Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Mises à jour Windows Update impossibles

joel62

Par joel62
dans Mises à jour utilitaires

 Partager

Messages recommandés

joel62 Member

joel62

Posté(e)
Posté(e)

Bonjour

Comme l'indique le titre impossible d'effectuer les MAJ de Windows, j'ai utilisé l'outil réparation des problèmes pour Windows uptate, il a détecté l'erreur 0x80073712 et la corrigé mais le problème reste là, quand je renouvelle l'opération il détecte et répare mais sans résultat.

J'ai tenté l'invite de commande comme indiqué dans la page d'aide, en tant qu'administrateur en entrant ce texte .DISM.exe/online/cleanup-image/scanhealth puis DISM.exe/online/clanup-image/restorehealth en copier coller, en faisant entrer entre chaque phrase, impossible d'écrire la deuxième.

Enfon j'ai voulu faire une restauration à partir d'un point de sauvegarde à une date où tout était bien la restauration échoue.

je suis sous Windows 8.1

Merci pour votre aide.

tomtom95 Devil Member !

tomtom95

Posté(e)
Posté(e)

Bonjour joel62,

Avant d'essayer de réparer Windows uptate.

  • vous allez faire un diagnostic de votre ordinateur
  • Télécharger ZHPDiag sur votre bureau :
  • Laissez-vous guider lors de l'installation.
  • Cliquer sur l'icôneZHPDiag présent sur votre bureau
    Sous Windows Vista / 7 / 8 (clique-droit > exécuter en tant qu'administrateur
    Dans l'interface de l'outil
  • Cliquez sur COMPLET.

    140607053606827298.png

    Patientez le temps du scan.
  • Hébergez le rapport ZHPDiag.txt présent sur votre bureau sur le site http://www.cjoint.com
    Appuyez sur Parcourir et chercher les rapports sur le bureau
  • Cliquez sur Ouvrir
  • Cliquez sur Créer le lien CJoint,
    Puis copier/coller le lien fourni dans votre prochaine réponse.

 

joel62 Member

joel62

Posté(e)
  • Auteur
Posté(e)

Bonjour

Je n'arrive pas a faire le copier coller du lien c joint, quand je clique droit dans la fenêtre répondre, coller n'est pas actif, j'avais déjà eu ce problème , mais je ne trouve plus comment procéder.

Merci d'aider le nul

Invité Notpa

Invité Notpa

Posté(e)
Posté(e)

Bonsoir Joel,

 

Pour coller un lien dans un post sur Zébulon, lorsque tu es dans la fenêtre "Répondre..", cliques sur l'icône ci-dessous :

 

txsv.jpg

Tu pourras copier le lien de Cjoint (récupérer l'URL (adresse) dans Cjoint avec un clic droit puis Copier l'adresse du lien.

 

Cordialement

 

Notpa

joel62 Member

joel62

Posté(e)
  • Auteur
Posté(e)

Merci à vous deux pour cette aide, j'avais également fait une analyse avec MB tout était bien.
Bon courage pour ce rapport.


╗┐~ Rapport de ZHPDiag v2015.2.19.22 - Nicolas Coolman (19/02/2015)
~ Lancé par joel (21/02/2015 15:53:29)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version ├¦ jour.
~ Liste blanche : Désactivée par l'utilisateur
~ El├⌐vation des Privil├Îges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17498 (Defaut)
GCIE: Google Chrome v40.0.2214.115

---\\ Informations sur les produits Windows
~ Langage: Fran├¯ais
Windows Server License Manager Script : OK
~ Windows® Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : KKT7T
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)

---\\ Logiciels de protection du syst├Îme
Avast Free Antivirus v10.0.2208
Malwarebytes Anti-Malware version 2.0.4.1028
Windows Defender W8 (Deactivate)

---\\ Logiciels d'optimisation du syst├Îme

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Reader XI

---\\ Informations sur le syst├Îme
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3988 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 597 GB (88%) free of 674 GB

---\\ Mode de connexion au syst├Îme
~ Computer Name: JOELNICOLE
~ User Name: joel
~ All Users Names: valen_000, joel, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\joel\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\joel\AppData\Roaming\
~ %Desktop% : C:\Users\joel\Desktop\
~ %Favorites% : C:\Users\joel\Favorites\
~ %LocalAppData% : C:\Users\joel\AppData\Local\
~ %StartMenu% : C:\Users\joel\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 597 Go of 674 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 23 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 44 Scanned in 00mn 00s



---\\ Recherche particuli├Îre de fichiers g├⌐n├⌐riques
[MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] - (.Microsoft Corporation - Explorateur Windows.) (.23/08/2014 - 08:48:28.) -- C:\Windows\Explorer.exe [2374784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/11/2014 - 02:28:21.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application dΓÇÔouverture de session Windows.) (.24/09/2014 - 16:34:56.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioth├Îque de licences.) (.24/09/2014 - 16:34:58.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.24/09/2014 - 17:48:38.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.24/09/2014 - 17:03:07.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/09/2014 - 16:44:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.24/09/2014 - 16:35:02.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30/04/2014 - 07:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - Pilote du syst├Îme de fichiers NT.) (.24/09/2014 - 16:44:43.) -- C:\Windows\system32\Drivers\ntfs.sys [2009920]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parall├Île.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.24/09/2014 - 16:03:44.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.24/09/2014 - 16:44:42.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/6223
~ Mes musiques (My Musics) : 4/374
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/68
~ Mes Documents (My Documents) : 2/2174
~ Mon Bureau (My Desktop) : 2/20
~ Menu demarrer (Programs) : 1/50
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.434FEE6FF661DCABADB69E55E0747494] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1344312] [PID.2940]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.10852]
[MD5.4E9AF25BA5E8219310E384AEA5B0EED8] - (.CyberLink - CyberLink MediaLibrary Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576] [PID.8972]
[MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [5227112] [PID.10280]
[MD5.5F1B1148C830C0F149A476A58CE0D09D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [815248] [PID.7648]
[MD5.3A482BF9D10776B2EB0A52C9C87158E0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8176128] [PID.8256]
[MD5.6B8AF3A2A3D9059008B55C444461CA00] - (.Frank Heyne Software - LADS.) -- C:\Program Files (x86)\ZHPDiag\Lads.exe [61952] [PID.4752]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\joel\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\joel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [Google Voice Search Hotword (Beta)]
G2 - EXT: C:\Users\joel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [Avast Online Security]
G2 - EXT: C:\Users\joel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\joel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [__MSG_name__]
~ Google Lines Browser: 8 Scanned in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
~ Firefox Browser: 1 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 16 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier h├┤te est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
~ BHO: 8 Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Photos Snapfish.lnk . (...) -- C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe
~ Global Startup: 1 Scanned in 00mn 00s



---\\ Applications lanc├⌐es au d├⌐marrage du syst├Îme (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [simplePass] . (.Hewlett-Packard - HP SimplePass Application.) -- C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
O4 - HKLM\..\Run: [OPBHOBroker] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
O4 - HKLM\..\Run: [OPBHOBrokerDesktop] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [HPMessageService] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKUS\S-1-5-21-1074294445-2638620405-1164550965-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim dΓÇÔaffectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur dΓÇÔespace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur dΓÇÔespace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E444F98F-6371-424B-A879-D7CB67D1C4A7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E444F98F-6371-424B-A879-D7CB67D1C4A7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
O23 - Service: oem10.inf (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP WMI Service.) - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe
O23 - Service: Intel® Capability Licensing Service Interface (Intel® Capability Licensing Service Interface) . (.Intel® Corporation - Intel® Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service (Intel® ME Service) . (.Intel Corporation - Intel® ME Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel® Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel® Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel® Local Management Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Nero Update (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: HP SimplePass Service (omniserv) . (.Softex Inc. - HP SimplePass Service.) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
~ Services: 19 Scanned in 00mn 08s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enum├Îre les donn├⌐es de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152]
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.805210C8DB11D5799E7172923959BF98] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5489944]
[MD5.4E9AF25BA5E8219310E384AEA5B0EED8] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576]
[MD5.227E138E4A6D8D3A1CC9C3EA0D1874A5] [APT] [CLVDLauncher] (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912]
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForjoel] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704]
[MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForvalen_000] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704]
[MD5.326EB3E5C1FFA9A97736FC697CDBEA08] [APT] [joel 12 0] (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe [2278224]
[MD5.326EB3E5C1FFA9A97736FC697CDBEA08] [APT] [joel1 12 0] (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe [2278224]
[MD5.326EB3E5C1FFA9A97736FC697CDBEA08] [APT] [joel2 12 0] (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe [2278224]
[MD5.B7F55E2AE978D3D34F7876EE5D689AAE] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488]
[MD5.00000000000000000000000000000000] [APT] [Norton WSC Integration] (...) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe (.not file.) [0]
[MD5.434FEE6FF661DCABADB69E55E0747494] [APT] [HP CoolSense Start at Logon] (.Hewlett-Packard Development Company, L.P..) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1344312]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.3E53CC4591B043C8D42FB3D771D55FCE] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542008]
[MD5.16F1F09240540D9409DA192839C9D786] [APT] [update Check] (.Hewlett-Packard Company.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584]
[MD5.09AD7F9C683A443F35D13A7DEA4B2D6B] [APT] [WarrantyChecker] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [974648]
[MD5.09AD7F9C683A443F35D13A7DEA4B2D6B] [APT] [WarrantyChecker_DeviceScan] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [974648]
[MD5.CC699FC55AB0FBD5A0CE5CC758B9CE7D] [APT] [Nero Info] (.Nero AG.) -- C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [3227984]
[MD5.00000000000000000000000000000000] [APT] [Norton Error Analyzer] (...) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Norton Error Processor] (...) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe (.not file.) [0]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1094]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1094]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1098]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1098]
O39 - APT: HPCeeScheduleForjoel - (.Hewlett-Packard.) -- C:\Windows\Tasks\HPCeeScheduleForjoel.job [350]
O39 - APT: HPCeeScheduleForjoel - (.Hewlett-Packard.) -- C:\Windows\System32\Tasks\HPCeeScheduleForjoel [350]
O39 - APT: HPCeeScheduleForvalen_000 - (.Hewlett-Packard.) -- C:\Windows\Tasks\HPCeeScheduleForvalen_000.job [370]
O39 - APT: HPCeeScheduleForvalen_000 - (.Hewlett-Packard.) -- C:\Windows\System32\Tasks\HPCeeScheduleForvalen_000 [370]
O39 - APT: - (..) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264]
~ Scheduled Task: 60 Scanned in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lanc├⌐s au d├⌐marrage du syst├Îme (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: (CLVirtualDrive) . (.CyberLink - It is a virtual device driver which could c.) - C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-syst├Îme de mise en m├⌐moire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 42 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.22 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0922-000001000000}
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {EA5160BE-7558-2716-01DB-FFE7F316957A}
O42 - Logiciel: Adobe Reader XI (11.0.10) - Fran├¯ais - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {28129194-A7E2-46BC-88EA-2D1EE48663F3}
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {AF312B06-5C5C-468E-89B3-BE6DE2645722}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Cyberlink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}
O42 - Logiciel: Cyberlink PhotoDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {39337565-330E-4ab6-A9AE-AC81E0720B10}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Energy Star - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP 3D DriveGuard - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {F9E399CB-046F-45FD-A67F-CF399E2128E4}
O42 - Logiciel: HP Connected Music (Meridian - installer) - (.Meridian Audio Ltd.) [HKLM][64Bits] -- StartHPConnectedMusic
O42 - Logiciel: HP Connected Music (Meridian - player) - (.Meridian Audio Ltd.) [HKCU][64Bits] -- HPConnectedMusic
O42 - Logiciel: HP CoolSense - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {B41C6B3F-F752-46EA-BC46-F26D3AD147B8}
O42 - Logiciel: HP Postscript Converter - (.Hewlett-Packard.) [HKLM][64Bits] -- {6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
O42 - Logiciel: HP Quick Start - (.Hewlett-Packard.) [HKLM][64Bits] -- {B9494F9E-5EA9-4C70-9F38-659F5E6C0BF3}
O42 - Logiciel: HP Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {1AE37508-089E-41AC-95BD-99FF06887C2F}
O42 - Logiciel: HP Registration Service - (.Hewlett-Packard.) [HKLM][64Bits] -- {D1E8F2D7-7794-4245-B286-87ED86C1893C}
O42 - Logiciel: HP SimplePass - (.Hewlett-Packard.) [HKLM][64Bits] -- InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}
O42 - Logiciel: HP SimplePass - (.Hewlett-Packard.) [HKLM][64Bits] -- {314FAD12-F785-4471-BCE8-AB506642B9A1}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} =>.Hewlett-Packard Co
O42 - Logiciel: HP System Event Utility - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {DEF23826-DB71-4654-BC00-D5D6C20802EA}
O42 - Logiciel: HP Utility Center - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {73237EBB-B26F-4628-8754-4EFE563D72E9}
O42 - Logiciel: HP Wireless Button Driver - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {30B2D1D8-0A07-4B71-9553-0710C5D31E35}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: Inst5675 - (.Softex Inc..) [HKLM][64Bits] -- {2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}
O42 - Logiciel: Inst5676 - (.Softex Inc..) [HKLM][64Bits] -- {878F6913-7421-4713-97F7-0A736EE2A188}
O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel® Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {E5FAF48A-145F-4B33-A062-DCFAAFAE5D41}
O42 - Logiciel: Intel® SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6}
O42 - Logiciel: Java 7 Update 60 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217060FF}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation
O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}
O42 - Logiciel: Nero BackItUp 12 Essentials - (.Nero AG.) [HKLM][64Bits] -- {A4C430F5-5828-4645-91CF-13220EE609D2}
O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}
O42 - Logiciel: Nero Backup Drivers - (.Nero AG.) [HKLM][64Bits] -- {D600D357-5CB9-4DE9-8FD4-14E208BD1970}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Info - (.Nero AG.) [HKLM][64Bits] -- {B791E0AB-87A9-41A4-8D98-D13C2E37D928}
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
O42 - Logiciel: Nero Prerequisite Installer 2.0 - (.Nero AG.) [HKLM][64Bits] -- {0DBC021C-95D9-435A-A4B0-E6515AFD1A71}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {B953732D-B623-4E84-B369-CFFF7B1AE06F}
O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: OEM Application Profile - (.Nom de votre société.) [HKLM][64Bits] -- {C89A97B6-F991-EBB5-77B7-927BCF420EBE}
O42 - Logiciel: OpenOffice 4.1.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {121727D5-FDF3-4723-BA57-EB383440ED72}
O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU][64Bits] -- PhotoFiltre 7
O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {A5107464-AA9B-4177-8129-5FF2F42DD322}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {BCDA54F6-C4B6-4519-A09E-FA064A6B4098}
O42 - Logiciel: SFR - Media Center - (.SFR.) [HKLM][64Bits] -- SFR_Media Center
O42 - Logiciel: SFR - Mediacenter Evolution - (.SFR.) [HKLM][64Bits] -- SFR_Mediacenter Evolution
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {7A2BB1C8-903D-4585-9F3B-CADD67D07D37}
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {BB05590A-6602-43F3-A400-77EA0976BC0A}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 45 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Audacity]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CodeGear]
[HKCU\Software\CyberLink]
[HKCU\Software\FunPause]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Softex]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\7-Zip]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\FunPause]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Softex]
[HKLM\Software\Synaptics]
[HKLM\Software\Volatile]
[HKLM\Software\Wow6432Node\APPC]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Auchan]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\FunPause]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\Insyde]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\LogMeInRescueCallingCard]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Neuf]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OpenOffice]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RtWLan]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\SymNRT]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\optimidata]
[HKLM\Software\Wow6432Node]
~ Key Software: 243 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/11/2013 - 12:36:06 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/06/2013 - 07:20:53 - [] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 25/06/2013 - 07:20:52 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 25/06/2013 - 07:27:58 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 24/10/2014 - 16:29:08 - [] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 22/10/2014 - 13:54:08 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 27/05/2014 - 16:26:20 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 18/06/2014 - 09:46:43 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 21/06/2014 - 21:14:37 - [] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 23/03/2013 - 14:49:29 - [] ----D C:\Program Files (x86)\HPConnectedMusic
O43 - CFD: 16/03/2014 - 14:19:29 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 22/10/2014 - 13:54:08 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 19/02/2015 - 20:58:44 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 19/04/2014 - 12:42:59 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 06/01/2015 - 14:29:06 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 27/10/2013 - 10:00:27 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 06/08/2014 - 08:41:15 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 23/03/2013 - 14:45:36 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 27/10/2013 - 10:33:57 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 26/10/2013 - 17:39:42 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 22/10/2014 - 14:28:11 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 25/10/2013 - 11:13:31 - [] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 03/01/2014 - 15:26:29 - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 24/10/2013 - 15:42:43 - [] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 30/09/2014 - 13:33:23 - [] ----D C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 24/10/2013 - 16:01:07 - [] ----D C:\Program Files (x86)\PhotoFiltre 7
O43 - CFD: 24/10/2014 - 16:28:48 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 22/10/2014 - 14:28:11 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 17/02/2015 - 17:53:06 - [] ----D C:\Program Files (x86)\SFR
O43 - CFD: 25/06/2013 - 07:55:07 - [] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 03/11/2013 - 19:10:55 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 03/01/2015 - 16:07:45 - [] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 08/11/2013 - 13:14:30 - [] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 19/02/2015 - 20:56:45 - [] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 19/02/2015 - 20:56:46 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 12/11/2014 - 14:52:40 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 27/10/2013 - 10:33:48 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 19/02/2015 - 20:58:36 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 22/10/2014 - 13:54:13 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 24/09/2014 - 19:10:22 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 24/09/2014 - 15:41:38 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 24/09/2014 - 19:10:22 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 22/10/2014 - 13:54:13 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 21/02/2015 - 15:46:55 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 14/11/2013 - 12:36:10 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 19/01/2014 - 13:45:56 - [] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 22/10/2014 - 13:41:58 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 22/10/2014 - 13:40:31 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 25/06/2013 - 07:22:31 - [] ----D C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 03/03/2014 - 14:13:39 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 22/10/2014 - 13:54:07 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 03/01/2014 - 15:21:54 - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 25/06/2013 - 07:52:46 - [] ----D C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 25/06/2013 - 07:22:22 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 19/02/2015 - 20:58:36 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 19/02/2015 - 20:58:36 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 23/03/2013 - 14:45:14 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 17/11/2013 - 13:56:32 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 25/06/2013 - 07:27:57 - [] ----D C:\ProgramData\Apple
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 25/06/2013 - 08:06:07 - [] ----D C:\ProgramData\ATI
O43 - CFD: 23/12/2013 - 18:36:50 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 19/10/2014 - 14:09:26 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 24/10/2013 - 15:32:23 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 03/01/2014 - 15:16:43 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 02/06/2014 - 16:43:32 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 16/03/2014 - 14:16:16 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 10/11/2013 - 11:31:06 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 25/06/2013 - 07:23:48 - [] ----D C:\ProgramData\Intel
O43 - CFD: 17/06/2014 - 13:06:57 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 24/10/2013 - 15:32:23 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 19/02/2015 - 20:06:46 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 23/03/2013 - 14:45:23 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 24/10/2013 - 15:32:23 - [] -SH-D C:\ProgramData\Mod├Îles
O43 - CFD: 02/01/2014 - 18:52:45 - [] ----D C:\ProgramData\Nero
O43 - CFD: 23/12/2013 - 18:28:58 - [] ----D C:\ProgramData\Norton
O43 - CFD: 23/12/2013 - 18:27:14 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 19/04/2014 - 12:43:28 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 22/10/2014 - 13:54:19 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 24/09/2014 - 16:03:54 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 03/03/2014 - 14:13:44 - [] ----D C:\ProgramData\Sun
O43 - CFD: 25/06/2013 - 07:31:26 - [] ----D C:\ProgramData\Synaptics
O43 - CFD: 25/06/2013 - 07:51:40 - [] ----D C:\ProgramData\Temp
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 08/11/2013 - 13:15:57 - [] ----D C:\ProgramData\TomTom
O43 - CFD: 19/02/2015 - 20:56:56 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 16/03/2014 - 14:17:20 - [] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 22/10/2014 - 13:58:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 19/02/2015 - 20:58:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 19/02/2015 - 20:58:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 19/02/2015 - 20:58:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 22/10/2014 - 13:58:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
O43 - CFD: 19/02/2015 - 20:58:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 22/10/2014 - 13:58:48 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
O43 - CFD: 24/09/2014 - 19:10:43 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
O43 - CFD: 19/02/2015 - 20:58:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 22/10/2014 - 13:58:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 22/10/2014 - 13:58:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 22/10/2014 - 13:58:48 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 06/01/2015 - 14:29:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 22/10/2014 - 13:58:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 22/10/2014 - 13:58:48 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 22/10/2014 - 13:58:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 22/10/2014 - 13:58:48 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
O43 - CFD: 22/10/2014 - 13:58:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 22/10/2014 - 13:58:48 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
O43 - CFD: 22/10/2014 - 13:54:17 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
O43 - CFD: 22/10/2014 - 13:54:17 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
O43 - CFD: 22/08/2013 - 16:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 19/02/2015 - 20:58:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 24/09/2014 - 16:03:53 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 03/01/2015 - 16:07:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
O43 - CFD: 21/02/2015 - 15:46:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 28/09/2014 - 18:44:22 - [] ----D C:\Users\joel\AppData\Roaming\Adobe
O43 - CFD: 24/10/2013 - 15:44:39 - [] ----D C:\Users\joel\AppData\Roaming\ATI
O43 - CFD: 05/11/2013 - 15:11:05 - [] ----D C:\Users\joel\AppData\Roaming\Audacity
O43 - CFD: 23/12/2013 - 18:38:37 - [] ----D C:\Users\joel\AppData\Roaming\AVAST Software
O43 - CFD: 05/12/2014 - 21:54:26 - [] ----D C:\Users\joel\AppData\Roaming\CyberLink
O43 - CFD: 25/10/2013 - 12:03:03 - [] ----D C:\Users\joel\AppData\Roaming\Google
O43 - CFD: 27/10/2013 - 11:57:41 - [] ----D C:\Users\joel\AppData\Roaming\Hewlett-Packard
O43 - CFD: 17/11/2013 - 12:04:37 - [] ----D C:\Users\joel\AppData\Roaming\hpqlog
O43 - CFD: 22/10/2014 - 14:30:17 - [] ----D C:\Users\joel\AppData\Roaming\Identities
O43 - CFD: 24/10/2013 - 17:36:29 - [] ----D C:\Users\joel\AppData\Roaming\Macromedia
O43 - CFD: 17/06/2014 - 13:07:00 - [0] ----D C:\Users\joel\AppData\Roaming\Malwarebytes
O43 - CFD: 19/02/2015 - 20:13:25 - [] -S--D C:\Users\joel\AppData\Roaming\Microsoft
O43 - CFD: 08/11/2013 - 13:15:55 - [] ----D C:\Users\joel\AppData\Roaming\Mozilla
O43 - CFD: 02/01/2014 - 18:55:57 - [] ----D C:\Users\joel\AppData\Roaming\Nero
O43 - CFD: 28/10/2013 - 18:43:55 - [] ----D C:\Users\joel\AppData\Roaming\OpenOffice
O43 - CFD: 24/10/2013 - 16:01:17 - [] ----D C:\Users\joel\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 17/02/2015 - 17:58:56 - [] ----D C:\Users\joel\AppData\Roaming\SFR
O43 - CFD: 24/10/2013 - 15:40:46 - [] ----D C:\Users\joel\AppData\Roaming\Synaptics
O43 - CFD: 08/11/2013 - 13:15:51 - [] ----D C:\Users\joel\AppData\Roaming\TomTom
O43 - CFD: 29/01/2015 - 20:40:52 - [] ----D C:\Users\joel\AppData\Roaming\uTorrent =>P2P.┬╡Torrent
O43 - CFD: 19/02/2015 - 20:57:33 - [] ----D C:\Users\joel\AppData\Roaming\WildTangent
O43 - CFD: 21/02/2015 - 15:53:58 - [] ----D C:\Users\joel\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 14/11/2013 - 13:05:45 - [] ----D C:\Users\joel\AppData\Local\Adobe
O43 - CFD: 22/10/2014 - 13:49:12 - [] -SH-D C:\Users\joel\AppData\Local\Application Data
O43 - CFD: 14/01/2014 - 15:18:06 - [] ----D C:\Users\joel\AppData\Local\Apps
O43 - CFD: 24/10/2013 - 15:44:39 - [] ----D C:\Users\joel\AppData\Local\ATI
O43 - CFD: 15/01/2014 - 14:37:12 - [] ----D C:\Users\joel\AppData\Local\Auchan
O43 - CFD: 05/12/2014 - 21:54:24 - [] ----D C:\Users\joel\AppData\Local\Cyberlink
O43 - CFD: 20/02/2015 - 13:21:29 - [] ----D C:\Users\joel\AppData\Local\Diagnostics
O43 - CFD: 03/01/2015 - 16:05:18 - [] ----D C:\Users\joel\AppData\Local\Downloaded Installations
O43 - CFD: 14/11/2014 - 18:46:09 - [] -SH-D C:\Users\joel\AppData\Local\EmieBrowserModeList
O43 - CFD: 22/10/2014 - 16:09:45 - [] -SH-D C:\Users\joel\AppData\Local\EmieSiteList
O43 - CFD: 22/10/2014 - 16:09:45 - [] -SH-D C:\Users\joel\AppData\Local\EmieUserList
O43 - CFD: 18/06/2014 - 09:42:14 - [] ----D C:\Users\joel\AppData\Local\Google
O43 - CFD: 19/02/2015 - 20:56:56 - [] ----D C:\Users\joel\AppData\Local\Hewlett-Packard
O43 - CFD: 22/10/2014 - 13:49:12 - [] -SH-D C:\Users\joel\AppData\Local\Historique
O43 - CFD: 01/11/2013 - 17:41:08 - [0] ----D C:\Users\joel\AppData\Local\HP Quick Start
O43 - CFD: 01/11/2013 - 17:42:12 - [] ----D C:\Users\joel\AppData\Local\HPConnectedMusic
O43 - CFD: 19/02/2015 - 20:08:48 - [] ----D C:\Users\joel\AppData\Local\Microsoft
O43 - CFD: 02/01/2014 - 18:58:38 - [] ----D C:\Users\joel\AppData\Local\Nero_AG
O43 - CFD: 17/02/2015 - 17:38:45 - [] ----D C:\Users\joel\AppData\Local\Neuf
O43 - CFD: 19/02/2015 - 20:13:23 - [] ----D C:\Users\joel\AppData\Local\Packages
O43 - CFD: 24/10/2013 - 15:41:01 - [] ----D C:\Users\joel\AppData\Local\Power2Go8
O43 - CFD: 24/10/2013 - 15:54:39 - [] ----D C:\Users\joel\AppData\Local\Programs
O43 - CFD: 21/02/2015 - 15:48:40 - [] ----D C:\Users\joel\AppData\Local\Temp
O43 - CFD: 22/10/2014 - 13:49:12 - [] -SH-D C:\Users\joel\AppData\Local\Temporary Internet Files
O43 - CFD: 08/11/2013 - 13:15:51 - [] ----D C:\Users\joel\AppData\Local\TomTom
O43 - CFD: 14/01/2014 - 15:43:25 - [] ----D C:\Users\joel\AppData\Local\VirtualStore
O43 - CFD: 28/10/2014 - 18:14:32 - [] ----D C:\Users\joel\AppData\Local\Windows Live
O43 - CFD: 22/10/2014 - 13:51:10 - [] R---D C:\Users\joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - 16:36:32 - [] R---D C:\Users\joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 12/11/2014 - 16:20:37 - [] R---D C:\Users\joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 22/08/2013 - 16:36:32 - [] ----D C:\Users\joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 24/10/2013 - 16:01:07 - [0] ----D C:\Users\joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 12/11/2014 - 16:20:37 - [] R---D C:\Users\joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 22/10/2014 - 13:51:10 - [] R---D C:\Users\joel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 176 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 08/02/2015 - 14:33:29 ---A- . (...) -- C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt [0]
O44 - LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] - 20/02/2015 - 15:24:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O44 - LFC:[MD5.400B56A4249178A36AD7800E4EC39288] - 20/02/2015 - 16:48:19 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [116773704]
O44 - LFC:[MD5.094E050BB8DD28177F7DA5D0BA5AA5FF] - 20/02/2015 - 21:03:46 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [2028496]
O44 - LFC:[MD5.AF17ACEE3320214B8587255B954D1F17] - 20/02/2015 - 21:03:46 ---A- . (...) -- C:\Windows\System32\perfc009.dat [161748]
O44 - LFC:[MD5.D02CBC4D3301A129806445B2F7E551F6] - 20/02/2015 - 21:03:46 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [192446]
O44 - LFC:[MD5.DB6AE55FDA39949F4477F4B7440F38D4] - 20/02/2015 - 21:03:46 ---A- . (...) -- C:\Windows\System32\perfh009.dat [787990]
O44 - LFC:[MD5.F3DCD483141228047DE5BFEB7DE2C780] - 20/02/2015 - 21:03:46 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [887258]
O44 - LFC:[MD5.75E9B55174965E1017989D12EAFD62CD] - 20/02/2015 - 21:25:50 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1629058]
O44 - LFC:[MD5.BDE0E9BCE5D746FE4C99AA0902D36C66] - 21/02/2015 - 15:34:56 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
~ Files: 10 Scanned in 01mn 24s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de lΓÇÔ├ëditeur de configuration de s├⌐curit├⌐ Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contr├┤le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote dΓÇÔextension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote dΓÇÔextension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 21 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 6 Scanned in 00mn 00s



---\\ Liste des pilotes du syst├Îme (SDL) (O58)
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896]
O58 - SDL:24/09/2012 - 12:40:56 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [43840]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424]
O58 - SDL:22/08/2013 - 13:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016]
O58 - SDL:19/11/2014 - 18:26:36 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:19/11/2014 - 18:26:36 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [83280]
O58 - SDL:19/11/2014 - 18:26:34 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93568]
O58 - SDL:19/11/2014 - 18:26:36 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:25/11/2014 - 17:45:22 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [1050432]
O58 - SDL:24/04/2014 - 10:40:35 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400235103031 [1039096]
O58 - SDL:19/11/2014 - 18:26:36 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [436624]
O58 - SDL:24/04/2014 - 10:40:35 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1400235103031 [423240]
O58 - SDL:19/11/2014 - 18:26:37 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [116728]
O58 - SDL:19/11/2014 - 18:26:37 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [267632] =>.ALWIL Software
O58 - SDL:12/12/2013 - 05:25:12 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [12521472]
O58 - SDL:12/12/2013 - 05:25:14 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [617472]
O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows ® Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296]
O58 - SDL:05/03/2013 - 12:01:42 ---A- . (.CyberLink - It is a virtual device driver which could create multiple virtu.) -- C:\Windows\System32\Drivers\CLVirtualDrive.sys [91712]
O58 - SDL:19/10/2012 - 04:52:32 ---A- . (.Windows ® Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys [151968]
O58 - SDL:19/10/2012 - 04:52:30 ---A- . (.Windows ® Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys [27040]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024]
O58 - SDL:13/07/2012 - 03:56:32 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [62784]
O58 - SDL:24/09/2012 - 12:40:56 ---A- . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\Drivers\hpdskflt.sys [31040]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352]
O58 - SDL:30/07/2013 - 19:47:35 ---A- . (.Intel Corporation - Intel® Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:25/07/2013 - 20:05:39 ---A- . (.Intel Corporation - Intel® Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:22/08/2013 - 10:08:42 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [644968]
O58 - SDL:10/08/2013 - 01:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000]
O58 - SDL:20/05/2014 - 23:33:36 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [3791872]
O58 - SDL:07/03/2013 - 16:14:22 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [442368]
O58 - SDL:06/05/2014 - 23:39:17 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [38296]
O58 - SDL:06/05/2014 - 23:39:17 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [27032]
O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536]
O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784]
O58 - SDL:21/11/2014 - 06:14:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:21/11/2014 - 06:14:12 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [93400]
O58 - SDL:20/02/2015 - 15:24:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [129752]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840]
O58 - SDL:22/08/2013 - 13:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840]
O58 - SDL:21/11/2014 - 06:14:26 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216]
O58 - SDL:01/12/2011 - 11:42:44 ---A- . (.Nero AG - Nero Backup Volume Filter Driver for the Disk Stack.) -- C:\Windows\System32\Drivers\NBVol.sys [72240]
O58 - SDL:01/12/2011 - 11:42:44 ---A- . (.Nero AG - Nero Backup Volume Upper Filter Driver for the Disk Stack.) -- C:\Windows\System32\Drivers\NBVolUp.sys [15920]
O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288]
O58 - SDL:24/10/2014 - 16:26:15 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt630x64.sys [830680]
O58 - SDL:03/11/2013 - 19:05:44 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3376200]
O58 - SDL:24/01/2013 - 01:29:56 ---A- . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsP2Stor.sys [288328]
O58 - SDL:02/02/2013 - 01:08:18 ---A- . (.RTS Corporation - RTS PCIE READER Driver.) -- C:\Windows\System32\Drivers\RtsPer.sys [448072]
O58 - SDL:24/10/2014 - 16:28:31 ---A- . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtwlane.sys [3068120]
O58 - SDL:22/08/2013 - 16:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760]
O58 - SDL:06/02/2013 - 05:54:16 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [28400]
O58 - SDL:24/10/2014 - 17:01:36 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [34544]
O58 - SDL:22/01/2014 - 07:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [108800]
O58 - SDL:22/01/2014 - 07:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:24/10/2014 - 17:01:41 ---A- . (.Synaptics Incorporated - Synaptics Touchpad 64-bit Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [524016]
O58 - SDL:24/10/2014 - 16:22:28 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriverx64.sys [99288]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504]
O58 - SDL:31/08/2012 - 08:40:24 ---A- . (.Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver.) -- C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [20800]
O58 - SDL:09/10/2012 - 09:39:52 ---A- . (.Softex Inc - OmniPass PBA Driver.) -- C:\Windows\System32\oprom.sys [5120]
~ Drivers: 72 Scanned in 00mn 04s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 17/02/2015 - 15:55:33 ---A- . (.Google Inc..) -- C:\Users\joel\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll [142152]
O61 - LFC: 19/02/2015 - 15:55:33 ---A- . (...) -- C:\Users\joel\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [102569]
O61 - LFC: 20/02/2015 - 15:55:41 ---A- . (.Thisisu.) -- C:\Users\joel\AppData\Local\Microsoft\Windows\INetCache\IE\9UG251V9\JRT.exe [1388274]
O61 - LFC: 21/02/2015 - 15:55:41 ---A- . (...) -- C:\Users\joel\AppData\Local\Microsoft\Windows\INetCache\IE\9UG251V9\urlblockindex[1].bin [16]
O61 - LFC: 21/02/2015 - 15:55:43 ---A- . (.Nicolas Coolman.) -- C:\Users\joel\Downloads\ZHPDiag2.exe [6876251] =>.Nicolas Coolman
~ 640 Fichiers temporaires (Temporary files)
~ Files: 5 Scanned in 00mn 10s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur dΓÇÔ├⌐v├⌐nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
~ FASS Keys: 10 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - (Microsoft (Bing)) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Enum├Îre les service demarr├⌐s par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp├⌐rience dΓÇÔapplication.) -- C:\Windows\System32\aelupsvc.dll [208896]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes ├¦ puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes ├¦ puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [324096]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1261056]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1063424]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [914432]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service dΓÇÔouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations dΓÇÔapplication.) -- C:\Windows\System32\appinfo.dll [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [107008]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1212928]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [70656]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur dΓÇÔordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [225280]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau ├¦ distance.) -- C:\Windows\System32\sessenv.dll [324096]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl├Îmes.) -- C:\Windows\System32\wercplsupport.dll [81408]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [339456]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service dΓÇÔinfrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1576960]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des th├Îmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [50688]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire dΓÇÔinstallation de p├⌐riph├⌐rique.) -- C:\Windows\System32\DeviceSetupManager.dll [201728]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [164352]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num├⌐rotation automatique dΓÇÔacc├Îs distant.) -- C:\Windows\System32\rasauto.dll [101376]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions dΓÇÔacc├Îs ├¦ distance.) -- C:\Windows\System32\rasmans.dll [534528]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire dΓÇÔinterface dynamique.) -- C:\Windows\System32\mprdim.dll [223744]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification dΓÇÔ├⌐v├⌐nements syst├Îme (SENS).) -- C:\Windows\System32\sens.dll [71680]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de lΓÇÔapplication dΓÇÔassistance ├¦ Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [433664]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [306688]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise ├¦ jour automatique Windows Update.) -- C:\WINDOWS\system32\wuaueng.dll [3557376]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri├Îre-plan.) -- C:\Windows\System32\qmgr.dll [1017856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [629760]
~ Services: 34 Scanned in 00mn 04s



---\\ Enum├Îre les donn├⌐es de la cl├⌐ NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 20/05/2014 278344 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 21/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
SS - | Demand 11/05/2013 822232 | (Intel® Capability Licensing Service TCP IP Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Auto 18/07/2013 762192 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SS - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/11/2013 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 12/12/2013 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 19/11/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 19/11/2014 4012248 | (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 04/11/2013 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Demand 07/06/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 24/09/2012 31040 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 26/03/2014 469304 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
SR - | Auto 22/08/2013 15720 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 20/05/2014 314696 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 11/05/2013 733696 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 24/10/2014 131544 | (Intel® ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 24/10/2014 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
SR - | Auto 24/10/2014 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
SR - | Auto 14/10/2013 87552 | (omniserv) . (.Softex Inc..) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
SR - | Auto 20/02/2013 239176 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 19/12/2014 93040 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Demand 22/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 22/08/2013 37768 | C:\WINDOWS\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 18s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by joel at 21/02/2015 15:58:54
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (19/02/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

C:\Users\joel\AppData\Roaming\uTorrent =>P2P.┬╡Torrent^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
~ Additionnel Scan: 278807 Items scanned in 00mn 34s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lanc├⌐es au d├⌐marrage du syst├Îme (O4)
~ AMI: 4 Scanned in 00mn 00s



End of the scan (1115 lines in 06mn 03s)(0.11)

 

 

 

tomtom95 Devil Member !

tomtom95

Posté(e)
Posté(e)

Re,

évitez de poster les rapports trop longs directement sur le forum s'il te plaît cela risque de bloquer le sujet
Juste le lien de Cjoint merci

Attention avec les programmes P2P source d'infection multiple
Prendre le temps de lire
Les risques du peer-to-peer
Le danger des cracks !

Désinstaller l'ancienne version de JAVA (Java 7 Update 60 ) dans programmes et fonctionnalités si encore présent

On va supprimer des fichiers

  • Clique-droit >sur l'icône ZHPFix,présent sur votre Bureau clique-droit > exécuter en tant qu'administrateur
    Tutoriel_ZHPDiag-7.jpg
  • Surlignez tout le texte ci-dessous puis cliquez droit Copier

    Script ZHPFix
    C:\Users\joel\AppData\Roaming\uTorrent
    G2 - EXT: C:\Users\joel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
    O42 - Logiciel: Java 7 Update 60 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217060FF}
    O43 - CFD: 19/04/2014 - 12:42:59 - [] ----D C:\Program Files (x86)\Java
    O43 - CFD: 03/03/2014 - 14:13:39 - [] ----D C:\Program Files (x86)\Common Files\Java
    O43 - CFD: 29/01/2015 - 20:40:52 - [] ----D C:\Users\joel\AppData\Roaming\uTorrent
    O43 - CFD: 22/10/2014 - 13:58:48 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
    O43 - CFD: 23/12/2013 - 18:28:58 - [] ----D C:\ProgramData\Norton
    O43 - CFD: 23/12/2013 - 18:27:14 - [] ----D C:\ProgramData\NortonInstaller
    O43 - CFD: 16/03/2014 - 14:17:20 - [] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
    O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
    O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
    O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
    O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
    O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
    O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
    [MD5.00000000000000000000000000000000] [APT] [Norton WSC Integration] (...) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe (.not file.) [0] => Symantec Norton Internet Sécurity
    [MD5.00000000000000000000000000000000] [APT] [Norton Error Analyzer] (...) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe (.not file.) [0] => Symantec Norton Internet Sécurity
    [MD5.00000000000000000000000000000000] [APT] [Norton Error Processor] (...) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe (.not file.) [0] => Symantec Norton Internet Sécurity
    [HKCU\Software\BitTorrent]

    ShortcutFix
    Ifeofix
    PROXYFix
    EmptyPrefetch
    EmptyCLSID
    FirewallRaz
    EmptyTemp
    EmptyFlash
    Sysrestore

  • Dans l'interface de ZHPFix Cliquez sur Importer et sur OK

    zhpfix10.png

    IMPORTANT :Fermez toutes les applications en cours (notamment votre navigateur)
    Désactivez vos protections (Antivirus et par-feu)

    Attention :vérifiez que que toutes les lignes se sont collées
  • Puis Cliquez sur "GO"
  • Confirmez les nettoyages des données en cliquant sur "Oui"
    9j6eC9Y.png
    Le nettoyage s'effectue, ne touchez à rien pendant cette étape, si le programme demande un redémarrage du pc > faites le !
  • Une fois le scan terminé le fichier ZHPFixReport à été crée sur le bureau.
  • Hébergez le rapport ZHPFixReport sur le site http://www.cjoint.com
    puis copier/coller le lien fourni dans votre prochaine réponse.

  • Télécharger CTR.exede pierre 13 sur le bureau
  • Fermer tous les programmes en cours.
  • Désactivez provisoirement l'antivirus
  • Double cliquer sur le fichier pour le lancer.
  • sous Windows : 7/8 et Vista exécuter en tant qu'administrateur
  • L'analyse ne dure que quelques instants.
  • Le rapport est sur le bureau (CTR.txt)
  • Hébergez le rapport sur le site http://www.cjoint.com
    Puis copier/coller le lien fourni dans votre prochaine réponse.
  • Redémarrer votre ordinateur

 

 

joel62 Member

joel62

Posté(e)
  • Auteur
Posté(e)

Bonsoir

Si j'ai procédé de cette manière, c'est que comme cité plus haut impossible de coller le lien de c joint, j'ai donc suivi les instructions données dans les réponses comme vous pouvez le voir ci dessus. j'ai fait plusieurs tentatives avec c joint mais cela ne marchait pas ,le mot coller était grisé et ne fonctionnait pas j'avais déjà eu le même problème lors d'une autre demande il va falloir m'expliquer comment faire. En tous les cas désolé d'avoir perturbé le site c'était vraiment involontaire.

Je vais appliquer ce que vous me conseillez demain.

D'après vous mon ordi est il infecté ?

Encore merci pour votre aide et du temps passé pour un inconnu.

Bon week end

tomtom95 Devil Member !

tomtom95

Posté(e)
Posté(e)

D'accord pas de souci post directement sur le forum.

 

 

D'après vous mon ordi est il infecté ?

 

Rien d'inquiétant en apparence sur le rapport .

Des reste de Norton et de P2P ,vieille version de JAVA risque de de faille de sécurité.

Le deuxiéme outil CTR c'est pour les restrictions et rétablir Windows Update .

 

A plus

 

Rejoindre la conversation

Vous publiez en tant qu’invité. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...