[Résolu] Rapport ZHPDiag

[laya]

Bonsoir Voici un rapport zhp pour le pc d'un ami dans lequel MBAM a trouvé 4356 pup. Pouvez-vous me dire s'il y a quelque chose à faire sachant qu'il avait ressenti de très gros ralentissements depuis quelques mois? Merci beaucoup

 

http://cjoint.com/?DHlaruC2lwS

[pear]

Bonjour,

 

Suivez cette procédure attentivement, point par point, et postez en les rapports dans l'ordre
Comment poster les rapports
Aller sur le site :Ci-Joint
Appuyez sur Parcourir et chercher les rapports sur le disque,
Cliquer sur Ouvrir
Cliquer sur Créer le lien CJoint,
>> dans la page suivante --> ,,
une adresse http//.. sera créée
Copier /coller cette adresse dans votre prochain message.
Ne postez jamais vos réponses dans un message antérieur mais dans un nouveau message sinon nous ne sommes pas avertis de votre nouvelle réponsei

1)Si vous avez Adwcleaner depuis quelque temps, désinstallez le et installez la dernière version
Télécharger AdwCleaner
Sous Vista et Windows 7_ 8-> Exécuter en tant qu'administrateur
Afin de ne pas fausser les rapports,Scanner et Nettoyer ne doivent être lancés qu'une seule fois
Cliquez sur Scanner

NettoyageA faire sans délai
Cliquez sur Nettoyer et postez le rapport C:\AdwCleaner[s1].txt
Après redémarrage , un rapport à poster sera sur le bureau

2)Télécharger Junkware Removal Tool de thisisu
OS:Windows XP/Vista/7/8
Utilisable sur systèmes 32-bits et 64-bits

Clilquez sur Jrt.exe avec droits administrateur.
Si votre antvirus râle,Vous le signalez comme acceptable dans les exceptions de votre antivirus
Une fenêtre noire s'ouvre qui vous dit de cliquer une touche pour lancer le scan.

L'outil va prendre quelques minutes pour fouiller votre machine.
Patientez jusqu'à l'apparition de Jrt.txt dont vous posterez le contenu.

3)Téléchargez Malwarebytes Anti-Malware
Ici

ou là:
et enregistrez-le sur le Bureau.
Faites un double clic sur mbam-setup-2.0.0.1000.exe et suivez les invites pour installer le programme.
Cliquer Setting pour le mettre en Français
vérifiez que cette cases Lancer Malwarebytes Anti-Malware est bien cochée.
Un essai gratuit de 14 jours des fonctions de la version Premium(payante) est pré-sélectionné, décochez le.
Cela ne diminuera pas les capacités d'analyse et de suppression du programme.
Cliquez sur Terminer.



Dans l'onglet Paramètres > Sous-onglet Détection et Protection, Options de détection, cochez la case située devant Recherche de Rootkits
Sur le Tableau de bord, cliquez sur le lien Mettre à jour .
Si , par la suite, vos bases de données sont obsolètes vous en serez averti et invtié à Corriger maintenant.

Après la mise à jour,Connecter les supports amovibles (USB) et cliquer sur Examen-> Examen personnalisé
Cochez tout
cliquez sur le bouton Examiner maintenant .

Si Malewarebytes ne se lançait pas utilisez Chameleon
et
Si Mbam renacle ou plante, lancez Lancer Mbam-clean.exe
et réinstallez le

Si des éléments sont détectés, cliquez sur Appliquer les actions pour que MBAM nettoye ce qu'il a détecté.
Dans la plupart des cas, un redémarrage sera nécessaire.
Attendez l'affichage du message vous invitant à faire redémarrer le PC, puis cliquez sur Oui

(Copier dans le Presse-papiers pour coller dans une réponse sur le forum)
Après le redémarrage, quand vous êtes de retour sur le Bureau, ouvrez de nouveau MBAM.
Cliquez sur l'onglet Historique > Journaux de l'application.
Faites un double clic sur le Journal d'examen dont les date et heure correspondent à l'analyse qui vient d'être effectuée.
Cliquez sur Afficher puis Copier dans le Presse-papiers
Collez le contenu du Presse-papiers dans votre prochaine réponse.

4)Il faut Réinitialiser votre Navigateur
en cliquant ici

Cela désinstallera plugins et extensions que vous pourrez réinstaller avec la prudence nécessaire

5)Nouveau rapport Zhpdiag
Télécharger Zhpdiag

Double-cliquer sur ZHPDiag.exe pour installer l'outil
Il devrait y avoir 2 icônes sur le bureau ou dans le fichier d'installation de Zhpdiag.



Sous XP, double clic sur l'icône ZhpDiag
Sous Vista et +, faire un clic droit et Exécuter en tant qu'administrateur

Cliquez sur le bouton Complet

Patientez quelques instants
Le rapport ZhpDiag.txt apparaitra sur le bureau

[laya]

Bonjour Pear,

Désolée du retard, mais je sors de l'hospitalisation de ma fille, dure semaine...

Je me met au travail.

Merci encore

[laya]

Pour AdwCleaner:

http://cjoint.com/?DHumdyAeIga

[laya]

Pour JRT:

http://cjoint.com/?DHumosEy9rC

[pear]

Mes voeux de bonne santé pour votre fille.

 

Voyons la suite de la procédure.

[laya]

^{Voici la suite:}

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 20/08/2014
Heure de l'examen: 12:19:14
Fichier journal:
Administrateur: Oui

Version: 2.00.2.1012
Base de données Malveillants: v2014.08.20.03
Base de données Rootkits: v2014.08.16.01
Licence: Gratuite
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Self-protection: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: nico

Type d'examen: Examen "Personnalisé"
Résultat: Terminé
Objets analysés: 507707
Temps écoulé: 1 h, 32 min, 35 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Activé(e)
Heuristics: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Clés du Registre: 0
(No malicious items detected)

Valeurs du Registre: 0
(No malicious items detected)

Données du Registre: 0
(No malicious items detected)

Dossiers: 0
(No malicious items detected)

Fichiers: 21
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir, Mis en quarantaine, [14337255cdaedb5b49669b9469976898],
Adware.Boxore, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Software\Update\1.2.199.0\SoftwareCrashHandler.exe.vir, Mis en quarantaine, [5ceb8c3b0279a591c56cfbd2e81822de],
Adware.Boxore, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Software\Update\1.2.199.0\SoftwareUpdate.exe.vir, Mis en quarantaine, [7ccb6166c1bad1654be6a32af7099a66],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe.vir, Mis en quarantaine, [02455a6d08732511f00faf4d4db7ed13],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgArchive.dll.vir, Mis en quarantaine, [9ea91aadccaf02342ed15e9e5da7a45c],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll.vir, Mis en quarantaine, [fc4ba0277a01f541926d2cd0b54fea16],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll.vir, Mis en quarantaine, [f7503d8ad0ab1b1b8778b9431de7d828],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll.vir, Mis en quarantaine, [b790be095427b68055aaf00c1ce81fe1],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mglogger.dll.vir, Mis en quarantaine, [a2a52f980d6e1125837cee0e4fb507f9],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll.vir, Mis en quarantaine, [bc8b03c497e4df574ab536c63dc7827e],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll.vir, Mis en quarantaine, [d6716a5d1d5e86b0d827d626da2aa858],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll.vir, Mis en quarantaine, [d770fdca5b20a98d758a3ebeed17b14f],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll.vir, Mis en quarantaine, [96b1388f2b50f046659a5f9d84809070],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll.vir, Mis en quarantaine, [a89f2c9b6d0e86b05ea10cf0d3310df3],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll.vir, Mis en quarantaine, [3611dbece6951a1c56a957a510f402fe],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir, Mis en quarantaine, [82c5fbcc95e65ed81ee14eae59ab21df],
PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir, Mis en quarantaine, [d275c106cab12e0843bcde1e51b308f8],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\nico\AppData\Local\Conduit\APISupport\APISupport.dll.vir, Mis en quarantaine, [b2951ea98af1a98d07006249ee136f91],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\nico\AppData\Local\Conduit\APISupport\APISupport.old.vir, Mis en quarantaine, [6fd87750a2d991a5b4530ba06a979d63],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\nico\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.152\MiniSP.dll.vir, Mis en quarantaine, [92b56562fd7e9f97589256394fb2a15f],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\28kurama.default\Extensions\{9b6a5785-ac78-4858-a47b-3b499ec80d71}\Plugins\npFirefoxPlugin.dll.vir, Mis en quarantaine, [da6dbb0c99e21a1c5fa822898f720ff1],

Secteurs physiques: 0
(No malicious items detected)


(end)

[laya]

~ Rapport de ZHPDiag v2014.8.9.116 - Nicolas Coolman (09/08/2014)
~ Lancé par nico (20/08/2014 23:40:59)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17239
MFIE: Mozilla Firefox 31.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows® 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2BT4J
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.0.2.1012
Norton Internet Security v18.7.2.3
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v3.16

---\\ Logiciels de partage PeerToPeer
µTorrent v3.2.0 =>P2P.µTorrent

---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6090 MB (68% free)
System Restore: Activé (Enable)
System drive C: has 61 GB (16%) free of 364 GB

---\\ Mode de connexion au système
~ Computer Name: NICO-PC
~ User Name: nico
~ All Users Names: nico, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\nico\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\nico\AppData\Roaming\
~ %Desktop% : C:\Users\nico\Desktop\
~ %Favorites% : C:\Users\nico\Favorites\
~ %LocalAppData% : C:\Users\nico\AppData\Local\
~ %StartMenu% : C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 61 Go of 364 Go)
D: Hard drive, Flash drive, Thumb drive (Free 519 Go of 544 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.8E71A5CB5312B8392D4DA4CA37BB5868] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/07/2014 - 11:52:06.) -- C:\Windows\System32\wininet.dll [2266624]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/124
~ Mes musiques (My Musics) : 50/142
~ Mes Videos (My Videos) : 2/39
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 70/1975
~ Mon Bureau (My Desktop) : 1/1154
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008] [PID.1744]
[MD5.52F65BDE7D7271AD9C16643CC302D2A0] - (.Samsung Electronics CO., LTD. - Launcher Starter Application.) -- C:\Program Files (x86)\Samsung\Play Touch\Touch Launcher\Launcher_Starter.exe [1674240] [PID.3896]
[MD5.89D2706FCD45E33CECFBD46BCBAD7E16] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.4008]
[MD5.7A639050E887DFCB9C4BAB90FF3521B2] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartRestarter.exe [2268752] [PID.3432]
[MD5.208270C9AD3E82F6ABAC870F950E5F0D] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe [13246272] [PID.2404]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [PID.4088]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] - (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [PID.4112]
[MD5.A025DF526B0FB3DAC3169AE4330FF7A4] - (.Symantec Corporation - SSDMonit Application.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106112] [PID.4380]
[MD5.38CB3C6FE18959F36A9505DCB8CC5F64] - (.Hauppauge Computer Works, Inc. - WinTVTray.) -- C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe [82944] [PID.4832]
[MD5.0EB65D922458406F18C420D131E7D22A] - (...) -- C:\Program Files (x86)\GigaTribe\gigatribe.exe [2993664] [PID.4848]
[MD5.870DE535A5B25DCA10DDAD9D9C65E2B2] - (.Pas de propriétaire - ucmon Application.) -- C:\Windows\ucmon.exe [62464] [PID.4580]
[MD5.E967BF019A4B324E0C5DFBC2995F9F55] - (.Samsung Electronics - Easy Speed Up Manager.) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [1641552] [PID.5060]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.4500]
[MD5.F33D641F4F7B60CA9C58EF05CEC43DA7] - (.Samsung Electronics - OSD Display for AIO.) -- C:\Program Files (x86)\Samsung\Easy Settings\EasyButtonManager.exe [750672] [PID.4292]
[MD5.33185B60A7D765E17F134244FD18D2D9] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [785488] [PID.4584]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.1204]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.4732]
[MD5.A9E5F30D66D3A04446886FAE6410561F] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [13600] [PID.4504]
[MD5.D3A1D2987051118159D4DE38E3027CEA] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4403280] [PID.5788]
[MD5.2461810EC376F3CCBDCE833436914074] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [3395664] [PID.5156]
[MD5.044C57C0B61A20B982F40AD8E436EC0C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8090624] [PID.5076]
[MD5.1A8386F5B802969878C6BADEE62899DA] - (.Samsung - SWMAgent.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2792528] [PID.3412]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1532]
[MD5.DE847265C24E69DF988BCB1399026FC7] - (.Hauppauge Computer Works - Hauppauge TV Server.) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [562176] [PID.1712]
[MD5.68E6732D74A74B1FFD386761BC1EB764] - (.Symantec - StartMan Application.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [792608] [PID.1824]
[MD5.F12A68ED55053940CADD59CA5E3468DD] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904] [PID.1940]
[MD5.5CEF407E235885DB5421DF79C843F2DF] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5052224] [PID.2004]
[MD5.F4A17DCAB576267C85663E64F3ACE5A4] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [326424] [PID.2944]
[MD5.DB641944F7E4B14C13C3FEFC89843F69] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2656536] [PID.332]
[MD5.74E25070B7D39D01D4C9C8A5760C73BE] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe [229696] [PID.4364]
[MD5.3CA262114956EC95780A25850FF0E413] - (.TeamViewer GmbH - TeamViewer 9.) -- c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe [4623680] [PID.4676]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [user Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [user Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [user Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [user Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [user Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [user Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [user Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [user Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [user Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [user Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [user Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [user Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 - EXT: C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail]
~ Google Lines Browser: 18 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/VirtualEarth3D,version=4.0] - (...) -- (.not file.)
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\nico\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\nico\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\nico\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.0.1f1.) -- C:\Users\nico\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 7 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17239 (winblue_gdr.140724-2228)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 18 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Symantec NCO BHO [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
~ BHO: 4 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [nico]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Scanned in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [Driver Manager] . (.PC Drivers Headquarters - DriverManager.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\RunOnce: [Application Restart #2] . (.Samsung - SWMAgent.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [sSDMonitor] . (.Symantec Corporation - SSDMonit Application.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2392446708-3453139418-4219197010-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-2392446708-3453139418-4219197010-1000\..\Run: [Driver Manager] . (.PC Drivers Headquarters - DriverManager.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
O4 - HKUS\S-1-5-21-2392446708-3453139418-4219197010-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2392446708-3453139418-4219197010-1000\..\RunOnce: [Application Restart #2] . (.Samsung - SWMAgent.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 9 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F336281B-FDC5-45B8-9508-A8F0A385E44E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F336281B-FDC5-45B8-9508-A8F0A385E44E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F336281B-FDC5-45B8-9508-A8F0A385E44E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: HauppaugeTVServer (HauppaugeTVServer) . (.Hauppauge Computer Works - Hauppauge TV Server.) - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
O23 - Service: Intel® Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
O23 - Service: Norton Utilities 16 Start Manager Service (NU16StartManagerSvc) . (.Symantec - StartMan Application.) - C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 9 (TeamViewer9) . (.TeamViewer GmbH - TeamViewer 9.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Intel® Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
~ Services: 11 Scanned in 00mn 03s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.A6B6AB9502B63F43A9A56AE6AFB22078] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [262320]
[MD5.D3A1D2987051118159D4DE38E3027CEA] [APT] [advSRS5] (.SEC.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4403280]
[MD5.7B17B11739EABB54E96DA4F0645AC3EB] [APT] [Driver Manager-RTMRules] (.PC Drivers Headquarters.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296]
[MD5.7B17B11739EABB54E96DA4F0645AC3EB] [APT] [Driver Manager-RTMScan] (.PC Drivers Headquarters.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296]
[MD5.7B17B11739EABB54E96DA4F0645AC3EB] [APT] [Driver Manager-RTMScanRunOnce] (.PC Drivers Headquarters.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296]
[MD5.7B17B11739EABB54E96DA4F0645AC3EB] [APT] [Driver Manager-RTMUpdater] (.PC Drivers Headquarters.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296]
[MD5.F33D641F4F7B60CA9C58EF05CEC43DA7] [APT] [EasyButtonManager] (.Samsung Electronics.) -- C:\Program Files (x86)\Samsung\Easy Settings\EasyButtonManager.exe [750672]
[MD5.00000000000000000000000000000000] [APT] [EasyPartitionManager] (...) -- C:\Windows\MSetup\BA46-12225A02\EPM.exe (.not file.) [0]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core] (.Facebook Inc..) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA] (.Facebook Inc..) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core] (.Google Inc..) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA] (.Google Inc..) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.B00F98FF6FE8682FF941BEB2559BF191] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488]
[MD5.33185B60A7D765E17F134244FD18D2D9] [APT] [MovieColorEnhancer] (.Samsung Electronics Co., Ltd..) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [785488]
[MD5.991F64C0803B60804227E76FAF98E3F6] [APT] [NUAutoUpdate] (.Symantec.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [977456]
[MD5.13EFD89CED40878DEB9C576E58ADF57E] [APT] [NUSchedule] (.Symantec.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe [3985104]
[MD5.B868B2F220759DCB815F3B22072CD38C] [APT] [{3B424889-9010-47FD-9771-163B50E69F73}] (...) -- C:\Users\nico\Downloads\avira_free_antivirus_fr.exe [86855160]
[MD5.00000000000000000000000000000000] [APT] [{45D4BF53-BF1D-449A-901F-7032A6A199FF}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0] =>PUP.iMesh
[MD5.00000000000000000000000000000000] [APT] [{6D99B6D6-B65F-4F66-9E1C-4B9B772F8DC1}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0] =>PUP.iMesh
[MD5.00000000000000000000000000000000] [APT] [{74F8B1F1-C538-4D2E-A856-DB2EEE603B72}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0] =>PUP.iMesh
[MD5.00000000000000000000000000000000] [APT] [{E62EF0DF-735A-4CD9-9962-11EDD8F4D69A}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0] =>PUP.iMesh
[MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Analyzer 18.7.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [1295832]
[MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Processor 18.7.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [1295832]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core.job [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA.job [924]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA [924]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core.job [1022]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core [1022]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA.job [1074]
O39 - APT: GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA [1074]
O39 - APT: NUAutoUpdate - (.Symantec.) -- C:\Windows\Tasks\NUAutoUpdate.job [286]
O39 - APT: NUAutoUpdate - (.Symantec.) -- C:\Windows\System32\Tasks\NUAutoUpdate [286]
O39 - APT: NUSchedule - (.Symantec.) -- C:\Windows\Tasks\NUSchedule.job [278]
O39 - APT: NUSchedule - (.Symantec.) -- C:\Windows\System32\Tasks\NUSchedule [278]
~ Scheduled Task: 30 Scanned in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20140801.001\BHDrvx64.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
O41 - Driver: (gaupdqtc) . (. - .) - C:\Windows\system32\drivers\gaupdqtc.sys (.not file.)
O41 - Driver: (icpjstqc) . (. - .) - C:\Windows\system32\drivers\icpjstqc.sys (.not file.)
O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20140819.001\IDSvia64.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\windows\system32\Drivers\SABI.sys
O41 - Driver: (SRTSP) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\Drivers\NISx64\1207020.003\SRTSP64.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.sys
O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.sys
O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\NISx64\1207020.003\SYMNETS.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: (IDSVia64) . (. - .) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20140808.002\IDSvia64.sys (.not file.)
~ Drivers: 90 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 14 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.10) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WT085587
O42 - Logiciel: Asmedia ASM104x USB 3.0 Host Controller Driver - (.Asmedia Technology.) [HKLM][64Bits] -- {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT089286
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM][64Bits] -- Broadcom 802.11 Network Adapter
O42 - Logiciel: Build-a-lot - (.WildTangent.) [HKLM][64Bits] -- WT085597
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT085567
O42 - Logiciel: CyberLink Media Suite - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink Media Suite - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}
O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM][64Bits] -- {80E158EA-7181-40FE-A701-301CE6BE64AB}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink PowerCinema - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: CyberLink PowerCinema - (.CyberLink Corp..) [HKLM][64Bits] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761}
O42 - Logiciel: CyberLink PowerCinema Movie - (.CyberLink Corp..) [HKLM][64Bits] -- {70CC0095-AA68-45BE-AE98-D8170182E9EB}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouPaint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}
O42 - Logiciel: CyberLink YouPaint - (.CyberLink Corp..) [HKLM][64Bits] -- {72BF1DA0-2B00-4794-9173-159722019B74}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVD Video Soft Toolbar - (...) [HKLM][64Bits] -- dvdvideosofttoolbar
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT085559
O42 - Logiciel: Easy File Share - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {95BB7324-77D3-4BF3-8CF6-29F0857AC175}
O42 - Logiciel: Easy Migration - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {AD86049C-3D9C-43E1-BE73-643F57D83D50}
O42 - Logiciel: Easy Settings - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {17283B95-21A8-4996-97DA-547A48DB266F}
O42 - Logiciel: Easy Software Manager - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {DE256D8B-D971-456D-BC02-CB64DA24F115}
O42 - Logiciel: Easy Support Center 1.0 - (.Samsung.) [HKLM][64Bits] -- {F687E657-F636-44DF-8125-9FEEA2C362F5}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WT085618
O42 - Logiciel: Free Studio version 5.4.8 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free Studio_is1
O42 - Logiciel: GigaTribe 3.01.007 - (.GigaTribe SAS.) [HKLM][64Bits] -- ShalSoft.GigaTribe_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Hauppauge WinTV 7 - (.Hauppauge Computer Works.) [HKLM][64Bits] -- Hauppauge WinTV 7
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT085622
O42 - Logiciel: Intel PROSet Wireless - (...) [HKLM][64Bits] -- ProInst
O42 - Logiciel: Intel® Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel® Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Interactive Guide - (...) [HKLM][64Bits] -- {CB383BE9-7518-4ABD-826E-8FC4695F7D52}
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WT085580
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.2.1012 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Touch Pack for Windows 7 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FF90DB8-6DED-44A3-B182-244FEC09012F}
O42 - Logiciel: Microsoft XNA Framework Redistributable 3.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {3898934B-05AE-41CD-96BE-70DA9BFBCE1F}
O42 - Logiciel: Mozilla Firefox 31.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 31.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {C6173775-C676-4E2A-9232-66E17261E614} =>.Symantec Corporation
O42 - Logiciel: Norton Utilities 16 - (.Symantec Corporation.) [HKLM][64Bits] -- Norton Utilities 16_is1
O42 - Logiciel: Peggle - (.WildTangent.) [HKLM][64Bits] -- WT085663
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT085581
O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM][64Bits] -- WT085669
O42 - Logiciel: Play Touch Bing Map - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {A36ED6C1-A332-49EC-9C59-F8B895AB68B7}
O42 - Logiciel: Play Touch Calendar - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {85F969B2-AA3B-4CED-A8E9-C48A7E5EB0D5}
O42 - Logiciel: Play Touch Clock - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {59095C47-04DA-43C2-A9C6-4602A5698E62}
O42 - Logiciel: Play Touch Launcher - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {0E6036C1-E3DC-4C6D-9B13-D52E678B9A61}
O42 - Logiciel: Play Touch Music - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {7C5AB932-40D7-405F-88ED-BD0939D665F3}
O42 - Logiciel: Play Touch Notes - (.Samsung Electronics CO., LTD.) [HKLM][64Bits] -- {E2B70FDD-1A57-4879-912F-0391D3F97158}
O42 - Logiciel: Play Touch Photos - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {6ADF618A-62B9-454B-A806-A3DA2124B7C8}
O42 - Logiciel: Play Touch Recipe - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {DA13F475-9DB2-4CCA-A625-D99655CFEC1E}
O42 - Logiciel: Play Touch RssReader - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {4ADADD44-1B08-480A-BE9C-8E8E5B808EB4}
O42 - Logiciel: Play Touch SocialDashboard - (.Samsung Electronics CO., LTD.) [HKLM][64Bits] -- {A925AE13-A1FC-4D06-B93D-EA9041E22158}
O42 - Logiciel: Play Touch ToDo - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {ACA0C8D8-5D60-4948-8447-23FCE6F89180}
O42 - Logiciel: Play Touch Twitter - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {E5679BCC-EA6F-42FD-88E7-431CDCC5A1C1}
O42 - Logiciel: Play Touch Videos - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {2BD864E7-3FAB-4BFF-9B85-0A11B64917AA}
O42 - Logiciel: Play Touch Weather - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {6274342F-1F2D-4823-857D-D98CCCFF81E3}
O42 - Logiciel: Polar Golfer - (.WildTangent.) [HKLM][64Bits] -- WT085583
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Samsung Recovery Solution 5 - (.Samsung.) [HKLM][64Bits] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}
O42 - Logiciel: Skype™ 6.11 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: TeamViewer 9 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 9
O42 - Logiciel: Touch Logon - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {AFF0220E-1F50-4B46-91BF-7812F71275F0}
O42 - Logiciel: Tyco Electronics EloSawJr 1.2.0 - (.Tyco Electronics.) [HKLM][64Bits] -- Elo TouchSystems
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: User Guide - (...) [HKLM][64Bits] -- {BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}
O42 - Logiciel: Video Player - (.Video Player.) [HKLM][64Bits] -- Video Player
O42 - Logiciel: Virtual Earth 3D (Beta) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6ACE7F46-FACE-4125-AE86-672F4F2A6A28}
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT089285
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent =>P2P.BitTorrent
~ Logic: 66 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\Facebook]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Licenses]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (HCW)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung Electronics]
[HKCU\Software\Samsung]
[HKCU\Software\ShalSoft]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Software]
[HKCU\Software\Symantec]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\Widcomm]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\dvdvideosofttoolbar]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Broadcom]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Hauppauge]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Samsung]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\Widcomm]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\BcmSetup]
[HKLM\Software\Wow6432Node\Better Surf Plus]
[HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Client]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DVDVideoSoft]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hauppauge]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\MusicNet]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\Samsung Electronics Co., Ltd.]
[HKLM\Software\Wow6432Node\Samsung]
[HKLM\Software\Wow6432Node\ShalSoft]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\TeamViewer]
[HKLM\Software\Wow6432Node\VideoPlayerV3]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
~ Key Software: 280 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/04/2012 - 13:09:29 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\ASM104xUSB3
O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\Atheros
O43 - CFD: 08/10/2014 - 23:31:12 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 18/03/2012 - 00:05:33 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 17/10/2013 - 19:31:08 - [] ----D C:\Program Files (x86)\Driver Manager
O43 - CFD: 20/04/2012 - 20:24:21 - [] ----D C:\Program Files (x86)\DVDVideoSoft
O43 - CFD: 19/03/2012 - 20:04:04 - [] ----D C:\Program Files (x86)\GigaTribe
O43 - CFD: 18/03/2012 - 04:38:20 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 18/03/2012 - 00:05:39 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 16/08/2014 - 00:06:45 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 08/10/2014 - 22:55:32 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 08/10/2014 - 22:55:10 - [0] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 08/10/2014 - 23:46:28 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 18/03/2012 - 00:05:48 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 25/07/2014 - 12:09:36 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 18/03/2012 - 00:05:49 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 18/03/2012 - 00:05:51 - [] ----D C:\Program Files (x86)\Microsoft Touch Pack for Windows 7
O43 - CFD: 18/03/2012 - 00:05:51 - [] ----D C:\Program Files (x86)\Microsoft XNA
O43 - CFD: 18/03/2012 - 00:05:51 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 31/07/2014 - 06:17:30 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 01/08/2014 - 05:05:33 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 12/01/2013 - 18:18:37 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 18/03/2012 - 00:05:52 - [] ----D C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 23/07/2014 - 06:28:14 - [] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 18/03/2012 - 00:05:55 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 18/03/2012 - 00:06:02 - [] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 05/03/2014 - 13:20:45 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 11/01/2013 - 14:00:23 - [] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 08/10/2014 - 22:50:50 - [] ----D C:\Program Files (x86)\TeamViewer
O43 - CFD: 17/10/2011 - 12:43:20 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 18/08/2013 - 01:38:52 - [] ----D C:\Program Files (x86)\uTorrent =>P2P.µTorrent
O43 - CFD: 18/03/2012 - 00:06:03 - [] ----D C:\Program Files (x86)\Virtual Earth 3D
O43 - CFD: 01/04/2012 - 00:07:33 - [] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 01/04/2012 - 00:07:16 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 13/07/2013 - 03:27:33 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 18/03/2012 - 00:06:09 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 26/03/2012 - 14:39:42 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 14/12/2013 - 04:20:48 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 26/03/2012 - 14:39:42 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/03/2012 - 14:39:42 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 18/03/2012 - 04:38:26 - [] ----D C:\Program Files (x86)\WinTV
O43 - CFD: 09/10/2014 - 00:06:55 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 18/04/2012 - 13:09:40 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 20/04/2012 - 20:25:15 - [] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 18/03/2012 - 00:04:40 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 18/03/2012 - 00:04:40 - [] ----D C:\Program Files (x86)\Common Files\Samsung
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 05/03/2014 - 13:20:45 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 18/03/2012 - 03:12:44 - [] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 26/03/2012 - 14:39:42 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 18/03/2012 - 00:04:40 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 05/01/2013 - 14:16:24 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 18/03/2012 - 00:06:10 - [] ----D C:\ProgramData\Applications
O43 - CFD: 18/03/2012 - 00:06:10 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 22/02/2014 - 11:21:34 - [] ----D C:\ProgramData\Avira
O43 - CFD: 20/08/2014 - 18:10:02 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 18/03/2012 - 00:22:19 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 19/03/2012 - 13:48:38 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 17/10/2013 - 19:31:59 - [] ----D C:\ProgramData\Driver Manager
O43 - CFD: 18/03/2012 - 00:22:19 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 18/03/2012 - 00:06:10 - [] ----D C:\ProgramData\Intel
O43 - CFD: 08/10/2014 - 22:55:25 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 20/03/2012 - 01:16:37 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 18/03/2012 - 00:22:19 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 08/10/2014 - 23:46:28 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 18/03/2012 - 00:22:19 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 18/07/2013 - 15:20:02 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 21/07/2014 - 22:08:48 - [] ----D C:\ProgramData\Norton
O43 - CFD: 18/03/2012 - 00:06:16 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 18/03/2012 - 00:06:17 - [] ----D C:\ProgramData\Samsung
O43 - CFD: 05/03/2014 - 13:20:43 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 11/01/2013 - 14:00:23 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 20/08/2014 - 23:30:25 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 17/10/2013 - 19:33:41 - [] ----D C:\ProgramData\UAB
O43 - CFD: 01/04/2012 - 00:11:32 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 20/03/2012 - 03:23:43 - [] ----D C:\ProgramData\WinClon
O43 - CFD: 18/04/2012 - 13:11:29 - [] ----D C:\Users\nico\AppData\Roaming\Adobe
O43 - CFD: 19/03/2012 - 13:48:36 - [] ----D C:\Users\nico\AppData\Roaming\CyberLink
O43 - CFD: 20/04/2012 - 20:37:04 - [] ----D C:\Users\nico\AppData\Roaming\DVDVideoSoft
O43 - CFD: 19/03/2012 - 21:07:46 - [] ----D C:\Users\nico\AppData\Roaming\Identities
O43 - CFD: 18/03/2012 - 01:30:47 - [] ----D C:\Users\nico\AppData\Roaming\Macromedia
O43 - CFD: 08/10/2014 - 22:55:40 - [0] ----D C:\Users\nico\AppData\Roaming\Malwarebytes
O43 - CFD: 21/11/2010 - 09:16:41 - [0] ----D C:\Users\nico\AppData\Roaming\Media Center Programs
O43 - CFD: 27/05/2013 - 11:39:15 - [] -S--D C:\Users\nico\AppData\Roaming\Microsoft
O43 - CFD: 19/03/2012 - 20:17:33 - [] ----D C:\Users\nico\AppData\Roaming\Mozilla
O43 - CFD: 21/03/2012 - 01:50:14 - [] ----D C:\Users\nico\AppData\Roaming\MusicNet
O43 - CFD: 12/01/2013 - 02:19:48 - [] ----D C:\Users\nico\AppData\Roaming\Norton Utilities 16
O43 - CFD: 19/03/2012 - 13:48:43 - [] ----D C:\Users\nico\AppData\Roaming\PowerCinema
O43 - CFD: 11/01/2013 - 13:59:35 - [] ----D C:\Users\nico\AppData\Roaming\Product_NU16
O43 - CFD: 08/10/2014 - 23:48:23 - [0] ----D C:\Users\nico\AppData\Roaming\ShieldApps
O43 - CFD: 22/08/2012 - 01:23:41 - [] ----D C:\Users\nico\AppData\Roaming\Skype
O43 - CFD: 14/08/2014 - 07:31:23 - [] ----D C:\Users\nico\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 05/05/2012 - 01:02:33 - [0] ----D C:\Users\nico\AppData\Roaming\Windows Live Writer
O43 - CFD: 20/08/2014 - 23:41:15 - [] ----D C:\Users\nico\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 18/08/2013 - 03:07:58 - [] ----D C:\Users\nico\AppData\Local\Adobe
O43 - CFD: 18/03/2012 - 00:02:53 - [] -SH-D C:\Users\nico\AppData\Local\Application Data
O43 - CFD: 22/02/2014 - 20:47:55 - [] ----D C:\Users\nico\AppData\Local\AviraResume
O43 - CFD: 18/03/2012 - 00:11:28 - [] ----D C:\Users\nico\AppData\Local\Broadcom
O43 - CFD: 20/08/2014 - 23:40:54 - [] ----D C:\Users\nico\AppData\Local\CrashDumps
O43 - CFD: 11/01/2013 - 14:05:02 - [] ----D C:\Users\nico\AppData\Local\CRE
O43 - CFD: 17/08/2013 - 18:47:16 - [] ----D C:\Users\nico\AppData\Local\Cyberlink
O43 - CFD: 29/06/2014 - 11:26:47 - [0] ----D C:\Users\nico\AppData\Local\Diagnostics
O43 - CFD: 27/05/2013 - 00:32:24 - [0] ----D C:\Users\nico\AppData\Local\ElevatedDiagnostics
O43 - CFD: 17/05/2014 - 10:01:19 - [] -SH-D C:\Users\nico\AppData\Local\EmieSiteList
O43 - CFD: 17/05/2014 - 10:01:19 - [] -SH-D C:\Users\nico\AppData\Local\EmieUserList
O43 - CFD: 10/03/2014 - 00:30:42 - [] ----D C:\Users\nico\AppData\Local\Facebook
O43 - CFD: 21/03/2012 - 14:23:09 - [] ----D C:\Users\nico\AppData\Local\Google
O43 - CFD: 18/03/2012 - 00:02:53 - [] -SH-D C:\Users\nico\AppData\Local\Historique
O43 - CFD: 05/01/2013 - 18:59:32 - [] ----D C:\Users\nico\AppData\Local\Macromedia
O43 - CFD: 08/10/2014 - 23:46:28 - [] ----D C:\Users\nico\AppData\Local\Microsoft
O43 - CFD: 05/10/2013 - 23:53:12 - [] ----D C:\Users\nico\AppData\Local\Mozilla
O43 - CFD: 17/10/2013 - 19:33:26 - [] ----D C:\Users\nico\AppData\Local\PC_Drivers_Headquarters
O43 - CFD: 18/03/2012 - 00:11:28 - [] ----D C:\Users\nico\AppData\Local\Power2Go
O43 - CFD: 19/03/2012 - 13:48:36 - [] ----D C:\Users\nico\AppData\Local\PowerCinema
O43 - CFD: 29/12/2012 - 14:15:04 - [] ----D C:\Users\nico\AppData\Local\Programs
O43 - CFD: 26/05/2014 - 10:34:32 - [] ----D C:\Users\nico\AppData\Local\Samsung
O43 - CFD: 19/03/2012 - 20:04:07 - [] ----D C:\Users\nico\AppData\Local\Shalsoft
O43 - CFD: 20/08/2014 - 23:40:48 - [] ----D C:\Users\nico\AppData\Local\Temp
O43 - CFD: 18/03/2012 - 00:02:54 - [] -SH-D C:\Users\nico\AppData\Local\Temporary Internet Files
O43 - CFD: 05/01/2013 - 23:56:12 - [] ----D C:\Users\nico\AppData\Local\Unity
O43 - CFD: 18/03/2012 - 23:47:25 - [] ----D C:\Users\nico\AppData\Local\VirtualStore
O43 - CFD: 19/12/2013 - 13:27:03 - [] ----D C:\Users\nico\AppData\Local\Windows Live
O43 - CFD: 19/10/2013 - 00:37:30 - [] ----D C:\Users\nico\AppData\Local\Windows Live Writer
O43 - CFD: 14/07/2009 - 06:54:32 - [] R---D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 16/08/2014 - 00:10:56 - [] R---D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 12/01/2013 - 12:08:18 - [] ----D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 14/07/2009 - 06:49:38 - [] R---D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 16/08/2014 - 00:10:56 - [] R---D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 144 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.F14F1EBB47CCBD9C1AE2348E8FF7BF9E] - 06/08/2014 - 11:15:37 ---A- . (...) -- C:\awh4395.tmp [687]
O44 - LFC:[MD5.349CF386805783D2E6810A767642F1B8] - 07/08/2014 - 03:01:34 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [424448]
O44 - LFC:[MD5.9D455E3049B7F93483D7165422B7D0AF] - 07/08/2014 - 03:06:41 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [529920]
O44 - LFC:[MD5.F14F1EBB47CCBD9C1AE2348E8FF7BF9E] - 07/08/2014 - 11:14:20 ---A- . (...) -- C:\awhDA47.tmp [687]
O44 - LFC:[MD5.F14F1EBB47CCBD9C1AE2348E8FF7BF9E] - 09/08/2014 - 11:14:56 ---A- . (...) -- C:\awhE0D8.tmp [687]
O44 - LFC:[MD5.F14F1EBB47CCBD9C1AE2348E8FF7BF9E] - 09/08/2014 - 22:13:35 ---A- . (...) -- C:\awh3B4A.tmp [687]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/08/2014 - 11:08:39 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.308E507CEF301969AEF14F22E6F100A2] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1669584]
O44 - LFC:[MD5.3C35EF618CF9ADDCB3363117AC5E1D49] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122126]
O44 - LFC:[MD5.A1EE4297BDC1D4DA15836A5B56940C5D] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150168]
O44 - LFC:[MD5.5245E6CF15FC9A6F56B4BF7CB310351D] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654254]
O44 - LFC:[MD5.1077F0D4270B49C378F59B0FEAC8A687] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [747644]
O44 - LFC:[MD5.F947D57534E01E3CA597BCF2AD8AE65B] - 15/08/2014 - 07:32:00 ---A- . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\Windows\System32\rpcrt4.dll [1216000]
O44 - LFC:[MD5.C02C78DE9BB4E68F6C78B1588ADD6ADC] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [83968]
O44 - LFC:[MD5.EDF22FBAE75ACB48BF51D099C6808B39] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [195584]
O44 - LFC:[MD5.8E71A5CB5312B8392D4DA4CA37BB5868] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2266624]
O44 - LFC:[MD5.1C660588CFFB3A17BCF0F6B4779BF985] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [940032]
O44 - LFC:[MD5.ECA387DCD57F683C52171C766CF400F0] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll [23645696]
O44 - LFC:[MD5.1F02286D001AB5EA5719540C587224FE] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft ® HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1249280]
O44 - LFC:[MD5.472C409F9B0FF67C1015F511C73E1889] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [5824512]
O44 - LFC:[MD5.BAC44396088ECC1C9021ED3E3345337C] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [846336]
O44 - LFC:[MD5.920F690FC7424DE71888AA2E46E917EA] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [758272]
O44 - LFC:[MD5.6ED6DA2A04F8F0C9BDAD647284BAEFB6] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [548352]
O44 - LFC:[MD5.2639E152D246F2A651F09764807CA153] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [85504]
O44 - LFC:[MD5.1EEF9FE30DBE458A89B5F7A16FC68397] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [139264]
O44 - LFC:[MD5.FCC86367BB0FB6DEB6614885CBE74FD5] - 15/08/2014 - 07:33:18 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [51200]
O44 - LFC:[MD5.72B7D166D1B0D353330A34FDED3F5AA6] - 15/08/2014 - 07:33:18 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [598016]
O44 - LFC:[MD5.1B26610C1659EF54ED000233FB96F20C] - 15/08/2014 - 07:33:18 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [13547008]
O44 - LFC:[MD5.DF485877CCE229776E6B8BB9116B67FE] - 15/08/2014 - 07:33:19 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [66048]
O44 - LFC:[MD5.39A85C005BCDEEF4092646EBBC2526AA] - 15/08/2014 - 07:33:19 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2087936]
O44 - LFC:[MD5.9C9FE69902CD45A7D9AB1F0C4EDE646C] - 15/08/2014 - 07:33:19 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [348856]
O44 - LFC:[MD5.DB382D89D8004F40BD2C55BAE6A15B30] - 15/08/2014 - 07:33:19 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2774528]
O44 - LFC:[MD5.FCF5C8BB9AFD8D15B324B702F9B186B7] - 15/08/2014 - 07:33:20 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [111616]
O44 - LFC:[MD5.1FD1F16C35946BA28FDEB40F18B7729D] - 15/08/2014 - 07:33:20 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [631808]
O44 - LFC:[MD5.FE7D99399F7761AA2695A7B1AD30DAAF] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1431040]
O44 - LFC:[MD5.13A852B606F3644A7A35EDD99F74A685] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.52D2151908C2A6388B6561A373488F6F] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe [692736]
O44 - LFC:[MD5.6598F2A876E13B6FFA5AE418D41CE7D6] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.5574B09C4676E8E2EBE125C18BDF9FBF] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [33792]
O44 - LFC:[MD5.08C5E6033786C1E41B63FD38CA22917A] - 15/08/2014 - 07:33:22 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640]
O44 - LFC:[MD5.19FA60D3AE1804A559306DE931A5B415] - 15/08/2014 - 07:33:22 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [72704]
O44 - LFC:[MD5.AE57F6C7AB3ED244B5F14151C4EA0057] - 15/08/2014 - 07:33:27 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll [14175744]
O44 - LFC:[MD5.9E19DEED6FEB140DA3764C32F2DC4849] - 15/08/2014 - 07:33:27 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [404480]
O44 - LFC:[MD5.AF00649558BFB211A9091F4A6E7B4A0C] - 15/08/2014 - 07:33:28 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [3163648]
O44 - LFC:[MD5.EBFEF789E32279C2ED7C81260B186AD7] - 15/08/2014 - 07:33:32 ---A- . (.Microsoft Corporation - Fichier DLL de ressources des fuseaux horai.) -- C:\Windows\System32\tzres.dll [2048]
O44 - LFC:[MD5.B0F8CCA08DBC392442E27377B98DD0CD] - 15/08/2014 - 07:33:36 ---A- . (.Microsoft Corporation - Interface utilisateur de consentement pour.) -- C:\Windows\System32\consent.exe [112064]
O44 - LFC:[MD5.5DFFC12BF7DB53BDB401804A3C3A475E] - 15/08/2014 - 07:33:36 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\System32\authui.dll [1941504]
O44 - LFC:[MD5.3B39F9D51E4D8BAABDA6518955B58C13] - 15/08/2014 - 07:33:36 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\Windows\System32\msi.dll [3241984]
O44 - LFC:[MD5.A6D0DC3B30F6BB1421DAA92537424822] - 15/08/2014 - 07:33:36 ---A- . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msihnd.dll [504320]
O44 - LFC:[MD5.920B5C1CC0BAB6E574297BC3D945DA31] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Bashkir Keyboard Layout.) -- C:\Windows\System32\KBDBASH.DLL [7168]
O44 - LFC:[MD5.87CE5C8965E101CCCED1F4675557E868] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [985536]
O44 - LFC:[MD5.80EDA24B00478FA795F90DFA09C12E86] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Russia(Typewriter) Keyboard Layout.) -- C:\Windows\System32\KBDRU1.DLL [7168]
O44 - LFC:[MD5.353C4A38042819CA83AEFC6F2E7051CD] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Russian Keyboard Layout.) -- C:\Windows\System32\KBDRU.DLL [6656]
O44 - LFC:[MD5.EA21295A386C6DB2A2A90E657B37C5F4] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Sakha - Russia Keyboard Layout.) -- C:\Windows\System32\KBDYAK.DLL [7168]
O44 - LFC:[MD5.BE67D99EDA34A68B827868371B5529AD] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Tatar (Legacy) Keyboard Layout.) -- C:\Windows\System32\KBDTAT.DLL [7168]
O44 - LFC:[MD5.06FC8A93A4FA1F42A3D1D06694F2B339] - 15/08/2014 - 07:33:40 ---A- . (...) -- C:\Windows\System32\locale.nls [419992]
O44 - LFC:[MD5.E4312738B500577BABC232A49F67A67D] - 15/08/2014 - 16:11:39 ---A- . (.Microsoft Corporation - Windows Presentation Foundation Terminal Se.) -- C:\Windows\System32\TsWpfWrp.exe [35480]
O44 - LFC:[MD5.8A08BB0D12BE40DC09632CD5D04A48A0] - 15/08/2014 - 16:11:51 ---A- . (.Microsoft Corporation - Windows CardSpace User Interface Agent.) -- C:\Windows\System32\icardagt.exe [1389208]
O44 - LFC:[MD5.EE415EC9288182BCFB6E6896A376EA53] - 15/08/2014 - 16:11:51 ---A- . (.Microsoft Corporation - Windows CardSpace.) -- C:\Windows\System32\icardres.dll [8856]
O44 - LFC:[MD5.9C44FB5B3A8A192FCE1103AC9BA4E576] - 15/08/2014 - 16:11:52 ---A- . (.Microsoft Corporation - Microsoft InfoCards.) -- C:\Windows\System32\infocardapi.dll [171160]
O44 - LFC:[MD5.858CC713E4D6C931FFA232154BFD1208] - 15/08/2014 - 16:15:02 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [99218768]
O44 - LFC:[MD5.7B9103037A1B7736D35A175BAEF51C82] - 20/08/2014 - 10:20:47 ---A- . (...) -- C:\Windows\MEMORY.DMP [399207974]
O44 - LFC:[MD5.B853B666170DA00E48077936C591A0D3] - 20/08/2014 - 10:22:44 ---A- . (...) -- C:\Windows\ntbtlog.txt [156372]
O44 - LFC:[MD5.2B153E5264D6348EAC66232E807D8196] - 20/08/2014 - 10:58:06 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [286400]
O44 - LFC:[MD5.60A383EC2C3FD073D3E5CAFF1BB1414D] - 20/08/2014 - 17:07:29 ---A- . (...) -- C:\Windows\PFRO.log [7308]
O44 - LFC:[MD5.4D88B0F027616A1BCDC498BC3E6AA8E4] - 20/08/2014 - 17:07:44 ---A- . (...) -- C:\Windows\setupact.log [24528]
O44 - LFC:[MD5.02E3FC92918F901FC89D436A4E6D1753] - 20/08/2014 - 22:29:46 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.45D77AA7DA06B6FEFAD549043AC63C07] - 20/08/2014 - 22:29:54 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1240947]
O44 - LFC:[MD5.8A50D5304E6AE48664CF5838EC32F647] - 20/08/2014 - 22:32:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [122584]
~ Files: 71 Scanned in 00mn 16s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Notification Packages . (.Samsung Electronics CO., LTD. - Touch Logon Credential Provider Config Filter.) -- C:\Windows\System32\ConfigFilter.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 10 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFolderOptions"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "HideClock"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktop"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFind"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRun"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoViewContextMenu"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 10 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:02/06/2011 - 02:32:50 ---A- . (.ASMedia Technology Inc - ASMedia USB3 Hub Driver.) -- C:\Windows\System32\Drivers\asmthub3.sys [128488]
O58 - SDL:02/06/2011 - 02:32:50 ---A- . (.ASMedia Technology Inc - ASMEDIA XHCI Host Controller Driver.) -- C:\Windows\System32\Drivers\asmtxhci.sys [401896]
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:29/07/2010 - 01:23:08 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL664.SYS [3065408]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:11/01/2011 - 00:15:08 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\System32\Drivers\btwampfl.sys [349736]
O58 - SDL:25/01/2011 - 01:29:46 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\Drivers\btwaudio.sys [107560]
O58 - SDL:14/09/2010 - 23:59:16 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\Drivers\btwavdt.sys [138280]
O58 - SDL:16/02/2011 - 00:35:54 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\Drivers\btwl2cap.sys [39464]
O58 - SDL:14/09/2010 - 23:59:10 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\Drivers\btwrchid.sys [21416]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:17/08/2011 - 08:19:38 ---A- . (.CyberLink Corporation - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\Drivers\clwvd.sys [31216]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:15/03/2011 - 21:43:30 ---A- . (.Tyco Electronics - EloSawJr Elo Touchmonitors.) -- C:\Windows\System32\Drivers\EloSawJr.sys [192080]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:27/01/2010 - 19:57:08 ---A- . (.Hauppauge Computer Works, Inc. - WinTV-Nova-T-Mini device driver.) -- C:\Windows\System32\Drivers\hcw17bda.sys [67456]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:20/10/2010 - 17:34:26 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [56344]
O58 - SDL:21/11/2010 - 04:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:12/07/2011 - 03:47:20 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [12238112]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:14/10/2010 - 17:28:16 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [317440]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:12/05/2014 - 06:25:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:12/05/2014 - 06:26:00 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [91352]
O58 - SDL:20/08/2014 - 22:32:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [122584]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:12/05/2014 - 06:26:10 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:17/05/2011 - 07:55:28 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [533096]
O58 - SDL:22/07/2011 - 10:24:42 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3024360]
O58 - SDL:07/09/2011 - 10:46:04 ---A- . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) -- C:\Windows\System32\Drivers\SABI.sys [13824]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14/07/2009 - 01:00:40 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\serial.sys [94208]
O58 - SDL:11/04/2011 - 11:55:24 ---A- . (.Phoenix Technologies Ltd. - SecureGuard Driver.) -- C:\Windows\System32\Drivers\SGDrv64.sys [7680]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:19/03/2012 - 19:07:51 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\System32\Drivers\SYMEVENT64x86.SYS [174200]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:23/05/2011 - 16:24:22 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [2750464]
~ Drivers: 66 Scanned in 00mn 41s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 08/10/2014 - 23:42:24 ---A- . (...) -- C:\Users\nico\AppData\Local\Temp\nsnFE4D.tmp\linker.dll [46080]
O61 - LFC: 08/10/2014 - 23:42:26 ---A- . (...) -- C:\Users\nico\Downloads\AdwCleaner-3.304.exe [1366203]
O61 - LFC: 08/10/2014 - 23:42:28 ---A- . (.Nicolas Coolman.) -- C:\Users\nico\Downloads\ZHPDiag2.exe [6860008] =>.Nicolas Coolman
O61 - LFC: 08/10/2014 - 23:42:28 ---A- . (.TeamViewer GmbH.) -- C:\Users\nico\Downloads\TeamViewer_Setup_fr.exe [6307056]
O61 - LFC: 16/08/2014 - 23:42:22 ---A- . (.Google Inc..) -- C:\Users\nico\AppData\Local\Google\Chrome\Application\36.0.1985.143\Installer\setup.exe [1104200]
O61 - LFC: 20/08/2014 - 23:42:26 ---A- . (...) -- C:\Users\nico\Downloads\adwcleaner_3.307.exe [1361671]
O61 - LFC: 20/08/2014 - 23:42:28 ---A- . (.Thisisu.) -- C:\Users\nico\Downloads\JRT.exe [1016261]
~ 1343 Fichiers temporaires (Temporary files)
~ 8 Fichiers cookies (Cookies files)
~ Files: 7 Scanned in 00mn 10s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 10/05/2014 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20140801.001\BHDrvx64.sys (BHDrvx64) .(.Symantec Corporation - BASH Driver.) - LEGACY_BHDRVX64
O64 - Services: CurCS - 12/06/2014 - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
O64 - Services: CurCS - 12/06/2014 - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - 24/03/2014 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20140819.001\IDSvia64.sys (IDSVia64) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIA64
O64 - Services: CurCS - 12/08/2014 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140820.002\ENG64.sys (NAVENG) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVENG
O64 - Services: CurCS - 12/08/2014 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140820.002\EX64.sys (NAVEX15) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVEX15
O64 - Services: CurCS - 07/09/2011 - C:\windows\system32\Drivers\SABI.sys (SABI) .(.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - LEGACY_SABI
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 31/03/2011 - C:\Windows\system32\Drivers\NISx64\1207020.003\SRTSP64.sys (SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP
O64 - Services: CurCS - 31/03/2011 - C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.sys (SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX
O64 - Services: CurCS - 27/01/2011 - C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.sys (SymDS) .(.Symantec Corporation - Symantec Data Store.) - LEGACY_SYMDS
O64 - Services: CurCS - 15/03/2011 - C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.sys (SymEFA) .(.Symantec Corporation - Symantec Extended File Attributes.) - LEGACY_SYMEFA
O64 - Services: CurCS - 19/03/2012 - C:\windows\system32\Drivers\SYMEVENT64x86.sys (SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT
O64 - Services: CurCS - 27/01/2011 - C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.sys (SymIRON) .(.Symantec Corporation - Iron Driver.) - LEGACY_SYMIRON
O64 - Services: CurCS - 21/04/2011 - C:\Windows\system32\Drivers\NISx64\1207020.003\SYMNETS.sys (SymNetS) .(.Symantec Corporation - Network Security Driver.) - LEGACY_SYMNETS
~ Legacy: 89 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\nico\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2477536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{2DD4CD30-0925-4468-9FA7-50D02E8DA779}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{1D3B5FFF-3EFF-41F8-A9E4-1D9A3F02D0D9}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "3EABBB7837BC6C44C81F727B5BEDCDC3" . (.Boxore Client.) -- C:\Windows\Installer\{87BBBAE3-CB73-44C6-8CF1-27B7B5DEDC3C}\boxore.ico =>Adware.Boxore
~ Update Products: 1 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.79E6443F01B4B1C3B957AA38DDD564FF] [WIS][17/07/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\11aaf5.msi [45056] =>Adware.Boxore
~ WIS: 1 Scanned in 00mn 24s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASAPI32 =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASMANCS =>PUP.iMesh
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASAPI32 =>Rogue.PCRegistryShield
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASMANCS =>Rogue.PCRegistryShield
~ BTK: 193 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/07/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/09/2012 1147424 | (DiskDoctorService) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Demand 31/07/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 29/09/2012 1160224 | (SpeedDiskService) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe
SR - | Auto 08/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 10/05/2011 956192 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 15/04/2011 562176 | (HauppaugeTVServer) . (.Hauppauge Computer Works.) - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
SR - | Auto 05/05/2011 326424 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
SR - | Auto 17/04/2011 130008 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
SR - | Auto 09/04/2014 4343664 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 29/09/2012 792608 | (NU16StartManagerSvc) . (.Symantec.) - C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
SR - | Auto 30/11/2009 244904 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 06/08/2014 5052224 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 05/05/2011 2656536 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 05s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by nico at 20/08/2014 23:43:46
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by nico at 20/08/2014 23:43:48
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (09/08/2014)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 4

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Classes\AppID\npBoxorePlugin.dll] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\AppID\npBoxorePlugin.dll] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4AB7537EEC562384B917A60C59CC9607] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
C:\Program Files (x86)\uTorrent =>P2P.µTorrent^
C:\Users\nico\AppData\Roaming\uTorrent =>P2P.µTorrent^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf^
[HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer^
C:\Windows\Installer\11aaf5.msi =>Adware.Boxore^
~ Additionnel Scan: 325259 Items scanned in 00mn 29s



---\\ Informations complémentaires sur les modules
~
~
~
~
~
~ AMI: 5 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station






~ MSI: 6 link(s) detected in 00mn 00s



End of the scan (1298 lines in 03mn 19s)(0)

[pear]

Vous devez trouver les 2 icônes Zhpdiag, Zhpfix.

sur le bureau ou sinon dans le dossier où vous avez installé Zhpdiag (Program files ->Zhpdiag ->Zhpfix)
Cliquer sur l'icône Zhpfix
Sous Vista et + clic-droit, "Exécuter En tant qu'Administrateur
Copiez/Collez les lignes vertes dans le cadre ci dessous:
pour cela;
Clic gauche maintenu enfoncé, Balayer l'ensemble du texte à copier avec la souris pour le mettre en surbrillance ,de gauche à droite et de haut en bas
Ctrl+c mettre le tout en mémoire
Cliquer Importer
pour inscrire le texte dans la fenêtre vide qui s'ouvre

Script ZHPFix

[MD5.00000000000000000000000000000000] [APT] [{45D4BF53-BF1D-449A-901F-7032A6A199FF}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6D99B6D6-B65F-4F66-9E1C-4B9B772F8DC1}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{74F8B1F1-C538-4D2E-A856-DB2EEE603B72}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E62EF0DF-735A-4CD9-9962-11EDD8F4D69A}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0]
[HKLM\Software\Wow6432Node\Better Surf Plus]
[HKLM\Software\Wow6432Node\Better-Surf]
[HKLM\Software\Wow6432Node\RichMediaViewV1]
[HKLM\Software\Wow6432Node\VideoPlayerV3]
O90 - PUC: "3EABBB7837BC6C44C81F727B5BEDCDC3" . (.Boxore Client.) -- C:\Windows\Installer\{87BBBAE3-CB73-44C6-8CF1-27B7B5DEDC3C}\boxore.ico
[MD5.79E6443F01B4B1C3B957AA38DDD564FF] [WIS][17/07/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\11aaf5.msi [45056]
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASMANCS
[HKLM\Software\Classes\AppID\npBoxorePlugin.dll]
[HKLM\Software\Wow6432Node\Classes\AppID\npBoxorePlugin.dll]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4AB7537EEC562384B917A60C59CC9607]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536]
[HKLM\Software\Wow6432Node\Better-Surf]
[HKLM\Software\Wow6432Node\RichMediaViewV1]
C:\Windows\Installer\11aaf5.msi
[MD5.2A3FB4C98F139038E23330D2439DB8A4] - (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [PID.4112]
P2 - FPN: [HKLM] [@microsoft.com/VirtualEarth3D,version=4.0] - (...) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [EasyPartitionManager] (...) -- C:\Windows\MSetup\BA46-12225A02\EPM.exe (.not file.) [0]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core] (.Facebook Inc..) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA] (.Facebook Inc..) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core.job [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core [902]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA.job [924]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA [924]
O41 - Driver: (gaupdqtc) . (. - .) - C:\Windows\system32\drivers\gaupdqtc.sys (.not file.)
O41 - Driver: (icpjstqc) . (. - .) - C:\Windows\system32\drivers\icpjstqc.sys (.not file.)
O43 - CFD: 20/08/2014 - 18:10:02 - [] ----D C:\ProgramData\boost_interprocess
O61 - LFC: 08/10/2014 - 23:42:24 ---A- . (...) -- C:\Users\nico\AppData\Local\Temp\nsnFE4D.tmp\linker.dll [46080]
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O43 - CFD: 11/01/2013 - 14:05:02 - [] ----D C:\Users\nico\AppData\Local\CRE

EmptyPrefetch
EmptyFlash
EmptyClsid
FirewallRaz
Ifeofix
Proxyfix
ShortcutFix
Sysrestore



Cliquer sur "Go" en bas, à gauche

Redémarrer pour achever le nettoyage.

Copier-coller,dans la réponse, le contenu du rapport ZHPFixReport.txt qui s'affiche .
Si besoin; il est enregistré sous C:\ZHP\ZHPFixReport.txt



Mises à jour Java et Flash:
Télécharger FlashPlayerUpdate.exe

Désactiver l'anti virus provisoirement.
Sous Windows Vista / 7 / 8 (clique-droit > exécuter en tant qu'administrateur


JavaUpdate de Pierre13
Désinstallation des anciennes versions ou corrompues si présentes.
Installation de la dernière version. (si l'utilisateur accepte)
Proposition de désactivation de la mise à jour auto(parce qu'il y a des indésirables qui seraient alors installés)

Java peut mettre en péril la sécurité de votre ordinateur.
Il vous est fortement conseillé de le désactiver de vos navigateurs WEB, si vous en avez pas l'utilité.
Lorsqu'une application Java se présentera, un message d'avertissement vous demandera d'installer Java ou d'activer le plug-in.
Vous le désactiverez dès que vous aurez fini d'utiliser l'application écrite en Java.

Télécharger SFTGC.exe
sur le Bureau, impérativement sous peine de risquer un plantage

Il peut être nécessaire de fermer ou désactiver tous les programmes Antivirus, Antispyware, Pare-feu actifs car ils pourraient perturber le fonctionnement de cet outil
Certains outils sont parfois detectés par votre Anti-virus ou votre Anti-Malware comme étant un "RiskTool", un virus ou un "Trojan", or ce n'est pas le cas.
Comment désactiver les protections résidentes
Bien évidemment, vous les rétablirez ensuite.

Sous XP, double cliquer sur le fichier.
Sous Vista/7/8, clic droit sur le fichier pour Exécuter en tant qu'administrateur.

Après l'initialisation, cliquer sur Gopour lancer le nettoyage.
Un rapport apparait sur le bureau
Les fichiers supprimés sont dans la corbeille.
Cela donne la possibilité de replacer les fichiers supprimés par erreur dans leur dossier original.
Il suffit de faire un clic droit sur le fichier concerné => Restaurer.
Pour les supprimer, clic droit sur la corbeille => Vider la corbeille.

Comment poster les rapports
Aller sur le site :Ci-Joint
Appuyez sur Parcourir et chercher les rapports sur le disque,
Cliquer sur Ouvrir
Cliquer sur Créer le lien CJoint,
>> dans la page suivante --> ,,
une adresse http//.. sera créée
Copier /coller cette adresse dans votre prochain message.

[laya]

Bonjour Pear, voici:

 

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by nico at 21/08/2014 11:20:14
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée (00mn 10s)
Dossier Prefetcher vidé
Réparation des raccourcis navigateur

========== Clés du Registre ==========
SUPPRIMÉ: HKLM\Software\Wow6432Node\Better Surf Plus
SUPPRIMÉ: HKLM\Software\Wow6432Node\Better-Surf
SUPPRIMÉ: HKLM\Software\Wow6432Node\RichMediaViewV1
SUPPRIMÉ: HKLM\Software\Wow6432Node\VideoPlayerV3
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\3EABBB7837BC6C44C81F727B5BEDCDC3]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\3EABBB7837BC6C44C81F727B5BEDCDC3]
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASAPI32
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASMANCS
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASAPI32
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASMANCS
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASAPI32
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASMANCS
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASAPI32
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASMANCS
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASAPI32
SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASMANCS
SUPPRIMÉ: HKLM\Software\Classes\AppID\npBoxorePlugin.dll
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4AB7537EEC562384B917A60C59CC9607
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
SUPPRIMÉ:* Mozilla Plugin: @microsoft.com/VirtualEarth3D,version=4.0
SUPPRIMÉ Driver Key: gaupdqtc
SUPPRIMÉ Driver Key: icpjstqc
Branche de Base de Registres IFEO non infectée !

========== Valeurs du Registre ==========
SUPPRIMÉ: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-In-TCP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-Out-TCP
SUPPRIMÉ: FirewallRaz (None) : {890D4831-4C8C-4804-9B22-C5E3E1FC378B}
SUPPRIMÉ: FirewallRaz (None) : {610A39CB-3318-4677-9574-3629ECF88021}
SUPPRIMÉ: FirewallRaz (None) : {7C73BEC0-BADD-43C9-9AA1-0E1DF420FC0B}
SUPPRIMÉ: FirewallRaz (Domain) : {7C894268-5C52-439B-91C0-0CD501A3B7AE}
SUPPRIMÉ: FirewallRaz (Domain) : {287C5988-0D6D-4743-8973-D2A1AF23A2E3}
SUPPRIMÉ: FirewallRaz (Private) : {E00EDE5A-E273-4970-8CD9-384C061633A2}
SUPPRIMÉ: FirewallRaz (Private) : {076D0F51-7FD8-4EC2-8460-39882788ADFF}
SUPPRIMÉ: FirewallRaz (Public) : {456737AC-C287-4E81-83E8-C396FD067BA6}
SUPPRIMÉ: FirewallRaz (Public) : {AC09E8F5-2942-4A26-9A8E-F99E9CCE30C4}
SUPPRIMÉ: FirewallRaz (Public) : {CC4409FF-739E-4A22-903D-0E8B99C81387}
SUPPRIMÉ: FirewallRaz (Public) : {01511028-3D49-4282-B351-810DE7BD8631}
SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{FFFFCBED-32CE-4F75-946F-857DC598F503}C:\users\nico\appdata\roaming\nosibay\bubble dock\bubble dock.exe
SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{74DF110D-B723-4CF2-BE91-57AC79AEAB29}C:\users\nico\appdata\roaming\nosibay\bubble dock\bubble dock.exe
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide

========== Fichiers ==========
SUPPRIMÉ: C:\Windows\Installer\11aaf5.msi
SUPPRIMÉ: c:\users\nico\appdata\local\temp\nsnfe4d.tmp\linker.dll
SUPPRIMÉS Flash Cookies (0) (0 octets)

========== Tache planifiée ==========
SUPPRIMÉ: {45D4BF53-BF1D-449A-901F-7032A6A199FF}
SUPPRIMÉ: {6D99B6D6-B65F-4F66-9E1C-4B9B772F8DC1}
SUPPRIMÉ: {74F8B1F1-C538-4D2E-A856-DB2EEE603B72}
SUPPRIMÉ: {E62EF0DF-735A-4CD9-9962-11EDD8F4D69A}
SUPPRIMÉ: EasyPartitionManager
SUPPRIMÉ: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core
SUPPRIMÉ: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
24 : Clés du Registre
28 : Valeurs du Registre
1 : Dossiers
3 : Fichiers
7 : Tache planifiée
1 : Restauration Système


End of clean in 00mn 40s

========== Chemin de fichier rapport ==========
C:\Users\nico\AppData\Roaming\ZHP\ZHPFix[R1].txt - 21/08/2014 11:20:25 [5067]