[Résolu] Disparition du bureau

Digger · le 9 décembre 2014

Bonsoir,

Sur un HP sous Win 7édition familiale premium, je n'ai plus de bureau et toutes les difficultés imaginables pour avoir accès à mes dossiers et fichiers.

J'ai lancé un scan Avira et j'ai une liste de Tr qui s'affiche.

TR/ Graftor, BProtector, et des Adware.

Mais même mis en quarantaine, il ne me rendent pas mon bureau ni la facilité d'usage de mon PC.

Quelqu'un peut-il m'aider.

Merci de votre attention.

Bonne soirée.

D.

Modifié le 10 décembre 2014 par Digger

pear · le 9 décembre 2014

Bonsoir,

Suivez cette procédure attentivement, point par point, et postez en les rapports dans l'ordre
Veuillez noter que la désinfection, qui peut demander du temps, ne sera terminée que lorsqu'on vous le dira

Comment poster les rapports
Aller sur le site : Ci-Joint

Appuyer sur Parcourir et chercher les rapports sur le disque,
Cliquer sur Ouvrir
Cliquer sur Créer le lien CJoint,
>> dans la page suivante --> ,,
une adresse http//.. sera créée
Copier /coller cette adresse dans votre prochain message.

Noter que le copier/coller de l'adresse ne fonctionne pas sous Firefox.
Dans ce cas, clic droit sur l'URL et, dans le menu contextuel qui s'ouvre, choisir « Copier l'adresse du lien
Copier /coller cette adresse dans votre prochain message.
Ne postez jamais vos réponses dans un message antérieur mais dans un nouveau message sinon nous ne sommes pas avertis de votre nouvelle réponsei

1)Si vous avez Adwcleaner depuis quelque temps, désinstallez le et installez la dernière version
T é l é charger AdwCleaner
S ou s Vi s ta et Windows 7_ 8-> Exé cuter en tant qu'adminis trateur
Afin de ne pas faus s er les rapports ,S canner et Nettoyer ne doivent ê tre lancé s qu'une s eule fois
Cliquez s ur S canner

Nettoyage A faire s an s d é lai
Cliquez s ur Nettoyer et po s tez le rapport C:\AdwCleaner[s ?].txt
Après redémarrage , un rapport à poster sera sur le bureau

2)Télécharger Junkware Removal Tool de thisisu
OS:Windows XP/Vista/7/8
Utilisable sur systèmes 32-bits et 64-bits

Clilquez sur Jrt.exe avec droits administrateur.
Si votre antvirus râle,Vous le signalez comme acceptable dans les exceptions de votre antivirus
Une fenêtre noire s'ouvre qui vous dit de cliquer une touche pour lancer le scan.

L'outil va prendre quelques minutes pour fouiller votre machine.
Patientez jusqu'à l'apparition de Jrt.txt dont vous posterez le contenu.

3)Téléchargez Malwarebytes Anti-Malware
Ici

ou là:
et enregistrez-le sur le Bureau.
Faites un double clic sur mbam-setup-2.0.0.1000.exe et suivez les invites pour installer le programme.
Cliquer Setting pour le mettre en Français
vérifiez que cette cases Lancer Malwarebytes Anti-Malware est bien cochée.
Un essai gratuit de 14 jours des fonctions de la version Premium(payante) est pré-sélectionné, décochez le.
Cela ne diminuera pas les capacités d'analyse et de suppression du programme.
Cliquez sur Terminer.

Dans l'onglet Paramètres > Sous-onglet Détection et Protection, Options de détection, cochez la case située devant Recherche de Rootkits
Sur le Tableau de bord, cliquez sur le lien Mettre à jour .
Si , par la suite, vos bases de données sont obsolètes vous en serez averti et invtié à Corriger maintenant.

Après la mise à jour,Connecter les supports amovibles (USB) et cliquer sur Examen-> Examen personnalisé
Cochez tout
cliquez sur le bouton Examiner maintenant .

Si Malewarebytes ne se lançait pas utilisez Chameleon
et
Si Mbam renacle ou plante, lancez Lancer Mbam-clean.exe
et réinstallez le

Si des éléments sont détectés, cliquez sur Appliquer les actions pour que MBAM nettoye ce qu'il a détecté.
Dans la plupart des cas, un redémarrage sera nécessaire.
Attendez l'affichage du message vous invitant à faire redémarrer le PC, puis cliquez sur Oui

(Copier dans le Presse-papiers pour coller dans une réponse sur le forum)
Après le redémarrage, quand vous êtes de retour sur le Bureau, ouvrez de nouveau MBAM.
Cliquez sur l'onglet Historique > Journaux de l'application.
Faites un double clic sur le Journal d'examen dont les date et heure correspondent à l'analyse qui vient d'être effectuée.
Cliquez sur Afficher puis Copier dans le Presse-papiers
les rapports sont également stockés dans l'emplacement suivant par défaut:
pour Vista/Win7/8 : C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
pour Windows XP : C:\Documents et Settings\All Users\Application Malwarebytes Malwarebytes Anti-Malware\Logs
Collez le contenu du Presse-papiers dans votre prochaine réponse.

4)Il faut Réinitialiser votre Navigateur
en cliquant ici

Cela désinstallera plugins et extensions que vous pourrez réinstaller avec la prudence nécessaire

5)Lancer Shortcut Cleaner
Cet utilitaire va chercher sur votre ordinateur les raccourcis détournés par des logiciels indésirables.
Les raccourcis défectueux seront automatiquement nettoyés.

6)Nouveau rapport Zhpdiag
Télécharger Zhpdiag

Double-cliquer sur ZHPDiag.exe pour installer l'outil
Il devrait y avoir 2 icônes sur le bureau ou dans le fichier d'installation de Zhpdiag.

633672AshampooSnap2014032608h35m23s001.p
Sous XP, double clic sur l'icône ZhpDiag
Sous Vista et +, faire un clic droit et Exécuter en tant qu'administrateur

Cliquez sur le bouton Complet

Patientez quelques instants
Le rapport ZhpDiag.txt apparaitra sur le bureau

Digger · le 9 décembre 2014

Bonsoir,

Merci de votre attention.

Voici le rapport Adwcleaner.

http://cjoint.com/?3LjuNuYpSxs

Le rapport JRT.

http://cjoint.com/?3Lju6vLppXA

Le MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 09/12/2014
Scan Time: 21:04:52
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.09.07
Rootkit Database: v2014.12.08.03
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Amélie

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349085
Time Elapsed: 45 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 7
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, Delete-on-Reboot, [705b62feccb0a39309fca0c1838047b9],
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Freeven pro 1.2, Delete-on-Reboot, [fad1134df48888ae7dc5ed7f0201e818],
PUP.Optional.HQVPro.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQ-VPro-1.71, Delete-on-Reboot, [d1fa95cb9ce0c4720a74374020e3be42],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, Delete-on-Reboot, [d5f6510f0379c27442034a5ea55faf51],
PUP.Optional.DealPly.A, HKU\S-1-5-21-1077468728-3723488142-706827812-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, Delete-on-Reboot, [557648182d4f9a9c25b4492714efbd43],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],

Registry Values: 1
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, Delete-on-Reboot, [d5f6510f0379c27442034a5ea55faf51]

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.SecurySurf.A, C:\Users\Amélie\AppData\Roaming\Mozilla\Firefox\Profiles\6g9jy6iu.default-1378547525057\extensions\toolbar@muzeen.com, Quarantined, [319a0858522af6403edf4ee0cb380cf4],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],

Files: 104
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Quarantined, [48832838fc80a39330a27dc02bd558a8],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, Quarantined, [c704fb659ae284b2659afb386b9a5aa6],
PUP.Optional.MultiPlug, C:\Users\Amélie\AppData\Local\Temp\k89xD6K9.exe.part, Quarantined, [0fbce37dfd7fbe78666a3912e917ad53],
PUP.Optional.Outbrowse, C:\Users\Amélie\AppData\Local\Temp\4_EoBJBI.exe.part, Quarantined, [c90284dc6d0fe2549a96912356ab867a],
PUP.Optional.OptChrome.A, C:\Users\Amélie\AppData\Local\Temp\OptChrome.exe, Quarantined, [399283ddc0bc73c3827c4cd26b95ae52],
PUP.AddLyrics, C:\Users\Amélie\AppData\Local\Temp\AddLyrics3.EXE, Quarantined, [9536124edca0b87e33ce8a9611f0758b],
PUP.Optional.DomaIQ, C:\Users\Amélie\AppData\Local\Temp\tSeouEUR.exe.part, Quarantined, [4388352b95e766d07756104a51af44bc],
PUP.Optional.SweetIM, C:\Users\Amélie\AppData\Local\Temp\simbo.exe, Quarantined, [616a451b740846f0d1fd3a52877eb34d],
PUP.Optional.DomaIQ, C:\Users\Amélie\AppData\Local\Temp\a49RPLjY.exe.part, Quarantined, [ab20f56bd9a381b5252764cd52afce32],
PUP.Optional.SearchProtect.A, C:\Users\Amélie\AppData\Local\Temp\nsy4437.exe, Quarantined, [02c91e42dca038feee45ab9bcc35b34d],
PUP.Optional.SearchProtect.A, C:\Users\Amélie\AppData\Local\Temp\nsyFAC7.exe, Quarantined, [e5e6e47cbbc181b51d1693b3af525ba5],
PUP.Optional.Amonetize.A, C:\Users\Amélie\AppData\Local\Temp\UpdUninstall.exe, Quarantined, [7457530d95e7da5c916c3ef713eeb14f],
PUP.Optional.SearchProtect.A, C:\Users\Amélie\AppData\Local\Temp\nsbD6E5.exe, Quarantined, [a922f66ac8b46bcb41f2c185b44dff01],
PUP.Optional.SearchProtect.A, C:\Users\Amélie\AppData\Local\Temp\nsd4C43.exe, Quarantined, [ebe06cf41f5d38fe52e153f3857cbd43],
PUP.Optional.SearchProtect.A, C:\Users\Amélie\AppData\Local\Temp\nsd52AA.exe, Quarantined, [537869f73844ac8a5ad9e2644bb658a8],
PUP.Optional.SearchProtect.A, C:\Users\Amélie\AppData\Local\Temp\nsiF5D6.exe, Quarantined, [b813204086f652e48da6e660ef12ae52],
PUP.Optional.Wajam.A, C:\Users\Amélie\AppData\Local\Temp\wajam_install.exe, Quarantined, [bb10b7a9f38979bd371867e077893dc3],
PUP.Optional.Conduit.A, C:\Users\Amélie\AppData\Local\Temp\SPSetup.exe, Quarantined, [f8d3a1bfb2cafb3bd55178c300013ec2],
PUP.Optional.BubbleDock.A, C:\Users\Amélie\AppData\Local\Temp\bubble.exe, Quarantined, [339847197b0171c55b0360f7d52c9769],
PUP.Optional.DomaIQ, C:\Users\Amélie\AppData\Local\Temp\XZGzLDmF.exe.part, Quarantined, [636873edafcd072f9d30e87239c7718f],
PUP.Optional.Firseria, C:\Users\Amélie\AppData\Local\Temp\39_1gSG2.exe.part, Quarantined, [1ab10e52f18b44f20a97dbb3aa5ba060],
PUP.Optional.SearchProtect.A, C:\Users\Amélie\AppData\Local\Temp\nsdFF2B.exe, Quarantined, [ecdf81dfb0cc2a0c3cf7d76fd42d59a7],
PUP.Optional.SmartBar.A, C:\Users\Amélie\AppData\Local\Temp\Installer.exe, Quarantined, [a4276cf49ae2d75f1090e03e847c41bf],
PUP.Optional.NewPlayer, C:\Users\Amélie\AppData\Local\Temp\mainapp.exe, Quarantined, [3992cd93a5d726103246863cbb4642be],
PUP.Optional.MyPCBackup.A, C:\Users\Amélie\AppData\Local\Temp\BackupSetup.exe, Quarantined, [fecdde823547d264bc27548dd22fc13f],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\4F89BF5D-BAB0-7891-BB0F-7DBA2003BCAC\Latest\CrxInstaller.dll, Quarantined, [0ebd77e99ddfa39300ed5adbf20ff30d],
PUP.Optional.Delta, C:\Users\Amélie\AppData\Local\Temp\4F89BF5D-BAB0-7891-BB0F-7DBA2003BCAC\Latest\MyDeltaTB.exe, Quarantined, [f5d6114f126a4beb0ecd998cdc25a35d],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\4F89BF5D-BAB0-7891-BB0F-7DBA2003BCAC\Latest\Setup.exe, Quarantined, [c60575ebf7857bbbd2ccd549c8388b75],
PUP.Optional.BabylonToolBar.A, C:\Users\Amélie\AppData\Local\Temp\528E59C1-BAB0-7891-A6A0-4BE1D0256D24\MyBabylonTB.exe, Quarantined, [af1c7de3b1cb85b15a0637fd5ea3ad53],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\DCDFF0CC-BAB0-7891-925B-9903FC02C8B4\Setup.exe, Quarantined, [7c4f2a36a1db112565c166b95aa6b64a],
PUP.Optional.BabylonToolBar.A, C:\Users\Amélie\AppData\Local\Temp\DCDFF0CC-BAB0-7891-925B-9903FC02C8B4\Latest\MyBabylonTB.exe, Quarantined, [5477b9a77a02ac8a362b78bc808126da],
PUP.Optional.BubbleDock.A, C:\Users\Amélie\AppData\Local\Temp\1342014150549\Uninstall Bubble Dock.exe, Quarantined, [c902d98715670e28bca259fe17ea34cc],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\142CCD9E-BAB0-7891-83F8-32BC45D9E77C\Latest\BExternal.dll, Quarantined, [0ebd79e7b5c7b383af9b35eee51b30d0],
PUP.Optional.BabSolution.A, C:\Users\Amélie\AppData\Local\Temp\142CCD9E-BAB0-7891-83F8-32BC45D9E77C\Latest\BUSolution.dll, Quarantined, [b813abb57507bb7bf940f039669bf10f],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\142CCD9E-BAB0-7891-83F8-32BC45D9E77C\Latest\CrxInstaller.dll, Quarantined, [ad1eb0b0e29abd79b73669cc9170d32d],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\142CCD9E-BAB0-7891-83F8-32BC45D9E77C\Latest\MntrDLLInstall.dll, Quarantined, [d4f7431def8df3436589d1647b8644bc],
PUP.Optional.Delta.A, C:\Users\Amélie\AppData\Local\Temp\142CCD9E-BAB0-7891-83F8-32BC45D9E77C\Latest\MyDeltaTB.exe, Quarantined, [73580e52e696d66052d63e4f639e5ca4],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\142CCD9E-BAB0-7891-83F8-32BC45D9E77C\Latest\Setup.exe, Quarantined, [bf0cbea2621a4fe79ff5b06e34cc18e8],
PUP.Optional.BabylonToolBar.A, C:\Users\Amélie\AppData\Local\Temp\7B37F09C-BAB0-7891-B2D2-A647D2EB559F\MyBabylonTB.exe, Quarantined, [3695cd93314b48eeadb351e3748d5fa1],
Backdoor.Bot, C:\Users\Amélie\AppData\Local\Temp\89eed4fd-e1ed-4bd2-8533-6b861f7af39f\android.exe, Quarantined, [7259a4bc433956e0748e5535f70ad729],
Backdoor.Bot, C:\Users\Amélie\AppData\Local\Temp\5f0c9f8b-3865-4dee-b171-b6cfb3439aa6\android.exe, Quarantined, [bc0f1947fb812a0cb44e3456c041ea16],
PUP.Optional.SupraSavings.A, C:\Users\Amélie\AppData\Local\Temp\5f0c9f8b-3865-4dee-b171-b6cfb3439aa6\software\F978377C-B7D4-4536-8E10-14CA97B13394.exe, Quarantined, [dbf0a3bd97e5b87e2fd79416a2609b65],
Backdoor.Bot, C:\Users\Amélie\AppData\Local\Temp\f8f2be5f-7ee8-48a8-b944-45ffd533ef79\android.exe, Quarantined, [e9e2243c1c600c2af30f8406ab56c23e],
PUP.Optional.BabylonToolBar.A, C:\Users\Amélie\AppData\Local\Temp\D7710513-BAB0-7891-A0D4-F743E6D4DA82\MyBabylonTB.exe, Quarantined, [a724b8a827554aec67f9a98ba55c6799],
Trojan.RotBrowse, C:\Users\Amélie\AppData\Local\Temp\nsiA90B.tmp\installutils.dll, Quarantined, [b7140759aeceaf874903cf69b352ab55],
PUP.Optional.PerformerSoft.A, C:\Users\Amélie\AppData\Local\Temp\nsiA90B.tmp\kerberos_bho.dll, Quarantined, [3e8d72eeb1cb70c64dea073d0df303fd],
Backdoor.Bot, C:\Users\Amélie\AppData\Local\Temp\3b21a5af-d9ac-4fcf-bbb2-52ace9f2e4dc\android.exe, Quarantined, [e3e8b0b01a6224122fd3256554ada15f],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\is1275519350\DeltaTB.exe, Quarantined, [b615233d99e30036ac19af739a6717e9],
PUP.Optional.OptimizePro.A, C:\Users\Amélie\AppData\Local\Temp\is1275519350\OptimizerPro.exe, Quarantined, [c4070957780453e3ddc24cd287790000],
PUP.Optional.SkyTech.A, C:\Users\Amélie\AppData\Local\Temp\fullpackage_temp1397067318\alilog.dll, Quarantined, [14b7a7b9c4b8fc3a4f01d121b84936ca],
PUP.Optional.SkyTech.A, C:\Users\Amélie\AppData\Local\Temp\fullpackage_temp1397067318\package1.zip, Quarantined, [aa2182de3844a78fe26eb141f0117c84],
PUP.Optional.V9.A, C:\Users\Amélie\AppData\Local\Temp\fullpackage_temp1397067318\qSE.exe, Quarantined, [0fbc233d067623135dbca3a642be32ce],
PUP.Optional.IePluginService.A, C:\Users\Amélie\AppData\Local\Temp\fullpackage_temp1397067318\tmp\SupTab.exe, Quarantined, [5477c39dfe7e2412a968f182a958ff01],
PUP.Optional.BabSolution.A, C:\Users\Amélie\AppData\Local\Temp\BBDA3D42-BAB0-7891-90E0-9401FBAC1AC5\Latest\BUSolution.dll, Quarantined, [0ac1fa6653291b1bd663aa7f09f8aa56],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\BBDA3D42-BAB0-7891-90E0-9401FBAC1AC5\Latest\CrxInstaller.dll, Quarantined, [b516f56b81fb58de31bcb0852ed32ad6],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\BBDA3D42-BAB0-7891-90E0-9401FBAC1AC5\Latest\MntrDLLInstall.dll, Quarantined, [1bb0e17f80fcff3741addc59e0212ad6],
PUP.Optional.MixiDJ.A, C:\Users\Amélie\AppData\Local\Temp\BBDA3D42-BAB0-7891-90E0-9401FBAC1AC5\Latest\MyMixiTB.exe, Quarantined, [a62576ea44385dd9da947db2a859f20e],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\BBDA3D42-BAB0-7891-90E0-9401FBAC1AC5\Latest\NTRedirect.dll, Quarantined, [e4e7d58b5a22270f839fb95708fd0cf4],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\BBDA3D42-BAB0-7891-90E0-9401FBAC1AC5\Latest\Setup.exe, Quarantined, [379478e88cf06dc942523ee0817f23dd],
Backdoor.Bot, C:\Users\Amélie\AppData\Local\Temp\android\android.exe, Quarantined, [cefdd48ca7d55dd9c042e8a2a16032ce],
PUP.Optional.Pricora.A, C:\Windows\Temp\35329_updater.exe, Quarantined, [cffccd9396e6a1954e63f5aac73aae52],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh1873.exe, Quarantined, [ca01c19f4d2f40f6e3508cba6c958878],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh3787.exe, Quarantined, [efdc84dc2c505dd97fb40f3722df3cc4],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsi1DE1.exe, Quarantined, [1ead9fc1c6b6251170c3fc4ad42d47b9],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsi896E.exe, Quarantined, [4f7c58081d5fed49c3705aec37ca58a8],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn8460.exe, Quarantined, [f1da322e4c30e0567db689bd9c65bb45],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnB2B0.exe, Quarantined, [27a490d058243501ef4459edf20f9c64],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss239B.exe, Quarantined, [3f8cd888c2baed49fd369aac7e83d32d],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nssB233.exe, Quarantined, [5873d38d3f3d1e1872c12b1b877aca36],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx1883.exe, Quarantined, [ad1e39278bf167cf3bf8c77f40c1b64a],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx3749.exe, Quarantined, [616a6cf4dba18da90132093dd22fe31d],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx6D27.exe, Quarantined, [329983dd116b90a62112b09640c1926e],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn84FC.exe, Quarantined, [656648185c2022142211d67044bd9e62],
PUP.Optional.DomaIQ, C:\Users\Amélie\Downloads\Setup(2).exe, Quarantined, [428992ce146840f6556f497a32cf4fb1],
PUP.Optional.MultiPlug, C:\Users\Amélie\Downloads\webplayer_fr(5).exe, Quarantined, [804bc29e344890a6f6da0645be42d42c],
PUP.Optional.Firseria, C:\Users\Amélie\Downloads\FLV_Media_Player.exe, Quarantined, [4c7f76eaf4888ea8069b47479b6a47b9],
PUP.Optional.BundleInstaller.A, C:\Users\Amélie\Downloads\Java(1).exe, Quarantined, [507bf769324a8aac2826521009f802fe],
PUP.Optional.DomaIQ, C:\Users\Amélie\Downloads\Java(2).exe, Quarantined, [4b8097c918642e0874b9b09235cbec14],
PUP.Optional.BundleInstaller.A, C:\Users\Amélie\Downloads\Java.exe, Quarantined, [82492838bdbf2313bb93540e7d840ef2],
Adware.Boxore, C:\Windows\Installer\13c78.msi, Quarantined, [29a2a4bc1e5e0432cf8918a2738d53ad],
Adware.Boxore, C:\Windows\Installer\1dd9b5.msi, Quarantined, [3c8f055bacd014227adec1f98a76b050],
Adware.Boxore, C:\Windows\Installer\37e56d.msi, Quarantined, [0bc0f36d82fad95d43156555847c06fa],
Adware.Boxore, C:\Windows\Installer\20724b.msi, Quarantined, [6764ed7347354aecc5931d9d25db669a],
PUP.Optional.Yontoo.A, C:\Users\Amélie\AppData\Local\Temp\YontooLayers.crx, Quarantined, [fdce8bd52458bf77828958f213f0ee12],
PUP.Optional.SweetPacks.A, C:\Users\Amélie\AppData\Local\Temp\BundleSweetIMSetup.exe, Quarantined, [e1ea77e99fddf343f9f8de8551b2ed13],
PUP.Optional.Babylon.A, C:\Users\Amélie\AppData\Local\Temp\MybabylonTB.exe, Quarantined, [94378bd568141f17a94a62015ca7f808],
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-3.6-chromeinstaller, Quarantined, [1ead4d13b1cbf541da507ce84fb460a0],
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-3.6-codedownloader, Quarantined, [ae1df46c1666280e7dadd88c768d6d93],
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-3.6-enabler, Quarantined, [418a461a215bdb5be94186deaa59c43c],
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-3.6-firefoxinstaller, Quarantined, [f6d5bea2720a4ee83eec5a0ac24139c7],
PUP.Optional.PlusHD.A, C:\Windows\System32\Tasks\Plus-HD-3.6-updater, Quarantined, [10bb62fee993af87ee3c5c081be8ba46],
PUP.Optional.Elex.A, C:\User Data\Default\Extensions\newtab.crx, Quarantined, [4883fa660775da5c0d0562437e867789],
PUP.Optional.SecurySurf.A, C:\Users\Amélie\AppData\Roaming\Mozilla\Firefox\Profiles\6g9jy6iu.default-1378547525057\extensions\toolbar@muzeen.com\YG_toolbar.xml, Quarantined, [319a0858522af6403edf4ee0cb380cf4],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\GoogleCrashHandler.exe, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\GoogleUpdate.exe, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\GoogleUpdateBroker.exe, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\GoogleUpdateHelper.msi, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\GoogleUpdateOnDemand.exe, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\goopdate.dll, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\goopdateres_en.dll, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\npGoogleUpdate4.dll, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\psmachine.dll, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.GlobalUpdate.A, C:\Users\Amélie\AppData\Local\Temp\comh.114889\psuser.dll, Quarantined, [c308a1bfbcc02b0b6e7dbf72b05316ea],
PUP.Optional.SweetPage.A, C:\Users\Amélie\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "search_url": "http://www.sweet-page.com/web/?type=ds&ts=1397067390&from=ill&uid=TOSHIBAXMK1059GSM_Z0A1F16JSXXZ0A1F16JS&q={searchTerms}"), Replaced,[64676cf4295310264825514f8382ff01]

Physical Sectors: 0
(No malicious items detected)

(end)

Je poursuis le processus.

Et voilà le ZHPdiag:

~ Rapport de ZHPDiag v2014.12.9.172 - Nicolas Coolman (09/12/2014)
~ Lancé par Amélie (09/12/2014 22:28:05)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user

---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17420
MFIE: Mozilla Firefox 23.0.1 (Defaut)
GCIE: Google Chrome v18.0.1025.142

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows® 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.7.342
Malwarebytes Anti-Malware version 2.0.4.1028
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5610 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 803 GB (87%) free of 914 GB

---\\ Mode de connexion au système
~ Computer Name: AMÉLIE-HP
~ User Name: Amélie
~ All Users Names: Amélie, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Amélie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Amélie\AppData\Roaming\
~ %Desktop% : C:\Users\Amélie\Desktop\
~ %Favorites% : C:\Users\Amélie\Favorites\
~ %LocalAppData% : C:\Users\Amélie\AppData\Local\
~ %StartMenu% : C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 803 Go of 914 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 18 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.30/08/2011 - 02:40:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/11/2014 - 03:17:24.) -- C:\Windows\System32\wininet.dll [2365440]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.30/08/2011 - 02:45:00.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/7843
~ Mes musiques (My Musics) : 5/12
~ Mes Videos (My Videos) : 1/52
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 27/152
~ Mon Bureau (My Desktop) : 1/100
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 07s

---\\ Processus lancés
[MD5.D59ABED205F424BD4C52419479930BE9] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296] [PID.1876]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.2108]
[MD5.894CE4301565675306C05BC50B9523DE] - (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520] [PID.4356]
[MD5.E4401CF27225C1D6E664E86195978562] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544] [PID.2476]
[MD5.616954748C2F28D653C7BAE814CA51FD] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736] [PID.2564]
[MD5.3E1E0A83941B0402330858B3851648EB] - (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1238016] [PID.568]
[MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896] [PID.4496]
[MD5.1F1A53C41C4A2C618D7230C8CDEC3622] - (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040] [PID.2628]
[MD5.5909C378DF9132FC91F50AF70A53455A] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208] [PID.4376]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.4800]
[MD5.1F85A80EBC4C4C1D562094F5AB231077] - (.Adobe Systems Incorporated - Adobe IPC Broker.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe [769904] [PID.3152]
[MD5.DF3EC5F7ABD8AC1BE5C0C9486029826E] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [13600] [PID.2364]
[MD5.24C60E57189A5475B439D60C64163DF0] - (.Adobe Systems Incorporated - Adobe CEF Helper.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe [490360] [PID.2988]
[MD5.3C13F26A4766752314A5413038BD86B4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.1764]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [276376] [PID.6316]
[MD5.2E30F0D775442FFBF68E7AB4603BFFDB] - (.Nicolas Coolman - ZHPFix.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPFix.exe [3060224] [PID.7092]
[MD5.4330CAC3B2F32BFDA44E5749D7D99E5E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8138752] [PID.5560]
[MD5.6F1BBF101B6DC9D34A564C2009D83B63] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888] [PID.1592]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1848]
[MD5.6F1BBF101B6DC9D34A564C2009D83B63] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888] [PID.2008]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.2028]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.2004]
[MD5.B19FF523B533A3F198B9239E1749C940] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [227896] [PID.2076]
[MD5.F630DD7564EBB7248A13B1CC774D9EA6] - (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [26680] [PID.2100]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2468]
[MD5.F21955927D1C99206A8B91DE2CCE85E1] - (.Avira Operations GmbH & Co. KG - Avira.OE.ServiceHost.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656] [PID.2664]
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.2860]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.3188]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [PID.4536]
[MD5.01091B900E15878B4434F9C726C4541D] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [991288] [PID.772]
[MD5.C5D2F308E1C12A5C328EF549696DBC05] - (.Hewlett-Packard Development Company L.P. - HP Connection Manager Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [1098296] [PID.4120]
~ Processes Running: Scanned in 00mn 01s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Amélie\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Amélie\AppData\Roaming\Mozilla\Firefox\Profiles\b1o3mam6.default-1418159941597\prefs.js
C:\Users\Amélie\AppData\Roaming\Mozilla\Firefox\Profiles\X9DUmzCC.default\prefs.js (.not file.)
M2 - MFEP: RegExtension {b5ad6039-a173-4149-9dcf-d04371526253} . (...) -- C:\Program Files (x86)\Lyrics_Monkey\131.xpi (.not file.) =>Adware.AddLyrics
M2 - MFEP: prefs.js [Amélie - X9DUmzCC.default\abs@avira.com] [] Avira Browser Safety v1.4.0 (..)
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.11.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Share.) -- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect_x86_64] - (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.0.0f7.) -- C:\Users\Amélie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 10 Scanned in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17239 (winblue_gdr.140724-2228)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 25 Scanned in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion au compte Microsoft [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.dll =>.Microsoft Corporation
O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
~ BHO: 9 Scanned in 00mn 00s

---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [sysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [chromium] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_239_Plugin.exe
O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [HPConnectionManager] . (.Hewlett-Packard Development Company L.P. - HPCMDelayStart Application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [Magic Desktop for HP notification] . (.Easybits - Software update notification.) -- C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_53] C:\Program Files (x86)\tuto4pc_fr_53\tuto4pc_fr_53.exe (.not file.) =>PUP.AgenceExclusive
O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1077468728-3723488142-706827812-1001\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-1077468728-3723488142-706827812-1001\..\Run: [chromium] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-1077468728-3723488142-706827812-1001\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_239_Plugin.exe
~ Application: Scanned in 00mn 00s

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000010\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
~ Winsock: 10 Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A8BA60B-7775-4121-99C2-A55DC5A75E93}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{949AF40B-F266-4A99-B31A-D2ED60BC5959}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8A8BA60B-7775-4121-99C2-A55DC5A75E93}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{949AF40B-F266-4A99-B31A-D2ED60BC5959}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8A8BA60B-7775-4121-99C2-A55DC5A75E93}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{949AF40B-F266-4A99-B31A-D2ED60BC5959}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira.OE.ServiceHost.) - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: HP Health Check Service (HP Health Check Service) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (.not file.)
O23 - Service: HP Client Services (HPClientSvc) . (.Hewlett-Packard Company - HP Client Services.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe
~ Services: 17 Scanned in 00mn 13s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s

---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
[MD5.749F94C424524285DCDA84D695ABC12F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-1077468728-3723488142-706827812-1001Core] (...) -- C:\Users\Amélie\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-1077468728-3723488142-706827812-1001UA] (...) -- C:\Users\Amélie\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176]
[MD5.00000000000000000000000000000000] [APT] [softwareUpdateTaskMachineCore1cd48c6160dca29] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.) [0] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [softwareUpdateTaskMachineUA1cd48c616873057] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.) [0] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [{08080665-9E0B-4179-860E-34E29579D572}] (...) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1662C64C-8D78-4694-9001-B1B4F9ABFE84}] (...) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{262AE49F-A8D6-43A9-83B1-C254861BB1DB}] (...) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6C21F39C-9B43-46E6-9640-F3CA3949E106}] (...) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (.not file.) [0]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] [APT] [{6E6AE9AC-1079-416C-A739-48F86AC23AC6}] (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [276376]
[MD5.00000000000000000000000000000000] [APT] [{78C0D1C1-4D88-4C1D-8825-CE6B814DF6F0}] (...) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B66BC3E7-A06F-455B-BE45-6900405AE413}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E0A9EBB3-2238-40C4-A976-BF67F29A54D7}] (...) -- C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1064]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1064]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1068]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1068]
O39 - APT: SoftwareUpdateTaskMachineCore1cd48c6160dca29 - (...) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore1cd48c6160dca29.job [1084]
O39 - APT: SoftwareUpdateTaskMachineCore1cd48c6160dca29 - (...) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore1cd48c6160dca29 [1084]
O39 - APT: SoftwareUpdateTaskMachineUA1cd48c616873057 - (...) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA1cd48c616873057.job [1088]
O39 - APT: SoftwareUpdateTaskMachineUA1cd48c616873057 - (...) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA1cd48c616873057 [1088]
~ Scheduled Task: 22 Scanned in 00mn 11s

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s

---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 66 Scanned in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: 4 Elements - (.WildTangent.) [HKLM][64Bits] -- WTA-e185b4df-a3cf-4afb-8e5a-468411cba8e7 =>.WildTangent
O42 - Logiciel: 4 Elements II - (.WildTangent.) [HKLM][64Bits] -- WTA-e67856a5-6a79-4466-987f-4d8e946b5f3e =>.WildTangent
O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: AGEIA PhysX v7.07.09 - (.AGEIA Technologies, Inc..) [HKLM][64Bits] -- {65F1CF63-31E0-450B-96F3-4A88BE7361A6}
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD System Monitor - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {942836D4-5395-652B-F1E8-A7C5B039910C}
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B92C2C6C-F70E-497B-88A7-1FEF9888272B}
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud
O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.11) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Agatha Christie - Peril at End House - (.WildTangent.) [HKLM][64Bits] -- WT089362 =>.WildTangent
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {CCE825DB-347A-4004-A186-5F4A6FDD8547}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {D70884EA-E2CE-4539-91DB-4766CC1E5F5F}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Avira Free Antivirus v14.0.7.342 - (.Avira.) [HKLM][64Bits] -- Avira AntiVir Desktop
O42 - Logiciel: Avira v1.1.25.25607 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {9480d4af-12b9-4e56-8034-4031ef6ab39d}
O42 - Logiciel: Avira v1.1.25.25607 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {D2763B4E-5BF4-468B-BB00-9B3B121E0FB2}
O42 - Logiciel: Big Fish Games: Game Manager - (...) [HKLM][64Bits] -- BFGC
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {47C125F4-DA4F-430F-B62F-6471F346F0CE} =>Adware.Boxore
O42 - Logiciel: Broadcom 2070 Bluetooth 3.0 - (.Broadcom Corporation.) [HKLM][64Bits] -- {436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
O42 - Logiciel: Broadcom 802.11 Wireless LAN Adapter - (.Broadcom Corporation.) [HKLM][64Bits] -- Broadcom 802.11 Wireless LAN Adapter
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {0F69006A-CD2F-4C12-A786-C659C8F98423}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Duuqu Update Helper - (.Duuqu Group.) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Duuqu
O42 - Logiciel: ESU for Microsoft Windows 7 - (.Hewlett-Packard.) [HKLM][64Bits] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: Energy Star Digital Logo - (.Hewlett-Packard.) [HKLM][64Bits] -- {BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
O42 - Logiciel: Evernote v. 4.2.2 - (.Evernote Corp..) [HKLM][64Bits] -- {F761359C-9CED-45AE-9A51-9D6605CD55C4}
O42 - Logiciel: Facebook Video Calling 1.2.0.287 - (.Skype Limited.) [HKLM][64Bits] -- {B92C5909-1D37-4C51-8397-A28BB28E5DC3}
O42 - Logiciel: FrameFox Extensions 1.0.6.0 - (.QwertyBox Team.) [HKLM][64Bits] -- {1E1C6F6C-55FA-4061-A3A0-5BDDE310CA27} =>PUP.FrameFox
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {F0F4DE4E-9EC6-4E63-A386-39E3421D3D83}
O42 - Logiciel: HP Auto - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
O42 - Logiciel: HP Client Services - (.Hewlett-Packard.) [HKLM][64Bits] -- {2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
O42 - Logiciel: HP Connection Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {795AADBF-58C2-42D0-B779-E730702A247E}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP DVB-T TV Tuner 8.0.64.43 - (...) [HKLM][64Bits] -- HP DVB-T TV Tuner
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent hp Master Uninstall =>.WildTangent
O42 - Logiciel: HP On Screen Display - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}
O42 - Logiciel: HP Power Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {872B1C80-38EC-4A31-A25C-980820593900}
O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {EB58480C-0721-483C-B354-9D35A147999F}
O42 - Logiciel: HP Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {210A03F5-B2ED-4947-B27E-516F50CBB292}
O42 - Logiciel: HP Setup Manager - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {AE856388-AFAD-4753-81DF-D96B19D0A17C}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6384C914-A4BC-40B6-8059-29AD4E65F4B6}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E92D47A1-D27D-430A-8368-0BAFD956507D} =>.Hewlett-Packard Co
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Inpaint 6.0 - (.Teorex.) [HKLM][64Bits] -- {2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1
O42 - Logiciel: Java 7 Update 60 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217060FF}
O42 - Logiciel: Java 6 Update 24 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416024FF}
O42 - Logiciel: Java 6 Update 33 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall =>.WildTangent
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM][64Bits] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13}
O42 - Logiciel: Mozilla Firefox 23.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-007E-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0409-1000-0000000FF1CE}
O42 - Logiciel: Photorécit 3 pour Windows - (.Microsoft Corporation.) [HKLM][64Bits] -- {4F41AD68-89F2-4262-A32C-2F70B01FCE9E}
O42 - Logiciel: PlayerPlus - (...) [HKLM][64Bits] -- PlayerPlus
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C}
O42 - Logiciel: Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {DBCD5E64-7379-4648-9444-8A6558DCB614}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent
O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Visionneuse Microsoft PowerPoint - (.Microsoft Corporation.) [HKLM][64Bits] -- {95140000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: WMV9/VC-1 Video Playback - (.ATI Technologies Inc..) [HKLM][64Bits] -- {CB1A2FE6-2BDF-DECC-C91B-4E5FFD59C5D6}
O42 - Logiciel: WildTangent Games App (HP Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp =>.WildTangent
O42 - Logiciel: WinRAR 5.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Xvid MPEG-4 Video Codec - (...) [HKLM][64Bits] -- Xvid_is1
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {0E5D76AD-A3FB-48D5-8400-8903B10317D3}
~ Logic: 64 Scanned in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\Big Fish Games, Inc.]
[HKCU\Software\Big Fish Games]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DM]
[HKCU\Software\DSP-worx]
[HKCU\Software\DivX]
[HKCU\Software\Dnldstr_Aggregator]
[HKCU\Software\Electronic Arts]
[HKCU\Software\Facebook]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\IncrediMail]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\MK2]
[HKCU\Software\Macromedia]
[HKCU\Software\Marseillesoft]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OceanMediaGames]
[HKCU\Software\Policies]
[HKCU\Software\QtProject]
[HKCU\Software\Research In Motion]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Teorex]
[HKCU\Software\Tific]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\Widcomm]
[HKCU\Software\WildTangent]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ej-technologies]
[HKCU\Software\mhk2]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Broadcom]
[HKLM\Software\CBSTEST]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\Dolby]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Widcomm]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Avira]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\EasyBits]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\Evernote]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IDT]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\Insyde]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Oracle]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Win32 Services]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node\X-AVCSD]
[HKLM\Software\Wow6432Node\anset]
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 300 Scanned in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 31/01/2014 - 19:58:33 - [] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 22/09/2014 - 17:41:08 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 06/08/2012 - 16:41:56 - [] ----D C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 01/11/2011 - 18:06:35 - [] ----D C:\Program Files (x86)\AMD
O43 - CFD: 01/11/2011 - 17:49:24 - [] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 22/12/2012 - 13:44:03 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 01/11/2011 - 17:49:09 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 06/11/2014 - 19:22:33 - [] ----D C:\Program Files (x86)\Avira
O43 - CFD: 03/07/2012 - 12:42:23 - [] ----D C:\Program Files (x86)\bfgclient
O43 - CFD: 22/12/2012 - 13:43:18 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 30/05/2014 - 18:13:42 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 09/12/2012 - 21:18:33 - [] ----D C:\Program Files (x86)\DirectVobSub
O43 - CFD: 09/12/2012 - 21:18:37 - [] ----D C:\Program Files (x86)\DivX
O43 - CFD: 09/12/2012 - 21:09:28 - [] ----D C:\Program Files (x86)\DSP-worx
O43 - CFD: 29/08/2011 - 17:12:26 - [] ----D C:\Program Files (x86)\Evernote
O43 - CFD: 09/12/2012 - 21:18:32 - [] ----D C:\Program Files (x86)\ffdshow
O43 - CFD: 13/11/2013 - 19:36:23 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 09/12/2012 - 21:09:28 - [] ----D C:\Program Files (x86)\Haali
O43 - CFD: 01/10/2013 - 19:39:22 - [] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 01/11/2011 - 18:01:22 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 02/08/2013 - 15:26:44 - [] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 17/11/2013 - 13:12:41 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/11/2014 - 21:32:58 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 22/12/2012 - 13:45:40 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 30/05/2014 - 18:12:50 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 09/12/2012 - 21:18:31 - [] ----D C:\Program Files (x86)\Lame For Audacity
O43 - CFD: 29/06/2014 - 13:36:40 - [] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 25/01/2014 - 20:37:02 - [] ----D C:\Program Files (x86)\Lookineo =>Toolbar.Lookineo
O43 - CFD: 09/12/2014 - 20:55:30 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 09/12/2012 - 11:13:13 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 17/09/2013 - 19:44:27 - [] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 16/11/2014 - 13:12:56 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 16/11/2014 - 13:13:17 - [] ----D C:\Program Files (x86)\Microsoft OneDrive
O43 - CFD: 28/07/2014 - 22:20:53 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 03/10/2013 - 18:49:02 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 09/07/2013 - 16:10:53 - [] ----D C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 16/11/2014 - 13:11:32 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 07/09/2013 - 10:37:01 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 18/08/2013 - 10:49:00 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 06:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 03/06/2014 - 09:34:55 - [] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 21/03/2012 - 13:54:20 - [] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 09/12/2012 - 21:09:24 - [] ----D C:\Program Files (x86)\OpenSource Flash Video Splitter
O43 - CFD: 04/09/2012 - 21:08:10 - [] ----D C:\Program Files (x86)\Oracle
O43 - CFD: 27/11/2012 - 11:20:48 - [] ----D C:\Program Files (x86)\Photo Story 3 for Windows
O43 - CFD: 01/04/2012 - 16:50:44 - [] ----D C:\Program Files (x86)\PlayerPlus
O43 - CFD: 01/10/2013 - 19:43:10 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 30/08/2012 - 18:03:46 - [0] ----D C:\Program Files (x86)\Research In Motion
O43 - CFD: 09/12/2012 - 21:18:34 - [0] ----D C:\Program Files (x86)\Ultimate Codecs
O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 01/04/2012 - 16:31:05 - [0] ----D C:\Program Files (x86)\Video Codec
O43 - CFD: 09/04/2012 - 20:17:01 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 15/07/2012 - 15:29:25 - [] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 07/09/2013 - 10:33:14 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 26/07/2013 - 12:36:46 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 27/05/2014 - 17:52:33 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 29/03/2012 - 22:14:36 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 20/05/2014 - 03:30:35 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 29/03/2012 - 22:14:36 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 04:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 29/03/2012 - 22:14:37 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 07/12/2014 - 16:25:16 - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 09/12/2012 - 21:18:38 - [] ----D C:\Program Files (x86)\Xvid
O43 - CFD: 09/12/2014 - 22:23:10 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 22/09/2014 - 17:44:32 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 09/04/2014 - 19:16:32 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 22/12/2012 - 13:45:11 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 01/11/2011 - 17:49:21 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 20/05/2014 - 15:52:32 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 09/12/2012 - 21:12:59 - [] ----D C:\Program Files (x86)\Common Files\DivX Shared
O43 - CFD: 29/08/2011 - 17:32:15 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 30/05/2014 - 18:13:42 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 16/11/2014 - 13:11:34 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 08/08/2012 - 21:03:29 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 29/03/2012 - 22:14:36 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 10/05/2012 - 19:30:15 - [] ----D C:\Program Files (x86)\Common Files\Telespree
O43 - CFD: 29/08/2011 - 17:23:27 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 06/08/2012 - 16:41:23 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 22/12/2012 - 13:45:41 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 19/11/2013 - 10:00:57 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 01/11/2011 - 17:48:27 - [] ----D C:\ProgramData\AMD
O43 - CFD: 22/12/2012 - 13:43:53 - [] ----D C:\ProgramData\Apple
O43 - CFD: 22/12/2012 - 13:45:11 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 01/11/2011 - 18:22:51 - [] ----D C:\ProgramData\ATI
O43 - CFD: 14/10/2014 - 15:35:16 - [] ----D C:\ProgramData\Avira
O43 - CFD: 03/07/2012 - 12:42:20 - [] ----D C:\ProgramData\Big Fish Games
O43 - CFD: 24/12/2012 - 18:09:18 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 21/03/2012 - 13:51:53 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 17/11/2013 - 13:11:09 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 11/05/2013 - 17:32:54 - [] ----D C:\ProgramData\DivoGames
O43 - CFD: 09/12/2012 - 21:18:37 - [] ----D C:\ProgramData\DivX
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 09/07/2013 - 16:17:45 - [] ----D C:\ProgramData\EA Core
O43 - CFD: 26/07/2013 - 14:56:39 - [] ----D C:\ProgramData\Easybits Magic Desktop for HP
O43 - CFD: 09/07/2013 - 16:16:17 - [] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 28/04/2013 - 19:02:45 - [] ----D C:\ProgramData\Elephant Games
O43 - CFD: 21/03/2012 - 13:51:53 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 16/09/2012 - 11:06:01 - [] ----D C:\ProgramData\Fenomen Games
O43 - CFD: 29/03/2012 - 16:57:54 - [] ----D C:\ProgramData\Flood Light Games
O43 - CFD: 11/05/2013 - 18:04:55 - [] ----D C:\ProgramData\Fugazo
O43 - CFD: 26/12/2012 - 20:07:10 - [] ----D C:\ProgramData\Green Clover Games
O43 - CFD: 11/05/2012 - 20:14:25 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 17/11/2013 - 13:06:38 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 09/12/2014 - 20:55:25 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 21/03/2012 - 13:51:53 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 16/11/2014 - 13:12:58 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14/11/2013 - 14:37:20 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 27/05/2014 - 17:46:43 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 21/03/2012 - 13:51:53 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 23/06/2012 - 11:45:34 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 11/05/2013 - 17:39:56 - [] ----D C:\ProgramData\MumboJumbo
O43 - CFD: 08/08/2012 - 21:14:23 - [] ----D C:\ProgramData\Norton
O43 - CFD: 01/11/2011 - 18:09:49 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 30/05/2014 - 18:13:48 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 24/02/2013 - 18:17:40 - [] ----D C:\ProgramData\OrganicCoffee
O43 - CFD: 18/08/2013 - 10:47:36 - [0] ----D C:\ProgramData\Origin
O43 - CFD: 06/11/2014 - 19:22:51 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 28/04/2013 - 18:10:44 - [] ----D C:\ProgramData\PlayFirst
O43 - CFD: 01/10/2012 - 20:31:23 - [] ----D C:\ProgramData\Playrix Entertainment
O43 - CFD: 16/11/2014 - 13:12:31 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 09/06/2012 - 11:03:44 - [] ----D C:\ProgramData\Sandlot Games
O43 - CFD: 01/01/2014 - 22:58:57 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 26/12/2012 - 19:55:38 - [] ----D C:\ProgramData\SugarGames
O43 - CFD: 29/08/2011 - 17:33:49 - [] ----D C:\ProgramData\Sun
O43 - CFD: 28/04/2014 - 19:40:33 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 16/09/2012 - 19:31:30 - [] ----D C:\ProgramData\Top Evidence
O43 - CFD: 08/07/2012 - 17:25:36 - [] ----D C:\ProgramData\Virtualized Applications
O43 - CFD: 07/07/2012 - 12:39:24 - [] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 09/06/2012 - 15:52:36 - [] ----D C:\ProgramData\Wild Tangent
O43 - CFD: 07/09/2013 - 10:33:13 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 03/05/2012 - 20:06:02 - [] ----D C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
O43 - CFD: 29/08/2011 - 17:35:04 - [] ----D C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
O43 - CFD: 31/01/2014 - 19:58:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 01/11/2011 - 18:01:17 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/07/2009 - 05:57:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 06/08/2012 - 16:41:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA
O43 - CFD: 01/11/2011 - 18:06:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
O43 - CFD: 01/11/2011 - 17:49:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
O43 - CFD: 06/11/2014 - 19:22:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
O43 - CFD: 09/12/2012 - 21:18:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub
O43 - CFD: 09/12/2012 - 21:13:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
O43 - CFD: 29/08/2011 - 17:12:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
O43 - CFD: 09/12/2012 - 21:18:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
O43 - CFD: 02/06/2014 - 18:14:31 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 02/06/2014 - 18:14:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 09/12/2012 - 21:09:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 10/05/2012 - 19:30:08 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 10/05/2012 - 19:30:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 22/09/2014 - 17:29:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint
O43 - CFD: 22/12/2012 - 13:45:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 30/05/2014 - 18:13:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 14/07/2009 - 05:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09/12/2014 - 20:55:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 08/12/2014 - 22:17:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 08/07/2012 - 17:25:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)
O43 - CFD: 28/07/2014 - 11:12:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 21/03/2012 - 13:54:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music and Media
O43 - CFD: 21/03/2012 - 13:54:20 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
O43 - CFD: 01/11/2011 - 17:59:20 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 29/08/2011 - 17:20:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theft Protection
O43 - CFD: 09/04/2012 - 20:17:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 27/05/2014 - 17:55:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 09/12/2012 - 21:18:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
O43 - CFD: 09/12/2014 - 22:23:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 03/02/2013 - 18:28:26 - [] ----D C:\Users\Amélie\AppData\Roaming\4 Friends Games
O43 - CFD: 29/09/2014 - 07:54:49 - [] ----D C:\Users\Amélie\AppData\Roaming\Adobe
O43 - CFD: 08/10/2012 - 18:11:51 - [] ----D C:\Users\Amélie\AppData\Roaming\AlawarEntertainment
O43 - CFD: 12/09/2012 - 09:31:52 - [] ----D C:\Users\Amélie\AppData\Roaming\aliasworlds
O43 - CFD: 27/08/2012 - 21:45:29 - [] ----D C:\Users\Amélie\AppData\Roaming\Amaranth Games
O43 - CFD: 22/12/2012 - 13:51:46 - [] ----D C:\Users\Amélie\AppData\Roaming\Apple Computer
O43 - CFD: 09/10/2012 - 17:57:04 - [] ----D C:\Users\Amélie\AppData\Roaming\Artogon
O43 - CFD: 21/03/2012 - 14:00:23 - [] ----D C:\Users\Amélie\AppData\Roaming\ATI
O43 - CFD: 09/05/2013 - 09:41:49 - [] ----D C:\Users\Amélie\AppData\Roaming\Avira
O43 - CFD: 26/12/2012 - 19:21:23 - [] ----D C:\Users\Amélie\AppData\Roaming\bfgallmygodsfr
O43 - CFD: 26/12/2012 - 14:09:23 - [] ----D C:\Users\Amélie\AppData\Roaming\Big Fish Games
O43 - CFD: 27/01/2013 - 20:22:07 - [] ----D C:\Users\Amélie\AppData\Roaming\BlamGames
O43 - CFD: 25/12/2012 - 16:34:44 - [] ----D C:\Users\Amélie\AppData\Roaming\Blue Tea Games
O43 - CFD: 28/01/2013 - 19:40:11 - [] ----D C:\Users\Amélie\AppData\Roaming\Boolat Games
O43 - CFD: 25/12/2012 - 18:34:04 - [] ----D C:\Users\Amélie\AppData\Roaming\Boomzap
O43 - CFD: 09/12/2012 - 21:09:28 - [] ----D C:\Users\Amélie\AppData\Roaming\CDXReader
O43 - CFD: 21/03/2012 - 14:00:57 - [] ----D C:\Users\Amélie\AppData\Roaming\CyberLink
O43 - CFD: 09/12/2012 - 21:13:21 - [] ----D C:\Users\Amélie\AppData\Roaming\DivX
O43 - CFD: 26/09/2014 - 22:54:34 - [] ----D C:\Users\Amélie\AppData\Roaming\dvdcss
O43 - CFD: 28/04/2013 - 19:02:45 - [] ----D C:\Users\Amélie\AppData\Roaming\Elephant Games
O43 - CFD: 15/07/2012 - 15:31:03 - [] ----D C:\Users\Amélie\AppData\Roaming\FamilyVacationCalifornia
O43 - CFD: 29/03/2012 - 16:57:54 - [] ----D C:\Users\Amélie\AppData\Roaming\Flood Light Games
O43 - CFD: 27/01/2013 - 20:31:57 - [] ----D C:\Users\Amélie\AppData\Roaming\Friday's games
O43 - CFD: 07/10/2012 - 20:37:30 - [] ----D C:\Users\Amélie\AppData\Roaming\Frogwares
O43 - CFD: 26/12/2012 - 20:07:10 - [] ----D C:\Users\Amélie\AppData\Roaming\Green Clover Games
O43 - CFD: 10/05/2012 - 19:28:50 - [] ----D C:\Users\Amélie\AppData\Roaming\Hewlett-Packard
O43 - CFD: 10/05/2012 - 19:30:53 - [] ----D C:\Users\Amélie\AppData\Roaming\hpqlog
O43 - CFD: 25/03/2012 - 17:07:52 - [] ----D C:\Users\Amélie\AppData\Roaming\HTML Executable
O43 - CFD: 21/03/2012 - 13:58:53 - [] ----D C:\Users\Amélie\AppData\Roaming\Identities
O43 - CFD: 30/12/2012 - 19:39:53 - [] ----D C:\Users\Amélie\AppData\Roaming\Jumb-O-Fun Games
O43 - CFD: 09/12/2012 - 21:18:32 - [] ----D C:\Users\Amélie\AppData\Roaming\LavFilters
O43 - CFD: 03/07/2012 - 12:43:14 - [] ----D C:\Users\Amélie\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2011 - 03:37:51 - [0] ----D C:\Users\Amélie\AppData\Roaming\Media Center Programs
O43 - CFD: 08/12/2014 - 22:25:48 - [] -S--D C:\Users\Amélie\AppData\Roaming\Microsoft
O43 - CFD: 23/06/2012 - 11:45:46 - [] ----D C:\Users\Amélie\AppData\Roaming\Mozilla
O43 - CFD: 02/10/2012 - 17:37:00 - [] ----D C:\Users\Amélie\AppData\Roaming\OpenOffice.org
O43 - CFD: 09/07/2013 - 16:16:37 - [] ----D C:\Users\Amélie\AppData\Roaming\Origin
O43 - CFD: 26/12/2012 - 15:39:44 - [] ----D C:\Users\Amélie\AppData\Roaming\Orneon
O43 - CFD: 26/12/2012 - 14:41:29 - [] ----D C:\Users\Amélie\AppData\Roaming\PeaceCraft3
O43 - CFD: 24/02/2013 - 17:58:33 - [] ----D C:\Users\Amélie\AppData\Roaming\perfect future studio
O43 - CFD: 28/04/2013 - 18:10:44 - [] ----D C:\Users\Amélie\AppData\Roaming\PlayFirst
O43 - CFD: 30/12/2012 - 17:01:55 - [] ----D C:\Users\Amélie\AppData\Roaming\Playrix Entertainment
O43 - CFD: 09/12/2012 - 19:21:44 - [] ----D C:\Users\Amélie\AppData\Roaming\QB9
O43 - CFD: 26/12/2012 - 19:55:09 - [] ----D C:\Users\Amélie\AppData\Roaming\Realore_Whiterra Roads Of Rome 3
O43 - CFD: 30/08/2012 - 17:46:25 - [] ----D C:\Users\Amélie\AppData\Roaming\Research In Motion
O43 - CFD: 06/08/2012 - 17:15:50 - [] R-H-D C:\Users\Amélie\AppData\Roaming\SecuROM
O43 - CFD: 01/01/2014 - 22:58:17 - [] ----D C:\Users\Amélie\AppData\Roaming\Skype
O43 - CFD: 05/10/2012 - 17:00:43 - [] ----D C:\Users\Amélie\AppData\Roaming\SMIGames
O43 - CFD: 09/12/2014 - 20:12:30 - [] ----D C:\Users\Amélie\AppData\Roaming\SoftGrid Client
O43 - CFD: 26/12/2012 - 11:32:06 - [] ----D C:\Users\Amélie\AppData\Roaming\SulusGames
O43 - CFD: 09/10/2012 - 18:06:59 - [] ----D C:\Users\Amélie\AppData\Roaming\Super-Cow
O43 - CFD: 21/03/2012 - 13:59:22 - [] ----D C:\Users\Amélie\AppData\Roaming\Synaptics
O43 - CFD: 19/05/2012 - 17:36:31 - [] ----D C:\Users\Amélie\AppData\Roaming\Tific
O43 - CFD: 16/09/2012 - 19:31:30 - [] ----D C:\Users\Amélie\AppData\Roaming\Top Evidence
O43 - CFD: 07/10/2012 - 12:58:18 - [0] ----D C:\Users\Amélie\AppData\Roaming\TP
O43 - CFD: 22/11/2012 - 21:54:29 - [] ----D C:\Users\Amélie\AppData\Roaming\Unity
O43 - CFD: 02/01/2013 - 19:06:24 - [] ----D C:\Users\Amélie\AppData\Roaming\VendelGAMES
O43 - CFD: 04/10/2014 - 09:31:33 - [] ----D C:\Users\Amélie\AppData\Roaming\vlc
O43 - CFD: 07/09/2013 - 10:33:12 - [] ----D C:\Users\Amélie\AppData\Roaming\WildTangent
O43 - CFD: 26/06/2012 - 21:09:04 - [] ----D C:\Users\Amélie\AppData\Roaming\WildTangentv1001
O43 - CFD: 21/03/2012 - 18:31:09 - [0] ----D C:\Users\Amélie\AppData\Roaming\Windows Live Writer
O43 - CFD: 07/12/2014 - 16:25:52 - [] ----D C:\Users\Amélie\AppData\Roaming\WinRAR
O43 - CFD: 09/12/2014 - 22:29:00 - [] ----D C:\Users\Amélie\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 05/01/2013 - 15:35:46 - [0] ----D C:\Users\Amélie\AppData\Roaming\_MDLogs
O43 - CFD: 08/07/2012 - 17:25:49 - [] ----D C:\Users\Amélie\AppData\Roaming\{90140011-0066-040C-0000-0000000FF1CE}
O43 - CFD: 24/09/2014 - 20:08:34 - [] ----D C:\Users\Amélie\AppData\Local\Adobe
O43 - CFD: 21/03/2012 - 14:00:32 - [] ----D C:\Users\Amélie\AppData\Local\AMD
O43 - CFD: 22/12/2012 - 13:44:05 - [] ----D C:\Users\Amélie\AppData\Local\Apple
O43 - CFD: 22/12/2012 - 13:45:50 - [] ----D C:\Users\Amélie\AppData\Local\Apple Computer
O43 - CFD: 21/03/2012 - 13:52:05 - [] -SH-D C:\Users\Amélie\AppData\Local\Application Data
O43 - CFD: 20/08/2012 - 19:51:30 - [] ----D C:\Users\Amélie\AppData\Local\Apps
O43 - CFD: 21/03/2012 - 14:00:23 - [] ----D C:\Users\Amélie\AppData\Local\ATI
O43 - CFD: 18/08/2013 - 10:44:06 - [] ----D C:\Users\Amélie\AppData\Local\avgchrome
O43 - CFD: 21/03/2012 - 13:59:35 - [] ----D C:\Users\Amélie\AppData\Local\Broadcom
O43 - CFD: 01/05/2014 - 12:44:12 - [] ----D C:\Users\Amélie\AppData\Local\com
O43 - CFD: 28/09/2014 - 17:22:32 - [] ----D C:\Users\Amélie\AppData\Local\CrashDumps
O43 - CFD: 21/03/2012 - 14:00:56 - [] ----D C:\Users\Amélie\AppData\Local\CyberLink
O43 - CFD: 30/09/2014 - 17:45:05 - [] ----D C:\Users\Amélie\AppData\Local\Diagnostics
O43 - CFD: 12/11/2014 - 12:57:45 - [] -SH-D C:\Users\Amélie\AppData\Local\EmieSiteList
O43 - CFD: 12/11/2014 - 12:57:45 - [] -SH-D C:\Users\Amélie\AppData\Local\EmieUserList
O43 - CFD: 07/09/2013 - 14:45:35 - [] ----D C:\Users\Amélie\AppData\Local\Facebook
O43 - CFD: 14/11/2013 - 14:36:52 - [] ----D C:\Users\Amélie\AppData\Local\Google
O43 - CFD: 21/03/2012 - 13:58:23 - [] ----D C:\Users\Amélie\AppData\Local\Hewlett-Packard
O43 - CFD: 21/03/2012 - 13:59:22 - [] ----D C:\Users\Amélie\AppData\Local\Hewlett-Packard_Company
O43 - CFD: 01/04/2012 - 11:06:38 - [] ----D C:\Users\Amélie\AppData\Local\Hewlett-Packard_Developme
O43 - CFD: 21/03/2012 - 13:52:05 - [] -SH-D C:\Users\Amélie\AppData\Local\Historique
O43 - CFD: 27/06/2012 - 10:30:36 - [] ----D C:\Users\Amélie\AppData\Local\Macromedia
O43 - CFD: 27/05/2014 - 17:46:43 - [] ----D C:\Users\Amélie\AppData\Local\Microsoft
O43 - CFD: 26/11/2012 - 14:15:49 - [] ----D C:\Users\Amélie\AppData\Local\Microsoft Games
O43 - CFD: 26/09/2012 - 10:01:19 - [0] ----D C:\Users\Amélie\AppData\Local\Microsoft Help
O43 - CFD: 23/06/2012 - 11:45:41 - [] ----D C:\Users\Amélie\AppData\Local\Mozilla
O43 - CFD: 05/12/2012 - 18:12:51 - [] ----D C:\Users\Amélie\AppData\Local\Programs
O43 - CFD: 21/03/2012 - 13:58:21 - [] ----D C:\Users\Amélie\AppData\Local\RemEngine
O43 - CFD: 08/07/2012 - 17:25:48 - [] ----D C:\Users\Amélie\AppData\Local\SoftGrid Client
O43 - CFD: 19/05/2012 - 17:36:22 - [] ----D C:\Users\Amélie\AppData\Local\Symantec
O43 - CFD: 02/07/2012 - 19:23:00 - [] ----D C:\Users\Amélie\AppData\Local\Tales of Lagoona
O43 - CFD: 09/12/2014 - 22:28:40 - [] ----D C:\Users\Amélie\AppData\Local\Temp
O43 - CFD: 21/03/2012 - 13:52:05 - [] -SH-D C:\Users\Amélie\AppData\Local\Temporary Internet Files
O43 - CFD: 22/11/2012 - 21:51:58 - [] ----D C:\Users\Amélie\AppData\Local\Unity
O43 - CFD: 27/11/2012 - 12:13:59 - [] ----D C:\Users\Amélie\AppData\Local\VirtualStore
O43 - CFD: 30/05/2014 - 15:45:37 - [] ----D C:\Users\Amélie\AppData\Local\Windows Live
O43 - CFD: 04/10/2012 - 17:26:23 - [] ----D C:\Users\Amélie\AppData\Local\Windows Live Writer
O43 - CFD: 14/07/2009 - 05:54:32 - [] R---D C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 18/08/2014 - 13:48:30 - [] R---D C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 08/07/2012 - 16:27:20 - [] ----D C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 09/12/2012 - 21:09:28 - [0] ----D C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 14/07/2009 - 05:49:38 - [] R---D C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/07/2012 - 13:24:12 - [] ----D C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
O43 - CFD: 01/04/2012 - 16:50:44 - [] ----D C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayerPlus
O43 - CFD: 18/08/2014 - 13:48:30 - [] R---D C:\Users\Amélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 283 Scanned in 00mn 01s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.CA43F8904E24BBE49982E4C0B29E6579] - 09/12/2014 - 20:55:25 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O44 - LFC:[MD5.478CC94C937D235CB0A96AB8F2359D81] - 09/12/2014 - 20:55:25 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]
O44 - LFC:[MD5.A646C2DDB8C46E9B20A326FAF566646C] - 09/12/2014 - 20:55:25 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704]
O44 - LFC:[MD5.DF817B14E7A0C5474C45873219A39B4E] - 09/12/2014 - 21:57:46 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1319294]
O44 - LFC:[MD5.1D9DDE638BC82E9BDB30BF4E3B664359] - 09/12/2014 - 21:58:35 ---A- . (...) -- C:\Windows\PFRO.log [1103946]
O44 - LFC:[MD5.2BDC2195C5EBD1255C4575A671C8BFA4] - 09/12/2014 - 21:58:40 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.E2E96DEB89E5A6DA5DDE69E4755284A4] - 09/12/2014 - 21:58:41 ---A- . (...) -- C:\Windows\setupact.log [147979]
O44 - LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] - 09/12/2014 - 22:02:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O44 - LFC:[MD5.96313E9BDCD9D056E1B44AB52AB0664D] - 09/12/2014 - 22:20:57 ---A- . (...) -- C:\sc-cleaner.txt [1802]
~ Files: 9 Scanned in 02mn 02s

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.EFFB716EAA8DF818665015B02FE68196] - 07/09/2013 - 12:04:07 ---A- - C:\Windows\Prefetch\PLUS-HD-3.6-CODEDOWNLOADER.EX-7B7A452E.pf =>Adware.PlusHD
~ Prefetcher: 1 Scanned in 00mn 00s

---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s

---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s

---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 18 Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1
~ MWPE Keys: 5 Scanned in 00mn 00s

---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:27/05/2011 - 10:20:12 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [43320]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:18/02/2010 - 09:18:24 ---A- . (.Advanced Micro Devices - AMD IO Driver.) -- C:\Windows\System32\Drivers\amdiox64.sys [46136]
O58 - SDL:30/08/2011 - 02:47:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:30/08/2011 - 02:47:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:15/04/2011 - 22:37:50 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amd_sata.sys [79488]
O58 - SDL:15/04/2011 - 22:37:50 ---A- . (.Advanced Micro Devices - Stor Filter Driver.) -- C:\Windows\System32\Drivers\amd_xata.sys [40064]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:17/11/2010 - 18:04:32 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\AtihdW76.sys [115216]
O58 - SDL:02/04/2011 - 11:42:30 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [9256960]
O58 - SDL:02/04/2011 - 08:16:22 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [300544]
O58 - SDL:14/10/2014 - 15:25:17 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys [119272] =>.Avira Operations GmbH
O58 - SDL:14/10/2014 - 15:25:18 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys [131608] =>.Avira Operations GmbH
O58 - SDL:30/11/2013 - 10:32:55 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys [28600] =>.Avira Operations GmbH
O58 - SDL:14/10/2014 - 15:25:18 ---A- . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\Drivers\avnetflt.sys [43064] =>.Avira Operations GmbH
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:01/11/2011 - 17:58:03 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL664.SYS [3065408]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:14/07/2010 - 15:25:38 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\System32\Drivers\btwampfl.sys [344616]
O58 - SDL:20/07/2010 - 22:26:42 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\Drivers\btwaudio.sys [102952]
O58 - SDL:20/07/2010 - 22:26:38 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\Drivers\btwavdt.sys [135720]
O58 - SDL:02/03/2010 - 23:37:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\Drivers\btwl2cap.sys [39464]
O58 - SDL:20/07/2010 - 22:26:34 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\Drivers\btwrchid.sys [21544]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:21/08/2012 - 13:01:20 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:27/05/2011 - 10:20:12 ---A- . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\Drivers\hpdskflt.sys [30008]
O58 - SDL:21/11/2010 - 04:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:30/08/2011 - 02:47:12 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:21/11/2014 - 06:14:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:21/11/2014 - 06:14:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]
O58 - SDL:09/12/2014 - 22:02:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:21/11/2014 - 06:14:22 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704]
O58 - SDL:26/03/2012 - 14:50:12 ---A- . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\Drivers\netaapl64.sys [22528]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:10/06/2009 - 21:35:35 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\System32\Drivers\nvm62x64.sys [408960]
O58 - SDL:30/08/2011 - 02:47:12 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:30/08/2011 - 02:47:12 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:09/01/2009 - 14:02:08 ---A- . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\Windows\System32\Drivers\RimSerial_AMD64.sys [31744]
O58 - SDL:14/05/2007 - 15:06:18 ---A- . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520]
O58 - SDL:17/02/2011 - 02:11:08 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [428136]
O58 - SDL:25/03/2011 - 01:20:36 ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7.) -- C:\Windows\System32\Drivers\RtsPStor.sys [337512]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:11/03/2011 - 11:23:16 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [521728]
O58 - SDL:17/12/2010 - 03:28:38 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [1403440]
O58 - SDL:28/09/2012 - 10:32:56 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [53760]
O58 - SDL:16/12/2010 - 09:06:46 ---A- . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\System32\Drivers\usbfilter.sys [47232]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:10/06/2009 - 22:01:11 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\System32\Drivers\VSTAZL6.SYS [292864]
O58 - SDL:10/06/2009 - 22:01:11 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\System32\Drivers\VSTCNXT6.SYS [740864]
O58 - SDL:10/06/2009 - 22:01:11 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\System32\Drivers\VSTDPV6.SYS [1485312]
~ Drivers: 77 Scanned in 00mn 03s

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 07/12/2014 - 22:32:44 ---A- . (...) -- C:\Users\Amélie\Downloads\wrar520fr.exe [1859216]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (...) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\CollectOneDriveLogs.bat [5843]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\ETWlog.dll [29352]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\FileSyncApi.dll [231080]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\RemoteAccess.dll [895656]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\amd64\FileSyncApi64.dll [278696]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\amd64\SkyDriveShell64.dll [260776]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\amd64\msvcp110.dll [661448]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\amd64\msvcr110.dll [828872]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\logging.dll [39080]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\msvcp110.dll [534480]
O61 - LFC: 08/12/2014 - 22:31:31 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\msvcr110.dll [862664]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\SkyDrive.LocalizedResources.dll [56992]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\SkyDrive.Resources.dll [2414752]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\SkyDriveClient.dll [1182376]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\SkyDriveConfig.exe [87200]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\SkyDriveSessions.dll [1755808]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\SkyDriveShell.dll [233128]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\SqmWrapper.dll [49832]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\SyncEngine.dll [2352808]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\Telemetry.dll [538280]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\VideoStreamingPlugin.dll [656552]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\WnsClientApi.dll [505512]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\sqmapi.dll [196416]
O61 - LFC: 08/12/2014 - 22:31:32 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714_4\wlmfds.dll [427176]
O61 - LFC: 08/12/2014 - 22:31:33 ---A- . (.Microsoft Corporation.) -- C:\Users\Amélie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040]
O61 - LFC: 08/12/2014 - 22:31:50 ---A- . (...) -- C:\Users\Amélie\AppData\Local\Temp\Quarantine.exe [601088]
O61 - LFC: 09/12/2014 - 22:32:08 ---A- . (...) -- C:\Users\Amélie\Downloads\adwcleaner_4.105.exe [2166272]
O61 - LFC: 09/12/2014 - 22:32:14 ---A- . (.Thisisu.) -- C:\Users\Amélie\Downloads\JRT.exe [1707646]
O61 - LFC: 09/12/2014 - 22:32:19 ---A- . (.Malwarebytes Corporation.) -- C:\Users\Amélie\Downloads\mbam-setup-2.0.4.1028.exe [20447072]
O61 - LFC: 09/12/2014 - 22:32:44 ---A- . (.Bleeping Computer, LLC.) -- C:\Users\Amélie\Downloads\sc-cleaner.exe [441592]
O61 - LFC: 09/12/2014 - 22:32:44 ---A- . (.Nicolas Coolman.) -- C:\Users\Amélie\Downloads\ZHPDiag2.exe [6866651] =>.Nicolas Coolman
~ 4705 Fichiers temporaires (Temporary files)
~ 3526 Fichiers cookies (Cookies files)
~ Files: 32 Scanned in 01mn 26s

---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 02/04/2011 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 14/10/2014 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 14/10/2014 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 30/11/2013 - C:\Windows\System32\DRIVERS\avkmgr.sys (avkmgr) .(.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - LEGACY_AVKMGR
O64 - Services: CurCS - 09/12/2014 - C:\Windows\system32\drivers\MBAMSwissArmy.sys (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSWISSARMY
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 81 Scanned in 00mn 00s

---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) -
O69 - SBI: SearchScopes [HKCU] {F317538D-7331-4A22-96F5-9DFB92659871} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr
~ Keys: Scanned in 00mn 00s

---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2477536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Services: 32 Scanned in 00mn 00s

---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0E095FF6E9326882A27C6A058DB501A4] [sPRF][16/11/2014] (.Microsoft Corporation - Microsoft Office Click-to-Run.) -- C:\Users\Amélie\Desktop\PowerPoint-2013-2013.exe.exe [800440]
[MD5.C56C161226FB742B56DA0810E4CADADC] [sPRF][24/08/2013] (.Pas de propriétaire - Webplayer install.) -- C:\Users\Amélie\Desktop\webplayer.exe [523920] =>Adware.SocialSkinz
~ Files: 2 Scanned in 00mn 00s

---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "4F521C74F4ADF0346BF246173F640FEC" . (.Boxore Client.) -- C:\Windows\Installer\{47C125F4-DA4F-430F-B62F-6471F346F0CE}\boxore.ico =>Adware.Boxore
O90 - PUC: "C6F6C1E1AF5516043A0AB5DD3E01AC72" . (.FrameFox Extensions 1.0.6.0.) -- C:\Windows\Installer\{1E1C6F6C-55FA-4061-A3A0-5BDDE310CA27}\FrameFox.ico =>PUP.FrameFox
~ Update Products: 2 Scanned in 00mn 00s

---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\1488fee.msi [45056] =>Adware.Boxore
[MD5.9419559E26D53CC34862DF9B558A2917] [WIS][30/10/2012] (.Babylon Ltd - Babylon Chrome Toolbar.) -- C:\Windows\Installer\22adfd4.msi [354816] =>PUP.Babylon
[MD5.F3AF62EAF2417B600EC13E32EACBE2BA] [WIS][19/11/2013] (.Kreapixel - Webplayer.) -- C:\Windows\Installer\86b0e.msi [21504] =>Adware.SocialSkinz
~ WIS: 3 Scanned in 00mn 07s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 09/12/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 10/07/1658 0 | (GamesAppService) . (...) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 17/11/2013 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/11/2013 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (HP Health Check Service) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SS - | Demand 14/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 08/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe
SR - | Auto 02/04/2011 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 01/04/2011 365568 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 25/11/2014 432888 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 25/11/2014 432888 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 22/10/2014 164656 | (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 29/07/2010 951584 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS
SR - | Auto 11/10/2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
SR - | Demand 23/05/2011 1098296 | (hpCMSrv) . (.Hewlett-Packard Development Company L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
SR - | Auto 01/09/2011 227896 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Demand 01/09/2011 991288 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 27/05/2011 30520 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 09/11/2010 26680 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 08/03/2011 2375168 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Demand 12/12/2012 641504 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 11/03/2011 297984 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 16s

---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Amélie at 09/12/2014 22:41:27
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s

---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Amélie at 09/12/2014 22:41:29
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s

---\\ Scan Additionnel (O88)
Database Version : 13026 - (09/12/2014)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 11

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{47C125F4-DA4F-430F-B62F-6471F346F0CE}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] =>PUP.Duuqu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1E1C6F6C-55FA-4061-A3A0-5BDDE310CA27}] =>PUP.FrameFox^
[HKCU\Software\DM] =>PUP.BearShare
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_53 =>PUP.AgenceExclusive^
C:\Users\Amélie\AppData\Roaming\Mozilla\Firefox\Profiles\EP: RegExtension {b5ad6039-a173-4149-9dcf-d04371526253} . (...) -- C:\extensions\Program Files (x86)\Lyrics_Monkey\131.xpi (.not file.) =>Adware.AddLyrics^
C:\Program Files (x86)\Lookineo =>Toolbar.Lookineo^
C:\Users\Amélie\Desktop\webplayer.exe =>Adware.SocialSkinz^
C:\Windows\Installer\1488fee.msi =>Adware.Boxore^
C:\Windows\Installer\22adfd4.msi =>PUP.Babylon^
C:\Windows\Installer\86b0e.msi =>Adware.SocialSkinz^
C:\Users\Amélie\AppData\Local\Temp\uninst1.exe =>PUP.Babylon
C:\Users\Amélie\AppData\Local\Temp\YontooIEClient.dll =>Adware.Yontoo
C:\Users\Amélie\AppData\Local\Temp\YontooLayers.pem =>Adware.Yontoo
C:\Users\Amélie\AppData\Local\Temp\datamngrUI.exe.27701861 =>Adware.Bandoo
~ Additionnel Scan: 373070 Items scanned in 01mn 25s

---\\ Informations complémentaires sur les modules
~
~
~
~ AMI: 3 Scanned in 00mn 00s

---\\ Récapitulatif des détections trouvées sur votre station

~ MSI: 12 link(s) detected in 00mn 00s

End of the scan (1418 lines in 15mn 01s)(0)

D.

Modifié le 9 décembre 2014 par Digger

pear · le 10 décembre 2014

1)Vous devez trouver les 2 icônes Zhpdiag, Zhpfix,
Sur le bureau ou sinon dans le dossier où vous avez installé Zhpdiag (Program files ->Zhpdiag ->Zhpfix)

Cliquer sur l'icône Zhpfix
Sous Vista et + clic-droit, "Exécuter En tant qu'Administrateur
Copiez/Collez les lignes vertes dans le cadre ci dessous:
pour cela;
Clic gauche maintenu enfoncé, Balayer l'ensemble du texte à copier avec la souris pour le mettre en surbrillance ,de gauche à droite et de haut en bas
Ctrl+c mettre le tout en mémoire
Cliquersur Importer
pour inscrire le texte dans la fenêtre vide qui s'ouvre

Script ZHPFix

M2 - MFEP: RegExtension {b5ad6039-a173-4149-9dcf-d04371526253} . (...) -- C:\Program Files (x86)\Lyrics_Monkey\131.xpi (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_53] C:\Program Files (x86)\tuto4pc_fr_53\tuto4pc_fr_53.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [softwareUpdateTaskMachineCore1cd48c6160dca29] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [softwareUpdateTaskMachineUA1cd48c616873057] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.) [0]
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {47C125F4-DA4F-430F-B62F-6471F346F0CE}
O42 - Logiciel: Duuqu Update Helper - (.Duuqu Group.) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: FrameFox Extensions 1.0.6.0 - (.QwertyBox Team.) [HKLM][64Bits] -- {1E1C6F6C-55FA-4061-A3A0-5BDDE310CA27}
[HKCU\Software\DM]
O43 - CFD: 01/05/2014 - 12:44:12 - [] ----D C:\Users\Amélie\AppData\Local\com
O45 - LFCP:[MD5.EFFB716EAA8DF818665015B02FE68196] - 07/09/2013 - 12:04:07 ---A- - C:\Windows\Prefetch\PLUS-HD-3.6-CODEDOWNLOADER.EX-7B7A452E.pf
[MD5.C56C161226FB742B56DA0810E4CADADC] [sPRF][24/08/2013] (.Pas de propriétaire - Webplayer install.) -- C:\Users\Amélie\Desktop\webplayer.exe [523920]
O90 - PUC: "4F521C74F4ADF0346BF246173F640FEC" . (.Boxore Client.) -- C:\Windows\Installer\{47C125F4-DA4F-430F-B62F-6471F346F0CE}\boxore.ico
O90 - PUC: "C6F6C1E1AF5516043A0AB5DD3E01AC72" . (.FrameFox Extensions 1.0.6.0.) -- C:\Windows\Installer\{1E1C6F6C-55FA-4061-A3A0-5BDDE310CA27}\FrameFox.ico
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\1488fee.msi [45056]
[MD5.9419559E26D53CC34862DF9B558A2917] [WIS][30/10/2012] (.Babylon Ltd - Babylon Chrome Toolbar.) -- C:\Windows\Installer\22adfd4.msi [354816]
[MD5.F3AF62EAF2417B600EC13E32EACBE2BA] [WIS][19/11/2013] (.Kreapixel - Webplayer.) -- C:\Windows\Installer\86b0e.msi [21504]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{47C125F4-DA4F-430F-B62F-6471F346F0CE}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1E1C6F6C-55FA-4061-A3A0-5BDDE310CA27}]
[HKCU\Software\DM]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_53
C:\Users\Amélie\AppData\Roaming\Mozilla\Firefox\Profiles\EP: RegExtension {b5ad6039-a173-4149-9dcf-d04371526253} . (...) -- C:\extensions\Program Files (x86)\Lyrics_Monkey\131.xpi (.not file.)
C:\Users\Amélie\Desktop\webplayer.exe
C:\Windows\Installer\1488fee.msi
C:\Windows\Installer\22adfd4.msi
C:\Windows\Installer\86b0e.msi
C:\Users\Amélie\AppData\Local\Temp\uninst1.exe
C:\Users\Amélie\AppData\Local\Temp\YontooIEClient.dll
C:\Users\Amélie\AppData\Local\Temp\YontooLayers.pem
C:\Users\Amélie\AppData\Local\Temp\datamngrUI.exe.27701861
C:\Users\Amélie\AppData\Roaming\Mozilla\Firefox\Profiles\X9DUmzCC.default\prefs.js (.not file.)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-1077468728-3723488142-706827812-1001Core] (...) -- C:\Users\Amélie\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-1077468728-3723488142-706827812-1001UA] (...) -- C:\Users\Amélie\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B66BC3E7-A06F-455B-BE45-6900405AE413}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe (.not file.) [0]
[HKCU\Software\IncrediMail]
[HKLM\Software\Wow6432Node\IncrediMail]
O43 - CFD: 24/12/2012 - 18:09:18 - [] ----D C:\ProgramData\boost_interprocess
O61 - LFC: 08/12/2014 - 22:31:50 ---A- . (...) -- C:\Users\Amélie\AppData\Local\Temp\Quarantine.exe [601088]
O43 - CFD: 25/01/2014 - 20:37:02 - [] ----D C:\Program Files (x86)\Lookineo
C:\Program Files (x86)\Lookineo

EmptyPrefetch
EmptyFlash
EmptyClsid
FirewallRaz
Ifeofix
Proxyfix
ShortcutFix
Sysrestore

Cliquer sur "Go" en bas, à gauche

Redémarrer pour achever le nettoyage.

Copier-coller,dans la réponse, le contenu du rapport ZHPFixReport.txt qui s'affiche .
Si besoin; il est enregistré sous C:\ZHP\ZHPFixReport.txt

2)Si besoin Mises à jour Java

JavaUpdate

Java peut mettre en péril la sécurité de votre ordinateur.
Il vous est fortement conseillé de le désactiver de vos navigateurs WEB, si vous en avez pas l'utilité.
Lorsqu'une application Java se présentera, un message d'avertissement vous demandera d'installer Java ou d'activer le plug-in.
Vous le désactiverez dès que vous aurez fini d'utiliser l'application écrite en Java.

Désactivez l'antivirus en cas de blocage .
Mise à Jour sécurisée de Flash par Pierre13

3)Il faut Réinitialiser votre Navigateur
en cliquant ici

Cela désinstallera plugins et extensions que vous pourrez réinstaller avec la prudence nécessaire

4)Télécharger SFTGC.exe
sur le Bureau, impérativement sous peine de risquer un plantage

Certains outils sont parfois detectés par votre Anti-virus ou votre Anti-Malware comme étant un "RiskTool", un virus ou un "Trojan", or ce n'est pas le cas.
Il peut donc être nécessaire de désactiver tous les programmes Antivirus, Antispyware, Pare-feu actifs car ils pourraient perturber le fonctionnement de la désinfection
Comment désactiver les protections résidentes
Bien évidemment, vous les rétablirez ensuite.

Sous XP, double cliquer sur le fichier.
Sous Vista/7/8, clic droit sur le fichier pour Exécuter en tant qu'administrateur.

Après l'initialisation, cliquer sur Go pour lancer le nettoyage.
Un rapport apparait sur le bureau
Les fichiers supprimés sont dans la corbeille.
Cela donne la possibilité de replacer les fichiers supprimés par erreur dans leur dossier original.
Il suffit de faire un clic droit sur le fichier concerné => Restaurer.
Pour les supprimer, clic droit sur la corbeille => Vider la corbeille.

Comment poster les rapports
Aller sur le site :Ci-Joint

Appuyer sur Parcourir et chercher les rapports sur le disque,
Cliquer sur Ouvrir
Cliquer sur Créer le lien CJoint,
>> dans la page suivante --> ,,
une adresse http//.. sera créée
Copier /coller cette adresse dans votre prochain message.

Noter que le copier/coller de l'adresse ne fonctionne pas sous Firefox.
Dans ce cas, clic droit sur l'URL et, dans le menu contextuel qui s'ouvre, choisir « Copier l'adresse du lien »

Digger · le 10 décembre 2014

Bonjour,

Les différents rapports:

SFTGC: http://cjoint.com/?3LkkEjFp75y

ZHPFix:

Rapport de ZHPFix 2014.10.24.12 par Nicolas Coolman, Update du 24/10/2014
Fichier d'export Registre :
Run by Amélie at 10/12/2014 09:55:30
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée (06mn 44s)
Dossier Prefetcher vidé
Réparation des raccourcis navigateur

========== Logiciels ==========
SUPPRIMÉ: Boxore Client
SUPPRIMÉ: Duuqu Update Helper
SUPPRIMÉ: FrameFox Extensions 1.0.6.0

========== Processus mémoire ==========
SUPPRIMÉ: Memory Process: C:\Users\Amélie\Desktop\webplayer.exe
SUPPRIMÉ: Memory Process: C:\Users\Amélie\AppData\Local\Temp\uninst1.exe
SUPPRIMÉ: Memory Process: C:\Users\Amélie\AppData\Local\Temp\datamngrUI.exe.27701861

========== Modules mémoire ==========
SUPPRIMÉ: Memory Module: C:\Users\Amélie\AppData\Local\Temp\YontooIEClient.dll

========== Clés du Registre ==========
SUPPRIMÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{47C125F4-DA4F-430F-B62F-6471F346F0CE}]
SUPPRIMÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
SUPPRIMÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E1C6F6C-55FA-4061-A3A0-5BDDE310CA27}]
SUPPRIMÉ: HKCU\Software\DM
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\4F521C74F4ADF0346BF246173F640FEC]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\4F521C74F4ADF0346BF246173F640FEC]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\C6F6C1E1AF5516043A0AB5DD3E01AC72]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\C6F6C1E1AF5516043A0AB5DD3E01AC72]
SUPPRIMÉ: HKCU\Software\IncrediMail
SUPPRIMÉ: HKLM\Software\Wow6432Node\IncrediMail
Branche de Base de Registres IFEO non infectée !

========== Valeurs du Registre ==========
SUPPRIMÉ: RegExtension: {b5ad6039-a173-4149-9dcf-d04371526253}
SUPPRIMÉ RunValue: tuto4pc_fr_53
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (Domain) : {08E50813-BC17-405A-89E6-271DBFF3AD9D}
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-In-TCP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-Out-TCP
SUPPRIMÉ: FirewallRaz (Private) : {5DA51B75-7807-4B2A-AF48-71BB54664B4F}
SUPPRIMÉ: FirewallRaz (Private) : {2A91724D-0DAA-4681-8393-ECC71B655370}
SUPPRIMÉ: FirewallRaz (Private) : {01183544-9C63-4F09-B919-FA9E154373B2}
SUPPRIMÉ: FirewallRaz (Private) : {6D4FB24D-5792-42EB-A106-1C952FABBADC}
SUPPRIMÉ: FirewallRaz (Private) : {267F414A-6C96-4089-9EB2-DE0C38F539BA}
SUPPRIMÉ: FirewallRaz (Private) : {A57BA59E-3CA2-4B9D-B56A-BB88EC90BE9F}
SUPPRIMÉ: FirewallRaz (Public) : {8301213E-1AEF-48D8-82A6-023420F27839}
SUPPRIMÉ: FirewallRaz (Public) : {DC4A6CD6-D15C-4D3A-AEBB-F355360A12D0}
SUPPRIMÉ: FirewallRaz (Public) : {3C4209DA-A47D-498B-AE13-CFF7095F9C98}
SUPPRIMÉ: FirewallRaz (Public) : {954A7791-7AB9-4E2D-992B-9860D5D1FF6A}
SUPPRIMÉ: FirewallRaz (None) : {C8BF692A-DBEB-4E91-B6FF-8C9A0F955BA7}
SUPPRIMÉ: FirewallRaz (Private) : {27285B69-3CC3-4558-8F57-7860EDB45D1E}
SUPPRIMÉ: FirewallRaz (Private) : {8CF8E7B7-6A29-4761-BA5B-EECBD04123FE}
SUPPRIMÉ: FirewallRaz (Public) : {997A06BF-E79D-4CB4-81ED-64E74E84F331}
SUPPRIMÉ: FirewallRaz (Public) : {371A88D8-EA1A-4E19-B21E-3BD8DCB91270}
SUPPRIMÉ: FirewallRaz (Public) : {BD9295F0-E0AE-42AB-8460-3D04DFF3E46F}
SUPPRIMÉ: FirewallRaz (Private) : TCP Query User{0DB0C0CB-E92F-41E0-9F59-9A991E04F11B}C:\users\amélie\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIMÉ: FirewallRaz (Private) : UDP Query User{0E357C1E-05BF-4BA3-86EE-A128A08CDD9D}C:\users\amélie\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{174094EF-9123-4D57-81AE-BBB1808A6076}C:\users\amélie\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{CC75227E-61A1-46BC-B6FA-BB179F29EEA9}C:\users\amélie\appdata\roaming\cacaoweb\cacaoweb.exe
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
SUPPRIMÉ: R1 Search Page = about:blank

========== Dossiers ==========
Aucun dossiers CLSID Local utilisateur vide

========== Fichiers ==========
SUPPRIMÉ: c:\windows\prefetch\plus-hd-3.6-codedownloader.ex-7b7a452e.pf
SUPPRIMÉ: C:\Windows\Installer\1488fee.msi
SUPPRIMÉ: C:\Windows\Installer\22adfd4.msi
SUPPRIMÉ: C:\Windows\Installer\86b0e.msi
SUPPRIMÉ: C:\Users\Amélie\AppData\Local\Temp\YontooLayers.pem
SUPPRIMÉ: c:\users\amélie\appdata\local\temp\quarantine.exe
SUPPRIMÉS Flash Cookies (0) (0 octets)

========== Tache planifiée ==========
SUPPRIMÉ: SoftwareUpdateTaskMachineCore1cd48c6160dca29
SUPPRIMÉ: SoftwareUpdateTaskMachineCore1cd48c6160dca29
SUPPRIMÉ: SoftwareUpdateTaskMachineUA1cd48c616873057
SUPPRIMÉ: FacebookUpdateTaskUserS-1-5-21-1077468728-3723488142-706827812-1001Core
SUPPRIMÉ: FacebookUpdateTaskUserS-1-5-21-1077468728-3723488142-706827812-1001UA
SUPPRIMÉ: {B66BC3E7-A06F-455B-BE45-6900405AE413}

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Récapitulatif ==========
3 : Processus mémoire
1 : Modules mémoire
11 : Clés du Registre
37 : Valeurs du Registre
2 : Eléments de donnée du Registre
1 : Dossiers
7 : Fichiers
3 : Logiciels
6 : Tache planifiée
1 : Restauration Système

End of clean in 09mn 44s

========== Chemin de fichier rapport ==========
C:\Users\Amélie\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/12/2014 10:02:15 [5861]

Merci

A tout à l'heure.

D.

pear · le 10 décembre 2014

Ca me semble propre.

Si ce n'est déjà fait:
Il faut Réinitialiser votre Navigateur
en cliquant ici

Cela désinstallera plugins et extensions que vous pourrez réinstaller avec la prudence nécessaire

A)Pubs intempestives ?
Un PUP (Potentially Unwanted Programs) est un programme indésirable.
Le but est de gagner de l'argent à chaque installation réussie.
Le PuP s'installe généralement à votre insu via le téléchargement de logiciels gratuits.
Il se propage via les sites 01net, CNET, BrotherSoft ou Softonic et maintenant Clubic
par exemple: 01NetToolbar,Conduit, Babylone,Delta Search ,LavasoftSecureSearch, Wajam Kiwee etc..
C'est ainsi que depuis quelque temp des téléchargements de logiciels sont repackés pour y ajouter des programmes parasites qui sont d'ailleurs précochés.
Alors .ATTENTION

Les mises à jour Flash et Java sont à éviter lorsqu’elles sont proposées par un site WEB (Surtout si celui-ci prétend qu’il faut les faire pour visualiser ses vidéos: c'est à coup sûr une arnaque).
Il faut faire les mises à jour depuis les sites officiels :

Flash : http://get.adobe.com/fr/flashplayer/ (penser à décocher McAfee Security Scan qui ne sert strictement à rien).
Java : http://www.java.com/fr/download/ (mais il est conseillé de le désactiver) Pourquoi et comment Désactiver Java

Pour vous éviter cela ou, au moins ,limiter ce genre de problèmes:

Cliquez sur le lien suivant Comment se protéger des Pups Indésirables
Eviter un navigateur propriétaire, pour des raisons de fiabilité, de sécurité
et surtout empècher qu'il transmette des données que vous utilisez ou visualisez : c’est le cas de Chrome avec Google.
Il est donc fortement recommandé d’utiliser plutot Firefox

Si ce n'est déjà fait,installez ces extensions

pour Firefox:
Adblock
Ghostery
Noscript

et ,si vous utilisez Chrome:
Adblock pour Chrome
Ghostery pour Chrome
Noscript pour Chrome
Blockulicious pour Chrome

Pour les perfectionnistes, Malwarebytes Antiexploit

B)Ce logiciel va désinstaller les outils utilisés pour la désinfection

Télécharger DelFix de Xplode

Lancez-le.

Cochez [suppression des outils]
et Cliquez [Exécuter]

C)Si vous pensez que votre problème a trouvé une solution, et afin que ceux qui la cherchent en profitent,
éditez votre premier message (Edition complète)et, dans le titre, inscrivez Résolu.

[1] En bas de votre premier message, cliquer sur Modifier
[2] En bas de l'éditeur qui s'ouvre, cliquer sur Utiliser l'éditeur complet
[3] En haut de l'éditeur complet, ajouter Résolu au début du titre de votre sujet.
[4] Enregistrer les modifications

Digger · le 10 décembre 2014

GRANDS mercis;

Bonne fin de journée.

D.

Connexion

Pas encore inscrit ?

[Résolu] Disparition du bureau

Messages recommandés

Digger

Lien vers le commentaire

Partager sur d’autres sites

pear

Lien vers le commentaire

Partager sur d’autres sites

Digger

Lien vers le commentaire

Partager sur d’autres sites

pear

Lien vers le commentaire

Partager sur d’autres sites

Digger

Lien vers le commentaire

Partager sur d’autres sites

pear

Lien vers le commentaire

Partager sur d’autres sites

Digger

Lien vers le commentaire

Partager sur d’autres sites

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer