{C3182BED-44EC-40B8-AFED-C6549AEC7CB3}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{C3198D01-8E9C-4B18-AA6E-929AD56CEE4D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{C32D691D-35F4-4AA4-9F74-CECDB4B3A210}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{C4B0408D-2AA9-4E80-8DA7-7E2656FC188E}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{CABA00C1-E0F8-45AD-8CAE-0072990FD7EE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{CAE7E4C9-409E-4DF8-975A-633D9681C290}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{CB1E9F79-F949-4C98-8BB7-55CE5FDB493A}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{CD5AA05B-0710-421F-BDD4-F65F81C6D7F1}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{CDE53506-33F8-4009-B591-ABD921B8E223}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{CF2E146D-06B5-4FBF-90D9-608773B907A9}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{CF558867-B043-4E78-ADDA-B73AFF54ECEE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{D3C29171-5B05-4789-BD52-CC80318BE9BC}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{D41DA282-BEB7-4F37-A011-65647583785D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{D4BE2EE7-B2C0-4E4F-9F81-90C919BB17F6}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{D66D769A-8652-415A-A6DA-4560BA8CFD74}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{D7F5CCB5-3A8A-4ADB-97AB-BF84F8CAC40D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{D96F2CFE-EC10-42C5-A3F1-DD45455A36AC}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{DC2E7C83-0C1E-4094-8D31-00C2C5743719}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{DD692558-1487-478B-958A-0FCC5827CDCE}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{DE04F2A9-7506-487D-8F80-524257166BAC}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{DE39FEE3-72FA-47BF-805D-6AE3DF0A6D02}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{E00A38C5-EE72-4A6E-8591-9489B0E5B9A0}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{E0B95230-C4F2-4B9B-AE88-384FC17E5D0A}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{E56178E2-D5E2-4C91-8104-14A0365A164A}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{E662785E-2D37-42DB-9F1A-D6CC2BC7FF09}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{E91478F8-9387-4570-9149-F9E9C902FAC2}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{E9EF35E1-0902-4DB8-86CB-9ABBEB40E907}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{EB345215-710B-4ED2-AF35-08189CCED119}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{EBCAC6B5-22DA-4188-BF63-5AAAF835EBD5}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{EE33355B-69FB-4432-A1F7-8080E117CF18}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{F1705446-EB2D-42F3-92BC-802D9667C1EB}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{F17495FC-03D1-448C-A26E-95361CE129EC}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{F1C8E887-554B-4375-ADFE-6C9177B1976C}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{F27FAEE2-EE88-473C-8C65-044CDB9BE15F}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{F2806F31-D3E4-40A8-87B3-27775FD4CD91}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{F3287526-C001-4741-9D2B-484F922A23FD}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{F5C3C4C2-77EE-4FC6-979D-635481F9BE7D}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{F5E78ECD-EC64-4D49-B1CE-900B4A72D1E8}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{FB3F6979-E7B4-46FC-BA3A-A444E4B09D29}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{FC23BB1B-D371-43B5-B0BA-B3137B6F966B}
Successfully deleted: [Empty Folder] C:\Users\HSK\appdata\local\{FD1BC92B-993C-4696-89FD-70C20FD495FF}



~~~ FireFox

Successfully deleted: [File] C:\Users\HSK\AppData\Roaming\mozilla\firefox\profiles\tia63al5.default\user.js
Emptied folder: C:\Users\HSK\AppData\Roaming\mozilla\firefox\profiles\tia63al5.default\minidumps [395 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/06/2014 at 20:33:01,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Merci!

Je remarque qu'à chaque fois on me met des icones sur mon bureau.....

Dois-je enlever celles dont je ne me suis pas servi?

Cordialement

Herve

[pear]

 

Je remarque qu'à chaque fois on me met des icones sur mon bureau.....

Dois-je enlever celles dont je ne me suis pas servi?

 

 

C'est normal d'avoir de nouvelles icônes.

On s'en occupera en temps voulu.

Suivez la procédure sans vous soucier du reste.

 

Là, on attend le rapport Mbam

[Eneour22]

Voici l'antimalware:

Journal de protection 3-6-14:

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 04/06/2014 00:44:58, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.3.6, 2014.6.3.7,
Protection, 04/06/2014 00:45:02, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 00:45:02, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 00:45:04, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 00:45:29, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 00:45:29, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 00:45:39, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Update, 04/06/2014 02:43:56, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.3.7, 2014.6.4.1,
Protection, 04/06/2014 02:43:57, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 02:43:57, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 02:43:58, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 02:44:54, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 02:44:54, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 02:44:56, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Detection, 04/06/2014 04:48:37, SYSTEM, URZHIATAERIG, Protection, Malware Protection, File, PUP.Optional.Webget.A, C:\Program Files (x86)\webget\bin\utilwebget.exe, Quarantine, [145dcaaae09bec4ada0fc2b7946d54ac]
Update, 04/06/2014 08:30:28, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.4.1, 2014.6.4.2,
Protection, 04/06/2014 08:30:29, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 08:30:29, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 08:30:29, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 08:31:34, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 08:31:34, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 08:31:35, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Detection, 04/06/2014 08:48:29, SYSTEM, URZHIATAERIG, Protection, Malware Protection, File, PUP.Optional.Webget.A, C:\Program Files (x86)\webget\bin\utilwebget.exe, Quarantine, [9ad8056f9ddefb3bce1b106905fc8e72]
Update, 04/06/2014 09:24:05, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.4.2, 2014.6.4.4,
Protection, 04/06/2014 09:24:07, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 09:24:07, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 09:24:07, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 09:25:08, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 09:25:08, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 09:25:08, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Protection, 04/06/2014 20:23:47, SYSTEM, URZHIATAERIG, Protection, Malware Protection, Starting,
Protection, 04/06/2014 20:23:47, SYSTEM, URZHIATAERIG, Protection, Malware Protection, Started,
Protection, 04/06/2014 20:23:47, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 20:25:17, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,

(end)

 

 

Journal de protection 4-6-14:

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 04/06/2014 00:44:58, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.3.6, 2014.6.3.7,
Protection, 04/06/2014 00:45:02, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 00:45:02, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 00:45:04, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 00:45:29, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 00:45:29, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 00:45:39, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Update, 04/06/2014 02:43:56, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.3.7, 2014.6.4.1,
Protection, 04/06/2014 02:43:57, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 02:43:57, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 02:43:58, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 02:44:54, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 02:44:54, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 02:44:56, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Detection, 04/06/2014 04:48:37, SYSTEM, URZHIATAERIG, Protection, Malware Protection, File, PUP.Optional.Webget.A, C:\Program Files (x86)\webget\bin\utilwebget.exe, Quarantine, [145dcaaae09bec4ada0fc2b7946d54ac]
Update, 04/06/2014 08:30:28, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.4.1, 2014.6.4.2,
Protection, 04/06/2014 08:30:29, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 08:30:29, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 08:30:29, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 08:31:34, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 08:31:34, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 08:31:35, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Detection, 04/06/2014 08:48:29, SYSTEM, URZHIATAERIG, Protection, Malware Protection, File, PUP.Optional.Webget.A, C:\Program Files (x86)\webget\bin\utilwebget.exe, Quarantine, [9ad8056f9ddefb3bce1b106905fc8e72]
Update, 04/06/2014 09:24:05, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.4.2, 2014.6.4.4,
Protection, 04/06/2014 09:24:07, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 09:24:07, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 09:24:07, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 09:25:08, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 09:25:08, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 09:25:08, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Protection, 04/06/2014 20:23:47, SYSTEM, URZHIATAERIG, Protection, Malware Protection, Starting,
Protection, 04/06/2014 20:23:47, SYSTEM, URZHIATAERIG, Protection, Malware Protection, Started,
Protection, 04/06/2014 20:23:47, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 20:25:17, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,

(end)

 

Journal d'examen:

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 04/06/2014 00:44:58, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.3.6, 2014.6.3.7,
Protection, 04/06/2014 00:45:02, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 00:45:02, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 00:45:04, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 00:45:29, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 00:45:29, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 00:45:39, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Update, 04/06/2014 02:43:56, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.3.7, 2014.6.4.1,
Protection, 04/06/2014 02:43:57, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 02:43:57, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 02:43:58, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 02:44:54, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 02:44:54, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 02:44:56, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Detection, 04/06/2014 04:48:37, SYSTEM, URZHIATAERIG, Protection, Malware Protection, File, PUP.Optional.Webget.A, C:\Program Files (x86)\webget\bin\utilwebget.exe, Quarantine, [145dcaaae09bec4ada0fc2b7946d54ac]
Update, 04/06/2014 08:30:28, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.4.1, 2014.6.4.2,
Protection, 04/06/2014 08:30:29, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 08:30:29, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 08:30:29, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 08:31:34, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 08:31:34, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 08:31:35, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Detection, 04/06/2014 08:48:29, SYSTEM, URZHIATAERIG, Protection, Malware Protection, File, PUP.Optional.Webget.A, C:\Program Files (x86)\webget\bin\utilwebget.exe, Quarantine, [9ad8056f9ddefb3bce1b106905fc8e72]
Update, 04/06/2014 09:24:05, SYSTEM, URZHIATAERIG, Scheduler, Malware Database, 2014.6.4.2, 2014.6.4.4,
Protection, 04/06/2014 09:24:07, SYSTEM, URZHIATAERIG, Protection, Refresh, Starting,
Protection, 04/06/2014 09:24:07, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopping,
Protection, 04/06/2014 09:24:07, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Stopped,
Protection, 04/06/2014 09:25:08, SYSTEM, URZHIATAERIG, Protection, Refresh, Success,
Protection, 04/06/2014 09:25:08, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 09:25:08, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,
Protection, 04/06/2014 20:23:47, SYSTEM, URZHIATAERIG, Protection, Malware Protection, Starting,
Protection, 04/06/2014 20:23:47, SYSTEM, URZHIATAERIG, Protection, Malware Protection, Started,
Protection, 04/06/2014 20:23:47, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Starting,
Protection, 04/06/2014 20:25:17, SYSTEM, URZHIATAERIG, Protection, Malicious Website Protection, Started,

(end)

 

Merci!

Herve

[Eneour22]

Dernier rapport:

~ Report of ZHPDiag v2014.5.30.78 - Nicolas Coolman (30/05/2014)
~ Launched by HSK (04/06/2014 21:31:42)
~ Web site address : http://nicolascoolman.fr
~ Translated by
~ Version State : New version available
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Activate by user


---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17107
MFIE: Mozilla Firefox 26.0 (Defaut)
GCIE: Google Chrome v24.0.1312.57

---\\ Windows product information
~ Langage: Anglais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows® 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software
Bitdefender Total Security v17.23.0.996
Malwarebytes Anti-Malware version 2.0.2.1012
Windows Defender W7 (Deactivate)

---\\ System optimization software
CCleaner v3.24

---\\ Sharing software PeerToPeer
µTorrent v2.0.0 =>P2P.µTorrent

---\\ Surveillance software
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 55

---\\ Information on the system
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3958 MB (35% free)
System Restore: Activé (Enable)
System drive C: has 39 GB (13%) free of 288 GB

---\\ Connection to the system mode
~ Computer Name: URZHIATAERIG
~ User Name: HSK
~ All Users Names: UpdatusUser, HSK, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\HSK\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\HSK\AppData\Roaming\
~ %Desktop% : C:\Users\HSK\Desktop\
~ %Favorites% : C:\Users\HSK\Favorites\
~ %LocalAppData% : C:\Users\HSK\AppData\Local\
~ %StartMenu% : C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 39 Go of 288 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: CD-ROM drive (Not Inserted)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 44 Scanned in 00mn 00s



---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 07:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/913
~ Mes musiques (My Musics) : 3/19823
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/44
~ Mes Documents (My Documents) : 3/1311
~ Mon Bureau (My Desktop) : 1/4765
~ Menu demarrer (Programs) : 0/30
~ Hidden Files: Scanned in 00mn 07s



---\\ Process running
[MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.5020]
[MD5.E820A3962D27CC52956FD2F9768BEFE5] - (.SlySoft, Inc. - AnyDVD Application.) -- C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [7891880] [PID.2000]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] - (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\HSK\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [PID.2136]
[MD5.597CF4BEDFDC81B8903982664CAC6ED0] - (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\BitDefender\Bitdefender\antispam32\bdapppassmgr.exe [614232] [PID.1776]
[MD5.852F12CA7C4FC7E3D77B606492435556] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696] [PID.5204]
[MD5.6C72E91639AA9D190CDA13D389FE7827] - (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe [320880] [PID.5464]
[MD5.88C7319B0D171537A59520FE4DD8C357] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe [597792] [PID.5592]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.5684]
[MD5.F6EA75A95BE7580273F6F4437E58A508] - (.Sony Corporation - Marketing Tools.) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe [26624] [PID.5840]
[MD5.CCCDC7B64CFF96C977B0FADC24434628] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\HSK\AppData\Roaming\Dropbox\bin\Dropbox.exe [33322312] [PID.5884]
[MD5.6288C33DAA9D4D1405FB240977B46997] - (.Adobe Sytems - Adobe Version Cue™.) -- C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe [1732608] [PID.5984]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.5512]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [54840] [PID.4860]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.4516]
[MD5.520A0F8683354CA7F36CEF1E0361B93D] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920] [PID.6032]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.6448]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.6556]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.6416]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.6180]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8020480] [PID.7704]
[MD5.7FCE08C739136C9C64107A8814EF854C] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [414496] [PID.1172]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2236]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.2336]
[MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144] [PID.2624]
[MD5.D84AEA3F3329D622DFC1297DDDF6163B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.2648]
[MD5.4F45ED469906494F9BF754E476390DBD] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472] [PID.2760]
[MD5.627FA58ADC043704F9D14CA44340956F] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [360224] [PID.3008]
[MD5.63F6D08C54D5B3C1B12A6172032055C7] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960] [PID.2892]
[MD5.6B31C9CB94927DBEEB62E15275F4CC54] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [205168] [PID.3160]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.3280]
[MD5.D00058C1FFF3F3DE990444A5734E9639] - (.Sony Corporation - VAIO Content Folder Watcher.) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000] [PID.3572]
[MD5.F19275655B42086C884ABCDAE2C659AE] - (.Sony Corporation - VCM Intelligent Analyzing Manager.) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [549616] [PID.3848]
[MD5.7CD368DFF5D7D4BA9F8F46F31EA8877D] - (.Sony Corporation - VAIO Event Service(Service Sub Module).) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe [112488] [PID.3800]
[MD5.7493EA4DE41348F7D3EDBF9DB298F56A] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.3988]
[MD5.626A24ED1228580B9518C01930936DF9] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104] [PID.3044]
[MD5.C63E582366EAD77978BFFD959A66DBB8] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1364256] [PID.1540]
[MD5.41118D920B2B268C0ADC36421248CDCF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240] [PID.924]
[MD5.7CBA5728C50FCDFBB87FF9C2DCE881B0] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [60504] [PID.6240]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\HSK\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [user Data\Default] http://dts.search-results.com
G0 - GCSP: Preference [user Data\Default][HomePage] http://www.google.com

---\\ Google Chrome Extension Folder
~ Google Lines Browser: 2 Scanned in 00mn 00s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\HSK\AppData\Roaming\Mozilla\Firefox\Profiles\o73ex33h.default-1401909055427\prefs.js
M0 - MFSP: prefs.js [HSK - o73ex33h.default-1401909055427] www.orange.fr
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.10.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30214.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\HSK\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Firefox Browser: 8 Scanned in 00mn 00s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17041 (winblue_gdr.140305-1710)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 18 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects (O2)
O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Bitdefender Wallet [64Bits] - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender - Bitdefender Password Manager Internet Explo.) -- C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O2 - BHO: Bitdefender Wallet [64Bits] - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender - Bitdefender Password Manager Internet Explo.) -- C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll
~ BHO: 10 Scanned in 00mn 00s



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Orphan key
~ Toolbar: Scanned in 00mn 00s



---\\ Other User Links (O4)
O4 - GS\Desktop [HSK]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 01s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [bdagent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
O4 - HKCU\..\Run: [AnyDVD] . (.SlySoft, Inc. - AnyDVD Application.) -- C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\HSK\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Password Manager Agent.) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
O4 - HKCU\..\Run: [bitdefender Agent de l'application Wallet] . (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
O4 - HKCU\..\Run: [bitdefender Wallet] . (.Bitdefender - Bitdefender Password Manager.) -- C:\Program Files\BitDefender\Bitdefender\pwdmanui.exe
O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [iSBMgr.exe] . (.Sony Corporation - No Comment.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Wow6432Node\Run: [MarketingTools] . (.Sony Corporation - Marketing Tools.) -- C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeVersionCue] . (.Adobe Sytems - Adobe Version Cue™.) -- C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKUS\.DEFAULT\..\Run: [bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Password Manager Agent.) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
O4 - HKUS\.DEFAULT\..\Run: [bitdefender Wallet] . (.Bitdefender - Bitdefender Password Manager.) -- C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe
O4 - HKUS\.DEFAULT\..\Run: [bitdefender Agent de l'application Wallet] . (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Password Manager Agent.) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet] . (.Bitdefender - Bitdefender Password Manager.) -- C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe
O4 - HKUS\S-1-5-18\..\Run: [bitdefender Agent de l'application Wallet] . (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-915739014-1678678186-961486624-1000\..\Run: [AnyDVD] . (.SlySoft, Inc. - AnyDVD Application.) -- C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKUS\S-1-5-21-915739014-1678678186-961486624-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\HSK\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-915739014-1678678186-961486624-1000\..\Run: [bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Password Manager Agent.) -- C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
O4 - HKUS\S-1-5-21-915739014-1678678186-961486624-1000\..\Run: [bitdefender Agent de l'application Wallet] . (.Bitdefender - Bitdefender Application Password Manager Ag.) -- C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
O4 - HKUS\S-1-5-21-915739014-1678678186-961486624-1000\..\Run: [bitdefender Wallet] . (.Bitdefender - Bitdefender Password Manager.) -- C:\Program Files\BitDefender\Bitdefender\pwdmanui.exe
~ Application: Scanned in 00mn 00s



---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000010\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 10 Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{64BB823E-AE99-4076-B2BB-73936C7726DB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{64BB823E-AE99-4076-B2BB-73936C7726DB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{64BB823E-AE99-4076-B2BB-73936C7726DB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\Windows\system32\CbFsMntNtf3.dll
~ SSODL: 2 Scanned in 00mn 00s



---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\Windows\SysWOW64\CbFsMntNtf3.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - YSLoader.exe.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Driver Management Service (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\Windows\System32\BtwRSupportService.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) . (.CobianSoft, Luis Cobian - Cobian Backup Boletus VSC service.) - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) . (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - C:\Windows\system32\EscSvc64.exe
O23 - Service: Energy Server Service (ESRV_SVC) . (.Intel Corporation - Intel® Energy Checker Energy Server Service.) - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 327.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Orange update Core Service (Orange update Core Service) . (.Orange SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio Upnp Server 10 (Roxio Upnp Server 10) . (.Sonic Solutions - RoxioUpnpService10 Module.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: SafeBox (SafeBox) . (.Bitdefender - Safebox Service.) - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: CamMonitor (uCamMonitor) . (.ArcSoft, Inc. - MgiSvr.) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: Intel® Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender - Bitdefender Update Service.) - C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) . (.Sony Corporation - VAIO Content Folder Watcher.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) . (.Sony Corporation - VCM Intelligent Analyzing Manager.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VSNService (VSNService) . (.Sony Corporation - VAIO Smart Network Service.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
~ Services: 31 Scanned in 00mn 11s



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Task Planned Automatically (039)
[MD5.09E7C37DF4A911C8A9AA8BF88ACD10AA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257712]
[MD5.00000000000000000000000000000000] [APT] [Advanced System Protector] (...) -- C:\Program Files (x86)\RegClean Pro\SystweakASP.exe (.not file.) [0] =>PUP.AdvancedSystemProtector
[MD5.00000000000000000000000000000000] [APT] [Advanced System Protector_startup] (...) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (.not file.) [0] =>PUP.AdvancedSystemProtector
[MD5.F498F9A6044DE57744BD465662E6AD77] [APT] [bHO updater] (...) -- C:\Program Files (x86)\Internet Explorer\Updater.exe [117760]
[MD5.A5062EA164067050F2DFA9DCA98CA63A] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3157856]
[MD5.00000000000000000000000000000000] [APT] [Digital Sites] (...) -- C:\Users\HSK\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Hijacker.DSite
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000Core] (.Facebook Inc..) -- C:\Users\HSK\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000UA] (.Facebook Inc..) -- C:\Users\HSK\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104]
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104]
[MD5.00000000000000000000000000000000] [APT] [powersuite_monitor] (...) -- C:\Program Files (x86)\Uniblue\Powersuite\powersuite_monitor.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RegClean Pro] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.) [0] =>Rogue.RegistryPowerCleaner
[MD5.00000000000000000000000000000000] [APT] [RegClean Pro_DEFAULT] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.) [0] =>Rogue.RegistryPowerCleaner
[MD5.00000000000000000000000000000000] [APT] [RegClean Pro_UPDATES] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.) [0] =>Rogue.RegistryPowerCleaner
[MD5.449E6CD914920B84DDDF0F12880411EE] [APT] [{A4427778-387B-4AEB-8150-760968FA132B}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.5111C2975C5FB818EF6CA7EC36BF818E] [APT] [Level4Daily] (.Sony Corporation.) -- C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2557296]
[MD5.5111C2975C5FB818EF6CA7EC36BF818E] [APT] [Level4Month] (.Sony Corporation.) -- C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2557296]
[MD5.84A792BAFF0B6D946A36C7AE96686890] [APT] [VPM Logon Start] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [481136]
[MD5.84A792BAFF0B6D946A36C7AE96686890] [APT] [VPM Session Change] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [481136]
[MD5.84A792BAFF0B6D946A36C7AE96686890] [APT] [VPM Unlock] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [481136]
[MD5.1A6639A8A0835C105AE21211BEB3BBD2] [APT] [VAIO Gate] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2357408]
[MD5.2B97CFA8DC86252A5B986028C0FFC7A2] [APT] [VAIO Update] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1196080]
[MD5.3C6AF171F224F5E996DCE49223338F55] [APT] [VAIO Update Self Repair] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Update\VUSR.exe [2842672]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\Tasks\APSnotifierCA.job [378] =>PUP.AnyProtect
O39 - APT: Digital Sites - (...) -- C:\Windows\Tasks\Digital Sites.job [284] =>Hijacker.DSite
O39 - APT: Digital Sites - (...) -- C:\Windows\System32\Tasks\Digital Sites [284] =>Hijacker.DSite
O39 - APT: FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000Core.job [898]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000Core [898]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000UA.job [920]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-915739014-1678678186-961486624-1000UA [920]
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [906]
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [910]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1078]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1078]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1082]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1082]
O39 - APT: - (..) -- C:\Windows\Tasks\PCHelpers1st.job [296] =>PUP.OptimizerEliteMax
O39 - APT: - (..) -- C:\Windows\Tasks\PCHelpers_period.job [296] =>PUP.OptimizerEliteMax
O39 - APT: powersuite_monitor - (...) -- C:\Windows\Tasks\powersuite_monitor.job [348]
O39 - APT: powersuite_monitor - (...) -- C:\Windows\System32\Tasks\powersuite_monitor [348]
~ Scheduled Task: 37 Scanned in 00mn 06s



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BdfNdisf) . (.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
O41 - Driver: (bdfwfpf) . (.BitDefender LLC - BitDefender Firewall WFP Filter Driver.) - C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
O41 - Driver: (BDVEDISK) . (.BitDefender - FileVault Disk Driver.) - C:\Windows\System32\DRIVERS\bdvedisk.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cbfs3) . (.EldoS Corporation - Callback File System Driver.) - C:\Windows\system32\drivers\cbfs3.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: ({a88c5367-7ba7-4188-92bf-b63ed9a9e22e}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{a88c5367-7ba7-4188-92bf-b63ed9a9e22e}w64.sys =>PUP.LinkiDoo
~ Drivers: 78 Scanned in 00mn 00s



---\\ Software installed (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {55D55008-E5F6-47D6-B16F-B2A40D4D145F}
O42 - Logiciel: ACDSee 10 Gestionnaire de photos - (.ACD Systems International.) [HKLM][64Bits] -- {F8B98EB6-FC06-45BF-87D4-9784E0408611}
O42 - Logiciel: ACDSee Retouche photo - (.ACD Systems Ltd..) [HKLM][64Bits] -- {57C23D06-7708-4778-9005-8C78BABA5513}
O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}
O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
O42 - Logiciel: Adobe Color - Photoshop Specific - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A2D81E70-2A98-4A08-A628-94388B063C5E}
O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
O42 - Logiciel: Adobe Color EU Extra Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {51846830-E7B2-4218-8968-B77F0FF475B8}
O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
O42 - Logiciel: Adobe Color NA Recommended Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {95655ED4-7CA5-46DF-907F-7144877A32E5}
O42 - Logiciel: Adobe Creative Suite - (.Adobe Systems,Inc..) [HKLM][64Bits] -- {D52ECEBC-9B20-41A5-81C4-A62DE2367419}
O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 13 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B}
O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {04AF207D-9A77-465A-8B76-991F6AB66245}
O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {54793AA1-5001-42F4-ABB6-C364617C6078}
O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe_2ac78060bc5856b0c1cf873bb919b58 =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0046FA01-C5B9-4985-BACB-398DC480FC05} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader X (10.1.10) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe SVG Viewer
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D1BB4446-AE9C-4256-9A7F-4D46604D2462}
O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}
O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {802771A9-A856-4A41-ACF7-1450E523C923}
O42 - Logiciel: Advanced System Protector - (.Systweak Software.) [HKLM][64Bits] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 =>PUP.AdvancedSystemProtector
O42 - Logiciel: AnyDVD - (.SlySoft.) [HKLM][64Bits] -- AnyDVD
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {AAC5D43E-816D-4C2D-8E51-55FFF35BE301}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {787136D2-F0F8-4625-AA3F-72D7795AC842}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: ArcSoft Magic-i Visual Effects 2 - (.ArcSoft.) [HKLM][64Bits] -- {7BB90344-0647-468E-925A-7F69F7983421}
O42 - Logiciel: ArcSoft WebCam Companion 3 - (.ArcSoft.) [HKLM][64Bits] -- {DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}
O42 - Logiciel: Best Removal Tool - (.www.bestremovaltool.com.) [HKLM][64Bits] -- Best Removal Tool_is1
O42 - Logiciel: Bitdefender Total Security - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Brezhoneg (An Drouizig) - (.An Drouizig.) [HKLM][64Bits] -- {CF3BF7CC-E516-4132-B7EF-8AE9487412B5}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CD-LabelPrint - (...) [HKLM][64Bits] -- MediaNavigation.CDLabelPrint
O42 - Logiciel: Canon MP Navigator EX 2.0 - (...) [HKLM][64Bits] -- MP Navigator EX 2.0
O42 - Logiciel: Canon MP630 series MP Drivers - (...) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (...) [HKLM][64Bits] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (...) [HKLM][64Bits] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (...) [HKLM][64Bits] -- CanonSolutionMenu
O42 - Logiciel: CloneDVD2 - (.Elaborate Bytes.) [HKLM][64Bits] -- CloneDVD2
O42 - Logiciel: Cobian Backup 10 - (...) [HKLM][64Bits] -- CobBackup10
O42 - Logiciel: CopyTrans Suite désinstallation uniquement - (.WindSolutions.) [HKCU][64Bits] -- CopyTrans Suite
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVDFab Platinum 4.0.3.6 Beta Registered by AxMan custom DivX-Xv - (.Fengtao Software Inc..) [HKLM][64Bits] -- DVDFab Platinum 4 Licensed_is1
O42 - Logiciel: DYMO Label Software - (...) [HKLM][64Bits] -- DYMO Label Software
O42 - Logiciel: Dieller WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM][64Bits] -- EPSON Scanner
O42 - Logiciel: Enregistrement utilisateur de Canon MP630 series - (...) [HKLM][64Bits] -- Enregistrement utilisateur de Canon MP630 series =>.Canon Inc
O42 - Logiciel: Epson Event Manager - (.Seiko Epson Corporation.) [HKLM][64Bits] -- {10144CFE-D76C-4CFA-81A1-37A1642349A3}
O42 - Logiciel: Epson User's Guide Epson Perfection V550 Photo - (...) [HKLM][64Bits] -- Epson Perfection V550 Photo Useg
O42 - Logiciel: Evernote - (.Evernote Corp..) [HKLM][64Bits] -- {F761359C-9CED-45AE-9A51-9D6605CD55C4}
O42 - Logiciel: Facebook Video Calling 2.0.0.447 - (.Skype Limited.) [HKLM][64Bits] -- {8DF41A9F-FE13-43E8-A003-5F9B55A011EE}
O42 - Logiciel: Gestion de l’alimentation de VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {803E4FA5-A940-4420-B89D-A8BC2E160247}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions
O42 - Logiciel: HP Photosmart All-In-One Driver Software 13.0 Rel. A - (.HP.) [HKLM][64Bits] -- {17016DA1-F040-4032-BD36-34DD317BC9D5} =>.Hewlett-Packard Co
O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM][64Bits] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4}
O42 - Logiciel: Heredis 12 - (.BSD Concept.) [HKLM][64Bits] -- Heredis 12_is1
O42 - Logiciel: Heredis 8 - (...) [HKLM][64Bits] -- Heredis 8
O42 - Logiciel: ID_DCRaw Image Decoder Plug-In - (.ACD Systems.) [HKLM][64Bits] -- {DA1876DD-323E-4D78-8F9F-8F4FDE25C010}
O42 - Logiciel: Inkjet Printer/Scanner Extended Survey Program - (...) [HKLM][64Bits] -- CANONIJPLM100
O42 - Logiciel: Intel® Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel® Turbo Boost Technology Driver - (.Intel Corporation.) [HKLM][64Bits] -- {D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}
O42 - Logiciel: Java 7 Update 55 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: Java 6 Update 16 (64-bit) - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416016FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Klavier brezhonek - (...) [HKLM][64Bits] -- Klavier brezhonek
O42 - Logiciel: Logiciel Intel® PROSet/Wireless WiFi - (.Intel Corporation.) [HKLM][64Bits] -- {CCAFF072-4DDB-4846-963D-15F02A8E9472}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.2.1012 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Media Gallery - (.Sony Corporation.) [HKLM][64Bits] -- {DD88F979-FA58-41AC-980C-A6E1A82B61D9}
O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM][64Bits] -- Money2005b
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Mises à jour NVIDIA 1.14.17 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Modem DSL ECI Telecom - (...) [HKLM][64Bits] -- {C7B39B40-52C3-11D4-AFCE-00E0B8138A4A}
O42 - Logiciel: Mozilla Firefox 26.0 (x86 br) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 26.0 (x86 br)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: MusicStation - (.Omnifone.) [HKLM][64Bits] -- {AB259D46-F851-41B0-9AFA-AED8998AD68A}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA Pilote 3D Vision 327.02 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote graphique 327.02 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: OCR Software by I.R.I.S. 13.0 - (.HP.) [HKLM][64Bits] -- HPOCR
O42 - Logiciel: Outil de restauration de données VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}
O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
O42 - Logiciel: PMB - (.Sony Corporation.) [HKLM][64Bits] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}
O42 - Logiciel: PMB VAIO Edition Guide - (.Sony Corporation.) [HKLM][64Bits] -- {339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}
O42 - Logiciel: PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- {133D3F07-D558-46CE-80E8-F4D75DBBAD63}
O42 - Logiciel: PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- {22008CF9-2B54-4022-AFD8-3B7D42C89E6B}
O42 - Logiciel: PMB VAIO Edition plug-in (VAIO Movie Story) - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}
O42 - Logiciel: PMB VAIO Edition plug-in (VAIO Movie Story) - (.Sony Corporation.) [HKLM][64Bits] -- {B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}
O42 - Logiciel: Paramètres de contrôle du contenu VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {06C05B90-2127-4933-8ABA-61833BDE13FA}
O42 - Logiciel: Paramètres des fonctions d'origine VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {04EAE65A-CDCF-480F-B754-5C3A9364239C}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: Prise en charge du transfert VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: RegClean-Pro - (.Systweak Inc.) [HKLM][64Bits] -- RegClean-Pro_is1 =>Rogue.RegistryPowerCleaner
O42 - Logiciel: Roxio Central Audio - (.Roxio.) [HKLM][64Bits] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
O42 - Logiciel: Roxio Central Copy - (.Roxio.) [HKLM][64Bits] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
O42 - Logiciel: Roxio Central Core - (.Roxio.) [HKLM][64Bits] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB}
O42 - Logiciel: Roxio Central Data - (.Roxio.) [HKLM][64Bits] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693}
O42 - Logiciel: Roxio Central Tools - (.Roxio.) [HKLM][64Bits] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
O42 - Logiciel: Roxio Easy Media Creator 10 LJ - (.Roxio.) [HKLM][64Bits] -- {537BF16E-7412-448C-95D8-846E85A1D817} =>.Roxio
O42 - Logiciel: Roxio Easy Media Creator Home - (.Roxio.) [HKLM][64Bits] -- {FE51662F-D8F6-43B5-99D9-D4894AF00F83} =>.Roxio
O42 - Logiciel: SOHLib Merge Module - (.Sony Corporation.) [HKLM][64Bits] -- {4A221E47-E361-45C3-886A-7B2D7AD0E5AA}
O42 - Logiciel: Setting Utility Series - (.Sony Corporation.) [HKLM][64Bits] -- {A7DA438C-2E43-4C20-BFDA-C1F4A6208558}
O42 - Logiciel: Setup_VEP_x64_Contain_SSDB - (.Sony Corporation.) [HKLM][64Bits] -- {7ECD4ACB-E1B6-425B-B8AA-5761A59B77E0}
O42 - Logiciel: Setup_msm_VCMS_x64 - (.Sony Corporation.) [HKLM][64Bits] -- {1C6B6716-84AC-412A-A296-247D41EBB7FB}
O42 - Logiciel: Setup_msm_VOFS_x64 - (.Sony Corporation.) [HKLM][64Bits] -- {C69A835B-67A5-4542-AD24-FE36E3140BA9}
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM][64Bits] -- Shop for HP Supplies
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype™ 6.16 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: Sony Home Network Library - (.Sony Corporation.) [HKLM][64Bits] -- {A6B90666-2A1F-49E8-A40E-27EAAD11C096}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Ultra eBook Reader - (.CompuClever Systems Inc..) [HKCU][64Bits] -- Ultra eBook Reader
O42 - Logiciel: Update for Zip Opener - (.Update for Zip Opener.) [HKCU][64Bits] -- Digital Sites =>Hijacker.DSite
O42 - Logiciel: Updater - (.Creative Island Media, LLC.) [HKLM][64Bits] -- {D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}
O42 - Logiciel: VAIO - Clavier à distance - (.Sony Corporation.) [HKLM][64Bits] -- {7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}
O42 - Logiciel: VAIO - PMB VAIO Edition Guide - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}
O42 - Logiciel: VAIO - PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}
O42 - Logiciel: VAIO Care - (.Sony Corporation.) [HKLM][64Bits] -- {FDCC09EA-A33E-4639-B1CD-FC1702815FA7}
O42 - Logiciel: VAIO Content Metadata Intelligent Analyzing Manager - (.Sony Corporation.) [HKLM][64Bits] -- {0D14582D-D1F5-46EC-A8DC-19C5340AAF12}
O42 - Logiciel: VAIO Content Metadata Intelligent Network Service Manager - (.Sony Corporation.) [HKLM][64Bits] -- {725D5BA4-E9FA-452B-8CF5-D7E5F8055C71}
O42 - Logiciel: VAIO Content Metadata Manager Settings - (.Sony Corporation.) [HKLM][64Bits] -- {8FE3CF66-4484-4D39-B47D-DEBBA173619D}
O42 - Logiciel: VAIO Control Center - (.Sony Corporation.) [HKLM][64Bits] -- {72042FA6-5609-489F-A8EA-3C2DD650F667}
O42 - Logiciel: VAIO DVD Menu Data - (.Sony Corporation.) [HKLM][64Bits] -- {596BED91-A1D8-4DF1-8CD1-1C777F7588AC}
O42 - Logiciel: VAIO Entertainment Platform - (.Sony Corporation.) [HKLM][64Bits] -- {0489D044-6386-4BDF-9F98-577D60CF79DD}
O42 - Logiciel: VAIO Event Service - (.Sony Corporation.) [HKLM][64Bits] -- {C7477742-DDB4-43E5-AC8D-0259E1E661B1}
O42 - Logiciel: VAIO Gate - (.Sony Corporation.) [HKLM][64Bits] -- {A7C30414-2382-4086-B0D6-01A88ABA21C3}
O42 - Logiciel: VAIO Gate Default - (.Sony Corporation.) [HKLM][64Bits] -- {B7546697-2A80-4256-A24B-1C33163F535B}
O42 - Logiciel: VAIO Marketing Tools - (.Sony Corporation.) [HKLM][64Bits] -- MarketingTools
O42 - Logiciel: VAIO Media plus - (.Sony Corporation.) [HKLM][64Bits] -- {8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}
O42 - Logiciel: VAIO Media plus Opening Movie - (.Sony Corporation.) [HKLM][64Bits] -- {9238E8A4-BEBA-43A3-B926-769BDBF194C5}
O42 - Logiciel: VAIO Movie Story Template Data - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
O42 - Logiciel: VAIO Movie Story Template Data - (.Sony Corporation.) [HKLM][64Bits] -- {6FA8BA2C-052B-4072-B8E2-2302C268BE9E}
O42 - Logiciel: VAIO Personalization Manager - (.Sony Corporation.) [HKLM][64Bits] -- {DBB823F3-E8BD-4578-9D16-42AF176FD777}
O42 - Logiciel: VAIO Premium Partners - (.Sony Europe.) [HKLM][64Bits] -- VAIO Premium Partners
O42 - Logiciel: VAIO Smart Network - (.Sony Corporation.) [HKLM][64Bits] -- {0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}
O42 - Logiciel: VAIO Update - (.Sony Corporation.) [HKLM][64Bits] -- {9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}
O42 - Logiciel: VAIO Wallpaper Contents - (.Sony Corporation.) [HKLM][64Bits] -- {D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}
O42 - Logiciel: VAIO screensaver - (.Sony Europe.) [HKLM][64Bits] -- VAIO screensaver
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VU5x64 - (.Sony Corporation .) [HKLM][64Bits] -- {6B7DE186-374B-4873-AEC1-7464DA337DD6}
O42 - Logiciel: VU5x86 - (.Sony Corporation .) [HKLM][64Bits] -- {9D12A8B5-9D41-4465-BF11-70719EB0CD02}
O42 - Logiciel: VU5x86 - (.Sony Corporation .) [HKLM][64Bits] -- {D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) - (.Broadcom.) [HKLM][64Bits] -- 930E4792BDAEAFB62A9514EE7578775658A5D07C
O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM][64Bits] -- 3BA80AB4C7E9F8497C115C844953A3D4BEB84D21
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
O42 - Logiciel: Zip Opener Packages - (...) [HKCU][64Bits] -- Zip Opener Packages
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {B8BA155B-1E75-405F-9CB4-8A99615D09DC}
O42 - Logiciel: µTorrent - (...) [HKLM][64Bits] -- uTorrent =>P2P.µTorrent
~ Logic: 86 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ACD Systems]
[HKCU\Software\AI_RecycleBin]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\BVRP Software]
[HKCU\Software\Binary Noise]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Bitdefender]
[HKCU\Software\Borland]
[HKCU\Software\Bsd Concept]
[HKCU\Software\CDDB]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Compuclever]
[HKCU\Software\DVDFab]
[HKCU\Software\DYMO]
[HKCU\Software\ELIGCHK]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\Epson]
[HKCU\Software\Evernote]
[HKCU\Software\Facebook]
[HKCU\Software\Flash Player Pro]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\Livedrive]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LowRegistry]
[HKCU\Software\MGinstall]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\McAfee]
[HKCU\Software\MediaNavigation]
[HKCU\Software\Modern UI Test]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\Sauvegarde Locale BitDefender]
[HKCU\Software\Settings]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\SlySoft]
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\SpecItems]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\Widcomm]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\globalUpdate]
[HKCU\Software\kde.org]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVC3]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Auslogics]
[HKLM\Software\Best Removal Tool]
[HKLM\Software\BitDefender]
[HKLM\Software\Bitdefender SafeBox]
[HKLM\Software\Broadcom]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EldoS]
[HKLM\Software\Epson]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MidasHeurScanner]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sony]
[HKLM\Software\Synaptics]
[HKLM\Software\VsMntNtf]
[HKLM\Software\Waves Audio]
[HKLM\Software\Widcomm]
[HKLM\Software\Wow6432Node\ACD Systems]
[HKLM\Software\Wow6432Node\Adobe Systems]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\America Online]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\ArcSoft]
[HKLM\Software\Wow6432Node\Auslogics]
[HKLM\Software\Wow6432Node\BVRP Software]
[HKLM\Software\Wow6432Node\Bitdefender]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CobianSoft]
[HKLM\Software\Wow6432Node\DVDFab]
[HKLM\Software\Wow6432Node\DYMO]
[HKLM\Software\Wow6432Node\Digital River]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\ECI]
[HKLM\Software\Wow6432Node\EPSON]
[HKLM\Software\Wow6432Node\Elaborate Bytes]
[HKLM\Software\Wow6432Node\GlobalUpdate]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Kodak]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Livedrive]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\McAfeeInstaller]
[HKLM\Software\Wow6432Node\MidasHeurScanner]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Orange]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Roxio]
[HKLM\Software\Wow6432Node\Sauvegarde Locale BitDefender]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SlySoft]
[HKLM\Software\Wow6432Node\Sony Corporation]
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\Ultra eBook Reader]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\VsMntNtf]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\illiminable]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
~ Key Software: 439 Scanned in 00mn 00s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 24/02/2010 - 02:45:34 - [] ----D C:\Program Files (x86)\ACD Systems
O43 - CFD: 12/11/2011 - 13:08:54 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 28/07/2011 - 10:40:52 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 05/01/2010 - 07:47:40 - [] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 05/12/2012 - 15:23:44 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 30/12/2012 - 17:39:58 - [] ----D C:\Program Files (x86)\BSD Concept
O43 - CFD: 24/02/2010 - 02:42:43 - [] ----D C:\Program Files (x86)\BVRP Software
O43 - CFD: 25/02/2010 - 01:02:15 - [] ----D C:\Program Files (x86)\Canon
O43 - CFD: 05/01/2010 - 07:16:13 - [] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 03/06/2011 - 19:17:10 - [] ----D C:\Program Files (x86)\Cobian Backup 10
O43 - CFD: 30/05/2014 - 13:23:49 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 16/05/2010 - 17:24:46 - [] ----D C:\Program Files (x86)\DVDFab Platinum 4
O43 - CFD: 20/05/2012 - 16:44:44 - [] ----D C:\Program Files (x86)\DYMO Label
O43 - CFD: 07/03/2010 - 19:16:38 - [] ----D C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 29/05/2014 - 02:18:09 - [] ----D C:\Program Files (x86)\epson
O43 - CFD: 29/05/2014 - 02:18:36 - [] ----D C:\Program Files (x86)\Epson Software
O43 - CFD: 05/01/2010 - 07:20:24 - [] ----D C:\Program Files (x86)\Evernote
O43 - CFD: 10/12/2011 - 02:15:03 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 23/02/2010 - 14:50:12 - [] ----D C:\Program Files (x86)\Heredis 8
O43 - CFD: 20/09/2012 - 13:45:27 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 29/05/2014 - 02:18:08 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 05/01/2010 - 07:12:24 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/04/2014 - 12:14:50 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 04/03/2014 - 22:05:04 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 14/05/2014 - 23:58:45 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 23/02/2010 - 15:05:44 - [] ----D C:\Program Files (x86)\Klavier brezhonek
O43 - CFD: 03/06/2014 - 20:39:34 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 23/10/2010 - 01:37:28 - [] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 24/02/2014 - 01:00:54 - [] ----D C:\Program Files (x86)\Microsoft Money 2005
O43 - CFD: 01/07/2011 - 13:21:04 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 05/01/2010 - 07:29:43 - [] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 13/03/2014 - 22:14:19 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 05/01/2010 - 07:52:57 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 05/01/2010 - 07:31:51 - [] ----D C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 23/02/2010 - 21:43:44 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 10/10/2012 - 10:51:09 - [] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 28/06/2010 - 19:19:10 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 11/12/2013 - 16:37:22 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 11/12/2013 - 23:08:07 - [] ----D C:\Program Files (x86)\Mozilla Firefox.bak
O43 - CFD: 11/12/2013 - 23:08:17 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 24/02/2010 - 03:12:44 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 05/01/2010 - 07:31:54 - [] ----D C:\Program Files (x86)\MusicStation
O43 - CFD: 16/12/2013 - 10:42:51 - [] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 25/06/2011 - 13:37:31 - [] ----D C:\Program Files (x86)\Orange
O43 - CFD: 05/01/2010 - 07:15:27 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 05/01/2010 - 07:35:35 - [] ----D C:\Program Files (x86)\Roxio
O43 - CFD: 30/05/2014 - 13:23:49 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 07/03/2010 - 18:54:48 - [] ----D C:\Program Files (x86)\SlySoft
O43 - CFD: 27/04/2014 - 13:20:55 - [] ----D C:\Program Files (x86)\SONY
O43 - CFD: 05/01/2010 - 07:47:33 - [] ----D C:\Program Files (x86)\Sony Corporation
O43 - CFD: 05/01/2010 - 07:15:49 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 27/02/2012 - 23:09:36 - [] ----D C:\Program Files (x86)\uTorrent =>P2P.µTorrent
O43 - CFD: 05/01/2010 - 07:35:50 - [] ----D C:\Program Files (x86)\VAIO screensavers
O43 - CFD: 24/02/2010 - 12:53:02 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 13/07/2013 - 15:49:35 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 21/04/2012 - 20:03:20 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 07/03/2011 - 11:09:57 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/12/2013 - 10:35:37 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 07/03/2011 - 11:09:56 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 07/03/2011 - 11:09:57 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 07/03/2011 - 11:09:57 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 23/02/2010 - 15:26:35 - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 03/06/2014 - 17:45:02 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 11/03/2010 - 00:30:32 - [] ----D C:\Program Files (x86)\Common Files\ACD Systems
O43 - CFD: 12/11/2011 - 13:08:59 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 07/03/2010 - 12:49:52 - [] ----D C:\Program Files (x86)\Common Files\Adobe Systems Shared
O43 - CFD: 04/03/2014 - 22:04:19 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 05/01/2010 - 07:21:00 - [] ----D C:\Program Files (x86)\Common Files\ArcSoft
O43 - CFD: 29/01/2014 - 15:54:15 - [] ----D C:\Program Files (x86)\Common Files\BitDefender
O43 - CFD: 15/05/2014 - 01:16:23 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 20/09/2012 - 13:42:39 - [] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 20/09/2012 - 13:42:24 - [] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 05/01/2010 - 07:20:58 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 21/10/2013 - 09:31:55 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 24/02/2010 - 02:48:32 - [] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 07/12/2011 - 22:00:56 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 26/11/2009 - 02:03:02 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 05/01/2010 - 07:35:36 - [] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 05/01/2010 - 07:35:36 - [] ----D C:\Program Files (x86)\Common Files\Roxio Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 30/05/2014 - 13:23:49 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 05/01/2010 - 07:35:36 - [] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 17/07/2011 - 20:18:09 - [] ----D C:\Program Files (x86)\Common Files\Sony Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 10/11/2011 - 14:06:17 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 05/01/2010 - 07:48:11 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 04/03/2014 - 22:05:06 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 24/02/2010 - 02:45:37 - [] ----D C:\ProgramData\ACD Systems
O43 - CFD: 19/09/2013 - 00:44:34 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 28/01/2014 - 22:51:09 - [] ----D C:\ProgramData\Apple
O43 - CFD: 06/04/2012 - 16:13:41 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 23/11/2010 - 01:06:12 - [] ----D C:\ProgramData\ArcSoft
O43 - CFD: 13/09/2012 - 09:37:00 - [] ----D C:\ProgramData\bdch
O43 - CFD: 29/01/2014 - 16:23:04 - [] ----D C:\ProgramData\BDLogging
O43 - CFD: 29/01/2014 - 16:35:17 - [] ----D C:\ProgramData\Bitdefender
O43 - CFD: 29/04/2013 - 13:28:40 - [0] ----D C:\ProgramData\BSD
O43 - CFD: 30/12/2012 - 17:40:00 - [] ----D C:\ProgramData\BSD Concept
O43 - CFD: 11/02/2010 - 13:34:33 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 24/02/2010 - 02:42:43 - [] ----D C:\ProgramData\BVRP Software
O43 - CFD: 25/02/2010 - 00:35:32 - [] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 05/01/2012 - 00:07:29 - [] ----D C:\ProgramData\CanonIJ
O43 - CFD: 23/04/2011 - 12:33:00 - [] --H-D C:\ProgramData\CanonIJEPPEX
O43 - CFD: 25/02/2010 - 01:02:33 - [] --H-D C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 08/01/2014 - 16:13:44 - [] ----D C:\ProgramData\CanonIJPLM
O43 - CFD: 09/10/2011 - 17:14:58 - [] --H-D C:\ProgramData\CanonIJScan
O43 - CFD: 25/02/2010 - 01:06:22 - [] --H-D C:\ProgramData\CanonIJSolutionMenu
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 07/03/2010 - 19:19:27 - [] ----D C:\ProgramData\Elaborate Bytes
O43 - CFD: 15/11/2012 - 00:33:16 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 05/01/2010 - 07:20:22 - [] ----D C:\ProgramData\Evernote
O43 - CFD: 11/02/2010 - 13:34:33 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 09/12/2011 - 20:13:18 - [] ----D C:\ProgramData\Google
O43 - CFD: 20/09/2012 - 13:16:54 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 20/09/2012 - 13:51:50 - [] ----D C:\ProgramData\HP
O43 - CFD: 20/09/2012 - 13:43:55 - [] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 05/01/2010 - 07:16:12 - [] ----D C:\ProgramData\Intel
O43 - CFD: 27/04/2014 - 13:21:06 - [0] ----D C:\ProgramData\iolo
O43 - CFD: 07/03/2010 - 12:49:53 - [] ----D C:\ProgramData\Macrovision
O43 - CFD: 03/06/2014 - 20:39:30 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 06/03/2011 - 14:47:01 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 11/02/2010 - 13:34:33 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 26/02/2014 - 01:03:03 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 15/05/2014 - 01:17:14 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 11/02/2010 - 13:34:33 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 04/05/2012 - 23:05:51 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 05/01/2010 - 07:31:54 - [] ----D C:\ProgramData\MusicStation
O43 - CFD: 04/06/2014 - 20:23:17 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 16/12/2013 - 10:38:08 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 15/05/2014 - 00:01:31 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 20/06/2012 - 22:26:11 - [] ----D C:\ProgramData\Orange
O43 - CFD: 02/04/2011 - 03:25:14 - [0] ----D C:\ProgramData\Roxio
O43 - CFD: 05/01/2010 - 07:23:52 - [] ----D C:\ProgramData\SiteAdvisor
O43 - CFD: 30/05/2014 - 13:23:52 - [] ----D C:\ProgramData\Skype
O43 - CFD: 18/07/2011 - 09:46:33 - [] ----D C:\ProgramData\Skype Extras
O43 - CFD: 07/03/2010 - 18:57:05 - [] ----D C:\ProgramData\SlySoft
O43 - CFD: 16/05/2010 - 15:45:28 - [] ----D C:\ProgramData\Sonic
O43 - CFD: 27/05/2014 - 09:40:56 - [] ----D C:\ProgramData\Sony Corporation
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 25/04/2010 - 20:24:50 - [] ----D C:\ProgramData\Sun
O43 - CFD: 19/05/2014 - 13:43:03 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 05/01/2010 - 07:35:46 - [] ----D C:\ProgramData\Uninstall
O43 - CFD: 19/11/2013 - 14:15:46 - [] ----D C:\ProgramData\Updater =>PUP.CrossRider
O43 - CFD: 20/09/2012 - 13:58:57 - [] ----D C:\ProgramData\WEBREG
O43 - CFD: 16/02/2011 - 13:14:23 - [] ----D C:\ProgramData\WindSolutions
O43 - CFD: 27/02/2010 - 00:14:28 - [] ----D C:\ProgramData\{0DD0EEEE-2A7C-411C-9243-1AE62F445FC3}
O43 - CFD: 01/04/2010 - 11:38:46 - [] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 03/06/2014 - 19:44:44 - [] ----D C:\Users\HSK\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
O43 - CFD: 25/02/2010 - 02:27:43 - [] ----D C:\Users\HSK\AppData\Roaming\ACD Systems
O43 - CFD: 19/09/2013 - 00:45:16 - [] ----D C:\Users\HSK\AppData\Roaming\Adobe
O43 - CFD: 24/10/2011 - 21:46:34 - [] ----D C:\Users\HSK\AppData\Roaming\Apple Computer
O43 - CFD: 24/02/2010 - 13:57:37 - [] ----D C:\Users\HSK\AppData\Roaming\ArcSoft
O43 - CFD: 06/07/2010 - 01:17:43 - [] ----D C:\Users\HSK\AppData\Roaming\Auslogics
O43 - CFD: 29/01/2014 - 16:23:45 - [] ----D C:\Users\HSK\AppData\Roaming\Bitdefender
O43 - CFD: 01/01/2013 - 14:15:31 - [] ----D C:\Users\HSK\AppData\Roaming\BSD Concept
O43 - CFD: 09/10/2011 - 17:14:59 - [] ----D C:\Users\HSK\AppData\Roaming\Canon
O43 - CFD: 25/02/2010 - 01:03:13 - [] ----D C:\Users\HSK\AppData\Roaming\CD-LabelPrint
O43 - CFD: 08/12/2013 - 17:34:07 - [] ----D C:\Users\HSK\AppData\Roaming\CompuClever
O43 - CFD: 03/06/2014 - 19:44:37 - [] ----D C:\Users\HSK\AppData\Roaming\DigitalSites =>Hijacker.DSite
O43 - CFD: 04/06/2014 - 21:28:03 - [] ----D C:\Users\HSK\AppData\Roaming\Dropbox
O43 - CFD: 04/06/2014 - 20:52:32 - [] ----D C:\Users\HSK\AppData\Roaming\DropboxMaster
O43 - CFD: 06/11/2011 - 20:50:48 - [] ----D C:\Users\HSK\AppData\Roaming\dvdcss
O43 - CFD: 30/05/2014 - 02:31:43 - [] ----D C:\Users\HSK\AppData\Roaming\Epson
O43 - CFD: 23/02/2010 - 21:04:44 - [] ----D C:\Users\HSK\AppData\Roaming\Google
O43 - CFD: 20/09/2012 - 13:59:13 - [] ----D C:\Users\HSK\AppData\Roaming\HP
O43 - CFD: 11/02/2010 - 13:36:16 - [] ----D C:\Users\HSK\AppData\Roaming\Identities
O43 - CFD: 24/02/2010 - 02:42:05 - [] ----D C:\Users\HSK\AppData\Roaming\InstallShield
O43 - CFD: 23/02/2010 - 15:48:12 - [] ----D C:\Users\HSK\AppData\Roaming\Intel
O43 - CFD: 11/02/2010 - 13:39:02 - [] ----D C:\Users\HSK\AppData\Roaming\Intel Corporation
O43 - CFD: 27/04/2014 - 13:21:06 - [0] ----D C:\Users\HSK\AppData\Roaming\iolo
O43 - CFD: 23/02/2010 - 21:07:30 - [] ----D C:\Users\HSK\AppData\Roaming\Macromedia
O43 - CFD: 24/11/2011 - 02:25:35 - [] ----D C:\Users\HSK\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\HSK\AppData\Roaming\Media Center Programs
O43 - CFD: 06/05/2014 - 10:06:31 - [] -S--D C:\Users\HSK\AppData\Roaming\Microsoft
O43 - CFD: 23/02/2010 - 21:51:54 - [] ----D C:\Users\HSK\AppData\Roaming\Mozilla
O43 - CFD: 24/03/2014 - 11:20:15 - [0] ----D C:\Users\HSK\AppData\Roaming\Orange
O43 - CFD: 09/08/2012 - 13:25:00 - [0] ----D C:\Users\HSK\AppData\Roaming\QuickScan
O43 - CFD: 16/05/2010 - 15:46:24 - [] ----D C:\Users\HSK\AppData\Roaming\Roxio
O43 - CFD: 10/03/2010 - 11:15:06 - [] ----D C:\Users\HSK\AppData\Roaming\SharePod
O43 - CFD: 02/06/2014 - 08:32:47 - [] ----D C:\Users\HSK\AppData\Roaming\Skype
O43 - CFD: 22/07/2011 - 15:56:02 - [] ----D C:\Users\HSK\AppData\Roaming\skypePM
O43 - CFD: 17/03/2010 - 12:20:57 - [] ----D C:\Users\HSK\AppData\Roaming\Sony Corporation
O43 - CFD: 23/01/2013 - 15:47:18 - [] ----D C:\Users\HSK\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 23/02/2013 - 19:36:48 - [] ----D C:\Users\HSK\AppData\Roaming\vlc
O43 - CFD: 02/04/2011 - 03:07:22 - [0] ----D C:\Users\HSK\AppData\Roaming\Vso
O43 - CFD: 16/02/2011 - 13:14:26 - [] ----D C:\Users\HSK\AppData\Roaming\WindSolutions
O43 - CFD: 04/06/2014 - 21:32:15 - [] ----D C:\Users\HSK\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 25/02/2010 - 02:27:47 - [] ----D C:\Users\HSK\AppData\Local\ACD Systems
O43 - CFD: 12/04/2014 - 15:34:33 - [] ----D C:\Users\HSK\AppData\Local\Adobe
O43 - CFD: 24/02/2014 - 10:49:24 - [] ----D C:\Users\HSK\AppData\Local\AnyProtect =>PUP.AnyProtect
O43 - CFD: 24/02/2010 - 14:01:58 - [] ----D C:\Users\HSK\AppData\Local\Apple
O43 - CFD: 11/03/2010 - 00:31:43 - [] ----D C:\Users\HSK\AppData\Local\Apple Computer
O43 - CFD: 11/02/2010 - 13:34:52 - [] -SH-D C:\Users\HSK\AppData\Local\Application Data
O43 - CFD: 24/02/2010 - 13:57:37 - [] ----D C:\Users\HSK\AppData\Local\ArcSoft
O43 - CFD: 11/02/2010 - 13:38:57 - [] ----D C:\Users\HSK\AppData\Local\Broadcom
O43 - CFD: 23/02/2014 - 16:18:55 - [] ----D C:\Users\HSK\AppData\Local\cache
O43 - CFD: 24/04/2011 - 21:08:52 - [0] ----D C:\Users\HSK\AppData\Local\Canon Easy-PhotoPrint EX
O43 - CFD: 19/05/2014 - 18:00:48 - [] ----D C:\Users\HSK\AppData\Local\com
O43 - CFD: 08/12/2013 - 17:34:06 - [] ----D C:\Users\HSK\AppData\Local\CompuClever
O43 - CFD: 01/07/2013 - 10:23:44 - [0] ----D C:\Users\HSK\AppData\Local\Diagnostics
O43 - CFD: 10/03/2010 - 23:02:02 - [] ----D C:\Users\HSK\AppData\Local\Downloaded Installations
O43 - CFD: 01/07/2013 - 10:23:44 - [0] ----D C:\Users\HSK\AppData\Local\ElevatedDiagnostics
O43 - CFD: 15/11/2012 - 00:33:17 - [] ----D C:\Users\HSK\AppData\Local\eMule
O43 - CFD: 01/04/2010 - 18:27:15 - [] ----D C:\Users\HSK\AppData\Local\Evernote
O43 - CFD: 12/04/2013 - 12:32:46 - [] ----D C:\Users\HSK\AppData\Local\Facebook
O43 - CFD: 09/12/2011 - 20:13:18 - [] ----D C:\Users\HSK\AppData\Local\Google
O43 - CFD: 11/02/2010 - 13:34:52 - [] -SH-D C:\Users\HSK\AppData\Local\Historique
O43 - CFD: 20/09/2012 - 13:51:48 - [] ----D C:\Users\HSK\AppData\Local\HP
O43 - CFD: 19/06/2012 - 22:17:51 - [] ----D C:\Users\HSK\AppData\Local\Macromedia
O43 - CFD: 24/03/2014 - 11:32:19 - [] ----D C:\Users\HSK\AppData\Local\Microsoft
O43 - CFD: 29/08/2012 - 19:37:17 - [] ----D C:\Users\HSK\AppData\Local\Microsoft Help
O43 - CFD: 19/09/2013 - 14:25:20 - [] ----D C:\Users\HSK\AppData\Local\Mozilla
O43 - CFD: 24/02/2010 - 20:06:25 - [] ----D C:\Users\HSK\AppData\Local\Omnifone_Ltd
O43 - CFD: 14/11/2013 - 12:57:11 - [] ----D C:\Users\HSK\AppData\Local\Programs
O43 - CFD: 10/02/2011 - 15:10:17 - [0] ----D C:\Users\HSK\AppData\Local\Safe mirror
O43 - CFD: 06/03/2014 - 10:51:01 - [] ----D C:\Users\HSK\AppData\Local\Skype
O43 - CFD: 01/04/2010 - 15:17:48 - [] ----D C:\Users\HSK\AppData\Local\Sony Corporation
O43 - CFD: 11/02/2010 - 13:39:04 - [] ----D C:\Users\HSK\AppData\Local\Sony_Corporation
O43 - CFD: 04/06/2014 - 21:31:23 - [] ----D C:\Users\HSK\AppData\Local\Temp
O43 - CFD: 11/02/2010 - 13:34:52 - [] -SH-D C:\Users\HSK\AppData\Local\Temporary Internet Files
O43 - CFD: 30/05/2014 - 02:38:36 - [] ----D C:\Users\HSK\AppData\Local\VirtualStore
O43 - CFD: 26/02/2014 - 15:28:14 - [] ----D C:\Users\HSK\AppData\Local\Windows Live
O43 - CFD: 14/07/2009 - 06:54:32 - [] R---D C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 15/05/2014 - 10:18:30 - [] R---D C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 08/12/2013 - 17:34:11 - [] ----D C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CompuClever
O43 - CFD: 28/11/2010 - 18:32:03 - [] ----D C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
O43 - CFD: 25/05/2014 - 09:51:35 - [] ----D C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 14/07/2009 - 06:49:38 - [] R---D C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 25/06/2011 - 13:37:24 - [0] ----D C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Application
O43 - CFD: 25/05/2014 - 09:51:42 - [] R---D C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 23/02/2010 - 15:26:11 - [0] ----D C:\Users\HSK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 238 Scanned in 00mn 00s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.236BAE9DA99F46E60ABAEC11418B63AA] - 03/06/2014 - 18:06:39 ---A- . (...) -- C:\Windows\win.ini [745]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 03/06/2014 - 18:45:18 ---A- . (...) -- C:\Windows\System32\sasnative64.exe [16896]
O44 - LFC:[MD5.9D9ED48F841EA37AA5310D54B9E5D3C7] - 03/06/2014 - 19:39:31 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [91352]
O44 - LFC:[MD5.15E8ABC06843672955CE26A009533BAD] - 03/06/2014 - 19:39:31 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704]
O44 - LFC:[MD5.B123F55BFCE35EDD974B0799A79672AC] - 04/06/2014 - 19:20:33 ---A- . (...) -- C:\bdlog.txt [867580]
O44 - LFC:[MD5.D8B2C0433FE98C86F756239C194FDF02] - 04/06/2014 - 19:22:16 ---A- . (...) -- C:\Windows\PFRO.log [138862]
O44 - LFC:[MD5.27AFED0A84A5202155B59CD016086B96] - 04/06/2014 - 19:22:27 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.40A4EFD660BF9A693D90D98A043680DA] - 04/06/2014 - 19:23:23 ---A- . (...) -- C:\Windows\setupact.log [38596]
O44 - LFC:[MD5.0992140A713470D804C8A8CAF1250001] - 04/06/2014 - 19:31:39 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1441928]
O44 - LFC:[MD5.8A50D5304E6AE48664CF5838EC32F647] - 04/06/2014 - 20:20:55 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [122584]
O44 - LFC:[MD5.64BE6690C8A7583BB27F2CD615F36AFD] - 04/06/2014 - 20:31:07 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.EC500649B1BECF288D195631E9981E1A] - 27/05/2014 - 09:18:39 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1677594]
O44 - LFC:[MD5.358099D8061ED62463A67DEF3D17986E] - 27/05/2014 - 09:18:39 ---A- . (...) -- C:\Windows\System32\perfc009.dat [123234]
O44 - LFC:[MD5.F2D2314719CEEF75AFA9B916D7EF3161] - 27/05/2014 - 09:18:39 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150704]
O44 - LFC:[MD5.0E7AC14D6FBD23AE78CD389174361870] - 27/05/2014 - 09:18:39 ---A- . (...) -- C:\Windows\System32\perfh009.dat [657422]
O44 - LFC:[MD5.C5DF466526BCC19B591C99AD126FCD6E] - 27/05/2014 - 09:18:39 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [740654]
O44 - LFC:[MD5.53C3DF59E3CC67C8547B25F446ADE868] - 29/05/2014 - 01:13:50 ---A- . (...) -- C:\Windows\System32\esfweb.bin [65793]
O44 - LFC:[MD5.65544350FBB63F17C57C4AC90C069522] - 29/05/2014 - 01:13:50 ---A- . (.SEIKO EPSON CORP. - Command Interpreter Module.) -- C:\Windows\System32\esxuineb.dll [345600]
O44 - LFC:[MD5.125C5E14114F6F9DF15ABB67BDD04D5D] - 29/05/2014 - 01:13:50 ---A- . (.Seiko Epson Corporation. - Epson WIA Module.) -- C:\Windows\System32\esxw2_eb.dll [93696]
O44 - LFC:[MD5.20ECD0A490A121CB34F553FAD1DBBD39] - 29/05/2014 - 01:13:51 ----- . (.Seiko Epson Corporation - Epson Scanner Service (64bit).) -- C:\Windows\System32\escsvc64.exe [135824]
~ Files: 20 Scanned in 00mn 02s



---\\ Latest files created in Windows Prefetcher (O45)
O45 - LFCP:[MD5.0611F53FB74CC2E26D89D45F59F86E2A] - 29/05/2014 - 01:01:29 ---A- - C:\Windows\Prefetch\INTERNETUPDATERSERVICE.EXE-5870DB8F.pf =>PUP.InternetUpdater
O45 - LFCP:[MD5.C4D7234485F05178B913B615C77F2868] - 29/05/2014 - 01:01:29 ---A- - C:\Windows\Prefetch\NEWPLAYERUPDATERSERVICE.EXE-40B314AA.pf =>Adware.NewPlayer
~ Prefetcher: 2 Scanned in 00mn 00s



---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (MPKS) (O51)
O51 - MPSK:{e325f24a-7344-11df-a953-506313de2886}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 18 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:16/09/2013 - 10:18:53 ----- . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\Windows\System32\Drivers\amdkmpfd.sys [36096]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:15/02/2014 - 16:31:08 ----- . (.SlySoft, Inc. - AnyDVD Filter Driver.) -- C:\Windows\System32\Drivers\AnyDVD.sys [138664]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:26/05/2009 - 14:32:04 ----- . (.ArcSoft, Inc. - For X64.) -- C:\Windows\System32\Drivers\ArcSoftKsUFilter.sys [19968]
O58 - SDL:09/11/2009 - 21:05:19 ----- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [1542656]
O58 - SDL:05/02/2014 - 16:29:34 ----- . (.BitDefender - Active Virus Control filter driver.) -- C:\Windows\System32\Drivers\avc3.sys [893440]
O58 - SDL:02/11/2012 - 13:17:46 ----- . (.BitDefender - BitDefender AntiVirus Active Virus Control Hypervisor driver.) -- C:\Windows\System32\Drivers\avchv.sys [261056]
O58 - SDL:05/02/2014 - 16:29:22 ----- . (.BitDefender - Active Virus Control Kernel Filtering driver.) -- C:\Windows\System32\Drivers\avckf.sys [635392]
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:16/09/2013 - 10:11:50 ----- . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\Drivers\bcbtums.sys [170712]
O58 - SDL:22/02/2013 - 18:46:52 ---A- . (.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) -- C:\Windows\System32\Drivers\BdfNdisf6.sys [93600]
O58 - SDL:04/11/2013 - 15:47:36 ----- . (.BitDefender SRL - BitDefender SandBox Filter Driver.) -- C:\Windows\System32\Drivers\bdsandbox.sys [82824]
O58 - SDL:17/04/2012 - 13:34:26 ----- . (.BitDefender - FileVault Disk Driver.) -- C:\Windows\System32\Drivers\bdvedisk.sys [76944]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:18/11/2009 - 21:04:08 ----- . (.Broadcom Corporation. - Widcomm Bluetooth USB Filter for Windows XP.) -- C:\Windows\System32\Drivers\btusbflt.sys [52264]
O58 - SDL:16/09/2013 - 10:11:50 ----- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\System32\Drivers\btwampfl.sys [166104]
O58 - SDL:18/11/2009 - 21:04:09 ----- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\Drivers\btwaudio.sys [98344]
O58 - SDL:18/11/2009 - 21:04:09 ----- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\Drivers\btwavdt.sys [132648]
O58 - SDL:18/11/2009 - 21:03:38 ----- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\Drivers\btwl2cap.sys [35104]
O58 - SDL:18/11/2009 - 21:04:10 ----- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\Drivers\btwrchid.sys [21160]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:10/11/2012 - 10:50:36 ----- . (.EldoS Corporation - Callback File System Driver.) -- C:\Windows\System32\Drivers\cbfs3.sys [352008]
O58 - SDL:15/05/2009 - 11:00:00 ----- . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdr4_xp.sys [10224]
O58 - SDL:15/05/2009 - 11:00:00 ----- . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdralw2k.sys [10224]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:04/03/2013 - 13:24:27 ----- . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\Drivers\ElbyCDIO.sys [40344]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:34:33 ----- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:21/08/2012 - 12:01:20 ----- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:23/08/2013 - 12:48:49 ----- . (.BitDefender LLC - BitDefender Gonzales FileSystem Driver.) -- C:\Windows\System32\Drivers\gzflt.sys [150256]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:17/09/2009 - 21:54:54 ----- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [56344]
O58 - SDL:20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:16/09/2013 - 10:11:34 ----- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys [557848]
O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:24/11/2009 - 21:24:10 ----- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [7773856]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:11/11/2009 - 03:05:01 ----- . (.Intel Corporation - Intel® Turbo Boost Technology Driver.) -- C:\Windows\System32\Drivers\Impcd.sys [151936]
O58 - SDL:24/11/2009 - 21:25:07 ----- . (.Intel® Corporation - Intel® Display HD Audio driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [244736]
O58 - SDL:16/09/2013 - 11:20:07 ----- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [17280]
O58 - SDL:16/09/2013 - 11:16:06 ----- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C62x64.sys [129224]
O58 - SDL:14/07/2009 - 02:48:04 ----- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14/07/2009 - 02:48:04 ----- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14/07/2009 - 02:48:04 ----- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14/07/2009 - 02:48:04 ----- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:12/05/2014 - 06:25:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:12/05/2014 - 06:26:00 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [91352]
O58 - SDL:04/06/2014 - 20:20:55 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [122584]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:12/05/2014 - 06:26:10 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704]
O58 - SDL:15/09/2009 - 12:40:42 ----- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETw5s64.sys [6952960]
O58 - SDL:16/09/2013 - 10:13:51 ----- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwsw00.sys [11530992]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:16/09/2013 - 11:16:32 ----- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda64v.sys [196384]
O58 - SDL:05/09/2013 - 02:36:46 ----- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 327.02.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [11273504]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:20/05/2009 - 11:00:00 ----- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\Drivers\PxHlpa64.sys [55280]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:16/02/2007 - 01:56:51 ---A- . (.Elaborate Bytes AG - Elby Delay Lower Filter Driver.) -- C:\Windows\System32\Drivers\RegKill.sys [14032]
O58 - SDL:29/10/2009 - 21:09:23 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimssne64.sys [93696]
O58 - SDL:16/09/2013 - 10:23:55 ----- . (.REDC - RICOH PCIe SD/MMC Driver.) -- C:\Windows\System32\Drivers\risdsne64.sys [78848]
O58 - SDL:07/12/2009 - 02:15:15 ----- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [2212640]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:27/04/2014 - 12:19:55 ---A- . (...) -- C:\Windows\System32\Drivers\semav6thermal64ro.sys [13792]
O58 - SDL:14/07/2009 - 01:00:40 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\serial.sys [94208]
O58 - SDL:16/09/2013 - 11:20:10 ----- . (.Sony Corporation - Sony Firmware Extension Parser driver.) -- C:\Windows\System32\Drivers\SFEP.sys [12032]
O58 - SDL:28/05/2009 - 21:03:08 ----- . (.Sony Corporation - Sony HDD Protection Driver.) -- C:\Windows\System32\Drivers\shpf.sys [25120]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:16/09/2013 - 11:19:34 ----- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [34544]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:16/09/2013 - 10:30:00 ----- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [457528]
O58 - SDL:07/08/2013 - 12:46:28 ----- . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\Windows\System32\Drivers\trufos.sys [389240]
O58 - SDL:13/12/2012 - 13:50:36 ----- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:16/09/2013 - 10:36:22 ----- . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\Drivers\wdcsam64.sys [14464]
O58 - SDL:24/04/2014 - 11:19:12 ----- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{a88c5367-7ba7-4188-92bf-b63ed9a9e22e}w64.sys [61120] =>PUP.LinkiDoo
O58 - SDL:15/02/2014 - 16:31:08 ---A- . (.SlySoft, Inc. - AnyDVD Filter Driver.) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys [138664]
O58 - SDL:14/12/2006 - 00:41:49 ---A- . (.Elaborate Bytes AG - Elby Delay Lower Filter Driver.) -- C:\Windows\SysWOW64\drivers\ElbyDelay.sys [14032]
O58 - SDL:16/02/2007 - 01:56:51 ---A- . (.Elaborate Bytes AG - Elby Delay Lower Filter Driver.) -- C:\Windows\SysWOW64\drivers\RegKill.sys [14032]
~ Drivers: 97 Scanned in 00mn 00s



---\\ Last modified or created user files (O61)
O61 - LFC: 03/06/2014 - 21:32:29 ---A- . (...) -- C:\Users\HSK\AppData\Local\Temp\is2092675\Sqlite3.dll [599419]
O61 - LFC: 03/06/2014 - 21:32:29 ---A- . (...) -- C:\Users\HSK\Desktop\Zebulon\ZipSetup.exe [678768]
O61 - LFC: 03/06/2014 - 21:32:29 ---A- . (...) -- C:\Users\HSK\Desktop\Zebulon\adwcleaner_3.211.exe [1327971]
O61 - LFC: 03/06/2014 - 21:32:29 ---A- . (.Malwarebytes Corporation.) -- C:\Users\HSK\Desktop\Zebulon\mbam-setup-2.0.2.1012.exe [17292760]
O61 - LFC: 03/06/2014 - 21:32:29 ---A- . (.Thisisu.) -- C:\Users\HSK\Desktop\Zebulon\JRT.exe [1016261]
O61 - LFC: 04/06/2014 - 21:32:29 ---A- . (...) -- C:\Users\HSK\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwl1e0q.dll [43008]
~ 158 Fichiers temporaires (Temporary files)
~ 44 Fichiers cookies (Cookies files)
~ Files: 6 Scanned in 00mn 02s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 05/02/2014 - C:\Windows\System32\DRIVERS\avc3.sys (avc3) .(.BitDefender - Active Virus Control filter driver.) - LEGACY_AVC3
O64 - Services: CurCS - 05/02/2014 - C:\Windows\System32\DRIVERS\avckf.sys (avckf) .(.BitDefender - Active Virus Control Kernel Filtering drive.) - LEGACY_AVCKF
O64 - Services: CurCS - 22/02/2013 - c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys (BdfNdisf) .(.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - LEGACY_BDFNDISF
O64 - Services: CurCS - 14/11/2011 - C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (bdfwfpf) .(.BitDefender LLC - BitDefender Firewall WFP Filter Driver.) - LEGACY_BDFWFPF
O64 - Services: CurCS - 17/04/2012 - C:\Windows\System32\DRIVERS\bdvedisk.sys (BDVEDISK) .(.BitDefender - FileVault Disk Driver.) - LEGACY_BDVEDISK
O64 - Services: CurCS - 04/03/2013 - C:\Windows\System32\Drivers\ElbyCDIO.sys (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - LEGACY_ELBYCDIO
O64 - Services: CurCS - 23/08/2013 - C:\Windows\System32\DRIVERS\gzflt.sys (gzflt) .(.BitDefender LLC - BitDefender Gonzales FileSystem Driver.) - LEGACY_GZFLT
O64 - Services: CurCS - 16/09/2013 - C:\Windows\System32\drivers\iaStor.sys (iaStor) .(.Intel Corporation - Intel Rapid Storage Technology driver - x64.) - LEGACY_IASTOR
O64 - Services: CurCS - 12/05/2014 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 04/06/2014 - C:\Windows\system32\drivers\MBAMSwissArmy.sys (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSWISSARMY
O64 - Services: CurCS - 12/05/2014 - C:\Windows\system32\drivers\mwac.sys (MBAMWebAccessControl) .(.Malwarebytes Corporation - Malwarebytes Web Access Control.) - LEGACY_MBAMWEBACCESSCONTROL
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 07/08/2013 - C:\Windows\System32\DRIVERS\trufos.sys (trufos) .(.BitDefender S.R.L. - Trufos Kernel Module.) - LEGACY_TRUFOS
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{a88c5367-7ba7-4188-92bf-b63ed9a9e22e}w64.sys ({a88c5367-7ba7-4188-92bf-b63ed9a9e22e}w64) .(.StdLib - StdLib.) - LEGACY_{A88C5367-7BA7-4188-92BF-B63ED9A9E22E}W64 =>PUP.LinkiDoo
~ Legacy: 84 Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Crack & Keygen Files (CKF) (O82)
C:\Telleg\Gwared\Meziantoù\DivX Pro v\DivX.Pro.v6.8.0.30.Multilangages.Incl-Keygen.rar =>.Crack,Keygen
~ Files: Scanned in 00mn 12s



---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 00s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.0E04B2015FA0D651615FA3A6B5FA24A1] [sPRF][09/08/2012] (...) -- C:\ProgramData\1344511454.bdinstall.bin [211936]
[MD5.47E7D2D83C02DC8047B556088671473C] [sPRF][29/01/2014] (...) -- C:\ProgramData\1391003674.bdinstall.bin [268484]
[MD5.0E3CC5FC7E6E00D229AB2D04F43094A6] [sPRF][29/01/2014] (...) -- C:\ProgramData\1391004525.bdinstall.bin [657493]
[MD5.8713B8A8065CA28FB4878DD255442A96] [sPRF][24/02/2010] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.16E53BFC96CE14021C0E07EB1C198478] [sPRF][16/05/2010] (...) -- C:\Users\HSK\AppData\Roaming\inst.exe [99384]
[MD5.AF7CE12C4F3DC8CB2B07685C916BBCFE] [sPRF][16/05/2010] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\HSK\AppData\Roaming\pcouffin.sys [82816]
[MD5.C3E983189E289E28BA49D1C3BE9E75B7] [sPRF][24/06/2013] (.www.bestremovaltool.com - Best Removal Tool Setup.) -- C:\Users\HSK\Desktop\BestRemovalTool_Setup.exe [3372904]
[MD5.FEE1D58C6AD73F25EB0DAD4F690560AD] [sPRF][12/04/2013] (.Facebook Inc. - Setup.) -- C:\Users\HSK\Desktop\FacebookVideoCallSetup_v1.2.205.0.exe [501248]
[MD5.A1B87538FD91118308A5207BF6C66FBE] [sPRF][27/11/2010] (.Jeffrey Harris - SharePod.) -- C:\Users\HSK\Desktop\SharePod.exe [5470720]
~ Files: 9 Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{6C785E07-C0A7-4E5D-812D-BB38866B7D1A}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{75B0A84B-6A03-4BBA-96AA-952F7EF88F25}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 01s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup
HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_DC5D2AFB0F84E8D8_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_DC5D2AFB0F84E8D8_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\InternetUpdaterService_RASAPI32 =>PUP.InternetUpdater
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\InternetUpdaterService_RASMANCS =>PUP.InternetUpdater
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\moovida-setup_RASAPI32 =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\moovida-setup_RASMANCS =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\moovida_air_RASAPI32 =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\moovida_air_RASMANCS =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\moovida_RASAPI32 =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\moovida_RASMANCS =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateSpringSmart_RASAPI32 =>PUP.SpringSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateSpringSmart_RASMANCS =>PUP.SpringSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilSpringSmart_RASAPI32 =>PUP.SpringSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilSpringSmart_RASMANCS =>PUP.SpringSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
~ BTK: 436 Scanned in 00mn 00s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 07/03/2010 68096 | (Adobe LM Service) . (...) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 13/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 22/10/2003 61440 | (AdobeVersionCue) . (.Adobe Sytems.) - C:\Program Files (x86)\Adobe\Adobe Version Cue\service\VersionCue.exe =>.Adobe Systems Incorporated
SS - | Disabled 21/11/2013 77632 | (BdDesktopParental) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe
SS - | Auto 11/12/2011 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe
SS - | Auto 01/11/2013 377768 | (ESRV_SVC) . (.Intel Corporation.) - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
SS - | Demand 24/02/2010 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 05/01/2010 133104 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/01/2010 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/01/2010 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 22/01/2008 103808 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SS - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 16/10/2013 235216 | (McComponentHostServiceSony) . (.McAfee, Inc..) - C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
SS - | Demand 11/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 21/01/2014 699912 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Demand 31/08/2009 313840 | (Roxio UPnP Renderer 10) . (.Sonic Solutions.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
SS - | Auto 31/08/2009 362992 | (Roxio Upnp Server 10) . (.Sonic Solutions.) - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 10/09/2010 108400 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 12/10/2010 423280 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Demand 10/09/2010 67952 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 27/09/2010 74496 | (VAIO Entertainment TV Device Arbitration Service) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
SS - | Demand 25/10/2010 387896 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 18/02/2011 99104 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/09/2013 2252504 | (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 04/09/2009 873248 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 23/09/2010 67584 | (cbVSCService) . (.CobianSoft, Luis Cobian.) - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
SR - | Auto 21/09/2009 1420560 | (EvtEng) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 02/10/2009 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 01/10/2009 262144 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
SR - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 29/08/2013 920864 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 05/09/2013 1364256 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 24/10/2009 360224 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/09/2009 831760 | (RegSrvc) . (.Intel® Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 08/07/2013 94624 | (SafeBox) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
SR - | Demand 20/01/2011 286936 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 29/08/2013 414496 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 18/09/2008 104960 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SR - | Auto 01/10/2009 2314240 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
SR - | Auto 07/10/2013 67320 | (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
SR - | Demand 01/11/2013 377768 | (USER_ESRV_SVC) . (.Intel Corporation.) - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
SR - | Auto 28/05/2010 205168 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
SR - | Demand 30/11/2009 571248 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SR - | Auto 20/01/2011 887000 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SR - | Auto 19/05/2011 549616 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SR - | Demand 20/02/2014 60504 | (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Auto 11/08/2010 845312 | (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SR - | Auto 04/04/2014 1523728 | (VSSERV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
SR - | Demand 27/02/2014 1642544 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\vuagent.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s



---\\ Search Master Boot Record Infection (MBR)(O80)
Run by HSK at 04/06/2014 21:32:59
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by HSK at 04/06/2014 21:33:01
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (30/05/2014)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 7

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1] =>PUP.AdvancedSystemProtector^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1] =>Rogue.RegistryPowerCleaner^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites] =>Hijacker.DSite^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.µTorrent^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
C:\Program Files (x86)\uTorrent =>P2P.µTorrent^
C:\ProgramData\Updater =>PUP.CrossRider^
C:\Users\HSK\AppData\Roaming\DigitalSites =>Hijacker.DSite^
C:\Users\HSK\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\HSK\AppData\Local\AnyProtect =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierCA.job =>PUP.AnyProtect^
C:\Windows\Tasks\Digital Sites.job =>Hijacker.DSite^
C:\Windows\System32\Tasks\Digital Sites =>Hijacker.DSite^
C:\Windows\Tasks\PCHelpers1st.job =>PUP.OptimizerEliteMax^
C:\Windows\Tasks\PCHelpers_period.job =>PUP.OptimizerEliteMax^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
C:\Program Files (x86)\Internet Explorer\cr_addon.crx =>PUP.Babylon
~ Additionnel Scan: 458326 Items scanned in 00mn 26s



---\\ Summary of the detections found on your workstation















~ MSI: 15 link(s) detected in 00mn 00s



End of the scan (1643 lines in 01mn 48s)(1)

 

Questions: 1) je n'ai réinitialisé que Firefox parce que je ne me sers que de lui. Mais j'ai aussi Internet explorer dont je ne me sers pas. Devais-je aussi le réinitialiser?

2) Depuis une semaine quand j'ouvre mon PC, j'ai une fenêtre desktop.ini ouverte sur mon bureau avec:

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787

 

D'où cela vient-il?

Puis-je y remédier?

 

Merci beaucoup de votre aide

Cordialement

Herve