Forum d'Entraide Informatique (FEI)

Bonjour à vous tous ,

Je viens vers vous j 'ai 62 ans et en téléchargeant un logiciel j ai Do search qui est venu sur mes navigateurs .... en lisant par ci par la des astuces pour enlever j'ai téléchargé adwcleaner et Malwarrebytes après avoir fait le scan sur chacun je pensais ne plus avoir Do search ..mais oui il est toujours là ..ALORS JE VIENS VERS VOUS ...je dois vous dire que je ne connais pas beaucoup dans vos manipulations mais je demande qu' a apprendre aussi .... Pour info j'ai Windows 7 et l'ordi est très long au démarrage ! de plus dans mes programmes( ajout ou supprimer ) je ne vois pas celui ci pour le désinstaller ....merci encore pour votre aide précieuse .

Bonjour,

Pour mieux recevoir les réponses, tu peux t'inscrire au forum (plus d'informations ici).

Pourrais-tu poster les rapports AdwCleaner et Malwarebytes STP ?
Le premier doit être sous C:\AdwCleaner[S0].txt et le second dans l'onglet Rapports/Logs du logiciel.

Gabriel.

Merci Gabriel je viens de m'inscrire en effet je vais chercher les rapports pour essayer de poster
ClaMalwarebytes Anti-Malware (Essai) 1.75.0.1300
http://www.malwarebytes.org

Version de la base de données: v2013.11.29.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
CLARA :: CLARA-PC [administrateur]

Protection: Activé

29/11/2013 20:32:47
mbam-log-2013-11-29 (20-32-47).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 211190
Temps écoulé: 5 minute(s), 33 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 1
HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) - Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 7
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.DoSearch.A) - Mauvais: (http://do-search.com/?type=hpts=1385747 ... 0Q7JX1AMLX) Bon: (http://www.google.com) - Mis en quarantaine et réparé avec succès
HKCU\Software\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.DoSearch.A) - Mauvais: (http://do-search.com/?type=hpts=1385747 ... 0Q7JX1AMLX) Bon: (http://www.google.com) - Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command| (PUP.Optional.DoSearch.A) - Mauvais: (C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://do-search.com/?type=scts=1385747 ... 0Q7JX1AMLX) Bon: (firefox.exe) - Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.DoSearch.A) - Mauvais: (C:\Program Files\Internet Explorer\iexplore.exe http://do-search.com/?type=scts=1385747 ... 0Q7JX1AMLX) Bon: (iexplore.exe) - Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.DoSearch.A) - Mauvais: (http://do-search.com/web/?type=dsts=138 ... earchTerms}) Bon: (http://www.google.com) - Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.DoSearch.A) - Mauvais: (http://do-search.com/?type=hpts=1385747 ... 0Q7JX1AMLX) Bon: (http://www.google.com) - Mis en quarantaine et réparé avec succès
HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.DoSearch.A) - Mauvais: (http://do-search.com/?type=hpts=1385747 ... 0Q7JX1AMLX) Bon: (http://www.google.com) - Mis en quarantaine et réparé avec succès

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 4
C:\Users\CLARA\Documents\install_flashplayer11x32_mssd_aaa_aih (1).exe (PUP.Optional.InstallCore) - Mis en quarantaine et supprimé avec succès.
C:\Users\CLARA\Documents\install_flashplayer11x32_mssd_aaa_aih.exe (PUP.Optional.InstallCore) - Mis en quarantaine et supprimé avec succès.
C:\Users\CLARA\Downloads\AdwCleaner.exe (PUP.Optional.Firseria) - Mis en quarantaine et supprimé avec succès.
C:\Windows\Installer\1be6ce.msi (Adware.Boxore) - Mis en quarantaine et supprimé avec succès.

(fin)
ireMalwarebytes Anti-Malware (Essai) 1.75.0.1300
http://www.malwarebytes.org

Version de la base de données: v2013.11.29.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
CLARA :: CLARA-PC [administrateur]

Protection: Activé

30/11/2013 06:25:10
mbam-log-2013-11-30 (06-25-10).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 99764
Temps écoulé: 27 minute(s), 9 seconde(s) [abandonné]

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 3
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus\glindorusBHO.dll.vir (PUP.Optional.Glindorus.A) - Aucune action effectuée.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus\updateglindorus.exe.vir (PUP.Optional.Glindorus.A) - Aucune action effectuée.
C:\Config.Msi\7473d0.rbf (PUP.Optional.SweetIM) - Aucune action effectuée.

(fin)
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
http://www.malwarebytes.org

Version de la base de données: v2013.11.29.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
CLARA :: CLARA-PC [administrateur]

Protection: Activé

30/11/2013 11:16:10
mbam-log-2013-11-30 (11-16-10).txt

Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 355886
Temps écoulé: 55 minute(s), 11 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
2013/11/29 20:30:56 +0100 CLARA-PC CLARA MESSAGE Starting protection
2013/11/29 20:30:56 +0100 CLARA-PC CLARA MESSAGE Protection started successfully
2013/11/29 20:30:56 +0100 CLARA-PC CLARA MESSAGE Starting IP protection
2013/11/29 20:31:16 +0100 CLARA-PC CLARA MESSAGE IP Protection started successfully
2013/11/29 20:31:51 +0100 CLARA-PC CLARA MESSAGE Starting database refresh
2013/11/29 20:31:51 +0100 CLARA-PC CLARA MESSAGE Stopping IP protection
2013/11/29 20:31:53 +0100 CLARA-PC CLARA MESSAGE IP Protection stopped successfully
2013/11/29 20:31:56 +0100 CLARA-PC CLARA MESSAGE Database refreshed successfully
2013/11/29 20:31:56 +0100 CLARA-PC CLARA MESSAGE Starting IP protection
2013/11/29 20:31:59 +0100 CLARA-PC CLARA MESSAGE IP Protection started successfully
2013/11/29 20:41:46 +0100 CLARA-PC CLARA MESSAGE Starting protection
2013/11/29 20:41:46 +0100 CLARA-PC CLARA MESSAGE Protection started successfully
2013/11/29 20:41:46 +0100 CLARA-PC CLARA MESSAGE Starting IP protection
2013/11/29 20:41:51 +0100 CLARA-PC CLARA MESSAGE IP Protection started successfully
2013/11/29 21:07:36 +0100 CLARA-PC CLARA MESSAGE Starting protection
2013/11/29 21:07:36 +0100 CLARA-PC CLARA MESSAGE Protection started successfully
2013/11/29 21:07:36 +0100 CLARA-PC CLARA MESSAGE Starting IP protection
2013/11/29 21:07:42 +0100 CLARA-PC CLARA MESSAGE IP Protection started successfully
2013/11/29 22:39:08 +0100 CLARA-PC CLARA MESSAGE Executing scheduled update: Daily
2013/11/29 22:39:17 +0100 CLARA-PC CLARA MESSAGE Scheduled update executed successfully: database updated from version v2013.11.29.05 to version v2013.11.29.06
2013/11/29 22:39:17 +0100 CLARA-PC CLARA MESSAGE Starting database refresh
2013/11/29 22:39:17 +0100 CLARA-PC CLARA MESSAGE Stopping IP protection
2013/11/29 22:39:18 +0100 CLARA-PC CLARA MESSAGE IP Protection stopped successfully
2013/11/29 22:39:30 +0100 CLARA-PC CLARA MESSAGE Database refreshed successfully
2013/11/29 22:39:30 +0100 CLARA-PC CLARA MESSAGE Starting IP protection
2013/11/29 22:39:32 +0100 CLARA-PC CLARA MESSAGE IP Protection started successfully
2013/11/29 22:52:20 +0100 CLARA-PC (null) MESSAGE Starting protection
2013/11/29 22:52:20 +0100 CLARA-PC (null) MESSAGE Protection started successfully
2013/11/29 22:52:20 +0100 CLARA-PC (null) MESSAGE Starting IP protection
2013/11/29 22:52:25 +0100 CLARA-PC (null) MESSAGE IP Protection started successfully

# AdwCleaner v3.013 - Rapport créé le 30/11/2013 à 14:20:11
# Mis à jour le 24/11/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : CLARA - CLARA-PC
# Exécuté depuis : C:\Users\CLARA\Desktop\adwcleaner.exe
# Option : Scanner

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

***** [ Raccourcis ] *****

***** [ Registre ] *****

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v19.0.2 (fr)

[ Fichier : C:\Users\CLARA\AppData\Roaming\Mozilla\Firefox\Profiles\poseu1ok.default\prefs.js ]

-\\ Google Chrome v31.0.1650.57

[ Fichier : C:\Users\CLARA\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [10116 octets] - [16/10/2013 18:50:31]
AdwCleaner[R1].txt - [1394 octets] - [14/11/2013 08:14:54]
AdwCleaner[R2].txt - [3524 octets] - [29/11/2013 19:18:28]
AdwCleaner[R3].txt - [1428 octets] - [29/11/2013 20:21:35]
AdwCleaner[R4].txt - [1488 octets] - [29/11/2013 22:44:43]
AdwCleaner[R5].txt - [1495 octets] - [30/11/2013 06:07:57]
AdwCleaner[R6].txt - [1538 octets] - [30/11/2013 07:10:56]
AdwCleaner[R7].txt - [1658 octets] - [30/11/2013 07:24:32]
AdwCleaner[R8].txt - [1718 octets] - [30/11/2013 12:20:03]
AdwCleaner[R9].txt - [1338 octets] - [30/11/2013 14:20:11]
AdwCleaner[S0].txt - [9902 octets] - [16/10/2013 18:51:42]
AdwCleaner[S1].txt - [1458 octets] - [14/11/2013 08:17:01]
AdwCleaner[S2].txt - [3329 octets] - [29/11/2013 19:23:26]
AdwCleaner[S3].txt - [1550 octets] - [29/11/2013 22:50:35]
AdwCleaner[S4].txt - [1599 octets] - [30/11/2013 07:13:38]
AdwCleaner[S5].txt - [1779 octets] - [30/11/2013 12:22:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R9].txt - [1758 octets] ##########

Re,

Ok, passe Shortcut_Module et poste le rapport : http://www.forum-entraide-informatique. ... e-tutoriel

Gabriel.

Voilà je ne sais si la démarche est convenable pour vous ? dans tous les cas merci pour votre aide ! Clara
Que veut dire passe Shortcut module ?

Re,

Oui c'est ok pour les rapports que tu m'as fourni.

Ouvre le lien que je t'ai donné en même temps, c'est le logiciel qu'il faut que tu exécutes.

Gabriel.

voilà qui est fait l'ordi a mis 30 m pour s'ouvrir j'ai des soucis de ce côté aussi a l'ouverture je n'ai pas eu de rapport par contre en ouvrant google je n'ai plus do search mais il est sur Mozilla !

Re,

Ok, le rapport devrait être sous C:\Shortcut_Module.txt

Gabriel.

je suis vraiment nul pardon mais comment pouvoir aller sur C :

¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module 13.11.2013.2 - g3n-h@ckm@n

14:27:49 - 30/11/2013

(1420) -- spoolsv.exe
(1516) -- PhotoshopElementsFileAgent.exe
(1632) -- armsvc.exe
(1676) -- AppleMobileDeviceService.exe
(1856) -- mDNSResponder.exe
(1900) -- mounter.exe
(1988) -- ePowerSvc.exe
(2044) -- GregHSRW.exe
(1252) -- LMS.exe
(1936) -- mbamscheduler.exe
(2072) -- IScheduleSvc.exe
(2288) -- taskhost.exe
(2332) -- explorer.exe
(2568) -- taskeng.exe
(1156) -- PLFSetI.exe
(1144) -- OrangeInstaller.exe
(2856) -- mbamgui.exe
(1952) -- ePowerTray.exe
(884) -- hkcmd.exe
(2676) -- IAAnotif.exe
(2108) -- igfxtray.exe
(556) -- igfxpers.exe
(2812) -- RAVCpl64.exe
(1616) -- iCloudServices.exe
(808) -- ApplePhotoStreams.exe
(1928) -- translateclient.exe
(2904) -- BackupManagerTray.exe
(2556) -- traybar.exe
(2940) -- iTunesHelper.exe
(2172) -- UpdaterService.exe
(3436) -- WLIDSVC.EXE
(3268) -- IAANTmon.exe
(3540) -- WLIDSVCM.EXE
(3996) -- iPodService.exe
(3248) -- SearchIndexer.exe
(3928) -- APSDaemon.exe
(4012) -- igfxext.exe
(4128) -- igfxsrvc.exe
(4292) -- ePowerEvent.exe
(4116) -- LManager.exe
(4136) -- PDVD8Serv.exe
(4232) -- jusched.exe
(4940) -- wmpnetwk.exe
(3284) -- UNS.exe
(416) -- chrome.exe
(4912) -- chrome.exe
(4328) -- chrome.exe
(3616) -- chrome.exe
(3728) -- chrome.exe
(2704) -- chrome.exe
(2504) -- chrome.exe
(5620) -- SearchProtocolHost.exe
(5988) -- SearchFilterHost.exe

¤¤¤¤¤¤¤¤¤¤ | Hijack Links

Disinfected : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk : C:\Program Files (x86)\Mozilla Firefox\firefox.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security Support\Contact.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\CLARA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\CLARA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk : C:\Program Files (x86)\Internet Explorer\iexplore.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\CLARA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\CLARA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\CLARA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\CLARA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk : C:\Program Files (x86)\Mozilla Firefox\firefox.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk : C:\Program Files\Internet Explorer\iexplore.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)
Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk : C:\Program Files (x86)\Mozilla Firefox\firefox.exe (hxxp://do-search.com/?type=scts=1385747584from=adksuid=HitachiXHTS545050B9A300_091213PB4400Q7JX1AMLX)

¤¤¤¤¤¤¤¤¤¤ | Hijack Internet Explorer

Repaired : [HKU\S-1-5-21-378696231-3159941110-2019972561-1001\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.google.com - http://www.google.com/
Repaired : [HKU\S-1-5-21-378696231-3159941110-2019972561-1001\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm - C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-21-378696231-3159941110-2019972561-1001\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://go.microsoft.com/fwlink/?LinkId=54896 - http://www.microsoft.com/isapi/redir.dl ... r=iesearch
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.google.com - http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : http://www.google.com - http://go.microsoft.com/fwlink/?LinkId=54896
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : http://www.google.com - http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://do-search.com/web/?type=dsts=138 ... earchTerms} - http://go.microsoft.com/fwlink/?LinkId=54896
Repaired : [HKU\S-1-5-21-378696231-3159941110-2019972561-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[ProxyOverride] : local - *.local
Repaired : [HKU\S-1-5-21-378696231-3159941110-2019972561-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 - 1

¤¤¤¤¤¤¤¤¤¤ | Hijack Google Chrome

[CLARA] Successfull reset : SearchURL
[CLARA] Successfull reset : Preferences

¤¤¤¤¤¤¤¤¤¤ | Hijack Firefox

[CLARA] Replaced : user_pref("browser.newtab.url", "http://do-search.com/newtab/?type=ntts= ... 0Q7JX1AMLX"); - user_pref("browser.newtab.url", "http://www.google.fr");
[CLARA] Replaced : user_pref("browser.search.defaultenginename", "do-search"); - user_pref("browser.search.defaultenginename", "google");
[CLARA] Replaced : user_pref("browser.search.selectedEngine", "do-search"); - user_pref("browser.search.selectedEngine", "google");
[CLARA] Replaced : user_pref("browser.startup.homepage", "http://www.orange.fr/"); - user_pref("browser.startup.homepage", "http://www.google.fr");

¤¤¤¤¤¤¤¤¤¤ | Hijack StartMenuInternet

Repaired : [HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\open\command] : firefox.exe - "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
Repaired : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : iexplore.exe - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
Repaired : [HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://do-search.com/?type=scts=1385747 ... 0Q7JX1AMLX - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
Repaired : [HKLM\Software\Clients\StartMenuInternet\Safari.exe\shell\open\command] : "C:\Program Files (x86)\Safari\Safari.exe" http://do-search.com/?type=scts=1385747 ... 0Q7JX1AMLX - "C:\Program Files (x86)\Safari\Safari.exe"

¤¤¤¤¤¤¤¤¤¤ | TEMP Files

[All Users] TEMP Files deleted : 0 Ko
[Default User] TEMP Files deleted : 0 Ko
[Default] TEMP Files deleted : 0 Ko
[Public] TEMP Files deleted : 0 Ko
[CLARA] TEMP Files deleted : 15098 Ko
[Hudson] TEMP Files deleted : 0 Ko

¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤
JE VIENS DE TROUVER § SUPER

Re,

Ok.

Fais un diagnostic de ton PC avec ZHPDiag et poste le rapport hébergé : http://www.forum-entraide-informatique. ... g-tutoriel

Gabriel.

ON ME DIT QUE LERAPPORT EST TROP IMPORTANT POUR TRANSMETTRE QUE FAIRE

Rapport de ZHPDiag v2013.11.30.64 - Nicolas Coolman (30/11/2013)
~ Lancé par CLARA (30/11/2013 15:24:27)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user

---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16428
MFIE: Mozilla Firefox 19.0.2
GCIE: Google Chrome v31.0.1650.57 (Defaut)
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2008
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.06 =Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3766 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 369 GB (81%) free of 454 GB

---\\ Mode de connexion au système
~ Computer Name: CLARA-PC
~ User Name: CLARA
~ All Users Names: HomeGroupUser$, CLARA, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\CLARA\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\CLARA\AppData\Roaming\
~ %Desktop% : C:\Users\CLARA\Desktop\
~ %Favorites% : C:\Users\CLARA\Favorites\
~ %LocalAppData% : C:\Users\CLARA\AppData\Local\
~ %StartMenu% : C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 369 Go of 454 Go)
D: CD-ROM drive (Not Inserted)

---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E6CB36B85BE59095337427E853A5B65A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/11/2013 - 07:32:55.) -- C:\Windows\System32\wininet.dll [2332160]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/11027
~ Mes musiques (My Musics) : 2/733
~ Mes Videos (My Videos) : 2/163
~ Mes Favoris (My Favorites) : 1/70
~ Mes Documents (My Documents) : 2/471
~ Mon Bureau (My Desktop) : 2/8
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 00mn 12s

---\\ Processus lancés
[MD5.2FC19FCEABCE6D4FDBFB443FCFF3BCC6] - (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe [206208] [PID.2184]
[MD5.D6D36A01E927480C19333C5A7FB8DE49] - (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [525248] [PID.2504]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.1756]
[MD5.D1930CA970D4250D891F432419E3D6C9] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.2824]
[MD5.23C2FCAA50C4F80F7D1B8A0771D45328] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720] [PID.2232]
[MD5.5883D86F8C22B1E5F78627E4AF19B234] - (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.1704]
[MD5.884B8E140C0755CCC38906FAFD321787] - (.Alexey ILJIN - Pas de description.) -- C:\Program Files (x86)\Translate Client\translateclient.exe [1703936] [PID.2608]
[MD5.1F0A97900FC718CE617A722BEF8580CD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312] [PID.2352]
[MD5.3CB5ED5D503D2E698437666DBE341117] - (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [262912] [PID.3552]
[MD5.5E28022B298707EF50D734A1CE64BFE7] - (.Chicony - traybar.) -- C:\Program Files (x86)\Video Web Camera\traybar.exe [600688] [PID.3756]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3976]
[MD5.47833576F0BEE0AD7B45109982B769BD] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe [59720] [PID.4132]
[MD5.028E8DC1652F659B699AB6B92603EBEC] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1157640] [PID.964]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432] [PID.4976]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.4320]
[MD5.636D97B3BAF854511FF3F4093E895FED] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184] [PID.4504]
[MD5.85AF4805A6E0512F523170AD228758D3] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8260608] [PID.3620]
[MD5.4D41D30E2FAB3307967C7A0B045DC874] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1124]
[MD5.6D9FC1E7EA3C548F4D3455F0C3FEEF8C] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312] [PID.1524]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1632]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1680]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496] [PID.740]
[MD5.7485FBCEF9136F530953575E2977859D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.1236]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1984]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1968]
[MD5.3589BFAF27183772B7F0F976AAAEDE43] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744] [PID.2076]
[MD5.70DDE3A86DBEB1D6C3C30AD687B1877A] - (.Acer - Acer Update Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160] [PID.248]
[MD5.660BF3255A1EB18ED803FD2FBA6AE400] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.4008]
[MD5.765F2DD351BA064F657751D8D75E58C0] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.2548]
~ Processes Running: Scanned in 00mn 01s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\CLARA\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2005.45, (Désactivé)
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.5.8.0.8855 (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.5.0 (Activé)
~ Google Browser: 10 Scanned in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\CLARA\AppData\Roaming\Mozilla\Firefox\Profiles\poseu1ok.default\prefs.js
M3 - MFPP: Plugins - [CLARA] -- C:\Users\CLARA\AppData\Roaming\Mozilla\Firefox\Profiles\poseu1ok.default\searchplugins\bing.xml
M3 - MFPP: Plugins - [CLARA] -- C:\Users\CLARA\AppData\Roaming\Mozilla\Firefox\Profiles\poseu1ok.default\searchplugins\orange.xml
M3 - MFPP: Plugins - [CLARA] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [CLARA] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [CLARA] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [CLARA] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml =Toolbar.eBay
M3 - MFPP: Plugins - [CLARA] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [CLARA] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [CLARA] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [CLARA - poseu1ok.default] http://www.google.fr
M2 - MFEP: prefs.js [CLARA - poseu1ok.default\2020Player@2020Technologies.com] [] Visualisateur 3D de 20-20 v5.0.4.0 (..)
M2 - MFEP: prefs.js [CLARA - poseu1ok.default\facebook-translate@oliver.schloebe.de] [] Facebook Translate v1.2.7 (..)
M2 - MFEP: prefs.js [CLARA - poseu1ok.default\googledictionary@toptip.ca] [] Wiktionary and Google Translate v6.3.3 (..)
M2 - MFEP: prefs.js [CLARA - poseu1ok.default\OrangeVideo@orange.fr] [] Orange Vidéo v1.2.1.12788 (..)
M2 - MFEP: prefs.js [CLARA - poseu1ok.default\toolbar@Orange.fr] [] barre d'outils Orange v4.3.5.2 (..)
M2 - MFEP: prefs.js [CLARA - poseu1ok.default\translator@zoli.bod] [] Google Translator for Firefox v2.1.0.3 (..)
M2 - MFEP: prefs.js [CLARA - poseu1ok.default\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}] [] ImTranslator v7.2 (..)
M2 - MFEP: prefs.js [CLARA - poseu1ok.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [] Bitdefender QuickScan v0.9.9.119 (..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.8.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (...) -- C:\Users\CLARA\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll (.not file.)
P2 - FPN: [HKCU] [@stonetrip.com/ShiVaWebPlayer,version=1.8.1.0] - (.Stonetrip - ShiVa3D Plugin 1,8,1,1 for 3D real-time applications made with ShiVa E.) -- C:\Users\CLARA\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll
P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 4.9.1.16010.) -- C:\Users\CLARA\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google - Version 4.9.1.16010.) -- C:\Users\CLARA\AppData\Roaming\Mozilla\plugins\npo1d.dll
P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.Pas de propriétaire - Google Talk Plugin Video Accelerator version:0.1.44.29.) -- C:\Users\CLARA\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\CLARA\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\CLARA\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
~ Firefox Browser: 41 Scanned in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://do-search.com =PUP.DoSearches
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = aboutnoadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = aboutsecurityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com =PUP.DoSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = aboutnoadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = aboutsecurityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.16428 (winblue_gdr.131013-1700)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 14 Scanned in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:44413
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =Toolbar.Google
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ BHO: 6 Scanned in 00mn 00s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =Toolbar.Google
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Adobe Photoshop Elements 7.0.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0.) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\Photoshop Elements 7.0.exe
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =Piriform Ltd
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [Public]: Microsoft Works.lnk . (.Microsoft® Corporation - Microsoft® Works.) -- C:\Program Files (x86)\Microsoft Works\MSWorks.exe =.Microsoft Corporation
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Packard Bell GameZone Console.lnk . (.Oberon Media - Packard Bell GameZone Console.) -- C:\Program Files (x86)\Packard Bell GameZone\GameConsole\Packard Bell Game Console.exe
O4 - GS\Desktop [Public]: Packard Bell MyBackup.lnk . (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManager.exe
O4 - GS\Desktop [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{FA4C2D53-205F-4245-9717-F3761154824D}\SafariIco.exe
O4 - GS\Desktop [Public]: Skype.lnk . (...) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
O4 - GS\Desktop [Public]: User's Guide (Packard Bell InfoCentre).lnk . (.Acer Incorporated - InfoCentre Web Browser.) -- C:\Program Files (x86)\Packard Bell\InfoCentre\InfoCtr.exe
O4 - GS\Program [Public]: Adobe Photoshop Elements 7.0.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0.) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\Photoshop Elements 7.0.exe
O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =.Apple Inc
O4 - GS\Program [Public]: Contact a friend for assistance.lnk . (.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\System32\msra.exe
O4 - GS\Program [Public]: Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation - Microsoft® Works.) -- C:\Program Files (x86)\Microsoft Works\MSWorks.exe =.Microsoft Corporation
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =.Microsoft Corporation
O4 - GS\Program [Public]: Microsoft Access.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
O4 - GS\Program [Public]: Microsoft Excel.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
O4 - GS\Program [Public]: Microsoft Outlook.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
O4 - GS\Program [Public]: Microsoft PowerPoint.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
O4 - GS\Program [Public]: Microsoft Word.lnk . (...) -- C:\Windows\Installer\{0001040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Safari.lnk . (...) -- C:\Windows\Installer\{FA4C2D53-205F-4245-9717-F3761154824D}\SafariIco.exe
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =.Microsoft Corporation
O4 - GS\Program [Public]: Visionneuse Microsoft Office PowerPoint 2007.lnk . (...) -- c:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe =.Microsoft Corporation
O4 - GS\Program [Public]: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Packard Bell\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe =.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\system32\mblctr.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\system32\dfrgui.exe =.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\system32\msinfo32.exe =.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\system32\rstrui.exe =.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) -- C:\Windows\system32\migwiz\migwiz.exe =.Microsoft Corporation
O4 - GS\QuickLaunch [CLARA]: Apple Safari.lnk . (...) -- C:\Windows\Installer\{FA4C2D53-205F-4245-9717-F3761154824D}\SafariIco.exe
O4 - GS\QuickLaunch [CLARA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [CLARA]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [CLARA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [CLARA]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [CLARA]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [CLARA]: Welcome Center.lnk . (.Acer Incorporated - Welcome Center.) -- C:\Program Files (x86)\Packard Bell\Welcome Center\OEMWelcomeCenter.exe
O4 - GS\TaskBar [CLARA]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =.Microsoft Corporation
O4 - GS\TaskBar [CLARA]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O4 - GS\Program [CLARA]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories [CLARA]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =.Microsoft Corporation
O4 - GS\Accessories [CLARA]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =.Microsoft Corporation
O4 - GS\Accessories [CLARA]: Run.lnk - Clé orpheline
O4 - GS\Accessories [CLARA]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =.Microsoft Corporation
O4 - GS\SystemTools [CLARA]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [CLARA]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe =.Microsoft Corporation
O4 - GS\SendTo [CLARA]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =.Skype Technologies S.A.
O4 - GS\Desktop [CLARA]: Mon livre de cave.lnk . (...) -- C:\Program Files (x86)\LDC\JRE\bin\ldc.exe (.not file.)
O4 - GS\Desktop [CLARA]: Orange mes contenus.lnk . (...) -- C:\Program Files (x86)\orange cloud\Orange\Orange mes contenus\OrangeSC.exe (.not file.)
O4 - GS\Desktop [CLARA]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =.Nicolas Coolman
O4 - GS\Desktop [CLARA]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =.Nicolas Coolman
~ Global Startup: 82 Scanned in 00mn 01s

---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Microsoft Office.lnk . (.Microsoft Corporation - Microsoft Office 2000 component.) -- C:\Program Files (x86)\Microsoft Office\Office\OSA9.exe
O4 - GS\Startup [Public]: Translate Client.lnk . (.Alexey ILJIN - Pas de description.) -- C:\Program Files (x86)\Translate Client\translateclient.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [PLFSetI] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =Toolbar.Google
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\ea752c8d-ee0b-44ba-969c-00346c9f30c9.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files (x86)\Video Web Camera\traybar.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =.Microsoft Corporation
O4 - HKUS\S-1-5-21-378696231-3159941110-2019972561-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =Toolbar.Google
O4 - HKUS\S-1-5-21-378696231-3159941110-2019972561-1001\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-378696231-3159941110-2019972561-1001\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
~ Application: Scanned in 00mn 00s

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =.Microsoft Corporation
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 9 Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{00E85709-0AD6-4495-A71C-D1D6B5B75725}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{00E85709-0AD6-4495-A71C-D1D6B5B75725}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{00E85709-0AD6-4495-A71C-D1D6B5B75725}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DokanMounter (DokanMounter) . (.F-Secure - Terra Giga Drive.) - C:\Program Files\orange cloud\Orange\mes contenus - mon disque\mounter.exe
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =.Google Inc
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: Orange update Core Service (Orange update Core Service) . (.Orange SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
~ Services: 18 Scanned in 00mn 10s

---\\ Enumération Active Desktop MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s

---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-378696231-3159941110-2019972561-1001Core.job [1026]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-378696231-3159941110-2019972561-1001UA.job [1078]
[MD5.438F31336B3DC248ABC632F1C8F34A24] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.627F410F11F74008E9DC14B7F640CF34] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [761568]
[MD5.22621F4BC16C5C47E76E40F251F0CC79] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3905304] =Piriform Ltd
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskUserS-1-5-21-378696231-3159941110-2019972561-1001Core] (.Google Inc..) -- C:\Users\CLARA\AppData\Local\Google\Update\GoogleUpdate.exe [135664]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskUserS-1-5-21-378696231-3159941110-2019972561-1001UA] (.Google Inc..) -- C:\Users\CLARA\AppData\Local\Google\Update\GoogleUpdate.exe [135664]
[MD5.B236443743561032278DAFC417DCA315] [APT] [{32180983-6802-4342-AAFE-485B52B1A0D8}] (...) -- C:\Program Files\AVAST Software\Avast\aswRundll.exe [122432]
[MD5.00000000000000000000000000000000] [APT] [{5912DCE6-EC72-48F2-984B-DBDDC9B50CE1}] (...) -- C:\Users\CLARA\Documents\Firefox Setup 4.0.1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{706B79C9-9BE7-47DF-A84D-35C1A3E185B5}] (...) -- C:\Users\CLARA\Desktop\DSLtest2104.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E24B818C-53C5-46C1-B622-7B6E57CA730A}] (...) -- C:\Users\CLARA\Documents\Firefox Setup 4.0.1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EF91C3F1-F6C5-44BE-9A4F-46958B454895}] (...) -- C:\Users\CLARA\Desktop\DSLtest2104.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F52B85C4-E203-45D8-8024-5B1FD562CBE9}] (...) -- C:\Users\CLARA\Documents\Firefox Setup 4.0.1.exe (.not file.) [0]
[MD5.678A1DD764D614528EF1166A764CCDCE] [APT] [{F549C165-BB78-4483-B1A1-7CBEA0FC863C}] (.Orange.) -- C:\Users\CLARA\Documents\AssistanceLivebox_setup.exe [57036536]
[MD5.BF2F2717C13A4BD4FD73F2788534E86B] [APT] [{FF833C5B-2D62-4D17-A1BC-66EAAA8CC695}] (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [917400]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
~ Scheduled Task: 24 Scanned in 00mn 04s

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s

---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys

O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\Windows\system32\drivers\aswTdi.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {52E225FC-FCB4-41F7-837B-6E37FB05BD7B}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Photoshop Elements 7
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5511C07D-A83C-45AD-92B6-42DF99729A3C}
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {CB6075D9-F912-40AE-BEA6-E590DA24F16B}
O42 - Logiciel: Adobe Reader X (10.1.8) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d}
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Amazonia - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =.Apple Inc
O42 - Logiciel: Backup Manager Basic - (.NewTech Infosystems.) [HKLM][64Bits] -- {72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =Piriform Ltd
O42 - Logiciel: CaveAVin 4.0 - (...) [HKLM][64Bits] -- CaveAVin 4.0
O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
O42 - Logiciel: Client for Google Translate - (...) [HKLM][64Bits] -- Translate Client
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
O42 - Logiciel: Deezer Desktop - (.UNKNOWN.) [HKLM][64Bits] -- DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1
O42 - Logiciel: Deezer Desktop - (.UNKNOWN.) [HKLM][64Bits] -- {242189F0-E384-596C-7CB9-1E196EE3F1E5}
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: Farm Frenzy 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}
O42 - Logiciel: File Opener Pro - (.FileOpenerPro.) [HKLM][64Bits] -- fileopenerpro
O42 - Logiciel: First Class Flurry - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {192A227B-A8C8-4C6D-B939-21FAEB007E1E}
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {2A83AD05-56E6-3FBD-8752-B4143162EF59}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =Toolbar.Google
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =Toolbar.Google
O42 - Logiciel: Granny In Paradise - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}
O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- LManager
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}
O42 - Logiciel: Metaboli - (.Packard Bell.) [HKLM][64Bits] -- Metaboli
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Mon livre de cave - (...) [HKLM][64Bits] -- Mon livre de cave
O42 - Logiciel: Mozilla Firefox 19.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 19.0.2 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM][64Bits] -- {02c6547c-700b-486e-821e-065148c9915a}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {f4041dce-3fe1-4e18-8a9e-9de65231ee36}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM][64Bits] -- {869200db-287a-4dc0-b02b-2b6787fbcd4c}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {cc019e3f-59d2-4486-8d4b-878105b62a71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM][64Bits] -- {33cf58f5-48d8-4575-83d6-96f574e4d83a}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {e5c7d048-f9b4-4219-b323-8bdb01a2563d}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM][64Bits] -- {83202942-84b3-4c50-8622-b8c0aa2d2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM][64Bits] -- {20400dbd-e6db-45b8-9b6b-1dd7033818ec}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM][64Bits] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM][64Bits] -- {dba84796-8503-4ff0-af57-1747dd9a166d}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM][64Bits] -- {7748ac8c-18e3-43bb-959b-088faea16fb2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM][64Bits] -- {2348b586-c9ae-46ce-936c-a68e9426e214}
O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM][64Bits] -- {4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}
O42 - Logiciel: Notification Mail - (.Orange.) [HKLM][64Bits] -- MailNotifier
O42 - Logiciel: Orange Installer - (.Orange.) [HKLM][64Bits] -- Orange Installer
O42 - Logiciel: Orange mes contenus v1.0.0.043090 - (.Orange.) [HKLM][64Bits] -- {D6972518-1377-41ea-8129-E5FADBED5789}_is1
O42 - Logiciel: Packard Bell GameZone Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {117E3AE2-10D1-41C1-9FA6-F4C382F767A8}_is1
O42 - Logiciel: Packard Bell InfoCentre - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell InfoCentre
O42 - Logiciel: Packard Bell MyBackup - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: Packard Bell Power Management - (.Packard Bell.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Registration
O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell Incorporated.) [HKLM][64Bits] -- Packard Bell Screensaver
O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {FA4C2D53-205F-4245-9717-F3761154824D}
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype™ 6.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Video Web Camera - (.Chicony Electronics Co.,Ltd..) [HKLM][64Bits] -- {12A1B519-5934-4508-ADBD-335347B0DC87}
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Welcome Center
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =.Microsoft Corporation
O42 - Logiciel: avast! Free Antivirus v9.0.2008 - (.Avast Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {E0B19DF7-B1C7-4937-82C4-0E4B1E346965} =Toolbar.eBay
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}
O42 - Logiciel: mes contenus - mon disque v2.3.0.043089 - (.Orange.) [HKLM][64Bits] -- {C58FE0C9-4E41-41AA-BF23-11FE9CCB5F1F}_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
~ Logic: 55 Scanned in 00mn 00s

---\\ HKCU HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\Stonetrip]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\CEC_CM_SW]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Compal]
[HKCU\Software\CyberLink]
[HKCU\Software\Dynamic Toolbar]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Oberon Media]
[HKCU\Software\Orange]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\SAMSUNG]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Software FX, Inc]
[HKCU\Software\Software]
[HKCU\Software\Sonix]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WalletBalance]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\kde.org]
[HKLM\Software\]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OemSetup]
[HKLM\Software\Orange]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\ALWIL Software]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Audible]
[HKLM\Software\Wow6432Node\Chicony Electronics Co.,Ltd.]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Compal]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Digital River]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Oberon Media]
[HKLM\Software\Wow6432Node\Orange]
[HKLM\Software\Wow6432Node\Packard Bell]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RealNetworks]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SecureDigitalServices]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Sonic]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\TG Byte Software]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WinPcap]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Xing Technology Corp.]
[HKLM\Software\Wow6432Node\do-searchSoftware] =PUP.DoSearches
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 292 Scanned in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/04/2012 - 16:13:55 - [502,327] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/03/2010 - 19:08:51 - [0] ----D C:\Program Files (x86)\aod
O43 - CFD: 16/10/2011 - 14:39:01 - [2,316] ----D C:\Program Files (x86)\Apple Software Update =.Apple Inc
O43 - CFD: 16/10/2011 - 14:53:18 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 21/06/2011 - 10:56:30 - [4,793] ----D C:\Program Files (x86)\CaveAVin
O43 - CFD: 24/10/2013 - 07:12:18 - [860,151] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 25/12/2009 - 02:51:28 - [95,502] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 18/02/2013 - 17:07:16 - [2,545] ----D C:\Program Files (x86)\Deezer
O43 - CFD: 29/11/2013 - 18:54:06 - [0,918] ----D C:\Program Files (x86)\FileOpenerPro
O43 - CFD: 22/03/2013 - 09:52:43 - [548,916] ----D C:\Program Files (x86)\Google
O43 - CFD: 16/10/2013 - 18:57:55 - [0,561] ----D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
O43 - CFD: 25/12/2009 - 02:51:28 - [50,796] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 25/12/2009 - 02:38:28 - [76,638] ----D C:\Program Files (x86)\Intel
O43 - CFD: 12/11/2013 - 17:14:59 - [11,356] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 09/11/2013 - 17:18:59 - [184,756] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 16/11/2013 - 18:07:22 - [121,980] ----D C:\Program Files (x86)\Java
O43 - CFD: 05/11/2009 - 23:46:05 - [4,497] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 29/11/2013 - 20:30:41 - [13,265] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 04/07/2011 - 04:43:42 - [680,453] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 05/11/2009 - 23:59:20 - [7,431] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 11/10/2013 - 11:33:21 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 25/12/2009 - 02:44:57 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 25/12/2009 - 02:46:34 - [0,627] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 11/10/2012 - 08:58:48 - [139,669] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 26/06/2010 - 08:54:39 - [7,797] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 28/03/2013 - 10:49:31 - [50,553] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 28/03/2013 - 10:49:34 - [0,212] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 06:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 11/02/2010 - 10:43:12 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 06/11/2009 - 00:08:35 - [364,582] ----D C:\Program Files (x86)\Nero
O43 - CFD: 25/12/2009 - 02:40:59 - [29,989] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 10/02/2010 - 15:27:13 - [0,102] ----D C:\Program Files (x86)\OEM
O43 - CFD: 26/11/2013 - 14:57:39 - [47,330] ----D C:\Program Files (x86)\Orange
O43 - CFD: 10/02/2010 - 15:26:55 - [54,474] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 05/11/2009 - 23:53:39 - [800,436] ----D C:\Program Files (x86)\Packard Bell GameZone
O43 - CFD: 01/06/2013 - 16:08:15 - [73,545] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 25/12/2009 - 02:23:48 - [8,049] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 02/09/2012 - 05:43:52 - [102,607] ----D C:\Program Files (x86)\Safari
O43 - CFD: 26/01/2013 - 16:36:40 - [34,388] R---D C:\Program Files (x86)\Skype
O43 - CFD: 25/12/2009 - 02:23:49 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 02/12/2011 - 12:01:03 - [1,769] ----D C:\Program Files (x86)\Translate Client
O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 25/12/2009 - 02:38:15 - [11,586] ----D C:\Program Files (x86)\Video Web Camera
O43 - CFD: 11/07/2013 - 21:44:21 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 31/03/2011 - 05:17:50 - [139,448] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 26/05/2011 - 08:00:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail =.Microsoft Corporation
O43 - CFD: 26/05/2011 - 08:00:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player =.Microsoft Corporation
O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 26/05/2011 - 08:00:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/05/2011 - 08:00:23 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/05/2011 - 08:00:23 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/11/2013 - 15:23:12 - [17,181] ----D C:\Program Files (x86)\ZHPDiag =.Nicolas Coolman
O43 - CFD: 17/04/2012 - 16:13:56 - [58,882] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 18/11/2013 - 15:37:36 - [45,951] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 09/11/2013 - 17:18:20 - [225,704] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 25/12/2009 - 02:51:29 - [0,128] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 05/11/2009 - 23:55:46 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 05/11/2009 - 23:45:10 - [1,943] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 25/12/2009 - 02:26:53 - [13,578] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 24/10/2013 - 07:12:18 - [1,191] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 25/12/2009 - 02:40:01 - [0,622] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 08/03/2012 - 07:04:57 - [296,534] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 06/11/2009 - 00:09:56 - [115,717] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 05/11/2009 - 23:46:41 - [0,338] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 25/12/2009 - 02:38:32 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 25/12/2009 - 02:39:46 - [4,031] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 25/03/2010 - 19:29:26 - [0,135] ----D C:\Program Files (x86)\Common Files\Real
O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 26/01/2013 - 16:36:39 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 25/12/2009 - 02:39:46 - [0,324] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 12/04/2010 - 16:41:42 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 11/07/2012 - 07:48:54 - [52,826] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 25/12/2009 - 02:42:54 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 09/11/2013 - 17:19:03 - [2,775] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 23/02/2013 - 08:29:32 - [562,067] ----D C:\ProgramData\Adobe
O43 - CFD: 25/01/2012 - 23:45:02 - [25,146] ----D C:\ProgramData\Alwil Software
O43 - CFD: 02/02/2011 - 14:33:18 - [578,774] ----D C:\ProgramData\Apple
O43 - CFD: 05/12/2010 - 11:03:53 - [218,485] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 16/11/2013 - 16:23:52 - [19,502] ----D C:\ProgramData\AVAST Software
O43 - CFD: 06/11/2009 - 00:01:08 - [0,547] ----D C:\ProgramData\BackupManager
O43 - CFD: 10/02/2010 - 15:26:29 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 20/04/2011 - 05:16:45 - [0,022] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 10/02/2010 - 15:26:29 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 12/02/2010 - 17:17:42 - [0,001] ----D C:\ProgramData\FLEXnet
O43 - CFD: 10/05/2011 - 01:01:02 - [0,977] ----D C:\ProgramData\Google
O43 - CFD: 29/11/2013 - 20:30:39 - [6,797] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 09/09/2010 - 08:12:49 - [0] ----D C:\ProgramData\McAfee
O43 - CFD: 10/02/2010 - 15:26:29 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 27/11/2013 - 11:52:49 - [340,724] -S--D C:\ProgramData\Microsoft
O43 - CFD: 28/11/2013 - 20:29:42 - [0,116] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 10/02/2010 - 15:26:29 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 01/07/2012 - 08:03:53 - [0,034] ----D C:\ProgramData\Mozilla
O43 - CFD: 06/11/2009 - 00:07:48 - [10,851] ----D C:\ProgramData\Nero
O43 - CFD: 12/04/2010 - 16:45:20 - [0,015] ----D C:\ProgramData\Norton
O43 - CFD: 06/11/2009 - 00:12:39 - [9,968] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 10/02/2010 - 15:27:05 - [0,007] ----D C:\ProgramData\OEM
O43 - CFD: 24/10/2013 - 07:12:25 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 26/11/2013 - 14:57:35 - [30,002] ----D C:\ProgramData\Orange
O43 - CFD: 06/11/2009 - 00:02:29 - [3,603] ----D C:\ProgramData\Packard Bell
O43 - CFD: 26/01/2013 - 16:36:45 - [89,429] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 11/02/2010 - 12:58:08 - [0,001] ----D C:\ProgramData\Sun
O43 - CFD: 12/04/2010 - 16:42:58 - [0] ----D C:\ProgramData\Symantec
O43 - CFD: 22/06/2010 - 18:21:38 - [0,051] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 26/06/2010 - 08:05:49 - [0,002] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 30/11/2013 - 10:32:06 - [0] -SH-D C:\Users\CLARA\AppData\Roaming\.#
O43 - CFD: 17/04/2012 - 16:17:10 - [15,696] ----D C:\Users\CLARA\AppData\Roaming\Adobe
O43 - CFD: 09/12/2011 - 17:27:57 - [0,042] ----D C:\Users\CLARA\AppData\Roaming\AlauxSoft
O43 - CFD: 15/10/2012 - 17:45:32 - [910,180] ----D C:\Users\CLARA\AppData\Roaming\Apple Computer
O43 - CFD: 15/10/2013 - 17:50:23 - [6,581] ----D C:\Users\CLARA\AppData\Roaming\AVAST Software
O43 - CFD: 14/02/2010 - 12:48:19 - [0,002] ----D C:\Users\CLARA\AppData\Roaming\CyberLink
O43 - CFD: 19/02/2011 - 15:48:04 - [0,090] ----D C:\Users\CLARA\AppData\Roaming\DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1
O43 - CFD: 12/05/2010 - 16:57:55 - [0,017] ----D C:\Users\CLARA\AppData\Roaming\GameConsole
O43 - CFD: 10/02/2010 - 15:33:01 - [0] ----D C:\Users\CLARA\AppData\Roaming\Google
O43 - CFD: 10/02/2010 - 15:28:18 - [0] ----D C:\Users\CLARA\AppData\Roaming\Identities
O43 - CFD: 10/02/2010 - 15:29:00 - [0,055] ----D C:\Users\CLARA\AppData\Roaming\Macromedia
O43 - CFD: 29/11/2013 - 20:30:45 - [3,246] ----D C:\Users\CLARA\AppData\Roaming\Malwarebytes
O43 - CFD: 21/02/2011 - 17:12:34 - [0] ----D C:\Users\CLARA\AppData\Roaming\MechCAD
O43 - CFD: 14/07/2009 - 08:44:38 - [0] ----D C:\Users\CLARA\AppData\Roaming\Media Center Programs
O43 - CFD: 27/02/2013 - 18:59:31 - [1,778] -S--D C:\Users\CLARA\AppData\Roaming\Microsoft
O43 - CFD: 10/03/2010 - 12:17:10 - [0] ----D C:\Users\CLARA\AppData\Roaming\Microsoft Web Folders
O43 - CFD: 11/11/2013 - 13:44:32 - [162,667] ----D C:\Users\CLARA\AppData\Roaming\Mozilla
O43 - CFD: 07/06/2010 - 20:09:33 - [0,117] ----D C:\Users\CLARA\AppData\Roaming\Nero
O43 - CFD: 01/06/2010 - 14:06:32 - [1,421] ----D C:\Users\CLARA\AppData\Roaming\OpenOffice.org
O43 - CFD: 24/11/2013 - 12:15:58 - [0] ----D C:\Users\CLARA\AppData\Roaming\Orange
O43 - CFD: 13/09/2010 - 17:54:42 - [0] ----D C:\Users\CLARA\AppData\Roaming\Packard Bell
O43 - CFD: 19/11/2012 - 17:56:51 - [0] ----D C:\Users\CLARA\AppData\Roaming\QuickScan
O43 - CFD: 25/03/2010 - 19:29:24 - [0,087] ----D C:\Users\CLARA\AppData\Roaming\Real
O43 - CFD: 28/11/2013 - 18:06:40 - [7,435] ----D C:\Users\CLARA\AppData\Roaming\Skype
O43 - CFD: 18/12/2010 - 07:13:17 - [9,540] ----D C:\Users\CLARA\AppData\Roaming\StoneTrip
O43 - CFD: 11/02/2010 - 14:29:39 - [0,027] ----D C:\Users\CLARA\AppData\Roaming\Template
O43 - CFD: 30/11/2013 - 14:45:19 - [0,071] ----D C:\Users\CLARA\AppData\Roaming\translateclient
O43 - CFD: 22/06/2010 - 18:20:43 - [0,002] ----D C:\Users\CLARA\AppData\Roaming\ViquaSoft
O43 - CFD: 09/12/2011 - 08:19:33 - [0] ----D C:\Users\CLARA\AppData\Roaming\WalletBalance
O43 - CFD: 02/03/2011 - 19:28:54 - [0] ----D C:\Users\CLARA\AppData\Roaming\Windows Live Writer
O43 - CFD: 30/11/2013 - 15:25:18 - [4,243] ----D C:\Users\CLARA\AppData\Roaming\ZHP =.Nicolas Coolman
O43 - CFD: 22/11/2013 - 15:42:28 - [16,174] ----D C:\Users\CLARA\AppData\Local\Adobe
O43 - CFD: 24/11/2013 - 15:28:27 - [0,077] ----D C:\Users\CLARA\AppData\Local\Apple
O43 - CFD: 15/10/2012 - 17:45:32 - [36,690] ----D C:\Users\CLARA\AppData\Local\Apple Computer
O43 - CFD: 10/02/2010 - 15:26:41 - [0] -SH-D C:\Users\CLARA\AppData\Local\Application Data
O43 - CFD: 04/10/2013 - 19:01:04 - [0,635] ----D C:\Users\CLARA\AppData\Local\avgchrome
O43 - CFD: 14/11/2013 - 20:50:13 - [0,437] ----D C:\Users\CLARA\AppData\Local\Diagnostics
O43 - CFD: 09/11/2010 - 15:27:35 - [3,471] ----D C:\Users\CLARA\AppData\Local\Downloaded Installations
O43 - CFD: 14/11/2013 - 18:49:16 - [0,329] ----D C:\Users\CLARA\AppData\Local\ElevatedDiagnostics
O43 - CFD: 24/11/2013 - 14:32:03 - [0,059] ----D C:\Users\CLARA\AppData\Local\Facebook
O43 - CFD: 14/11/2013 - 21:14:08 - [344,663] ----D C:\Users\CLARA\AppData\Local\Google
O43 - CFD: 10/02/2010 - 15:26:41 - [0] -SH-D C:\Users\CLARA\AppData\Local\Historique
O43 - CFD: 11/06/2012 - 16:52:06 - [0] ----D C:\Users\CLARA\AppData\Local\Macromedia
O43 - CFD: 12/11/2013 - 17:20:33 - [269,510] ----D C:\Users\CLARA\AppData\Local\Microsoft
O43 - CFD: 09/11/2012 - 17:52:58 - [0,260] ----D C:\Users\CLARA\AppData\Local\Microsoft Games
O43 - CFD: 12/02/2010 - 05:45:32 - [0] ----D C:\Users\CLARA\AppData\Local\Microsoft Help
O43 - CFD: 10/02/2010 - 15:46:14 - [9,130] ----D C:\Users\CLARA\AppData\Local\Mozilla
O43 - CFD: 18/03/2013 - 19:44:57 - [14,471] ----D C:\Users\CLARA\AppData\Local\Orange
O43 - CFD: 13/09/2010 - 17:54:42 - [0,002] ----D C:\Users\CLARA\AppData\Local\Packard Bell
O43 - CFD: 29/11/2013 - 20:29:46 - [0] ----D C:\Users\CLARA\AppData\Local\Programs
O43 - CFD: 30/11/2013 - 15:25:46 - [0,033] ----D C:\Users\CLARA\AppData\Local\Temp
O43 - CFD: 10/02/2010 - 15:26:41 - [0] -SH-D C:\Users\CLARA\AppData\Local\Temporary Internet Files
O43 - CFD: 02/12/2011 - 10:15:36 - [0,802] ----D C:\Users\CLARA\AppData\Local\VirtualStore
O43 - CFD: 12/09/2013 - 17:27:10 - [0,090] ----D C:\Users\CLARA\AppData\Local\Windows Live
O43 - CFD: 02/03/2011 - 19:29:01 - [0,618] ----D C:\Users\CLARA\AppData\Local\Windows Live Writer
O43 - CFD: 25/03/2010 - 19:29:21 - [0,014] R---D C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 12/09/2013 - 07:03:44 - [0] R---D C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 30/11/2013 - 14:35:09 - [0,006] R---D C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
O43 - CFD: 20/04/2010 - 18:38:36 - [0] ----D C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hachette Multimédia
O43 - CFD: 14/07/2009 - 05:49:38 - [0,001] R---D C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09/10/2010 - 03:05:05 - [0] ----D C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Application
O43 - CFD: 26/11/2013 - 14:57:41 - [0,003] ----D C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orange
O43 - CFD: 16/10/2013 - 18:51:43 - [0] R---D C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 18/12/2010 - 07:13:09 - [0] ----D C:\Users\CLARA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StoneTrip
~ 5 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 181 Scanned in 00mn 27s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.3D57EC3DDD0A4B5A9DF9A676C7DD771D] - 16/11/2013 - 16:12:06 ---A- . (...) -- C:\Windows\AvastEmUpdate.ini [34]
O44 - LFC:[MD5.466094E637732A9834710230CF700DC4] - 16/11/2013 - 16:57:52 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43152]
O44 - LFC:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 16/11/2013 - 16:57:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O44 - LFC:[MD5.59787B95DD9CA44CB139D96863438587] - 16/11/2013 - 16:57:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [205320]
O44 - LFC:[MD5.9F34AA1124EEA112E49E48258B1D6394] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\Drivers\aswFsBlk.sys [38984]
O44 - LFC:[MD5.5C49AB607897C94E123EC8364FF4BF61] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [84328]
O44 - LFC:[MD5.6FFECAE6A7BF190D4A3D7AFA6D7B5478] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [65264]
O44 - LFC:[MD5.1BA60C77EB3CDB6129DAD25BAF675F43] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1032416]
O44 - LFC:[MD5.679712B7A353EE665B9301592164A172] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [92544]
O44 - LFC:[MD5.79ADA401A6E2054F110E7FBDFAC71942] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [409832]
O44 - LFC:[MD5.FD6FE2728F8747C6A15E2650958037C3] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [334648]
O44 - LFC:[MD5.FD6FE2728F8747C6A15E2650958037C3] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [334648]
O44 - LFC:[MD5.9406D801042FAF859CF81B2C886413DC] - 27/11/2013 - 11:49:05 ---A- . (.Microsoft Corporation - OHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbohci.sys [25600]
O44 - LFC:[MD5.280E90CBF4B2DDD169F0728CB44D726F] - 27/11/2013 - 11:49:06 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\Windows\System32\Drivers\usbhub.sys [343040]
O44 - LFC:[MD5.311C1DD1088E55BEAE15954D17F50646] - 27/11/2013 - 11:49:06 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\Windows\System32\Drivers\usbehci.sys [52736]
O44 - LFC:[MD5.E73A7A04FDAC9DD46EE2A4257F09E91C] - 27/11/2013 - 11:49:06 ---A- . (.Microsoft Corporation - Pilote de port USB 1.1 2.0.) -- C:\Windows\System32\Drivers\usbport.sys [325120]
O44 - LFC:[MD5.A83D0EC9AE4C31704442099D40BA2471] - 27/11/2013 - 11:49:06 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\Windows\System32\Drivers\usbuhci.sys [30720]
O44 - LFC:[MD5.ACCEA6BC68D0C9A78EB97EE159028B4E] - 27/11/2013 - 11:49:06 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\Windows\System32\Drivers\usbccgp.sys [99840]
O44 - LFC:[MD5.861C197502A5057E68F0AC75D9EFCDD7] - 27/11/2013 - 11:49:06 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\Windows\System32\Drivers\usbd.sys [7808]
O44 - LFC:[MD5.3BB056B4F761AD1422805DA07DAB719F] - 29/11/2013 - 06:48:36 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [356496]
O44 - LFC:[MD5.3BB056B4F761AD1422805DA07DAB719F] - 29/11/2013 - 06:48:36 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [356496]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/11/2013 - 19:24:44 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.0BB97D43299910CBFBA59C461B99B910] - 29/11/2013 - 20:30:38 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25928]
O44 - LFC:[MD5.94D58BD907F0CA733F6CAB9D1705F872] - 29/11/2013 - 20:41:18 ---A- . (...) -- C:\Windows\PFRO.log [1096]
O44 - LFC:[MD5.C2BC109D3D56F90B6BDECFDF00FD3406] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1669656]
O44 - LFC:[MD5.626124B1A299FA8738805CC44B1A6AC7] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [122352]
O44 - LFC:[MD5.EE9FAC4ABCCE519624B1A25EFFE07857] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [150402]
O44 - LFC:[MD5.BB59AC9CA1B5E1A87F690146C65AB8EF] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [654480]
O44 - LFC:[MD5.3E17ABEF6492B4DC0DD51DDB19C905D7] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [747910]
O44 - LFC:[MD5.C2BC109D3D56F90B6BDECFDF00FD3406] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1669656]
O44 - LFC:[MD5.626124B1A299FA8738805CC44B1A6AC7] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122352]
O44 - LFC:[MD5.EE9FAC4ABCCE519624B1A25EFFE07857] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150402]
O44 - LFC:[MD5.BB59AC9CA1B5E1A87F690146C65AB8EF] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654480]
O44 - LFC:[MD5.3E17ABEF6492B4DC0DD51DDB19C905D7] - 30/11/2013 - 10:54:48 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [747910]
O44 - LFC:[MD5.6D1536EDAC5F1950608924E44654A22D] - 30/11/2013 - 14:30:30 ---A- . (...) -- C:\rapport shortcut 2013.txt [8768]
O44 - LFC:[MD5.77DCF3E67E7D03C7C3D7C22FD0A30EF4] - 30/11/2013 - 14:31:16 ---A- . (...) -- C:\Windows\setupact.log [672]
O44 - LFC:[MD5.2C65564FE48E2816AB986CEB91D20C22] - 30/11/2013 - 14:31:16 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.8D33FDEC3F1C9373F159992C9D3AB064] - 30/11/2013 - 14:52:37 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1049100]
~ Files: 38 Scanned in 00mn 26s

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/04/2155 - 09:15:17 ----D - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.DEBE732887E432B6446285F1ACDCBA52] - 11/11/2013 - 12:57:23 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.0A1AC6B111DCDEE6F1E6CBD756AE1837] - 11/11/2013 - 12:58:24 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.6A61E69B4E48611AF588E0562798DB4D] - 24/11/2013 - 12:27:29 ---A- - C:\Windows\Prefetch\AgCx_SC4.db
O45 - LFCP:[MD5.8CDE471E4807551515AFE6CFF231D4BC] - 25/11/2013 - 16:28:36 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.89748ADC8FE65F21E5CD9FA2CCF745A1] - 30/11/2013 - 05:59:37 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf
O45 - LFCP:[MD5.365C63734EAAE76572C564CE97C1D1CA] - 30/11/2013 - 11:53:13 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-378696231-3159941110-2019972561-1001.db
O45 - LFCP:[MD5.0C0DF63B4EBBA888B93C604DF3267682] - 30/11/2013 - 11:53:13 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-378696231-3159941110-2019972561-1001.db
O45 - LFCP:[MD5.E7D7254CDADF50B2CD78EBCBEFC735B2] - 30/11/2013 - 12:22:16 ---A- - C:\Windows\Prefetch\CMD.EXE-0BD30981.pf
O45 - LFCP:[MD5.A4EA81A150C25CFF87D0FB320421EE5C] - 30/11/2013 - 13:07:26 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.611C7D558695C0C80E0F11735467C90D] - 30/11/2013 - 13:08:11 ---A- - C:\Windows\Prefetch\JAVAW.EXE-6340EE82.pf
O45 - LFCP:[MD5.668EC73491BEA833813E1575B175B82F] - 30/11/2013 - 13:08:11 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-E463E9D1.pf
O45 - LFCP:[MD5.678220A14DEBFDB5B82E2BB2CE9AA4FE] - 30/11/2013 - 13:36:53 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-19622E35.pf
O45 - LFCP:[MD5.B3F0F277CFDDAC0AAB59FA7E74836B01] - 30/11/2013 - 13:40:56 ---A- - C:\Windows\Prefetch\ASWOFFERTOOL.EXE-90180C34.pf
O45 - LFCP:[MD5.BC60CA43DEF401A2274004599A826644] - 30/11/2013 - 13:42:09 ---A- - C:\Windows\Prefetch\AVASTBCL-SFX.EXE-1BC6344A.pf
O45 - LFCP:[MD5.155846DAF22AF62DC3779E235D2B9066] - 30/11/2013 - 13:42:10 ---A- - C:\Windows\Prefetch\BROWSERCLEANUP.EXE-A708C5BA.pf
O45 - LFCP:[MD5.8529188DBB349D2A4F49DAF1ABCF7A8D] - 30/11/2013 - 14:15:28 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-03D3FB87.pf
O45 - LFCP:[MD5.33ECC030168072DC2BC154C8BEAB0C9D] - 30/11/2013 - 14:15:38 ---A- - C:\Windows\Prefetch\MBAM.EXE-493D9B94.pf
O45 - LFCP:[MD5.5E352BA29DC6281F4B704463684981E0] - 30/11/2013 - 14:18:37 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-032BB3D8.pf
O45 - LFCP:[MD5.6553CB40A662D18AA66B998772BFEA3F] - 30/11/2013 - 14:20:14 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-0217FFE1.pf
O45 - LFCP:[MD5.7B68D573F2131C56A1EF5BCD22366CC7] - 30/11/2013 - 14:27:59 ---A- - C:\Windows\Prefetch\SHORTCUT_MODULE.EXE-EFE788F4.pf
O45 - LFCP:[MD5.D21EBD75619DC1CB124388F475E5ED75] - 30/11/2013 - 14:28:00 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-D5E97654.pf
O45 - LFCP:[MD5.AF934CF38C9203848E85C4AF0616269C] - 30/11/2013 - 14:28:10 ---A- - C:\Windows\Prefetch\LMS.EXE-E687E9C2.pf
O45 - LFCP:[MD5.F65DC1534A8AF8827BDF77CDCE66991F] - 30/11/2013 - 14:28:10 ---A- - C:\Windows\Prefetch\WLIDSVC.EXE-8C6DAE9B.pf
O45 - LFCP:[MD5.FB65E8C8FBFF4D08150768B32B042BE2] - 30/11/2013 - 14:29:00 ---A- - C:\Windows\Prefetch\APPLEMOBILEDEVICESERVICE.EXE-EEDD4B94.pf
O45 - LFCP:[MD5.45F0730D840FA9C968FB198DB0FADF69] - 30/11/2013 - 14:29:00 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-BF1C7233.pf
O45 - LFCP:[MD5.F805D38773CB4087A8DF28177CC64C51] - 30/11/2013 - 14:29:20 ---A- - C:\Windows\Prefetch\SMSS.EXE-12F15F73.pf
O45 - LFCP:[MD5.F5A866FE043BA4128E967BD395C660B3] - 30/11/2013 - 14:29:47 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-413BC04C.pf
O45 - LFCP:[MD5.F622721B3B57D8000A91BA7DC5038274] - 30/11/2013 - 14:29:55 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5F4FAAB4.pf
O45 - LFCP:[MD5.C0C69FA252EFC69E79587E189D79A1CA] - 30/11/2013 - 14:29:55 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-D134AE44.pf
O45 - LFCP:[MD5.426FF13119F179345F3D5EEA0265F347] - 30/11/2013 - 14:29:56 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-8882CB44.pf
O45 - LFCP:[MD5.79F4BE1062689BAF1209C341DBA95BA9] - 30/11/2013 - 14:29:56 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-99F7A6BD.pf
O45 - LFCP:[MD5.211DF54ED94E5BE4932E8438C0EC1B2C] - 30/11/2013 - 14:29:57 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-6B46465F.pf
O45 - LFCP:[MD5.3AFDC7BB89CEA03955D99A0514B3417B] - 30/11/2013 - 14:29:57 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-D362B1EA.pf
O45 - LFCP:[MD5.4B5EB5E8146BD41D41D7658084CF8D12] - 30/11/2013 - 14:30:09 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-079BE983.pf
O45 - LFCP:[MD5.1B782685BCB000722EA39D4A1B6D208C] - 30/11/2013 - 14:30:28 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-0EC0E857.pf
O45 - LFCP:[MD5.66FAE7DD756C62136DB076481FBD96B2] - 30/11/2013 - 14:30:28 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-5651C2BE.pf
O45 - LFCP:[MD5.E384FF96622C027D3ACE696167BD719C] - 30/11/2013 - 14:30:28 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-736B1ADF.pf
O45 - LFCP:[MD5.7BA2F725A243C603FDBBC383EDEEF169] - 30/11/2013 - 14:30:28 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-76AC5B08.pf
O45 - LFCP:[MD5.242B5C772E86DE2044E4ED9BEF9F7FB0] - 30/11/2013 - 14:30:36 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.105B17028C5BB97D90A69944ADB6209A] - 30/11/2013 - 14:34:44 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-BE6307C0.pf
O45 - LFCP:[MD5.57B2686DAB0E392FD0EB642B083C3B1F] - 30/11/2013 - 14:34:51 ---A- - C:\Windows\Prefetch\OUCORE.EXE-A7E77A6B.pf
O45 - LFCP:[MD5.3607934585BF4D1A07E4DE2522184DC8] - 30/11/2013 - 14:34:51 ---A- - C:\Windows\Prefetch\PLFSETI.EXE-D9D6FD5A.pf
O45 - LFCP:[MD5.2244F5ADFFD38C401887C0F8E71F5890] - 30/11/2013 - 14:34:52 ---A- - C:\Windows\Prefetch\EPOWERTRAY.EXE-856809ED.pf
O45 - LFCP:[MD5.D127F7495CD704E6448C003A80E0815B] - 30/11/2013 - 14:34:52 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-DE4DD695.pf
O45 - LFCP:[MD5.D6E0F175D5180939C5A5A275FF22A3EB] - 30/11/2013 - 14:34:52 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-4ED41433.pf
O45 - LFCP:[MD5.E5AFF7F04D618AC5A1BF3CC7A7ED5C07] - 30/11/2013 - 14:34:52 ---A- - C:\Windows\Prefetch\UPDATER.EXE-A8C477C0.pf
O45 - LFCP:[MD5.F31AE0270302DC9BDF4BDB6DE59AAD97] - 30/11/2013 - 14:34:57 ---A- - C:\Windows\Prefetch\OUSOFTWAREMANAGER.EXE-D29C95B4.pf
O45 - LFCP:[MD5.35EE72E7C94FA658A861AAF719AFC74F] - 30/11/2013 - 14:35:05 ---A- - C:\Windows\Prefetch\IAANTMON.EXE-DA33DB1E.pf
O45 - LFCP:[MD5.F9422DED37FC7FD0D93175EF87384A09] - 30/11/2013 - 14:35:06 ---A- - C:\Windows\Prefetch\OUINDICATOR.EXE-AEE769DF.pf
O45 - LFCP:[MD5.2F5DC35061C8D51A7EA8675B9E48268C] - 30/11/2013 - 14:35:06 ---A- - C:\Windows\Prefetch\WLIDSVCM.EXE-A0B0D064.pf
O45 - LFCP:[MD5.CBD79E10CAAE2E93F0085CD9F7241B4F] - 30/11/2013 - 14:35:07 ---A- - C:\Windows\Prefetch\IGFXEXT.EXE-C31ADD58.pf
O45 - LFCP:[MD5.AAFA5262A0E948CC836804BE8C0D80A8] - 30/11/2013 - 14:35:07 ---A- - C:\Windows\Prefetch\IPODSERVICE.EXE-716E0AD1.pf
O45 - LFCP:[MD5.1A2E2B4569E3FF2EC55A733993BE2217] - 30/11/2013 - 14:35:08 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-C5618119.pf
O45 - LFCP:[MD5.075A7ADC686F27BEBDCEE359960F18CB] - 30/11/2013 - 14:35:09 ---A- - C:\Windows\Prefetch\LANGUAGE.EXE-F91BC2EC.pf
O45 - LFCP:[MD5.19751DDF12581CE1D1B73C9CC6EC3AEE] - 30/11/2013 - 14:35:11 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-0129C0B2.pf
O45 - LFCP:[MD5.1D57BAF1BE77646E9C6BB51122456958] - 30/11/2013 - 14:35:16 ---A- - C:\Windows\Prefetch\LMANAGER.EXE-2C9803DF.pf
O45 - LFCP:[MD5.DBB47DE41127CCF34C3D3AEE8AD89C3B] - 30/11/2013 - 14:35:18 ---A- - C:\Windows\Prefetch\PDVD8SERV.EXE-32298F0E.pf
O45 - LFCP:[MD5.F70F96F437BD1C107C97630615D42B9C] - 30/11/2013 - 14:35:19 ---A- - C:\Windows\Prefetch\JUSCHED.EXE-D6111BFB.pf
O45 - LFCP:[MD5.FF45C83E75AF518BB040FF12B6905408] - 30/11/2013 - 14:35:20 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-18FC9E64.pf
O45 - LFCP:[MD5.516BA91A397E486011AB4BE9ACB0DA90] - 30/11/2013 - 14:35:21 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-1CF42BC6.pf
O45 - LFCP:[MD5.EE2A36278DD851443342CB326429BF19] - 30/11/2013 - 14:35:21 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-27D91624.pf
O45 - LFCP:[MD5.989C538DE2DE1ACCBF614DA77954E456] - 30/11/2013 - 14:35:29 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-F6E20E14.pf
O45 - LFCP:[MD5.5C956FE1FE59E8B1586331A21382198A] - 30/11/2013 - 14:35:31 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-B597A9D1.pf
O45 - LFCP:[MD5.7B9A1ABF7944DDDE760A68E32924F6BB] - 30/11/2013 - 14:36:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-2E02FDCA.pf
O45 - LFCP:[MD5.DDAD27BA97492B08939E73F02F828708] - 30/11/2013 - 14:36:31 ---A- - C:\Windows\Prefetch\SDCLT.EXE-94EAE077.pf
O45 - LFCP:[MD5.28580105721B04E34DA9C80D21D139BB] - 30/11/2013 - 14:38:44 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-BB21CD77.pf
O45 - LFCP:[MD5.4E92DA2BF4CD5F936D19471FA4A656AE] - 30/11/2013 - 14:43:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-60778AC3.pf
O45 - LFCP:[MD5.4337348B61DDEE602E0A4489F7CC8DFC] - 30/11/2013 - 14:43:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-35FA9C06.pf
O45 - LFCP:[MD5.C07096ED67729FD66D64110C87718D22] - 30/11/2013 - 14:44:30 ---A- - C:\Windows\Prefetch\WERMGR.EXE-F439C551.pf
O45 - LFCP:[MD5.1F99DD852F86D72EB1A2505D30F7254D] - 30/11/2013 - 14:44:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-31898C74.pf
O45 - LFCP:[MD5.BE675478C6050538A4A52FF23D52A894] - 30/11/2013 - 14:45:10 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-8CE1A322.pf
O45 - LFCP:[MD5.717664690B969C9469BBACBACD2AB778] - 30/11/2013 - 14:47:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-D49D3641.pf
O45 - LFCP:[MD5.A37B99D4D181707DC68A790F453DC85F] - 30/11/2013 - 14:51:42 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-0E1E7B82.pf
O45 - LFCP:[MD5.30FEC2DB78CC9CA8B741000085AF9052] - 30/11/2013 - 14:51:42 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-16B291C4.pf
O45 - LFCP:[MD5.94A9B1FEEBE57E0DE86DA60C9D8E09F3] - 30/11/2013 - 14:51:53 ---A- - C:\Windows\Prefetch\UNS.EXE-40FB88B6.pf
O45 - LFCP:[MD5.E509E340887C792E0C7364781A202DC6] - 30/11/2013 - 14:51:54 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-F31BDE28.pf
O45 - LFCP:[MD5.1B0E3AA3D6DCAED74AF2D5FB229722AF] - 30/11/2013 - 14:52:40 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf
O45 - LFCP:[MD5.73DC0D2194F2B8D24377857D2973EF6E] - 30/11/2013 - 15:00:03 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-359C61A4.pf
O45 - LFCP:[MD5.5523A8E5C18F8CBF4EB0D11CAA8A5763] - 30/11/2013 - 15:00:25 ---A- - C:\Windows\Prefetch\INSTUP.EXE-DCA24DB4.pf
O45 - LFCP:[MD5.BBE4A5AE88F371F3C1D5930DB582EC18] - 30/11/2013 - 15:00:33 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-90230411.pf
O45 - LFCP:[MD5.356236C22761921414F7BE4D177C3BA6] - 30/11/2013 - 15:00:57 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-058FE8F5.pf
O45 - LFCP:[MD5.61BEFD42C9DF9F717BBD3F6FB7CA7461] - 30/11/2013 - 15:00:58 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-A033F7A0.pf
O45 - LFCP:[MD5.193AA213AA915CB0981AE10AC2842550] - 30/11/2013 - 15:00:59 ---A- - C:\Windows\Prefetch\GOOGLETOOLBARUSER_32.EXE-66EEE4D2.pf =Toolbar.Google
O45 - LFCP:[MD5.604C21A433ECC01118B78B66B88BB975] - 30/11/2013 - 15:02:35 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-AB22E9A6.pf
O45 - LFCP:[MD5.08326E9538D4A756DF7B396218C7FA63] - 30/11/2013 - 15:03:48 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-AB0FD091.pf
O45 - LFCP:[MD5.FF809BC8C321FB172516561FCEA6B063] - 30/11/2013 - 15:03:52 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-A0F5E092.pf
O45 - LFCP:[MD5.4014D8A8FEF27733D5DC2AE1DAB66515] - 30/11/2013 - 15:09:26 ---A- - C:\Windows\Prefetch\PREVHOST.EXE-7DD93B84.pf
O45 - LFCP:[MD5.CB00B1CC3E5D2EC91CB9993BED56F423] - 30/11/2013 - 15:09:27 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-C5670914.pf
O45 - LFCP:[MD5.39A68925224514A603E7FF059FD0E290] - 30/11/2013 - 15:11:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-576CF6B2.pf
O45 - LFCP:[MD5.D36915494E07D66265AD063058E933AD] - 30/11/2013 - 15:18:57 ---A- - C:\Windows\Prefetch\CHROME.EXE-5349D2D7.pf
O45 - LFCP:[MD5.E81A1769FC82FED617B94CFE36FB85DF] - 30/11/2013 - 15:19:49 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.C542754DF20A198603C105DDB72CC215] - 30/11/2013 - 15:19:49 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.1C2D1548D88AB7F790C4115976323F2E] - 30/11/2013 - 15:19:50 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.869DA25377FED00BD224BDC843B6014B] - 30/11/2013 - 15:19:50 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.ABF0A6C4680DAE243848EE54C79DCFE4] - 30/11/2013 - 15:20:52 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf
O45 - LFCP:[MD5.A05EC964F9DFF1C458430F13CA3409BE] - 30/11/2013 - 15:20:53 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-44162447.pf
O45 - LFCP:[MD5.6ADE786B8B936AF2CB285C015685B70B] - 30/11/2013 - 15:21:51 ---A- - C:\Windows\Prefetch\CONSENT.EXE-40419367.pf
O45 - LFCP:[MD5.4433E9C2F99A8D99B049D53687B5A676] - 30/11/2013 - 15:21:57 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6389524F.pf
O45 - LFCP:[MD5.5F04370195D7E3F159235D239BD844B5] - 30/11/2013 - 15:21:58 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-6A7CE3BF.pf
O45 - LFCP:[MD5.6CDF5A86E038FCED732D1741E865B997] - 30/11/2013 - 15:22:02 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-EF64D475.pf
O45 - LFCP:[MD5.4C3B3B57F73C4380CDBF4C1F740020A5] - 30/11/2013 - 15:22:03 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-C00A5976.pf
O45 - LFCP:[MD5.27759471AE998E0C072EA087BFCDC00B] - 30/11/2013 - 15:22:41 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4B6CB38A.pf
O45 - LFCP:[MD5.23DD38E987E4BE4F5A2A583515714D36] - 30/11/2013 - 15:23:10 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-257D8644.pf
O45 - LFCP:[MD5.0B62A9594C44F255E747870FAEB2EB04] - 30/11/2013 - 15:23:18 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-960426D8.pf
O45 - LFCP:[MD5.DECB499486DB1E6E4529914D59E3BC6B] - 30/11/2013 - 15:23:20 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-6A1D0894.pf
O45 - LFCP:[MD5.CCA4AF13B92FF7121D9011F04461D3C9] - 30/11/2013 - 15:24:37 ---A- - C:\Windows\Prefetch\CMD.EXE-6D6290C5.pf
O45 - LFCP:[MD5.F8A903D6F484F447F3EDD087D0D37DC6] - 30/11/2013 - 15:24:38 ---A- - C:\Windows\Prefetch\CONHOST.EXE-0C6456FB.pf
O45 - LFCP:[MD5.99154BF2073EA53FE8C8BA2894BAFB36] - 30/11/2013 - 15:24:39 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-FCD9ABA9.pf
O45 - LFCP:[MD5.46D2455A55050C62A6B97CAF21350706] - 30/11/2013 - 15:24:40 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-39F97B2D.pf
O45 - LFCP:[MD5.5954BA78B83DA1817C298C35C8D5BC7B] - 30/11/2013 - 15:24:41 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-96070FE0.pf
O45 - LFCP:[MD5.4FEE099691F9D50A6102693271EA2BCF] - 30/11/2013 - 15:24:55 ---A- - C:\Windows\Prefetch\PV.EXE-0748338F.pf
O45 - LFCP:[MD5.2687E1291F31B8CA0DBB3F69C5FAC0BA] - 30/11/2013 - 15:24:56 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-6E1A6101.pf
O45 - LFCP:[MD5.45334F5161281EBC002CA95D9A820E53] - 30/11/2013 - 15:25:06 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-3DCC0576.pf
O45 - LFCP:[MD5.E662F4304F2FAB718B517EB9399C3F47] - 30/11/2013 - 15:25:17 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-DC1676CD.pf
~ Prefetcher: 115 Scanned in 00mn 01s

---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s

---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s

---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s

---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s

---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:[MD5.9F34AA1124EEA112E49E48258B1D6394] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\Drivers\aswFsBlk.sys [38984]
O58 - SDL:[MD5.5C49AB607897C94E123EC8364FF4BF61] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [84328]
O58 - SDL:[MD5.679712B7A353EE665B9301592164A172] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [92544]
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 16/11/2013 - 16:57:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.1BA60C77EB3CDB6129DAD25BAF675F43] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1032416]
O58 - SDL:[MD5.79ADA401A6E2054F110E7FBDFAC71942] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [409832]
O58 - SDL:[MD5.6FFECAE6A7BF190D4A3D7AFA6D7B5478] - 16/11/2013 - 16:57:53 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [65264]
O58 - SDL:[MD5.59787B95DD9CA44CB139D96863438587] - 16/11/2013 - 16:57:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [205320]
O58 - SDL:[MD5.D6CAD7E5B05055BB8226BDCB1644DA27] - 06/11/2009 - 05:56:06 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [1550848]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:[MD5.A4D308271A72D6EDCD328CF08ED4A7F5] - 18/07/2012 - 15:17:00 ---A- . (.Windows (R) Win 7 DDK provider - Dokan Filesystem Driver.) -- C:\Windows\System32\Drivers\dokan.sys [112296]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:[MD5.8E98D21EE06192492A5671A6144D092F] - 21/08/2012 - 12:01:20 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.B6AC71AAA2B10848F57FC49D55A651AF] - 17/09/2009 - 05:54:54 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [56344]
O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:[MD5.BE7D72FCF442C26975942007E0831241] - 13/10/2009 - 20:16:40 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys [409624]
O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:[MD5.677AA5991026A65ADA128C4B59CF2BAD] - 25/08/2010 - 19:36:04 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [10611552]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:[MD5.36FDF367A1DABFF903E2214023D71368] - 26/10/2009 - 05:39:44 ---A- . (.Intel Corporation - Intel(R) Turbo Boost Technology Driver.) -- C:\Windows\System32\Drivers\Impcd.sys [151936]
O58 - SDL:[MD5.408B401CD7CDB075C7470B0FF7BA8D0B] - 29/10/2009 - 23:56:34 ---A- . (.Intel(R) Corporation - Intel(R) Display HD Audio driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [244736]
O58 - SDL:[MD5.D85F3F18E44F7447B5F1BA5C85BAEB7C] - 05/08/2009 - 21:43:58 ---A- . (.Broadcom Corporation - Broadcom NetLink (TM) Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\k57nd60a.sys [320040]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:[MD5.0BB97D43299910CBFBA59C461B99B910] - 04/04/2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25928]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:[MD5.4D85A450EDEF10C38882182753A49AAE] - 05/10/2009 - 08:49:34 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETw5s64.sys [6952960]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:[MD5.351533ACC2A069B94E80BBFC177E8FDF] - 11/02/2011 - 22:23:34 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35344]
O58 - SDL:[MD5.64DDD0DEE976302F4BD93E5EFCC2F013] - 06/05/2009 - 01:46:08 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\System32\Drivers\NTIDrvr.sys [18432]
O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:[MD5.FBF4DB6D53585437E41A113300002A2B] - 16/06/2008 - 03:00:00 ----- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\Drivers\PxHlpa64.sys [55024]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:[MD5.7421A35C45484B95E83B5E9E107CEFC2] - 24/06/2009 - 11:23:24 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RtHDMIVX.sys [205472]
O58 - SDL:[MD5.492CD3A94913D753B4591CD9E29EC843] - 20/10/2009 - 10:55:12 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [2012832]
O58 - SDL:[MD5.DB30AA4DAA0D492FA5D7717D8181FFA1] - 02/09/2009 - 02:58:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\System32\Drivers\RtsUStor.sys [225280]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.ECB9097C86DB32BF3940590E0E1792C3] - 23/10/2009 - 06:27:12 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [307760]
O58 - SDL:[MD5.2E22C1FD397A5A9FFEF55E9D1FC96C00] - 06/05/2009 - 01:46:08 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\System32\Drivers\UBHelper.sys [16896]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:[MD5.D5BCB77BE83CF99F508943945D46343D] - 26/03/2009 - 04:16:08 ---A- . (.Dritek System Inc. - Dritek 64-bit PS/2 Keyboard Filter Driver.) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys [25608]
O58 - SDL:[MD5.DB30AA4DAA0D492FA5D7717D8181FFA1] - 02/09/2009 - 02:58:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys [225280]
~ Drivers: 16 Scanned in 00mn 04s

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 27/11/2013 - 15:26:30 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Orange\Orange mes contenus\GUIConfig.cfg [408]
O61 - LFC: 27/11/2013 - 15:26:30 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Orange\Orange mes contenus\LocalConfig.cfg [448]
O61 - LFC: 27/11/2013 - 15:26:30 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Orange\Orange mes contenus\uninstall.cfg [80]
O61 - LFC: 27/11/2013 - 15:26:30 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Orange\mes contenus - mon disque\GUIConfig.cfg [400]
O61 - LFC: 27/11/2013 - 15:26:30 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Orange\mes contenus - mon disque\LocalConfig.cfg [88]
O61 - LFC: 27/11/2013 - 15:26:30 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Orange\mes contenus - mon disque\uninstall.cfg [88]
O61 - LFC: 27/11/2013 - 15:27:28 ---A- . (...) -- C:\Users\CLARA\Documents\LCL\syntese\SYNTHESE_20131126.pdf [64511]
O61 - LFC: 28/11/2013 - 15:26:23 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Apple Computer\iTunes\iTunesPrefs.xml [1671982]
O61 - LFC: 28/11/2013 - 15:26:26 ---A- . (...) -- C:\Users\CLARA\AppData\Local\GDIPFONTCACHEV1.DAT [84016]
O61 - LFC: 28/11/2013 - 15:26:26 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ihmgiclibbndffejedjimfjmfoabpcke_0\4 [520192]
O61 - LFC: 28/11/2013 - 15:26:27 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\001715.ldb [196]
O61 - LFC: 28/11/2013 - 15:26:29 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Google\Toolbar Cache\7.5.4601.54\fr\translate_languages.json.content [1861]
O61 - LFC: 28/11/2013 - 15:26:33 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\dl\.cs\ChunkStoreDatabase [131072]
O61 - LFC: 28/11/2013 - 15:26:33 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\dl\.cs\ChunkStoreDatabase-journal [57968]
O61 - LFC: 28/11/2013 - 15:26:33 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\dl\new-0x0000000000000003 [1772733]
O61 - LFC: 28/11/2013 - 15:26:33 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\dl\new-0x0000000000000005 [1718076]
O61 - LFC: 28/11/2013 - 15:26:33 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\iTunes\iTunesPrefs.xml [408097]
O61 - LFC: 28/11/2013 - 15:26:41 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\Thumbnails\My_Photo_Stream\578e1570-dfc5-4c01-a34b-15108fc975b4.png [28199]
O61 - LFC: 28/11/2013 - 15:26:43 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\Thumbnails\My_Photo_Stream\7a73a880-09c1-49ff-94c2-fbf02673c018.png [38924]
O61 - LFC: 28/11/2013 - 15:26:44 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\Thumbnails\My_Photo_Stream\7c5445ce-82d0-408c-ac40-1de7a62c3cc3.png [39773]
O61 - LFC: 28/11/2013 - 15:26:47 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\Thumbnails\My_Photo_Stream\b5b01d8d-08b7-4544-ba24-864450042d8d.png [39582]
O61 - LFC: 28/11/2013 - 15:26:52 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\Thumbnails\My_Photo_Stream-70e455904ca8b1b6c43c88465cbd68.png [577053]
O61 - LFC: 28/11/2013 - 15:26:52 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\MediaStream\Thumbnails\My_Photo_Stream\ff07e635-ef6d-4d09-b0aa-6563e84c186d.png [38968]
O61 - LFC: 28/11/2013 - 15:27:19 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Apple Computer\Preferences\com.apple.mmcs.plist [2004]
O61 - LFC: 28/11/2013 - 15:27:21 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Microsoft\Office\Word12.pip [1684]
O61 - LFC: 28/11/2013 - 15:27:22 ---A- . (...) -- C:\Users\CLARA\AppData\Roaming\Packard Bell\InfoCentre\fonsize.xml [22]

---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 28/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 16/11/2013 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 16/11/2013 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 04/07/2013 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 18/07/2012 - C:\Windows\system32\drivers\dokan.sys (Dokan) .(.Windows (R) Win 7 DDK provider - Dokan Filesystem Driver.) - LEGACY_DOKAN
O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 25/09/2013 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 25/09/2013 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 04/04/2013 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 11/02/2011 - C:\Windows\System32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 25/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
~ Legacy: 91 Scanned in 00mn 00s

---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =.Microsoft Corporation
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
~ Keys: Scanned in 00mn 00s

---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]

~ Services: 32 Scanned in 00mn 00s

---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][24/08/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.8F620FC3C9DA6BA23BCD7EE4A59D3263] [SPRF][14/11/2013] (...) -- C:\Users\CLARA\AppData\Roaming\wklnhst.dat [7878]
[MD5.AFAFA655CC59872129A32CDE4F60F2DE] [SPRF][30/11/2013] (...) -- C:\Users\CLARA\Desktop\adwcleaner.exe [1091882]
[MD5.BB3E94951EDA14BBDA3E051384241D24] [SPRF][22/03/2011] (.Dictao SA - KeybHunterWeb Module.) -- C:\Windows\Downloaded Program Files\KeybHunterWeb.dll [120816]
~ Files: 4 Scanned in 00mn 00s

---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.ex

---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 28/09/2013 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 16/11/2013 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 16/11/2013 - C:\Windows\system32\drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 16/11/2013 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 04/07/2013 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 18/07/2012 - C:\Windows\system32\drivers\dokan.sys (Dokan) .(.Windows (R) Win 7 DDK provider - Dokan Filesystem Driver.) - LEGACY_DOKAN
O64 - Services: CurCS - 01/08/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 24/01/2013 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 25/09/2013 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 25/09/2013 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 04/04/2013 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 11/02/2011 - C:\Windows\System32\drivers\npf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 25/06/2013 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
~ Legacy: 91 Scanned in 00mn 00s

---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =.Microsoft Corporation
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
~ Keys: Scanned in 00mn 00s

---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]

~ Services: 32 Scanned in 00mn 00s

---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][24/08/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.8F620FC3C9DA6BA23BCD7EE4A59D3263] [SPRF][14/11/2013] (...) -- C:\Users\CLARA\AppData\Roaming\wklnhst.dat [7878]
[MD5.AFAFA655CC59872129A32CDE4F60F2DE] [SPRF][30/11/2013] (...) -- C:\Users\CLARA\Desktop\adwcleaner.exe [1091882]
[MD5.BB3E94951EDA14BBDA3E051384241D24] [SPRF][22/03/2011] (.Dictao SA - KeybHunterWeb Module.) -- C:\Windows\Downloaded Program Files\KeybHunterWeb.dll [120816]
~ Files: 4 Scanned in 00mn 00s

---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.ex

e Talk Plugin Installer.) -- C:\Windows\Installer\1175674.msi [8708608]
[MD5.98B71EBBC205A824FF4030FECA79B6C1] [WIS][26/09/2013] (.Google, Inc. - Google Drive.) -- C:\Windows\Installer\13ff8e.msi [31623168]
[MD5.B9AF517CBADE46910C5348C09472210E] [WIS][26/01/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\143ef6c.msi [20717568]
[MD5.C83FE37BDCEF818E6059559B7749D873] [WIS][15/12/2011] (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Windows\Installer\181e23.msi [6541312]
[MD5.B2A317E4965974FC1170E3D8E21986B8] [WIS][18/02/2013] (.UNKNOWN - DeezerDesktop.) -- C:\Windows\Installer\21a9c6.msi [23040]
[MD5.FA312949F2849CFE71EFBC95CDB62FEA] [WIS][29/10/2009] (.NewTech Infosystems - Backup Manager Basic.) -- C:\Windows\Installer\28b0d.msi [996864]
[MD5.066CE7A861C7B83197D92E07FA1EE16C] [WIS][02/12/2011] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\2ac085.msi [28160] =Toolbar.Google
~ WIS: 126 Scanned in 00mn 17s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 22/11/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 25/12/2009 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 10/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 07/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 28/07/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Demand 29/08/2009 44312 | (OberonGameConsoleService) . (...) - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe
SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe

SR - | Auto 08/12/2008 169312 | (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/11/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 20/07/2012 64384 | (DokanMounter) . (.F-Secure.) - C:\Program Files\orange cloud\Orange\mes contenus - mon disque\mounter.exe
SR - | Auto 29/10/2009 844320 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
SR - | Auto 13/10/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 30/09/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 29/10/2009 255744 | (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
SR - | Auto 30/09/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 04/07/2009 240160 | (Updater Service) . (.Acer.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 19s

---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by CLARA at 30/11/2013 15:30:18
~ OS 64 not supported by MBR tool

~ MBR: 0 Scanned in 00mn 00s

---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by CLARA at 30/11/2013 15:30:20

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s

---\\ Scan Additionnel (O88)
Database Version : 13004 - (30/11/2013)
Clés trouvées (Keys found) : 11
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =Toolbar.Google^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}] =Toolbar.eBay^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =Toolbar.Google^
[HKLM\Software\Wow6432Node\do-searchSoftware] =PUP.DoSearches^
C:\Windows\Installer\2ac085.msi =Toolbar.Google^
~ Additionnel Scan: 322144 Items scanned in 00mn 26s

---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blo ... dosearches =PUP.DoSearches
~ http://nicolascoolman.webs.com/apps/blo ... -imbooster =Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blo ... are-boxore =Adware.Boxore
~ MSI: 3 link(s) detected in 00mn 26s

End of the scan (2289 lines in 06mn 24s)(0)

Voilà Gabriel j'espère qu'il ne manque rien ....

Re,

Non non héberge-le sur cjoint STP, comme ceci : http://www.forum-entraide-informatique. ... m-tutoriel

Gabriel.

Bonjour,

+1 ...infecté par Do-Search...

Je suis dans le métier et c'est la première fois que je n'entrevois pas de solution et mon PC se détériore tranquillement...

Si vous pouvez m'aider...

Merci par avance

Bonjour jmba59,

Ouvre un nouveau sujet STP : http://www.forum-entraide-informatique. ... e=newtopic

Gabriel.

http://cjoint.com/?0KEq5i4gMzs

j'espère avoir bien fait !

Gabriel pour info je n'ai plus do search sur mes moteurs de recherches ..j'ai perdu au passage mes barres d'outils mais ce n'est pas grave ..mais le PC est toujours très long pour s'ouvrir il faut bien 30 minutes ....

Re,

Fais ZHPFix comme ceci avec ces lignes, et poste le rapport.

Gabriel.

Gabriel le script que je dois coller c'est le dernier envoyer sur le lien ? merci à vous

JE VIENS DE TRRapport de ZHPFix 2013.11.26.8 par Nicolas Coolman, Update du 26/11/2013
Fichier d'export Registre :
Run by CLARA at 30/11/2013 17:38:11
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée (00mn 07s)

========== Logiciels ==========
SUPPRIMÉ: eBay Worldwide

========== Clés du Registre ==========
SUPPRIMÉ: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}]
SUPPRIMÉ: HKCU\Software\Dynamic Toolbar
SUPPRIMÉ: HKLM\Software\Wow6432Node\do-searchSoftware
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
SUPPRIMÉ: [HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\7FD91B0E7C1B7394284CE0B4E1439656]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\7FD91B0E7C1B7394284CE0B4E1439656]

========== Valeurs du Registre ==========
SUPPRIMÉ: Toolbar: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5}

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R0 - Main,Start Page = KLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
SUPPRIMÉ: R1 Search Page =

========== Dossiers ==========
SUPPRIMÉ: C:\Users\CLARA\AppData\Local\{59198EF5-94DF-4DA6-B2F7-DC784756023C}
SUPPRIMÉ: C:\Users\CLARA\AppData\Local\{5DF3902E-5207-43A8-8BC1-DC78972CB3EF}
SUPPRIMÉ: C:\Users\CLARA\AppData\Local\{67B922D4-3DFF-49F5-9673-BC4E75E233B6}
SUPPRIMÉ: C:\Users\CLARA\AppData\Local\{6BE6F047-3071-487C-B19C-A83A1A20F2F5}
SUPPRIMÉ: C:\Users\CLARA\AppData\Local\{98CFD0D5-26E5-4B89-AD13-B16B59B9BCE6}

========== Fichiers ==========
SUPPRIMÉ: c:\program files (x86)\mozilla firefox\searchplugins\ebay-france.xml
SUPPRIMÉ: c:\users\clara\desktop\mon livre de cave.lnk
SUPPRIMÉ: c:\users\clara\desktop\orange mes contenus.lnk
SUPPRIMÉ: c:\windows\prefetch\ntosboot-b00dfaad.pf
SUPPRIMÉ: c:\windows\prefetch\aggluad_p_s-1-5-21-378696231-3159941110-2019972561-1001.db
SUPPRIMÉ: c:\windows\prefetch\aggluad_s-1-5-21-378696231-3159941110-2019972561-1001.db
SUPPRIMÉ: c:\windows\prefetch\aswoffertool.exe-90180c34.pf
SUPPRIMÉ: c:\windows\prefetch\shortcut_module.exe-efe788f4.pf
SUPPRIMÉ: c:\windows\prefetch\plfseti.exe-d9d6fd5a.pf
SUPPRIMÉ: c:\windows\prefetch\instup.exe-dca24db4.pf
SUPPRIMÉ: c:\users\clara\appdata\local\temp\~df43d45ccc7bc012ed.tmp
SUPPRIMÉS Temporaires Windows (7) (36 652 octets)
SUPPRIMÉS Flash Cookies (0) (0 octets)

========== Tache planifiée ==========
SUPPRIMÉ: {5912DCE6-EC72-48F2-984B-DBDDC9B50CE1}
SUPPRIMÉ: {706B79C9-9BE7-47DF-A84D-35C1A3E185B5}
SUPPRIMÉ: {E24B818C-53C5-46C1-B622-7B6E57CA730A}
SUPPRIMÉ: {EF91C3F1-F6C5-44BE-9A4F-46958B454895}
SUPPRIMÉ: {F52B85C4-E203-45D8-8024-5B1FD562CBE9}

========== Restauration Système ==========
Point de restauration du système créé avec succès

========== Récapitulatif ==========
13 : Clés du Registre
1 : Valeurs du Registre
2 : Eléments de donnée du Registre
5 : Dossiers
13 : Fichiers
1 : Logiciels
5 : Tache planifiée
1 : Restauration Système

End of clean in 03mn 08s

========== Chemin de fichier rapport ==========
C:\Users\CLARA\AppData\Roaming\ZHP\ZHPFix[R1].txt - 30/11/2013 17:38:19 [4006]
OUVER VOILA LE RAPPORT

Re,

Ok.

Do search est toujours présent ?

Fais moi un nouveau rapport ZHPDiag et poste le rapport hébergé.

Gabriel.

http://cjoint.com/?0KEskggOMaV

Voilà ...

Re,

Refais ZHPFix avec ces lignes :

Script ZHPfix
O61 - LFC: 29/11/2013 - 18:00:30 ---A- . (...) -- C:\Users\CLARA\AppData\Local\Google\Chrome\User Data\Default\databases\http_do-search.com_0\1908 [6144]
Et poste le rapport.

Gabriel.

Rapport de ZHPFix 2013.11.26.8 par Nicolas Coolman, Update du 26/11/2013
Fichier d'export Registre :
Run by CLARA at 30/11/2013 18:24:39
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée (00mn 02s)

========== Récapitulatif ==========

End of clean in 00mn 02s

========== Chemin de fichier rapport ==========
C:\Users\CLARA\AppData\Roaming\ZHP\ZHPFix[R1].txt - 30/11/2013 17:38:19 [4086]
C:\Users\CLARA\AppData\Roaming\ZHP\ZHPFix[R2].txt - 30/11/2013 18:24:41 [472]

Re,

Ok et donc :

Do search est toujours présent ?Gabriel.

Alors c'est grave Gabriel ! que pouvons nous faire ...

Re,

Tu n'as pas répondu à ma question. ^^

Gabriel.

Oh ! pardon non je ne le vois plus sur les moteurs de recherche ...vraiment si il est bien enlevé alors un GRAND GRAND merci comment j'aurais pu faire sans vous vous etes un as j'ai eu peur de ne pouvoir suivre ...

Re,

Super.
Il nous reste encore à finaliser, voici la procédure : http://www.forum-entraide-informatique. ... nalisation
Tiens moi au courant de ton avancée au fur et à mesure.

Gabriel.

OUI BIEN SUR je te tiens au courrant ..et je vais tout de suite finaliser ..

Pas de souci.

@+

Gabriel.

Forum d'Entraide Informatique (FEI)

[Résolu] infection do search

[Résolu] infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

Re: [Résolu] infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search

infection do search