Pop up intempestives phishing 2014-10-13T10:57:58+00:00
  • Auteur
    Messages
  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    un topic pour chaque machine , en expliquant en premier lieu les soucis qu’il y a dessus ;)

  • Raz
    Participant
    Post count: 26

    Bon, j’ai fait l’essentiel de ce que tu conseilles. J’ai juste un souci avec bitdefender immunizer qui lorce je lance scan un port usb sur F: où il n’y arien. peut -être la webcam, je sais pas!
    MAis bon, je devrais m’en sortir maitnenant.
    :merci2: :merci2:
    Je vois déjà la différence en terme de rapidité!

    Comment je procède pour le pc de ma femme et son smartphone. J’aimerais faire un gros nettoyage également!
    j’ouvre un autre post en faisant les analyses demandées ou on continue sur celui là. Je sais je t’en demande beaucoup lol!

    Au fait, peux tu me confirmer que le PC est ok ?

  • Raz
    Participant
    Post count: 26

    Voici le rapport demandé:

    https://antimalware.top/www/?a=d&i=gnEeW09eeV” onclick=”window.open(this.href);return false;

    Je continue de suivre le reste de tes instructions !

    Merci :)

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    C:WindowsSystem32Taskswp_update

    supprime ca

    puis on peut terminer avec le ménage

    • Télécharge SFTGC.exe (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    ===============================

    • Télécharge Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

    • Coche les cases suivantes :
      • Réactiver l’UAC
      • Supprimer les outils de désinfection
      • Effectuer une sauvegarde du registre
      • Purger la restauration système
      • Réinitialisation des paramètres système

    ==========================

    Sécurisation du PC des logiciels potentiellement indésirables , toolbars , etc…

    Lorsqu’on est sous Windows et qu’on adore installer tout un tas de softs étranges, il faut savoir rester vigilant. En effet, certains programmes d’install proposent durant l’installation des toolbars et autres adware qui seront difficiles par la suite à retirer de votre système.

    En général, on fait attention, et on décoche les cases qui vont bien, mais il suffit d’une fois, d’un petit coup de barre et on laisse passer la toolbar fatale.

    Mais pourquoi se prendre la tête alors qu’un petit soft peut faire le travail pour vous ?

    Télécharge : http://unchecky.com/files/unchecky_setup.exe” onclick=”window.open(this.href);return false;, un service qui tourne en tâche de fond sous Windows, qui détectera automatiquement les logiciels additionnels dans les programmes d’installation et qui décochera les cases qu’il faut pour éviter de se faire polluer.


    ==============================================

    si ce n’est fait met à jour Flash player (pour chrome il est deja intégré ) :

    No Internet Explorer :
    http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_15_plugin.exe” onclick=”window.open(this.href);return false;

    Internet Explorer :
    http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_15_active_x.exe” onclick=”window.open(this.href);return false;

    =============================================

    Adobe reader étant devenu trop peu fiable , je te conseille de le desinstaller , et pour lire les pdf , je te suggère d’utiliser plutôt SumatraPDF :

    http://blog.kowalczyk.info/software/sumatrapdf/free-pdf-reader-fr.html” onclick=”window.open(this.href);return false;

    pense à l’installation , dans les options , à cocher la case qui correspond à « utiliser SumatraPDF comme lecteur par defaut » et installer les plugins pour les navigateurs.
    [fin2desinf:kgczbboz][/fin2desinf:kgczbboz]

  • Raz
    Participant
    Post count: 26

    merci :)

    voilà le rapport :

    https://antimalware.top/www/?a=d&i=pmeLCLw6mL” onclick=”window.open(this.href);return false;

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    oui :)

    pense à bien desactiver tes protections pour lui laisser tous les accès de maniere a avoir un rapport de diagnostique complet ;)

  • Raz
    Participant
    Post count: 26

    Je l’ai téléchargé! Je n’ai aps trouvé l’ancienne version qui était sur mon bureau donc impossible à supprimer.

    De plus, je fais un couper coller pour mettre quickdiag sur le bureau mais je ne peux pas : une fenêtre s’ouvre en me disant que j’ai besoin d’une autorisation pour déplacer un objet sur le bureau ???????
    As tu une idée d’où ca peut venir?
    Est ce que je peux lancer QUickdiag depuis le dossier de téléchargement?

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    supprime quickdiag , retelecharge-le je l’ai mis à jour et ajouté des endroits de scan dans le registre

    ensuite refais un scan option “extended” et poste le lien du nouveau rapport

  • Raz
    Participant
    Post count: 26

    Il n’y a pas d’autres symptômes inquiétants, mais si je réactive le module Lighning de thunderbird, je pense que je vais être confronter à nouveau aux fenêtres pop-up.
    Ce qui m’inquiètes en fait, c’est le rapport ZHP qui dénote de présence de virus et de malveillants.
    Je ne sais pas si ils sont toujours présents. Depuis, j’avais fait un scan OTL, et quelqu’un m’avait dit sur un autre forum que je n’étais plus infecté.
    Ensuite, tu m’as dis le contraire et demandé de faire deux scan et je ne sais pas si tu as trouvé quelque chose.

    Je me demande juste si mon pc est sain ou non.

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    tu peux me faire un petit topo des soucis restants ?

  • Raz
    Participant
    Post count: 26

    pb des mails résolu,
    finalement,y avait gourance au niveau des serveurs smtp gmail utilisés. Comme ils avaient tous le même nom, j’ai du faire une bourde losque j’ai voulu résoudre l’affichage des pop-ups. j’ai utilisé le serveur par défaut et donc c normal que tous les messages partaient du même mail.
    Désolé. ^^’
    On peut passé à la suite!

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287
  • Raz
    Participant
    Post count: 26

    En effet
    Oui , mais c’est que je n’ai pas bien compris la question.
    Qu’entends tu par connecté et à quoi ?
    Tous mes comptes Thunderbird sont activés lorsque cela se produit, mais je ne sais pas comment les déconnecter. (je ne suis pas connecté via d’autres appareils sur ces mails)

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    ca ne répond pas vraiment à ma question :)

  • Raz
    Participant
    Post count: 26

    Le symptôme que je décrivais plus tôt ne se produit que lorsque j’envoie un mail via thunderbird.
    Quand j’envoie le mail, je vérifie bien l’adresse que j’utilise. J’ai également vérifié dans la config du compte que les apramètres étaient les bons et c’est le cas.

    Par contre, quand j’envoie un mail depuis l’interface navigateur, ca fonctionne normalement.

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    tu es bien deconnecté des adresses mail ? (le fait de femer juste la page ne te deconnecte pas de ton compte )

  • Raz
    Participant
    Post count: 26

    je m’exprime mal. je voulais dire que j’ai mis le pare feu en mode normal.

    Je viens de me rendre comtpe d’un autre souci :

    Une des mes adresses Gmail que j’utilise dans Thunderbird envoie systématiquement les mails en utilisant une autre adresse Gmail également configurée dans mon thunderbird ! je sais pas si je suis assez clair! ex: je m’envoie un mail depuis xxx@gmail.com et je reçois le même mail de yyy@gmail.com.

    Je commence à me demander si formater mon pc ne serait pas la solution.

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    hello pas compris ca :

    Mon pare-feu est passé en mode normal.

  • Raz
    Participant
    Post count: 26

    Salut,

    Je viens de supprimer l’entrée depuis CCleaner.
    Mon pare-feu est passé en mode normal.

    J’attends tes instructions pour la suite.

    A plus tard!

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    hello

    maintenant dans ccleaner il ‘y’a l’option “supprimer l’entrée” en plus essaie là sur le programme qui veut pas se desinstaller et remets ton parefeu en mode normal on va pas pouvoir bosser sinon, déjà qu’il faut totalement desactiver les protections pour les outils…

  • Raz
    Participant
    Post count: 26

    En attendant la mise à jour de CC cleaner, voici le lien du rapport QUickdiag :

    https://antimalware.top/www/?a=d&i=aiu8SvFgfH” onclick=”window.open(this.href);return false;

    J’ai mis à jour CC Cleaner et c’est la même chose! Par contre, j’ai mis mon pare feu en mode parano depuis quelques jours et en voulant désinstaller Nexon, j’ai bloqué une demande de connexion venant de ce programme. Je précise que la première fois que j’ai tenté de désinstallé ce truc, mon pare feu était en mode normal et je n’avais pas eu d’alerte

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    ccleaner n’est pas à jour , mets-le à jour et retente l’experience

  • Raz
    Participant
    Post count: 26

    Voici le lien :

    https://antimalware.top/img/image/ar” onclick=”window.open(this.href);return false;
    bien sur quand je clique sur ok, rien ne se passe

    je m’occupe de quickdial

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    fais une capture de cette fenetre stp

    ==

    désactive ton antivirus le temps du scan
    Télécharge quickDiag ici : https://www.sosvirus.net/telecharger/quickdiag/” onclick=”window.open(this.href);return false;
    lance-le , clique sur “Etended” puis une fois terminé , heberge le rapport sur https://antimalware.top” onclick=”window.open(this.href);return false; et donne le lien obtenu pour aller le consulter
    le rapport sera sur le bureau au nom de QuickDiag_date_heure.txt

  • Raz
    Participant
    Post count: 26

    Re,
    merci pour ton aide.
    Voici le rapport que tu m’as demandé :

    https://antimalware.top/www/?a=d&i=hcEgjkgA4W” onclick=”window.open(this.href);return false;

    J’ai également refait un tour dans les programmes installés et il y en a un que je n’arrive pas à désinstaller ( depuis un moment déjà). Il s’agit de Nexon Game Manager. Je en sais aps s’il ya un rapport avec l’infection mais quand je veux le désinstaller ( il n’est visible que sur C Cleaner), j’ai systèmatiquement une fenêtre qui s’ouvre avec un smiley et un onglet “OK”.

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    re

    oui

    • Désactive ton antivirus le temps du téléchargement et de l’utilisation.
    • Télécharge AdsFix sur ton bureau.
      Note : Enregistrer votre travail avant de continuer !
    • Lance AdsFix
    • Pour un pc assez infecté , il peut mettre plusieurs secondes à se charger
    • Inscrit ton pays
    • Clique sur Nettoyer , après l’avoir débloqué dans les options

      Note : Patiente le temps du scan
    • Laisse travailler l’outil même s’il te parait bloqué
    • Si l’outil détecte un proxy que tu ne connais pas clic sur : “Supprimer le proxy
    • Héberge le rapport C:AdsFix_date_heure.txt sur SOSUpload puis donne le lien obtenu.

    Aide:

  • Raz
    Participant
    Post count: 26

    Salut,

    Je me posais en effet la question.
    Peux tu m’aider stp?

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    salut tu es encore infecté

  • Raz
    Participant
    Post count: 26

    Quelqu’un m’a finalement aidé à trouver la solution pour éviter ces pop-up. (http://www.commentcamarche.net/forum/affich-30909533-pop-up-phishing-intempestive#p30913301” onclick=”window.open(this.href);return false;)

    La solution se situe sur cette page : http://forums.mozfr.org/viewtopic.php?f=4&t=120490” onclick=”window.open(this.href);return false;

    Le problème viendrait d’un module de thunderbird : Lightnnng 3.3 qu’il suffit de désactiver pour voir le symptôme disparaître

    Je tenais à vous le dire avant que’un des Helper de SOS se penche sur mon problème. En tout cas merci de votre aide, votre méthode d’analyse m’a été particulièrement utile.

    Bonne continuation

    PS: je n’arrive pas à clore le sujet qui pour moi est résolu

  • Raz
    Participant
    Post count: 26

    ZHP part 3

    [spoiler:ups6rddr]—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.07B3B8BCB18FCC93F9281720E4272EE5] – 01/10/2014 – 08:06:34 —A- . (…) — C:WindowsSystem32FNTCACHE.DAT [340512]
    O44 – LFC:[MD5.8D46C7BCDF7FBAAC8666D6640ADA930E] – 01/10/2014 – 08:17:09 —A- . (.Microsoft Corporation – DirectShow DVD PlayBack Runtime..) — C:WindowsSystem32qdvd.dll [371712]
    O44 – LFC:[MD5.2E9571C89998605C446987477D6C2CA2] – 02/10/2014 – 14:34:31 —A- . (…) — C:WindowsSystem32perfc009.dat [122126]
    O44 – LFC:[MD5.C4CE511211A0351932B2B79DA7849011] – 02/10/2014 – 14:34:31 —A- . (…) — C:WindowsSystem32perfh009.dat [654254]
    O44 – LFC:[MD5.E4C708D2BB5640D70B0124F9380C1D2B] – 02/10/2014 – 14:34:32 —A- . (…) — C:WindowsSystem32perfc00C.dat [150168]
    O44 – LFC:[MD5.9F7D87BD5CCCA636516CF260B3F98F3D] – 02/10/2014 – 14:34:32 —A- . (…) — C:WindowsSystem32perfh00C.dat [747644]
    O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 03/10/2014 – 08:01:11 —A- . (…) — C:Windowssetuperr.log [0]
    O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 08/10/2014 – 12:23:24 —A- . (…) — C:WindowsSystem32HP_ActiveX_Patch_NOT_DETECTED.txt [0]
    O44 – LFC:[MD5.8A50D5304E6AE48664CF5838EC32F647] – 10/10/2014 – 12:26:21 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [122584]
    O44 – LFC:[MD5.48B02AE34552D9B0A01E99AE4357A151] – 10/10/2014 – 13:27:14 —A- . (…) — C:bdlog.txt [820567]
    O44 – LFC:[MD5.2A8ABED3453377D709576563B50CA70C] – 10/10/2014 – 13:28:01 —A- . (…) — C:WindowsPFRO.log [2998]
    O44 – LFC:[MD5.C9ED12D6DD1C03FB0B651B101DCB6D2F] – 10/10/2014 – 13:28:10 -S-A- . (…) — C:Windowsbootstat.dat [67584]
    O44 – LFC:[MD5.1AE2DAE4AC4FC493DC5276688DB3EF57] – 10/10/2014 – 13:29:16 —A- . (…) — C:Windowssetupact.log [504]
    O44 – LFC:[MD5.65BF9AEFF36CF467211DEAD5DCBF1A7D] – 10/10/2014 – 13:37:01 —A- . (…) — C:WindowsWindowsUpdate.log [1478258]
    O44 – LFC:[MD5.0956716D5565680DC83992C11BBDB2C2] – 29/09/2014 – 15:00:31 —A- . (.BitDefender – Active Virus Control Kernel Filtering drive.) — C:WindowsSystem32Driversavckf.sys [647752]
    O44 – LFC:[MD5.8E36BAD24C8961A8895C2B5F6C6BCC3E] – 29/09/2014 – 15:05:22 —A- . (.BitDefender – Active Virus Control filter driver.) — C:WindowsSystem32Driversavc3.sys [1260120]
    O44 – LFC:[MD5.F2E8A0213164FC768896F1E4376F85AB] – 29/09/2014 – 15:05:26 —A- . (.BitDefender SRL – BitDefender SandBox User Interface Skinning.) — C:WindowsSystem32bdsandboxuiskin32.dll [74512]
    O44 – LFC:[MD5.476AE245CC018E9FA9658B9ACA6A5B03] – 29/09/2014 – 15:07:30 —A- . (.BitDefender SRL – BitDefender SandBox User Mode Filter Librar.) — C:WindowsSystem32bdsandboxuh.dll [34384]
    O44 – LFC:[MD5.905EFEB27F37F82CA6B99F0C83E1CCFE] – 29/09/2014 – 15:11:23 —A- . (.BitDefender SRL – BitDefender SandBox User Interface Skinning.) — C:WindowsSystem32bdsandboxuiskin.dll [84848]
    O44 – LFC:[MD5.64A1095DEF1C2D811F706B832BFCD27A] – 29/09/2014 – 15:11:34 —A- . (.BitDefender S.R.L. – Trufos Kernel Module.) — C:WindowsSystem32Driverstrufos.sys [419616]
    O44 – LFC:[MD5.B81797E77D91BDDBE0107EFA8403F495] – 29/09/2014 – 15:29:12 —A- . (…) — C:WindowsSystem32checkdnsid.xml [492]
    ~ Files: 21 Scanned in 00mn 07s

    —\ Export de clé d'application autorisée (O47)
    O47 – AAKE:Key Export SP – “C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe” [Enabled] .(.Safer-Networking Ltd..) — C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe
    O47 – AAKE:Key Export SP – “C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe” [Enabled] .(.Safer-Networking Ltd..) — C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe
    O47 – AAKE:Key Export SP – “C:Program Files (x86)Spybot – Search & Destroy 2SDUpdate.exe” [Enabled] .(.Safer-Networking Ltd..) — C:Program Files (x86)Spybot – Search & Destroy 2SDUpdate.exe
    O47 – AAKE:Key Export SP – “C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe” [Enabled] .(.Safer-Networking Ltd..) — C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe
    ~ Keys Export: 4 Scanned in 00mn 00s

    —\ Déni du service (Local Security Authority) (O48)
    O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corp. – LiveSSP.) — C:WindowsSystem32livessp.dll
    ~ LSA: 9 Scanned in 00mn 00s

    —\ Contrôle du Safe Boot (CSB) (O49)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (.Microsoft Corporation – RDP Encoder Miniport.) — C:WindowsSystem32Driversrdpencdd.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    ~ CSB: 13 Scanned in 00mn 00s

    —\ Clé de registre Shell MountPoints2 (MPKS) (O51)
    O51 – MPSK:{790141fc-2137-11e4-8e9c-2c27d7318255}AutoRuncommand. (…) — J:setup.exe (.not file.)
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
    O52 – TDSD: Drivers32″msacm.l3acm”=”C:WindowsSystem32l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    O52 – TDSD: drivers.desc”C:WindowsSystem32l3codeca.acm”=”Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    ~ TDSD: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre StartupReg (SMSR) (O53)
    O53 – SMSR:HKLM…startupregcommand . (.Samsung – KiesPDLR.) — C:Program Files (x86)SamsungKiesExternalFirmwareUpdateKiesPDLR.exe
    O53 – SMSR:HKLM…startupregKiesAirMessage [Key] . (.Samsung Electronics – Pas de description.) — C:Program Files (x86)SamsungKiesKiesAirMessage.exe
    O53 – SMSR:HKLM…startupregKiesPreload [Key] . (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe
    O53 – SMSR:HKLM…startupregKiesTrayAgent [Key] . (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program Files (x86)SamsungKiesKiesTrayAgent.exe =>.Samsung Electronics Co
    O53 – SMSR:HKLM…startupregLightShot [Key] . (.Pas de propriétaire – Starter Module.) — C:UsersJulienAppDataLocalSkillbrainslightshotLightShot.exe =>PUP.SkillBrains
    O53 – SMSR:HKLM…startupregNokiaSuite.exe [Key] . (…) — C:Program Files (x86)NokiaNokia SuiteNokiaSuite.exe (.not file.)
    O53 – SMSR:HKLM…startupregSteam [Key] . (…) — C:Program Files (x86)SteamSteam.exe (.not file.)
    ~ SMSR Keys: 7 Scanned in 00mn 00s

    —\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
    O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    ~ MSCP: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorAdmin”=5
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorUser”=3
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableInstallerDetection”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPaths”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableVirtualization”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “ValidateAdminCodeSignatures”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “dontdisplaylastusername”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticecaption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticetext”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “scforceoption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “shutdownwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “undockwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 16 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktop”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “ForceActiveDesktopOn”=0
    O56 – MWPE:[HKLM…policiesExplorer] – “EnableShellExecuteHooks”=1
    ~ MWPE Keys: 4 Scanned in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec Windows SAS/SATA Storport Driver.) — C:WindowsSystem32Driversadp94xx.sys [491088]
    O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec Windows SATA Storport Driver.) — C:WindowsSystem32Driversadpahci.sys [339536]
    O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec StorPort Ultra320 SCSI Driver (X64).) — C:WindowsSystem32Driversadpu320.sys [182864]
    O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Acer Laboratories Inc. – ALi mini IDE Driver.) — C:WindowsSystem32Driversaliide.sys [15440]
    O58 – SDL:11/03/2011 – 07:41:12 —A- . (.Advanced Micro Devices – AHCI 1.2 Device Driver.) — C:WindowsSystem32Driversamdsata.sys [107904]
    O58 – SDL:14/07/2009 – 02:52:20 —A- . (.AMD Technologies Inc. – AMD Technology AHCI Compatible Controller Driver for Windows -.) — C:WindowsSystem32Driversamdsbs.sys [194128]
    O58 – SDL:11/03/2011 – 07:41:12 —A- . (.Advanced Micro Devices – Storage Filter Driver.) — C:WindowsSystem32Driversamdxata.sys [27008]
    O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec RAID Storport Driver.) — C:WindowsSystem32Driversarc.sys [87632]
    O58 – SDL:14/07/2009 – 02:52:21 —A- . (.Adaptec, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [97856]
    O58 – SDL:24/09/2013 – 15:53:50


    . (.Advanced Micro Devices – AMD High Definition Audio Function Driver.) — C:WindowsSystem32DriversAtihdW76.sys [94208]
    O58 – SDL:06/12/2013 – 22:52:14


    . (.Advanced Micro Devices, Inc. – ATI Radeon Kernel Mode Driver.) — C:WindowsSystem32Driversatikmdag.sys [13207552]
    O58 – SDL:06/12/2013 – 21:21:44 —A- . (.Advanced Micro Devices, Inc. – AMD multi-vendor Miniport Driver.) — C:WindowsSystem32Driversatikmpag.sys [626176]
    O58 – SDL:29/09/2014 – 15:05:22 —A- . (.BitDefender – Active Virus Control filter driver.) — C:WindowsSystem32Driversavc3.sys [1260120]
    O58 – SDL:02/11/2012 – 13:17:46 —A- . (.BitDefender – BitDefender AntiVirus Active Virus Control Hypervisor driver.) — C:WindowsSystem32Driversavchv.sys [261056]
    O58 – SDL:29/09/2014 – 15:00:31 —A- . (.BitDefender – Active Virus Control Kernel Filtering driver.) — C:WindowsSystem32Driversavckf.sys [647752]
    O58 – SDL:10/06/2009 – 21:34:23 —A- . (.Broadcom Corporation – Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) — C:WindowsSystem32Driversb57nd60a.sys [270848]
    O58 – SDL:22/02/2013 – 18:46:52 —A- . (.BitDefender LLC – BitDefender Firewall NDIS6 Filter Driver.) — C:WindowsSystem32DriversBdfNdisf6.sys [93600]
    O58 – SDL:02/12/2013 – 11:51:21 —A- . (.BitDefender SRL – BitDefender SandBox Filter Driver.) — C:WindowsSystem32Driversbdsandbox.sys [82824]
    O58 – SDL:17/04/2012 – 13:34:26


    . (.BitDefender – FileVault Disk Driver.) — C:WindowsSystem32Driversbdvedisk.sys [76944]
    O58 – SDL:10/06/2009 – 21:41:06 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) — C:WindowsSystem32DriversBrFiltLo.sys [18432]
    O58 – SDL:10/06/2009 – 21:41:06 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) — C:WindowsSystem32DriversBrFiltUp.sys [8704]
    O58 – SDL:14/07/2009 – 02:19:07 —A- . (.Brother Industries Ltd. – Pilote Brother Série I/F (WDM).) — C:WindowsSystem32DriversBrSerId.sys [286720]
    O58 – SDL:10/06/2009 – 21:41:10 —A- . (.Brother Industries Ltd. – Brother Serial driver (WDM version).) — C:WindowsSystem32DriversBrSerWdm.sys [47104]
    O58 – SDL:10/06/2009 – 21:41:10 —A- . (.Brother Industries Ltd. – Brother USB MDM Driver.) — C:WindowsSystem32DriversBrUsbMdm.sys [14976]
    O58 – SDL:10/06/2009 – 21:41:10 —A- . (.Brother Industries Ltd. – Brother USB Serial Driver.) — C:WindowsSystem32DriversBrUsbSer.sys [14720]
    O58 – SDL:10/06/2009 – 21:34:28 —A- . (.Broadcom Corporation – Broadcom NetXtreme II GigE VBD.) — C:WindowsSystem32Driversbxvbda.sys [468480]
    O58 – SDL:11/06/2012 – 14:17:44 —A- . (.Nokia – Nokia USB Phone Bus Driver.) — C:WindowsSystem32Driversccdcmbox64.sys [27136]
    O58 – SDL:11/06/2012 – 14:17:44


    . (.Nokia – Nokia USB Phone Bus Driver.) — C:WindowsSystem32Driversccdcmbx64.sys [19968]
    O58 – SDL:14/07/2009 – 02:52:31 —A- . (.CMD Technology, Inc. – CMD PCI IDE Bus Driver.) — C:WindowsSystem32Driverscmdide.sys [17488]
    O58 – SDL:29/05/2012 – 15:53:30 —A- . (.Windows (R) Codename Longhorn DDK provider – hpvhd 64bit support driver.) — C:WindowsSystem32Driverscpqdfw.sys [27456]
    O58 – SDL:01/03/2010 – 22:59:50 —A- . (…) — C:WindowsSystem32Driverscqcpu.sys [24376]
    O58 – SDL:14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
    O58 – SDL:10/06/2009 – 21:34:33


    . (.Broadcom Corporation – Broadcom NetXtreme II 10 GigE VBD.) — C:WindowsSystem32Driversevbda.sys [3286016]
    O58 – SDL:08/10/2013 – 14:25:28


    . (.BitDefender LLC – BitDefender Gonzales FileSystem Driver.) — C:WindowsSystem32Driversgzflt.sys [150256]
    O58 – SDL:10/06/2009 – 21:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
    O58 – SDL:19/10/2010 – 12:34:26


    . (.Intel Corporation – Intel(R) Management Engine Interface.) — C:WindowsSystem32DriversHECIx64.sys [56344]
    O58 – SDL:21/11/2010 – 04:23:47 —A- . (.Hewlett-Packard Company – Smart Array SAS/SATA Controller Media Driver.) — C:WindowsSystem32DriversHpSAMD.sys [78720]
    O58 – SDL:17/10/2013 – 14:27:02 —A- . (.Windows (R) Win 7 DDK provider – RawPacket NDIS Protocol Driver.) — C:WindowsSystem32Drivershtcnprot.sys [36928]
    O58 – SDL:09/03/2010 – 03:08:36 —A- . (.Qualcomm Inc. – USB/Serial Device Driver.) — C:WindowsSystem32DriversHtcVComV64.sys [121800]
    O58 – SDL:05/11/2010 – 19:45:48


    . (.Intel Corporation – Intel Rapid Storage Technology driver – x64.) — C:WindowsSystem32DriversiaStor.sys [438808]
    O58 – SDL:11/03/2011 – 07:41:26 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver – x64.) — C:WindowsSystem32DriversiaStorV.sys [410496]
    O58 – SDL:10/06/2009 – 21:37:05


    . (.Intel Corporation – Intel Graphics Kernel Mode Driver.) — C:WindowsSystem32Driversigdkmd64.sys [6108416]
    O58 – SDL:14/07/2009 – 02:48:04 —A- . (.Intel Corp./ICP vortex GmbH – Intel/ICP Raid Storport Driver.) — C:WindowsSystem32Driversiirsp.sys [44112]
    O58 – SDL:28/07/2010 – 23:25:10


    . (.Initio Corporation – Initio Default Vendor Specific Device Driver.) — C:WindowsSystem32Driversivusb.sys [29720]
    O58 – SDL:18/04/2013 – 15:12:26 —A- . (.Google Inc – ADB Interface.) — C:WindowsSystem32Driverslgandnetadb.sys [31744]
    O58 – SDL:18/04/2013 – 15:14:12 —A- . (.LG Electronics Inc. – LGE AndroidNet Driver.) — C:WindowsSystem32Driverslgandnetdiag64.sys [29184]
    O58 – SDL:28/06/2013 – 10:45:00 —A- . (.LG Electronics Inc. – LGE AndroidNet Driver.) — C:WindowsSystem32Driverslgandnetmodem64.sys [36352]
    O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT FC Driver (StorPort).) — C:WindowsSystem32Driverslsi_fc.sys [114752]
    O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [106560]
    O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI SAS Gen2 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas2.sys [65600]
    O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT SCSI Driver (StorPort).) — C:WindowsSystem32Driverslsi_scsi.sys [115776]
    O58 – SDL:12/05/2014 – 06:25:56 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
    O58 – SDL:12/05/2014 – 06:26:00 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [91352]
    O58 – SDL:10/10/2014 – 12:26:21 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [122584]
    O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows 7Server 2008 R2 for.) — C:WindowsSystem32Driversmegasas.sys [35392]
    O58 – SDL:14/07/2009 – 02:48:04 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32DriversMegaSR.sys [284736]
    O58 – SDL:12/05/2014 – 06:26:10 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [63704]
    O58 – SDL:14/07/2009 – 02:48:26 —A- . (.IBM Corporation – IBM ServeRAID Controller Driver.) — C:WindowsSystem32Driversnfrd960.sys [51264]
    O58 – SDL:11/06/2012 – 14:17:44


    . (.Nokia – Nokia USB Phone Generic Client.) — C:WindowsSystem32Driversnmwcdnsucx64.sys [12800]
    O58 – SDL:11/06/2012 – 14:17:44


    . (.Nokia – Nokia USB Phone Bus Driver.) — C:WindowsSystem32Driversnmwcdnsux64.sys [171008]
    O58 – SDL:11/03/2011 – 07:41:34 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [148352]
    O58 – SDL:11/03/2011 – 07:41:34 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [166272]
    O58 – SDL:28/04/2009 – 10:07:52


    . (.PixArt Imaging Inc. – PAC7302.) — C:WindowsSystem32DriversPAC7302.SYS [532480]
    O58 – SDL:27/06/2012 – 15:18:52


    . (.Nokia – PCCS Mode Change Filter Driver.) — C:WindowsSystem32Driverspccsmcfdx64.sys [26112]
    O58 – SDL:14/07/2009 – 02:45:46 —A- . (.QLogic Corporation – QLogic Fibre Channel Stor Miniport Driver.) — C:WindowsSystem32Driversql2300.sys [1524816]
    O58 – SDL:14/07/2009 – 02:45:45 —A- . (.QLogic Corporation – QLogic iSCSI Storport Miniport Driver.) — C:WindowsSystem32Driversql40xx.sys [128592]
    O58 – SDL:28/12/2010 – 20:45:54


    . (.Realtek – Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) — C:WindowsSystem32DriversRt64win7.sys [412776]
    O58 – SDL:23/11/2010 – 11:16:56


    . (.Realtek Semiconductor Corp. – Realtek(r) High Definition Audio Function Driver.) — C:WindowsSystem32DriversRTKVHD64.sys [2565736]
    O58 – SDL:10/06/2009 – 21:37:19 —A- . (.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) — C:WindowsSystem32Driverssecdrv.sys [23040]
    O58 – SDL:14/07/2009 – 01:00:40 —A- . (.Brother Industries Ltd. – Pilote Brother Série I/F (WDM).) — C:WindowsSystem32Driversserial.sys [94208]
    O58 – SDL:14/07/2009 – 02:45:45 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [43584]
    O58 – SDL:14/07/2009 – 02:45:46 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [80464]
    O58 – SDL:21/06/2007 – 05:42:22 —A- . (.PixArt Imaging Inc. – SPC610NC.) — C:WindowsSystem32DriversSPC500NC.SYS [481280]
    O58 – SDL:14/07/2009 – 02:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
    O58 – SDL:29/09/2014 – 15:11:34 —A- . (.BitDefender S.R.L. – Trufos Kernel Module.) — C:WindowsSystem32Driverstrufos.sys [419616]
    O58 – SDL:11/06/2012 – 14:17:44 —A- . (.Nokia – Filter Driver for Nokia USB Phone Bus Driver.) — C:WindowsSystem32Driversusbser_lowerfltjx64.sys [9216]
    O58 – SDL:11/06/2012 – 14:17:44


    . (.Nokia – Filter Driver for Nokia USB Phone Bus Driver.) — C:WindowsSystem32Driversusbser_lowerfltx64.sys [9216]
    O58 – SDL:14/07/2009 – 02:45:55 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [17488]
    O58 – SDL:02/09/2014 – 08:50:50 —A- . (.Rsupport Corporation – Rsupport VRVD5.) — C:WindowsSystem32Driversvrvd5.sys [13344]
    O58 – SDL:14/07/2009 – 02:45:55 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [161872]
    O58 – SDL:30/12/2013 – 02:54:22 —A- . (…) — C:WindowsSysWOW64FsUsbExDisk.Sys [37344]
    ~ Drivers: 81 Scanned in 00mn 05s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 08/10/2014 – 15:57:32 —A- . (…) — C:UsersJulienAppDataLocalAdobeAcrobat11.0UserCache.bin [84133]
    O61 – LFC: 08/10/2014 – 15:57:33 —A- . (…) — C:UsersJulienAppDataLocalGoogleChromeUser Datanacl_validation_cache.bin [272]
    O61 – LFC: 08/10/2014 – 15:58:03 —A- . (…) — C:UsersJulienDownloadsserinst1811.exe [70256999]
    O61 – LFC: 10/10/2014 – 15:58:01 —A- . (.Nicolas Coolman.) — C:UsersJulienDesktopZHPDiag2.exe [6863478] =>.Nicolas Coolman
    O61 – LFC: 10/10/2014 – 15:58:03 —A- . (.Nicolas Coolman.) — C:UsersJulienDownloadsZHPDiag2.exe [6863478] =>.Nicolas Coolman
    ~ 47 Fichiers temporaires (Temporary files)
    ~ 5 Fichiers cookies (Cookies files)
    ~ Files: 5 Scanned in 00mn 31s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 06/12/2013 – C:WindowsSystem32DRIVERSatikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. – ATI Radeon Kernel Mode Driver.) – LEGACY_AMDKMDAG
    O64 – Services: CurCS – 29/09/2014 – C:WindowsSystem32DRIVERSavc3.sys (avc3) .(.BitDefender – Active Virus Control filter driver.) – LEGACY_AVC3
    O64 – Services: CurCS – 29/09/2014 – C:WindowsSystem32DRIVERSavckf.sys (avckf) .(.BitDefender – Active Virus Control Kernel Filtering drive.) – LEGACY_AVCKF
    O64 – Services: CurCS – 17/06/2014 – c:program filescommon filesbitdefenderbitdefender firewallbdfndisf6.sys (BdfNdisf) .(.BitDefender LLC – BitDefender Firewall NDIS6 Filter Driver.) – LEGACY_BDFNDISF
    O64 – Services: CurCS – 14/11/2011 – C:Program FilesCommon FilesBitdefenderBitdefender Firewallbdfwfpf.sys (bdfwfpf) .(.BitDefender LLC – BitDefender Firewall WFP Filter Driver.) – LEGACY_BDFWFPF
    O64 – Services: CurCS – 17/04/2012 – C:WindowsSystem32DRIVERSbdvedisk.sys (BDVEDISK) .(.BitDefender – FileVault Disk Driver.) – LEGACY_BDVEDISK
    O64 – Services: CurCS – 08/10/2013 – C:WindowsSystem32DRIVERSgzflt.sys (gzflt) .(.BitDefender LLC – BitDefender Gonzales FileSystem Driver.) – LEGACY_GZFLT
    O64 – Services: CurCS – 10/06/2009 – C:WindowsSystem32Driverssecdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) – LEGACY_SECDRV
    O64 – Services: CurCS – 29/09/2014 – C:WindowsSystem32DRIVERStrufos.sys (trufos) .(.BitDefender S.R.L. – Trufos Kernel Module.) – LEGACY_TRUFOS
    ~ Legacy: 88 Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet ExplorerIEXPLORE.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32WScript.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” /S
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 11 Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: C:UsersJulienAppDataRoamingMozillaFirefoxProfilesaiuy1yx0.defaultsearchpluginsaskcom.xml
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {2D81F4D9-50D2-4FD1-BD6E-ACDEA9D280E5} – (Propositions de recherche Amazon.fr) – http://www.amazon.fr” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {A8121CC0-30D9-430D-8C26-5E8880A2865C} – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} – (eBay) – http://rover.ebay.com” onclick=”window.open(this.href);return false; =>Toolbar.eBay
    O69 – SBI: SearchScopes [HKCU] {FDA7727E-1C1B-4A4D-891F-9DA3C3F8F0C2} – (Ask Search) – http://websearch.ask.com” onclick=”window.open(this.href);return false; =>Toolbar.Ask
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les fichiers Crack & Keygen (CKF) (O82)
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comCrackPCM-Protection.dll =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comCrackserial.txt =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comCrackserial1.txt =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comInstruction1.PNG =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comInstruction2.PNG =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comInstructionreadme.txt =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comPCM12PCM2012_Setup-1.bin =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comPCM12PCM2012_Setup-2.bin =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comPCM12PCM2012_Setup-3.bin =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comPCM12PCM2012_Setup.exe =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comSetup-Patch-1.2.0.0-From-1.0.0.0.exe =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comThe Patches Scrolls.url =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part1.rar =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part2.rar =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part3.rar =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part4.rar =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part5.rar =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comCrackPCM-Protection.dll =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comCrackserial.txt =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comCrackserial1.txt =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comInstruction1.PNG =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comInstruction2.PNG =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comInstructionreadme.txt =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comPCM12PCM2012_Setup-1.bin =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comPCM12PCM2012_Setup-2.bin =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comPCM12PCM2012_Setup-3.bin =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comPCM12PCM2012_Setup.exe =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comSetup-Patch-1.2.0.0-From-1.0.0.0.exe =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.comThe Patches Scrolls.url =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part1.rar =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part2.rar =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part3.rar =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part4.rar =>.Crack,Keygen
    C:UsersJulienDocumentsjeuPro.Cycling.Manager.2012.CRACKED.READNFO-3DM-www.Zone-Telechargement.com.part5.rar =>.Crack,Keygen
    ~ Files: Scanned in 01mn 03s

    —\ Enumère les service demarrés par Svchost (SSS) (O83)
    O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [72192]
    O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [80384]
    O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [80384]
    O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [236032]
    O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [777728]
    O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [859648]
    O83 – Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32Audiosrv.dll [679424]
    O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [99328]
    O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire de connexions d’accès distant.) — C:WindowsSystem32rasmans.dll [344064]
    O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [97792]
    O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [64512]
    O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [359424]
    O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [316928]
    O83 – Search Svchost Services: TermService (TermService) . (.Microsoft Corporation – Gestionnaire des connexions distantes du serveur hôte de session Burea.) — C:WindowsSystem32termsrv.dll [680960]
    O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [2477536]
    O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [849920]
    O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [370688]
    O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [569344]
    O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [30720]
    O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [70144]
    O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [156672]
    O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [67584]
    O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [242688]
    O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service Configuration des services Bureau à distance.) — C:WindowsSystem32sessenv.dll [121856]
    O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [136704]
    O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [111104]
    O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [1110016]
    O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [90624]
    O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [84480]
    O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [209920]
    O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – DLL du service des thèmes Windows Shell.) — C:WindowsSystem32themeservice.dll [44544]
    O83 – Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation – Service BDE.) — C:WindowsSystem32bdesvc.dll [100864]
    ~ Services: 32 Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.C33F047A6C3142AB4D5FABE5D081C641] [SPRF][18/12/2011] (…) — C:ProgramData1324224095.bdinstall.bin [227036]
    [MD5.032742B7BE32BDF35658B51B4D581DF2] [SPRF][24/01/2012] (…) — C:ProgramData1327398839.bdinstall.bin [175626]
    [MD5.3A91EED851D56B9F3774D325121F7410] [SPRF][24/01/2012] (…) — C:ProgramData1327399104.bdinstall.bin [292842]
    [MD5.0489DFD8ACBEE717B268337B3CDA7D6D] [SPRF][04/10/2013] (…) — C:ProgramData1380886960.bdinstall.bin [236884]
    [MD5.0D780F8F4616003658D51ABA5C8469C5] [SPRF][04/10/2013] (…) — C:ProgramData1380887653.bdinstall.bin [657054]
    [MD5.D95C8CD895CA0A649B54FEEB64447F18] [SPRF][05/05/2014] (…) — C:UsersJulienAppDataRoamingTheHunterSettings_live.bin [7970]
    [MD5.12EFD5FA51597F188E5DB50BE20EE597] [SPRF][02/10/2014] (…) — C:UsersJulienDesktopadwcleaner_3.311.exe [1375089]
    [MD5.C91D1617AA711E7B058FD0960D41E436] [SPRF][02/05/2012] (.Nexon – Nexon Game Manager.) — C:UsersJulienDesktopCombatarms_eu.exe [645022474]
    [MD5.6A6F5DECCC5F341A360D71A3600C8ED9] [SPRF][10/10/2014] (.Nicolas Coolman – ZHPDiag Setup.) — C:UsersJulienDesktopZHPDiag2.exe [6863478]
    ~ Files: 9 Scanned in 00mn 03s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.79E6443F01B4B1C3B957AA38DDD564FF] [WIS][16/07/2012] (.Boxore OU. – Software Update Helper.) — C:WindowsInstaller104813e.msi [45056] =>Adware.Boxore
    ~ WIS: 1 Scanned in 00mn 05s

    —\ Recherche de clés de registre Tracing (O100)
    HKLMSOFTWAREWow6432NodeMicrosoftTracingBingBar_RASAPI32 =>Toolbar.Bing
    HKLMSOFTWAREWow6432NodeMicrosoftTracingkujytuo_RASAPI32 =>Virus.Kujytuo
    HKLMSOFTWAREWow6432NodeMicrosoftTracingkujytuo_RASMANCS =>Virus.Kujytuo
    ~ BTK: 307 Scanned in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 24/09/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Disabled 29/09/2014 77632 | (BdDesktopParental) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefenderbdparentalservice.exe
    SS – | Demand 28/01/2014 227904 | (GamesAppIntegrationService) . (.WildTangent.) – C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe
    SS – | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) – C:Program Files (x86)WildTangent GamesAppGamesAppService.exe
    SS – | Auto 04/04/2013 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 04/04/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) – C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe
    SS – | Demand 11/06/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SS – | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) – C:Windowssystem32GameMon.des
    SS – | Demand 03/10/2012 725400 | (ServiceLayer) . (.Nokia.) – C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe
    SS – | Demand 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SR – | Auto 06/12/2013 239616 | (AMD External Events Utility) . (.AMD.) – C:WindowsSystem32atiesrxx.exe
    SR – | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) – C:WindowsSystem32ezSharedSvcHost.exe =>.EasyBits Software AS
    SR – | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) – C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe =>.Hewlett-Packard Co
    SR – | Auto 11/10/2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) – C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
    SR – | Auto 04/08/2014 87368 | (HTCMonitorService) . (.Nero AG.) – C:Program Files (x86)HTCHTC Sync ManagerHSMServiceEntry.exe
    SR – | Auto 05/04/2010 116104 | (IJPLMSVC) . (…) – C:Program Files (x86)CanonIJPLMIJPLMSVC.exe
    SR – | Auto 01/02/2011 326168 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SR – | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) – C:Program Files (x86)SymantecNorton Online BackupNOBuAgent.exe =>.Symantec Corporation
    SR – | Auto 17/10/2013 166912 | (PassThru Service) . (…) – C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe
    SR – | Auto 01/02/2011 1127448 | (pdfcDispatcher) . (.PDF Complete Inc.) – C:Program Files (x86)PDF Completepdfsvc.exe
    SR – | Auto 10/07/1658 0 | (PnkBstrA) . (…) – C:Windowssystem32PnkBstrA.exe
    SR – | Auto 08/07/2013 94624 | (SafeBox) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefender SafeBoxsafeboxservice.exe
    SR – | Auto 16/05/2013 1817560 | (SDScannerService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe
    SR – | Auto 16/05/2013 1033688 | (SDUpdateService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe
    SR – | Auto 15/05/2013 171928 | (SDWSCService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe
    SR – | Auto 01/02/2011 2656280 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    SR – | Auto 29/09/2014 67320 | (UPDATESRV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefenderupdatesrv.exe
    SR – | Auto 29/09/2014 1528896 | (VSSERV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefendervsserv.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 10s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Julien at 10/10/2014 15:59:42
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Scanned in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Julien at 10/10/2014 15:59:44
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (10/10/2014)
    Clés trouvées (Keys found) : 2
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 5
    Fichiers trouvés (Files found) : 1

    [HKLMSoftwareMicrosoftShared ToolsMSConfigstartupregLightShot] =>PUP.SkillBrains^
    [HKLMSoftwareWow6432NodeMicrosoftTracingBingBar_RASAPI32] =>Toolbar.Bing
    C:UsersJulienAppDataRoamingNosibay =>PUP.BubbleDock^
    C:UsersJulienAppDataRoamingWebPlayerBdd =>Adware.SocialSkinz^
    C:UsersJulienAppDataRoamingwp_update =>PUP.WpManager^
    C:UsersJulienAppDataLocalSkillbrains =>PUP.SkillBrains^
    C:UsersJulienAppDataLocalSoftware =>Adware.Boxore
    C:WindowsInstaller104813e.msi =>Adware.Boxore^
    ~ Additionnel Scan: 336868 Items scanned in 00mn 21s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/” onclick=”window.open(this.href);return false; =>.Browser Helper Objects de navigateur (O2)
    ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/” onclick=”window.open(this.href);return false; =>.Internet Explorer Toolbars (O3)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/” onclick=”window.open(this.href);return false; =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
    ~ AMI: 5 Scanned in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.fr/pup-wpmanager” onclick=”window.open(this.href);return false; =>PUP.WpManager
    http://nicolascoolman.fr/pup-bubbledock” onclick=”window.open(this.href);return false; =>PUP.BubbleDock
    http://nicolascoolman.fr/adware-socialskinz” onclick=”window.open(this.href);return false; =>Adware.SocialSkinz
    http://www.nicolascoolman.fr/blog/” onclick=”window.open(this.href);return false; =>PUP.SkillBrains
    Toolbar.eBay
    http://nicolascoolman.fr/toolbar-ask” onclick=”window.open(this.href);return false; =>Toolbar.Ask
    http://nicolascoolman.fr/adware-boxore” onclick=”window.open(this.href);return false; =>Adware.Boxore
    Toolbar.Bing
    http://nicolascoolman.fr/virus-kujytuo” onclick=”window.open(this.href);return false; =>Virus.Kujytuo
    ~ MSI: 9 link(s) detected in 00mn 00s

    End of the scan (1536 lines in 05mn 32s)(34)[/spoiler:ups6rddr]

    j’ai pas trouvé d’autre solution que de couper le rapport en 3. j’espere que ca ira.
    Merci d’avance pour votre aide.

  • Raz
    Participant
    Post count: 26

    ZHP part 2
    [spoiler:2omvfpol]—\ Logiciels installés (O42)
    O42 – Logiciel: 7-Zip 9.20 (x64 edition) – (.Igor Pavlov.) [HKLM][64Bits] — {23170F69-40C1-2702-0920-000001000000}
    O42 – Logiciel: AMD Accelerated Video Transcoding – (.Advanced Micro Devices, Inc..) [HKLM][64Bits] — {FCC4426F-0296-D30D-729C-E76C8E7252C7}
    O42 – Logiciel: AMD Catalyst Install Manager – (.Advanced Micro Devices, Inc..) [HKLM][64Bits] — {308051DA-0048-7A07-FE8B-9B6EC119A9E8}
    O42 – Logiciel: AMD Drag and Drop Transcoding – (.Advanced Micro Devices, Inc..) [HKLM][64Bits] — {678A75C7-5953-B109-57EE-46C7BA4C29C1}
    O42 – Logiciel: AMD Media Foundation Decoders – (.Advanced Micro Devices, Inc..) [HKLM][64Bits] — {BD1BCEF8-5CD6-D8ED-7D36-31C2172076EA}
    O42 – Logiciel: AMD Wireless Display v3.0 – (.Advanced Micro Devices, Inc..) [HKLM][64Bits] — {ED273D26-E354-1A5B-A0D0-CB5258D43BD2}
    O42 – Logiciel: ATI Stream SDK v2 Developer – (.ATI Technologies Inc..) [HKLM][64Bits] — {80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}
    O42 – Logiciel: Adobe AIR – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe AIR
    O42 – Logiciel: Adobe AIR – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {B92C2C6C-F70E-497B-88A7-1FEF9888272B}
    O42 – Logiciel: Adobe Acrobat XI Pro – (.Adobe Systems.) [HKLM][64Bits] — {AC76BA86-1033-FFFF-7760-000000000006}
    O42 – Logiciel: Adobe Download Assistant – (.Adobe Systems Incorporated.) [HKLM][64Bits] — com.adobe.downloadassistant.AdobeDownloadAssistant
    O42 – Logiciel: Adobe Download Assistant – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {E15BC10F-04AA-0AFD-A6C9-476730195F8B}
    O42 – Logiciel: Adobe Flash Player 15 ActiveX – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player ActiveX
    O42 – Logiciel: Adobe Flash Player 15 Plugin – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player Plugin
    O42 – Logiciel: Adobe Reader XI (11.0.01) – Français – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {AC76BA86-7AD7-1036-7B44-AB0000000001}
    O42 – Logiciel: Adobe Shockwave Player 12.0 – (.Adobe Systems, Inc..) [HKLM][64Bits] — Adobe Shockwave Player
    O42 – Logiciel: Agatha Christie – Peril at End House – (.WildTangent.) [HKLM][64Bits] — WT089362
    O42 – Logiciel: Bejeweled 2 Deluxe – (.WildTangent.) [HKLM][64Bits] — WT089453
    O42 – Logiciel: Big Rig Europe – (.WildTangent.) [HKLM][64Bits] — WT089497
    O42 – Logiciel: Bing Rewards Client Installer – (.Microsoft Corporation.) [HKLM][64Bits] — {61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}
    O42 – Logiciel: Bitdefender Total Security – (.Bitdefender.) [HKLM][64Bits] — Bitdefender
    O42 – Logiciel: Blasterball 3 – (.WildTangent.) [HKLM][64Bits] — WT089308
    O42 – Logiciel: Bounce Symphony – (.WildTangent.) [HKLM][64Bits] — WT087330
    O42 – Logiciel: CCleaner – (.Piriform.) [HKLM][64Bits] — CCleaner
    O42 – Logiciel: Cake Mania – (.WildTangent.) [HKLM][64Bits] — WT089359
    O42 – Logiciel: Canon Easy-PhotoPrint EX – (…) [HKLM][64Bits] — Easy-PhotoPrint EX
    O42 – Logiciel: Canon Easy-WebPrint EX – (…) [HKLM][64Bits] — Easy-WebPrint EX
    O42 – Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program – (…) [HKLM][64Bits] — CANONIJPLM100
    O42 – Logiciel: Canon MG5100 series MP Drivers – (…) [HKLM][64Bits] — {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series
    O42 – Logiciel: Canon MP Navigator EX 4.0 – (…) [HKLM][64Bits] — MP Navigator EX 4.0
    O42 – Logiciel: Canon My Printer – (…) [HKLM][64Bits] — CanonMyPrinter
    O42 – Logiciel: Canon Solution Menu EX – (…) [HKLM][64Bits] — CanonSolutionMenuEX
    O42 – Logiciel: Canon Utilities Digital Photo Professional – (.Canon Inc..) [HKLM][64Bits] — Digital Photo Professional
    O42 – Logiciel: Canon Utilities EOS Sample Music – (.Canon Inc..) [HKLM][64Bits] — EOS Sample Music
    O42 – Logiciel: Canon Utilities EOS Utility – (.Canon Inc..) [HKLM][64Bits] — EOS Utility
    O42 – Logiciel: Canon Utilities ImageBrowser EX – (.Canon Inc..) [HKLM][64Bits] — ImageBrowser EX
    O42 – Logiciel: Canon Utilities PhotoStitch – (.Canon Inc..) [HKLM][64Bits] — PhotoStitch
    O42 – Logiciel: Canon Utilities Picture Style Editor – (.Canon Inc..) [HKLM][64Bits] — Picture Style Editor
    O42 – Logiciel: Catalyst Control Center – Branding – (.Advanced Micro Devices, Inc..) [HKLM][64Bits] — {CB79256B-C0E0-40C6-8EB7-BDD796203581}
    O42 – Logiciel: Chuzzle Deluxe – (.WildTangent.) [HKLM][64Bits] — WT089454
    O42 – Logiciel: Crazy Chicken Kart 2 – (.WildTangent.) [HKLM][64Bits] — WT089492
    O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM][64Bits] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 – Logiciel: Diner Dash 2 Restaurant Rescue – (.WildTangent.) [HKLM][64Bits] — WT087536
    O42 – Logiciel: Enregistrement utilisateur de Canon MG5100 series – (…) [HKLM][64Bits] — Enregistrement utilisateur de Canon MG5100 series =>.Canon Inc
    O42 – Logiciel: FATE – (.WildTangent.) [HKLM][64Bits] — WT087361
    O42 – Logiciel: Farm Frenzy – (.WildTangent.) [HKLM][64Bits] — WT089328
    O42 – Logiciel: FileZilla Client 3.5.2 – (.FileZilla Project.) [HKLM][64Bits] — FileZilla Client
    O42 – Logiciel: Fishdom – (.WildTangent.) [HKLM][64Bits] — WT089493
    O42 – Logiciel: GIMP 2.8.0 – (.The GIMP Team.) [HKLM][64Bits] — GIMP-2_is1
    O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM][64Bits] — Google Chrome
    O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM][64Bits] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 – Logiciel: Google Earth – (.Google.) [HKLM][64Bits] — {CFCD2A80-EC16-11E0-A273-B8AC6F97B88E}
    O42 – Logiciel: HP Auto – (.Hewlett-Packard Company.) [HKLM][64Bits] — {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
    O42 – Logiciel: HP Client Services – (.Hewlett-Packard.) [HKLM][64Bits] — {2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
    O42 – Logiciel: HP Customer Experience Enhancements – (.Hewlett-Packard.) [HKLM][64Bits] — {07FA4960-B038-49EB-891B-9F95930AA544}
    O42 – Logiciel: HP Games – (.WildTangent.) [HKLM][64Bits] — WildTangent hp Master Uninstall
    O42 – Logiciel: HP LinkUp – (.Hewlett-Packard.) [HKLM][64Bits] — {DB3147AB-4024-4773-8EC0-A1FE5B44933D}
    O42 – Logiciel: HP Setup – (.Hewlett-Packard Company.) [HKLM][64Bits] — {210A03F5-B2ED-4947-B27E-516F50CBB292}
    O42 – Logiciel: HP Setup Manager – (.Hewlett-Packard Company.) [HKLM][64Bits] — {AE856388-AFAD-4753-81DF-D96B19D0A17C}
    O42 – Logiciel: HP Update – (.Hewlett-Packard.) [HKLM][64Bits] — {DE77FE3F-A33D-499A-87AD-5FC406617B40}
    O42 – Logiciel: HP Vision Hardware Diagnostics – (.Hewlett-Packard.) [HKLM][64Bits] — {D79A02E9-6713-4335-9668-AAC7474C0C0E}
    O42 – Logiciel: HTC Driver Installer – (.HTC Corporation.) [HKLM][64Bits] — {4CEEE5D0-F905-4688-B9F9-ECC710507796}
    O42 – Logiciel: HTC Sync Manager – (.HTC.) [HKLM][64Bits] — {231D0C79-98A6-4693-A366-36DE7D7346EC}
    O42 – Logiciel: Hewlett-Packard ACLM.NET v1.2.1.1 – (.Hewlett-Packard Company.) [HKLM][64Bits] — {6F340107-F9AA-47C6-B54C-C3A19F11553F}
    O42 – Logiciel: HydraVision – (.ATI Technologies Inc..) [HKLM][64Bits] — {751D221F-7C37-C83F-1973-A1F92A0F4DF6}
    O42 – Logiciel: IPTInstaller – (.HTC.) [HKLM][64Bits] — {08208143-777D-4A06-BB54-71BF0AD1BB70}
    O42 – Logiciel: Intel(R) Management Engine Components – (.Intel Corporation.) [HKLM][64Bits] — {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
    O42 – Logiciel: Java 7 Update 15 (64-bit) – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F86417015FF}
    O42 – Logiciel: Java 7 Update 65 – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F83217051FF}
    O42 – Logiciel: JavaFX 2.1.1 – (.Oracle Corporation.) [HKLM][64Bits] — {1111706F-666A-4037-7777-211328764D10}
    O42 – Logiciel: Jewel Quest Solitaire – (.WildTangent.) [HKLM][64Bits] — WT087490
    O42 – Logiciel: Junk Mail filter update – (.Microsoft Corporation.) [HKLM][64Bits] — {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
    O42 – Logiciel: LG PC Suite – (.LG Electronics.) [HKLM][64Bits] — LG PC Suite
    O42 – Logiciel: LG United Mobile Drivers – (.LG Electronics.) [HKLM][64Bits] — {55031CEF-CE75-4A5C-8DEA-60577820529B}
    O42 – Logiciel: La boite a couleurs version 1.6.15 – (…) [HKLM][64Bits] — La boite a couleurs_is1
    O42 – Logiciel: LabelPrint – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
    O42 – Logiciel: LabelPrint – (.CyberLink Corp..) [HKLM][64Bits] — {C59C179C-668D-49A9-B6EA-0121CCFC1243}
    O42 – Logiciel: LibreOffice 4.1 Help Pack (French) – (.The Document Foundation.) [HKLM][64Bits] — {16C1F2A6-A04B-46D7-A76C-DD049587CE6B}
    O42 – Logiciel: LibreOffice 4.1.6.2 – (.The Document Foundation.) [HKLM][64Bits] — {146232A9-AB53-48A7-A102-56624D92C80D}
    O42 – Logiciel: MSI to redistribute MS VS2005 CRT libraries – (.The Firebird Project.) [HKLM][64Bits] — {A8D93648-9F7F-407D-915C-62044644C3DA}
    O42 – Logiciel: MSVC80_x64_v2 – (.Nokia.) [HKLM][64Bits] — {4D668D4F-FAA2-4726-834C-31F4614F312E}
    O42 – Logiciel: MSVC80_x86_v2 – (.Nokia.) [HKLM][64Bits] — {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
    O42 – Logiciel: MSVC90_x64 – (.Nokia.) [HKLM][64Bits] — {AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
    O42 – Logiciel: MSVC90_x86 – (.Nokia.) [HKLM][64Bits] — {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
    O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM][64Bits] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 – Logiciel: MSVCRT_amd64 – (.Microsoft.) [HKLM][64Bits] — {D0B44725-3666-492D-BEF6-587A14BD9BD9}
    O42 – Logiciel: MSXML 4.0 SP2 (KB954430) – (.Microsoft Corporation.) [HKLM][64Bits] — {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    O42 – Logiciel: MSXML 4.0 SP2 (KB973688) – (.Microsoft Corporation.) [HKLM][64Bits] — {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    O42 – Logiciel: Mah Jong Medley – (.WildTangent.) [HKLM][64Bits] — WT087393
    O42 – Logiciel: Malwarebytes Anti-Malware version 2.0.2.1012 – (.Malwarebytes Corporation.) [HKLM][64Bits] — Malwarebytes Anti-Malware_is1
    O42 – Logiciel: Mesh Runtime – (.Microsoft Corporation.) [HKLM][64Bits] — {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
    O42 – Logiciel: Microsoft Silverlight – (.Microsoft Corporation.) [HKLM][64Bits] — {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    O42 – Logiciel: Mozilla Firefox 23.0.1 (x86 fr) – (.Mozilla.) [HKLM][64Bits] — Mozilla Firefox 23.0.1 (x86 fr)
    O42 – Logiciel: Mozilla Maintenance Service – (.Mozilla.) [HKLM][64Bits] — MozillaMaintenanceService
    O42 – Logiciel: Mozilla Thunderbird 24.6.0 (x86 fr) – (.Mozilla.) [HKLM][64Bits] — Mozilla Thunderbird 24.6.0 (x86 fr) =>.Mozilla Corporation
    O42 – Logiciel: Mumble 1.2.4 – (.Thorvald Natvig.) [HKLM][64Bits] — {4D933DC4-EA10-4CDA-99F3-7F6AE9AE491F}
    O42 – Logiciel: MusicStation – (.Hewlett-Packard.) [HKLM][64Bits] — MusicStationNetstaller
    O42 – Logiciel: Namco All-Stars PAC-MAN – (.WildTangent.) [HKLM][64Bits] — WT089484
    O42 – Logiciel: Nexon Game Manager – (…) [HKLM][64Bits] — {289AC7E0-0AEE-4a7b-913C-709D9803D23E}
    O42 – Logiciel: Nokia Connectivity Cable Driver – (.Nokia.) [HKLM][64Bits] — {0906982B-A432-4C06-8F01-C01BE1143779}
    O42 – Logiciel: Norton Online Backup – (.Symantec Corporation.) [HKLM][64Bits] — {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC} =>.Symantec Corporation
    O42 – Logiciel: Notepad++ – (…) [HKLM][64Bits] — Notepad++
    O42 – Logiciel: PC Connectivity Solution – (.Nokia.) [HKLM][64Bits] — {BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}
    O42 – Logiciel: PDF Complete Special Edition – (.PDF Complete, Inc.) [HKLM][64Bits] — PDF Complete
    O42 – Logiciel: Package de pilotes Windows – Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2 – (.Nokia.) [HKLM][64Bits] — 62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F
    O42 – Logiciel: Penguins! – (.WildTangent.) [HKLM][64Bits] — WT087394
    O42 – Logiciel: PlayReady PC Runtime amd64 – (.Microsoft Corporation.) [HKLM][64Bits] — {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
    O42 – Logiciel: PokerStars.fr – (.PokerStars.fr.) [HKLM][64Bits] — PokerStars.fr
    O42 – Logiciel: Polar Bowler – (.WildTangent.) [HKLM][64Bits] — WT087396
    O42 – Logiciel: Power2Go – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
    O42 – Logiciel: Power2Go – (.CyberLink Corp..) [HKLM][64Bits] — {40BF1E83-20EB-11D8-97C5-0009C5020658}
    O42 – Logiciel: PunkBuster Services – (.Even Balance, Inc..) [HKLM][64Bits] — PunkBusterSvc
    O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 – Logiciel: Recovery Manager – (.CyberLink Corp..) [HKLM][64Bits] — {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
    O42 – Logiciel: Remote Graphics Receiver – (.Hewlett-Packard.) [HKLM][64Bits] — {16FC3056-90C0-4757-8A68-64D8DA846ADA}
    O42 – Logiciel: SAMSUNG USB Driver for Mobile Phones – (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] — {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
    O42 – Logiciel: Samsung Kies – (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] — InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
    O42 – Logiciel: Samsung Kies – (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] — {758C8301-2696-4855-AF45-534B1200980A}
    O42 – Logiciel: Skype Click to Call – (.Skype Technologies S.A..) [HKLM][64Bits] — {B6CF2967-C81E-40C0-9815-C05774FEF120}
    O42 – Logiciel: Skype™ 6.20 – (.Skype Technologies S.A..) [HKLM][64Bits] — {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
    O42 – Logiciel: Slingo Deluxe – (.WildTangent.) [HKLM][64Bits] — WT087510
    O42 – Logiciel: Spybot – Search & Destroy – (.Safer-Networking Ltd..) [HKLM][64Bits] — {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
    O42 – Logiciel: Update Installer for WildTangent Games App – (.WildTangent.) [HKLM][64Bits] — {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
    O42 – Logiciel: VLC media player 1.1.11 – (.VideoLAN.) [HKLM][64Bits] — VLC media player =>.VideoLAN
    O42 – Logiciel: Virtual Villagers – The Secret City – (.WildTangent.) [HKLM][64Bits] — WT087513
    O42 – Logiciel: Wedding Dash – (.WildTangent.) [HKLM][64Bits] — WT087519
    O42 – Logiciel: WildTangent Games App (HP Games) – (.WildTangent.) [HKLM][64Bits] — {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
    O42 – Logiciel: Windows Media Player Firefox Plugin – (.Microsoft Corp.) [HKLM][64Bits] — {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation
    O42 – Logiciel: Zuma Deluxe – (.WildTangent.) [HKLM][64Bits] — WT089455
    O42 – Logiciel: iSlim 300X – (…) [HKLM][64Bits] — {7EF900F4-61A8-4D95-8A65-488D3BECA206}
    O42 – Logiciel: swMSM – (.Adobe Systems, Inc.) [HKLM][64Bits] — {612C34C7-5E90-47D8-9B5C-0F717DD82726}
    ~ Logic: 92 Scanned in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftware7-Zip]
    [HKCUSoftwareAMD]
    [HKCUSoftwareATI]
    [HKCUSoftwareAdobe]
    [HKCUSoftwareAhnLab]
    [HKCUSoftwareAppDataLowSoftwareAdobe]
    [HKCUSoftwareAppDataLowSoftwareAppDataLow]
    [HKCUSoftwareAppDataLowSoftwareCanon]
    [HKCUSoftwareAppDataLowSoftwareJavaSoft]
    [HKCUSoftwareAppDataLowSoftwareMarkAny]
    [HKCUSoftwareAppDataLowSoftwareUnity]
    [HKCUSoftwareAppDataLow]
    [HKCUSoftwareBCCP]
    [HKCUSoftwareBVRP Software]
    [HKCUSoftwareBitdefender]
    [HKCUSoftwareBossa Studios]
    [HKCUSoftwareCanonBJ]
    [HKCUSoftwareCanon]
    [HKCUSoftwareClasses]
    [HKCUSoftwareClients]
    [HKCUSoftwareConversApi]
    [HKCUSoftwareCyanide]
    [HKCUSoftwareCyberLink]
    [HKCUSoftwareDisc Soft]
    [HKCUSoftwareEarth Resource Mapping]
    [HKCUSoftwareFreemake]
    [HKCUSoftwareGlarySoft]
    [HKCUSoftwareGoogle]
    [HKCUSoftwareHTC]
    [HKCUSoftwareHewlett-Packard]
    [HKCUSoftwareIGA]
    [HKCUSoftwareIM Providers]
    [HKCUSoftwareINCAInternet]
    [HKCUSoftwareJavaSoft]
    [HKCUSoftwareLG Electronics]
    [HKCUSoftwareLowRegistry]
    [HKCUSoftwareMK2]
    [HKCUSoftwareMacromedia]
    [HKCUSoftwareMalwarebytes' Anti-Malware]
    [HKCUSoftwareModern UI Test]
    [HKCUSoftwareMozillaPlugins]
    [HKCUSoftwareMozilla]
    [HKCUSoftwareMumble]
    [HKCUSoftwareNetscape]
    [HKCUSoftwareNokia]
    [HKCUSoftwareOrange]
    [HKCUSoftwarePDFComplete]
    [HKCUSoftwarePiriform]
    [HKCUSoftwarePolicies]
    [HKCUSoftwareSCS Software]
    [HKCUSoftwareSafer Networking Limited]
    [HKCUSoftwareSamsung]
    [HKCUSoftwareScreenshoter]
    [HKCUSoftwareSkype]
    [HKCUSoftwareThe Creative Assembly]
    [HKCUSoftwareThe Document Foundation]
    [HKCUSoftwareThunderbird] =>.Mozilla Corporation
    [HKCUSoftwareTrolltech]
    [HKCUSoftwareUnity]
    [HKCUSoftwareVB and VBA Program Settings]
    [HKCUSoftwareValve]
    [HKCUSoftwareWargaming.net]
    [HKCUSoftwareWinRAR SFX]
    [HKCUSoftwareWow6432Node]
    [HKCUSoftwareZebHelpProcess Helper]
    [HKCUSoftwareappLogAgent]
    [HKCUSoftwaremhk2]
    [HKCUSoftwaretheHunter]
    [HKCUSoftwareuDig1.4.0]
    [HKLMSoftware7-Zip]
    [HKLMSoftwareAMD]
    [HKLMSoftwareATI Technologies]
    [HKLMSoftwareATI]
    [HKLMSoftwareAVC3]
    [HKLMSoftwareBitDefender]
    [HKLMSoftwareBitdefender SafeBox]
    [HKLMSoftwareCBSTEST]
    [HKLMSoftwareCanon]
    [HKLMSoftwareClasses]
    [HKLMSoftwareClients]
    [HKLMSoftwareCyberlink]
    [HKLMSoftwareFileZilla 3]
    [HKLMSoftwareHewlett-Packard]
    [HKLMSoftwareIM Providers]
    [HKLMSoftwareIntel]
    [HKLMSoftwareJavaSoft]
    [HKLMSoftwareKhronos]
    [HKLMSoftwareMacromedia]
    [HKLMSoftwareMozillaPlugins]
    [HKLMSoftwareMozilla]
    [HKLMSoftwareNokia]
    [HKLMSoftwareODBC]
    [HKLMSoftwarePC Connectivity Solution]
    [HKLMSoftwarePiriform]
    [HKLMSoftwarePolicies]
    [HKLMSoftwareRealtek]
    [HKLMSoftwareRegisteredApplications]
    [HKLMSoftwareSAMSUNG]
    [HKLMSoftwareSRS Labs]
    [HKLMSoftwareSafer Networking Limited]
    [HKLMSoftwareSoftware]
    [HKLMSoftwareSonic]
    [HKLMSoftwareSymantec]
    [HKLMSoftwareWeekly]
    [HKLMSoftwareWow6432Node685D6D1C-D73A-4F37-B7E5E53660311DDB]
    [HKLMSoftwareWow6432NodeAMD]
    [HKLMSoftwareWow6432NodeATI Technologies]
    [HKLMSoftwareWow6432NodeATI]
    [HKLMSoftwareWow6432NodeAdobe]
    [HKLMSoftwareWow6432NodeAdwCleaner]
    [HKLMSoftwareWow6432NodeAppDataLow]
    [HKLMSoftwareWow6432NodeBVRP Software]
    [HKLMSoftwareWow6432NodeCanon]
    [HKLMSoftwareWow6432NodeCanon_Inc_IC]
    [HKLMSoftwareWow6432NodeClasses]
    [HKLMSoftwareWow6432NodeClients]
    [HKLMSoftwareWow6432NodeCyberLink]
    [HKLMSoftwareWow6432NodeDisc Soft]
    [HKLMSoftwareWow6432NodeEarth Resource Mapping]
    [HKLMSoftwareWow6432NodeEasyBits]
    [HKLMSoftwareWow6432NodeElectronic Arts]
    [HKLMSoftwareWow6432NodeEven Balance]
    [HKLMSoftwareWow6432NodeF4]
    [HKLMSoftwareWow6432NodeFileZilla 3]
    [HKLMSoftwareWow6432NodeFreemake]
    [HKLMSoftwareWow6432NodeGlarySoft]
    [HKLMSoftwareWow6432NodeGoogle]
    [HKLMSoftwareWow6432NodeHTC]
    [HKLMSoftwareWow6432NodeHewlett-Packard]
    [HKLMSoftwareWow6432NodeIM Providers]
    [HKLMSoftwareWow6432NodeIntel]
    [HKLMSoftwareWow6432NodeJavaSoft]
    [HKLMSoftwareWow6432NodeJreMetrics]
    [HKLMSoftwareWow6432NodeKhronos]
    [HKLMSoftwareWow6432NodeLG Electronics]
    [HKLMSoftwareWow6432NodeLibreOffice]
    [HKLMSoftwareWow6432NodeLicenses]
    [HKLMSoftwareWow6432NodeMAXSOFT-OCRON]
    [HKLMSoftwareWow6432NodeMacromedia]
    [HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware]
    [HKLMSoftwareWow6432NodeMozillaPlugins]
    [HKLMSoftwareWow6432NodeMozilla]
    [HKLMSoftwareWow6432NodeNVIDIA Corporation]
    [HKLMSoftwareWow6432NodeNero]
    [HKLMSoftwareWow6432NodeNewspaperDirect]
    [HKLMSoftwareWow6432NodeNexonEU]
    [HKLMSoftwareWow6432NodeNexon]
    [HKLMSoftwareWow6432NodeNokia]
    [HKLMSoftwareWow6432NodeODBC]
    [HKLMSoftwareWow6432NodeOracle]
    [HKLMSoftwareWow6432NodePC Connectivity Solution]
    [HKLMSoftwareWow6432NodePCSuite]
    [HKLMSoftwareWow6432NodePDFComplete]
    [HKLMSoftwareWow6432NodePKR]
    [HKLMSoftwareWow6432NodePhilips]
    [HKLMSoftwareWow6432NodePixArt]
    [HKLMSoftwareWow6432NodePolicies]
    [HKLMSoftwareWow6432NodeRealtek]
    [HKLMSoftwareWow6432NodeRegisteredApplications]
    [HKLMSoftwareWow6432NodeSafer Networking Limited]
    [HKLMSoftwareWow6432NodeSamsung]
    [HKLMSoftwareWow6432NodeSkype]
    [HKLMSoftwareWow6432NodeSoftware]
    [HKLMSoftwareWow6432NodeSymantec]
    [HKLMSoftwareWow6432NodeThe Document Foundation]
    [HKLMSoftwareWow6432NodeValve]
    [HKLMSoftwareWow6432NodeVideoLAN]
    [HKLMSoftwareWow6432NodeVolatile]
    [HKLMSoftwareWow6432NodeWildTangent]
    [HKLMSoftwareWow6432NodeWin32 Services]
    [HKLMSoftwareWow6432NodeWindows]
    [HKLMSoftwareWow6432NodeiSlim 300X]
    [HKLMSoftwareWow6432Nodemozilla.org]
    [HKLMSoftwareWow6432Node]
    ~ Key Software: 401 Scanned in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 02/04/2014 – 19:56:18 – [] —-D C:Program Files (x86)Adobe
    O43 – CFD: 02/04/2014 – 18:53:08 – [] —-D C:Program Files (x86)Adobe Download Assistant
    O43 – CFD: 17/01/2014 – 23:40:40 – [] —-D C:Program Files (x86)AMD AVT
    O43 – CFD: 25/06/2011 – 21:37:31 – [] —-D C:Program Files (x86)ATI Stream
    O43 – CFD: 17/01/2014 – 23:39:41 – [] —-D C:Program Files (x86)ATI Technologies
    O43 – CFD: 25/08/2012 – 15:14:07 – [] —-D C:Program Files (x86)BVRP Software
    O43 – CFD: 22/01/2014 – 15:26:43 – [] —-D C:Program Files (x86)Canon
    O43 – CFD: 02/10/2014 – 15:34:33 – [] —-D C:Program Files (x86)Common Files
    O43 – CFD: 15/07/2014 – 10:34:47 – [] —-D C:Program Files (x86)Cyanide
    O43 – CFD: 25/06/2011 – 21:41:51 – [] —-D C:Program Files (x86)Cyberlink
    O43 – CFD: 19/10/2011 – 11:27:07 – [] —-D C:Program Files (x86)EA Games
    O43 – CFD: 25/06/2011 – 21:42:35 – [] —-D C:Program Files (x86)EasyBits For Kids
    O43 – CFD: 14/11/2011 – 16:15:25 – [] —-D C:Program Files (x86)FileZilla FTP Client
    O43 – CFD: 06/05/2013 – 08:17:15 – [] —-D C:Program Files (x86)Firebird
    O43 – CFD: 02/10/2014 – 15:25:17 – [0] —-D C:Program Files (x86)Freemake
    O43 – CFD: 04/04/2013 – 17:03:58 – [] —-D C:Program Files (x86)Google
    O43 – CFD: 07/02/2013 – 22:24:10 – [] —-D C:Program Files (x86)Hewlett-Packard
    O43 – CFD: 25/06/2011 – 21:37:49 – [] —-D C:Program Files (x86)Hp
    O43 – CFD: 25/06/2011 – 21:46:42 – [] —-D C:Program Files (x86)HP Games
    O43 – CFD: 30/09/2014 – 13:50:09 – [] —-D C:Program Files (x86)HTC
    O43 – CFD: 02/10/2014 – 14:48:54 – [] –H-D C:Program Files (x86)InstallShield Installation Information
    O43 – CFD: 25/06/2011 – 21:36:52 – [] —-D C:Program Files (x86)Intel
    O43 – CFD: 12/09/2014 – 07:54:02 – [] —-D C:Program Files (x86)Internet Explorer
    O43 – CFD: 24/07/2014 – 13:55:34 – [] —-D C:Program Files (x86)Java
    O43 – CFD: 08/07/2014 – 15:31:55 – [] —-D C:Program Files (x86)LaBoiteACouleurs
    O43 – CFD: 03/09/2014 – 10:11:32 – [] —-D C:Program Files (x86)LG Electronics
    O43 – CFD: 15/05/2014 – 11:33:27 – [] —-D C:Program Files (x86)LibreOffice 4
    O43 – CFD: 17/09/2014 – 10:32:29 – [] —-D C:Program Files (x86)Malwarebytes Anti-Malware
    O43 – CFD: 17/09/2014 – 10:32:24 – [0] —-D C:Program Files (x86)Malwarebytes' Anti-Malware
    O43 – CFD: 09/11/2012 – 21:52:26 – [] —-D C:Program Files (x86)MarkAny
    O43 – CFD: 08/02/2012 – 22:35:04 – [] —-D C:Program Files (x86)Micro Application
    O43 – CFD: 02/10/2014 – 14:49:51 – [0] —-D C:Program Files (x86)Microsoft
    O43 – CFD: 25/07/2014 – 09:01:44 – [] —-D C:Program Files (x86)Microsoft Silverlight
    O43 – CFD: 25/06/2011 – 21:50:06 – [] —-D C:Program Files (x86)Microsoft SQL Server Compact Edition
    O43 – CFD: 11/02/2011 – 19:13:09 – [] —-D C:Program Files (x86)Microsoft.NET
    O43 – CFD: 18/08/2013 – 12:46:31 – [] —-D C:Program Files (x86)Mozilla Firefox
    O43 – CFD: 11/06/2014 – 13:58:05 – [] —-D C:Program Files (x86)Mozilla Maintenance Service
    O43 – CFD: 05/11/2011 – 10:52:42 – [] —-D C:Program Files (x86)Mozilla Sunbird
    O43 – CFD: 11/06/2014 – 13:58:03 – [] —-D C:Program Files (x86)Mozilla Thunderbird =>.Mozilla Corporation
    O43 – CFD: 14/07/2009 – 07:32:38 – [] —-D C:Program Files (x86)MSBuild
    O43 – CFD: 11/11/2012 – 04:00:47 – [0] —-D C:Program Files (x86)MSXML 4.0
    O43 – CFD: 11/12/2013 – 16:32:13 – [] —-D C:Program Files (x86)Mumble
    O43 – CFD: 02/10/2014 – 15:17:40 – [0] —-D C:Program Files (x86)MyFree Codec
    O43 – CFD: 02/10/2014 – 15:14:35 – [] —-D C:Program Files (x86)Nokia
    O43 – CFD: 25/10/2012 – 15:20:55 – [] —-D C:Program Files (x86)Notepad++
    O43 – CFD: 18/10/2011 – 18:20:08 – [] R—D C:Program Files (x86)Online Services
    O43 – CFD: 15/05/2014 – 11:41:59 – [] —-D C:Program Files (x86)OpenOffice.org 3
    O43 – CFD: 07/08/2012 – 09:16:00 – [] —-D C:Program Files (x86)Oracle
    O43 – CFD: 09/11/2012 – 20:39:10 – [] —-D C:Program Files (x86)PC Connectivity Solution
    O43 – CFD: 25/06/2011 – 21:48:08 – [] —-D C:Program Files (x86)PDF Complete
    O43 – CFD: 16/09/2014 – 15:54:48 – [] —-D C:Program Files (x86)PokerStars.FR
    O43 – CFD: 25/06/2011 – 21:36:04 – [] —-D C:Program Files (x86)Realtek
    O43 – CFD: 14/07/2009 – 07:32:38 – [] —-D C:Program Files (x86)Reference Assemblies
    O43 – CFD: 09/11/2012 – 21:53:16 – [] —-D C:Program Files (x86)Samsung
    O43 – CFD: 02/10/2014 – 15:28:51 – [0] —-D C:Program Files (x86)SEGA
    O43 – CFD: 30/09/2014 – 13:43:16 – [] R—D C:Program Files (x86)Skype
    O43 – CFD: 30/09/2014 – 13:49:10 – [] —-D C:Program Files (x86)Spirent Communications
    O43 – CFD: 04/10/2013 – 13:53:34 – [] —-D C:Program Files (x86)Spybot – Search & Destroy
    O43 – CFD: 16/01/2014 – 10:30:56 – [] —-D C:Program Files (x86)Spybot – Search & Destroy 2
    O43 – CFD: 25/06/2011 – 21:42:07 – [] —-D C:Program Files (x86)Symantec
    O43 – CFD: 25/06/2011 – 21:36:21 – [0] –H-D C:Program Files (x86)Temp
    O43 – CFD: 02/10/2014 – 15:04:14 – [] —-D C:Program Files (x86)theHunter
    O43 – CFD: 22/02/2014 – 18:18:16 – [] —-D C:Program Files (x86)uDig
    O43 – CFD: 14/07/2009 – 06:57:06 – [0] –H-D C:Program Files (x86)Uninstall Information
    O43 – CFD: 23/11/2011 – 12:27:13 – [] —-D C:Program Files (x86)VideoLAN
    O43 – CFD: 13/02/2014 – 12:55:02 – [] —-D C:Program Files (x86)WildTangent Games
    O43 – CFD: 11/07/2013 – 07:56:06 – [] —-D C:Program Files (x86)Windows Defender
    O43 – CFD: 25/06/2011 – 21:50:28 – [] —-D C:Program Files (x86)Windows Live
    O43 – CFD: 25/06/2011 – 21:23:09 – [] —-D C:Program Files (x86)Windows Mail =>.Microsoft Corporation
    O43 – CFD: 13/12/2013 – 10:43:44 – [] —-D C:Program Files (x86)Windows Media Player =>.Microsoft Corporation
    O43 – CFD: 14/07/2009 – 07:32:38 – [] —-D C:Program Files (x86)Windows NT
    O43 – CFD: 25/06/2011 – 21:23:09 – [] —-D C:Program Files (x86)Windows Photo Viewer
    O43 – CFD: 21/11/2010 – 05:31:38 – [] —-D C:Program Files (x86)Windows Portable Devices
    O43 – CFD: 18/10/2011 – 18:20:03 – [] —-D C:Program Files (x86)Windows Sidebar
    O43 – CFD: 02/10/2014 – 14:56:56 – [] —-D C:Program Files (x86)XCOM Enemy Within
    O43 – CFD: 10/10/2014 – 15:52:02 – [] —-D C:Program Files (x86)ZHPDiag =>.Nicolas Coolman
    O43 – CFD: 02/04/2014 – 19:59:38 – [] —-D C:Program Files (x86)Common FilesAdobe
    O43 – CFD: 02/04/2014 – 18:53:06 – [] —-D C:Program Files (x86)Common FilesAdobe AIR
    O43 – CFD: 17/01/2014 – 23:40:37 – [] —-D C:Program Files (x86)Common FilesATI Technologies
    O43 – CFD: 04/10/2013 – 13:42:35 – [] —-D C:Program Files (x86)Common FilesBitdefender
    O43 – CFD: 22/01/2014 – 15:21:03 – [] —-D C:Program Files (x86)Common FilesCanon_Inc_IC
    O43 – CFD: 02/10/2014 – 14:48:58 – [] —-D C:Program Files (x86)Common FilesInstallShield
    O43 – CFD: 02/12/2013 – 18:05:55 – [] —-D C:Program Files (x86)Common FilesiSlim 300X
    O43 – CFD: 24/07/2014 – 13:55:44 – [] —-D C:Program Files (x86)Common FilesJava
    O43 – CFD: 02/10/2014 – 15:34:34 – [] —-D C:Program Files (x86)Common Filesmicrosoft shared
    O43 – CFD: 30/09/2014 – 13:50:11 – [] —-D C:Program Files (x86)Common FilesNero
    O43 – CFD: 25/06/2011 – 21:36:53 – [] —-D C:Program Files (x86)Common FilespostureAgent
    O43 – CFD: 14/07/2009 – 05:20:08 – [] —-D C:Program Files (x86)Common FilesServices
    O43 – CFD: 30/09/2014 – 13:43:16 – [] —-D C:Program Files (x86)Common FilesSkype
    O43 – CFD: 14/07/2009 – 05:20:08 – [] —-D C:Program Files (x86)Common FilesSpeechEngines
    O43 – CFD: 04/04/2013 – 08:17:19 – [] —-D C:Program Files (x86)Common FilesSteam
    O43 – CFD: 18/12/2011 – 17:58:18 – [0] —-D C:Program Files (x86)Common FilesSymantec Shared
    O43 – CFD: 10/11/2011 – 05:01:57 – [] —-D C:Program Files (x86)Common FilesSystem
    O43 – CFD: 25/06/2011 – 21:49:10 – [] —-D C:Program Files (x86)Common FilesWindows Live
    O43 – CFD: 15/04/2014 – 09:07:06 – [] —-D C:ProgramDataAdobe
    O43 – CFD: 17/01/2014 – 23:40:41 – [] —-D C:ProgramDataAMD
    O43 – CFD: 14/07/2009 – 07:08:56 – [] -SH-D C:ProgramDataApplication Data
    O43 – CFD: 17/01/2014 – 23:41:13 – [] —-D C:ProgramDataATI
    O43 – CFD: 30/03/2013 – 00:11:42 – [] —-D C:ProgramDatabdch
    O43 – CFD: 04/10/2013 – 14:03:59 – [] —-D C:ProgramDataBDLogging
    O43 – CFD: 08/10/2013 – 15:28:48 – [] —-D C:ProgramDataBitdefender
    O43 – CFD: 13/02/2014 – 12:55:22 – [] —-D C:ProgramDataBlueStacks
    O43 – CFD: 25/08/2012 – 15:13:20 – [] —-D C:ProgramDataBVRP Software
    O43 – CFD: 18/10/2011 – 18:43:12 – [] –H-D C:ProgramDataCanonBJ
    O43 – CFD: 18/10/2011 – 18:49:47 – [0] –H-D C:ProgramDataCanonEPP
    O43 – CFD: 29/11/2011 – 12:36:04 – [] —-D C:ProgramDataCanonIJ
    O43 – CFD: 31/08/2012 – 10:16:19 – [] –H-D C:ProgramDataCanonIJEGV
    O43 – CFD: 16/06/2014 – 16:34:32 – [] –H-D C:ProgramDataCanonIJEPPEX
    O43 – CFD: 18/10/2011 – 18:49:47 – [0] –H-D C:ProgramDataCanonIJEPPEX2
    O43 – CFD: 18/10/2011 – 18:47:25 – [] —-D C:ProgramDataCanonIJMSetup
    O43 – CFD: 18/10/2011 – 18:49:46 – [] –H-D C:ProgramDataCanonIJMyPrinter
    O43 – CFD: 07/10/2014 – 18:50:28 – [] —-D C:ProgramDataCanonIJPLM
    O43 – CFD: 29/11/2011 – 12:35:45 – [] –H-D C:ProgramDataCanonIJScan
    O43 – CFD: 18/10/2011 – 18:49:47 – [] –H-D C:ProgramDataCanonIJSolutionMenuEX
    O43 – CFD: 18/10/2011 – 18:46:23 – [] —-D C:ProgramDataCanonIJWSpt
    O43 – CFD: 19/03/2014 – 16:53:55 – [] —-D C:ProgramDataCanon_Inc_IC
    O43 – CFD: 15/02/2014 – 19:17:50 – [] —-D C:ProgramDataCyberLink
    O43 – CFD: 12/08/2014 – 09:40:44 – [] —-D C:ProgramDataDAEMON Tools Lite =>.DT Soft Ltd
    O43 – CFD: 14/07/2009 – 07:08:56 – [] -SH-D C:ProgramDataDesktop
    O43 – CFD: 14/07/2009 – 07:08:56 – [] -SH-D C:ProgramDataDocuments
    O43 – CFD: 10/05/2012 – 11:10:11 – [] —-D C:ProgramDataF4
    O43 – CFD: 14/07/2009 – 07:08:56 – [] -SH-D C:ProgramDataFavorites
    O43 – CFD: 02/10/2014 – 15:25:19 – [0] —-D C:ProgramDataFreemake
    O43 – CFD: 07/08/2013 – 13:13:17 – [] —-D C:ProgramDataHewlett-Packard
    O43 – CFD: 30/09/2014 – 13:50:14 – [] —-D C:ProgramDataHTC
    O43 – CFD: 27/02/2012 – 11:47:29 – [] —-D C:ProgramDataHunter
    O43 – CFD: 25/06/2011 – 21:36:52 – [] —-D C:ProgramDataintel
    O43 – CFD: 17/09/2014 – 10:32:24 – [] —-D C:ProgramDataMalwarebytes
    O43 – CFD: 02/10/2014 – 15:34:34 – [] -S–D C:ProgramDataMicrosoft
    O43 – CFD: 02/05/2012 – 16:16:07 – [] —-D C:ProgramDataMozilla
    O43 – CFD: 02/05/2012 – 12:56:03 – [] —-D C:ProgramDataNexonEU
    O43 – CFD: 02/10/2014 – 15:14:35 – [0] —-D C:ProgramDataNokia
    O43 – CFD: 09/11/2012 – 20:37:55 – [] —-D C:ProgramDataNokiaInstallerCache
    O43 – CFD: 18/12/2011 – 17:59:51 – [] —-D C:ProgramDataNorton
    O43 – CFD: 25/06/2011 – 21:51:08 – [] —-D C:ProgramDataNortonInstaller
    O43 – CFD: 24/07/2014 – 14:00:00 – [0] —-D C:ProgramDataOracle
    O43 – CFD: 17/01/2014 – 23:36:40 – [] —-D C:ProgramDataPackage Cache
    O43 – CFD: 09/11/2012 – 20:40:07 – [] —-D C:ProgramDataPC Suite
    O43 – CFD: 10/10/2014 – 14:30:00 – [] —-D C:ProgramDataPDFC
    O43 – CFD: 09/11/2012 – 21:52:59 – [] —-D C:ProgramDataSamsung
    O43 – CFD: 30/09/2014 – 13:43:19 – [] —-D C:ProgramDataSkype
    O43 – CFD: 16/01/2014 – 12:51:24 – [] —-D C:ProgramDataSpybot – Search & Destroy
    O43 – CFD: 14/07/2009 – 07:08:56 – [] -SH-D C:ProgramDataStart Menu
    O43 – CFD: 12/08/2014 – 10:14:09 – [] —-D C:ProgramDataSteam
    O43 – CFD: 26/10/2011 – 08:38:02 – [] —-D C:ProgramDataSun
    O43 – CFD: 25/06/2011 – 21:42:07 – [] —-D C:ProgramDataSymantec
    O43 – CFD: 25/06/2011 – 21:41:46 – [] —-D C:ProgramDataTemp
    O43 – CFD: 14/07/2009 – 07:08:56 – [] -SH-D C:ProgramDataTemplates
    O43 – CFD: 19/02/2012 – 18:12:13 – [] —-D C:ProgramDataVirtualizedApplications
    O43 – CFD: 13/02/2014 – 12:56:14 – [] —-D C:ProgramDataWildTangent
    O43 – CFD: 07/02/2013 – 22:22:51 – [] —-D C:ProgramData{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
    O43 – CFD: 17/07/2014 – 22:22:18 – [] —-D C:UsersJulienAppDataRoamingAdobe
    O43 – CFD: 30/09/2014 – 13:50:28 – [] —-D C:UsersJulienAppDataRoamingApple Computer
    O43 – CFD: 18/10/2011 – 18:30:06 – [] —-D C:UsersJulienAppDataRoamingATI
    O43 – CFD: 04/10/2013 – 14:04:12 – [] —-D C:UsersJulienAppDataRoamingBitdefender
    O43 – CFD: 11/06/2014 – 11:25:04 – [] —-D C:UsersJulienAppDataRoamingCanon
    O43 – CFD: 03/06/2014 – 12:18:16 – [] —-D C:UsersJulienAppDataRoamingCANON INC
    O43 – CFD: 22/01/2014 – 15:22:14 – [] —-D C:UsersJulienAppDataRoamingCanon_Inc_IC
    O43 – CFD: 02/04/2014 – 18:53:10 – [] —-D C:UsersJulienAppDataRoamingcom.adobe.downloadassistant.AdobeDownloadAssistant
    O43 – CFD: 17/07/2014 – 22:22:09 – [] —-D C:UsersJulienAppDataRoamingcom.adobe.formscentral.FormsCentralForAcrobat
    O43 – CFD: 15/02/2014 – 19:17:50 – [] —-D C:UsersJulienAppDataRoamingCyberLink
    O43 – CFD: 17/09/2014 – 10:28:06 – [] —-D C:UsersJulienAppDataRoamingDAEMON Tools Lite =>.DT Soft Ltd
    O43 – CFD: 01/05/2013 – 11:24:37 – [] —-D C:UsersJulienAppDataRoamingeTeks
    O43 – CFD: 07/05/2014 – 20:48:30 – [] —-D C:UsersJulienAppDataRoamingFileZilla
    O43 – CFD: 03/05/2013 – 15:00:07 – [] —-D C:UsersJulienAppDataRoamingfr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
    O43 – CFD: 20/10/2011 – 10:39:14 – [] —-D C:UsersJulienAppDataRoaminggtk-2.0
    O43 – CFD: 27/10/2011 – 09:03:56 – [] —-D C:UsersJulienAppDataRoamingHewlett-Packard
    O43 – CFD: 08/10/2014 – 13:21:52 – [] —-D C:UsersJulienAppDataRoamingHP Support Assistant =>.Hewlett-Packard Co
    O43 – CFD: 07/02/2013 – 22:23:42 – [] —-D C:UsersJulienAppDataRoaminghpqLog
    O43 – CFD: 08/10/2014 – 13:21:52 – [] —-D C:UsersJulienAppDataRoamingHpUpdate
    O43 – CFD: 30/09/2014 – 13:59:42 – [] —-D C:UsersJulienAppDataRoamingHTC
    O43 – CFD: 18/10/2011 – 18:28:50 – [] —-D C:UsersJulienAppDataRoamingIdentities
    O43 – CFD: 03/09/2014 – 10:15:23 – [] —-D C:UsersJulienAppDataRoamingLG Electronics
    O43 – CFD: 15/05/2014 – 11:35:30 – [] —-D C:UsersJulienAppDataRoamingLibreOffice
    O43 – CFD: 25/06/2011 – 21:47:44 – [] —-D C:UsersJulienAppDataRoamingMacromedia
    O43 – CFD: 17/09/2014 – 10:32:31 – [0] —-D C:UsersJulienAppDataRoamingMalwarebytes
    O43 – CFD: 21/11/2010 – 09:16:41 – [0] —-D C:UsersJulienAppDataRoamingMedia Center Programs
    O43 – CFD: 17/12/2013 – 12:30:47 – [] -S–D C:UsersJulienAppDataRoamingMicrosoft
    O43 – CFD: 05/11/2011 – 11:05:04 – [] —-D C:UsersJulienAppDataRoamingMozilla
    O43 – CFD: 08/07/2014 – 19:29:53 – [] —-D C:UsersJulienAppDataRoamingMumble
    O43 – CFD: 16/12/2013 – 13:05:14 – [] —-D C:UsersJulienAppDataRoamingnBrowser
    O43 – CFD: 02/10/2014 – 15:09:51 – [] —-D C:UsersJulienAppDataRoamingNewspaperDirect
    O43 – CFD: 02/10/2014 – 15:14:08 – [] —-D C:UsersJulienAppDataRoamingNokia
    O43 – CFD: 02/10/2014 – 15:14:08 – [0] —-D C:UsersJulienAppDataRoamingNokia Suite
    O43 – CFD: 17/12/2013 – 12:34:23 – [0] —-D C:UsersJulienAppDataRoamingNosibay =>PUP.BubbleDock
    O43 – CFD: 25/10/2012 – 16:43:00 – [] —-D C:UsersJulienAppDataRoamingNotepad++
    O43 – CFD: 18/10/2011 – 23:09:42 – [] —-D C:UsersJulienAppDataRoamingOpenOffice.org
    O43 – CFD: 09/11/2012 – 20:58:53 – [] —-D C:UsersJulienAppDataRoamingPC Suite
    O43 – CFD: 11/08/2014 – 15:02:09 – [] —-D C:UsersJulienAppDataRoamingPro Cycling Manager 2012
    O43 – CFD: 18/12/2011 – 18:02:21 – [0] —-D C:UsersJulienAppDataRoamingQuickScan
    O43 – CFD: 14/05/2014 – 10:57:21 – [] —-D C:UsersJulienAppDataRoamingSamsung
    O43 – CFD: 03/11/2011 – 00:08:07 – [] —-D C:UsersJulienAppDataRoamingSecondLife
    O43 – CFD: 10/10/2014 – 15:30:38 – [] —-D C:UsersJulienAppDataRoamingSkype
    O43 – CFD: 02/10/2014 – 15:33:49 – [] —-D C:UsersJulienAppDataRoamingSoftGrid Client
    O43 – CFD: 26/02/2013 – 22:27:58 – [] —-D C:UsersJulienAppDataRoamingThe Creative Assembly
    O43 – CFD: 08/04/2014 – 22:06:21 – [] —-D C:UsersJulienAppDataRoamingtheHunter
    O43 – CFD: 18/10/2011 – 21:24:01 – [] —-D C:UsersJulienAppDataRoamingThunderbird =>.Mozilla Corporation
    O43 – CFD: 18/02/2012 – 11:27:41 – [0] —-D C:UsersJulienAppDataRoamingTP
    O43 – CFD: 22/02/2014 – 18:19:10 – [] —-D C:UsersJulienAppDataRoamingudig
    O43 – CFD: 16/12/2011 – 16:45:07 – [] —-D C:UsersJulienAppDataRoamingvlc
    O43 – CFD: 31/10/2013 – 12:56:37 – [] —-D C:UsersJulienAppDataRoamingWargaming.net
    O43 – CFD: 17/12/2013 – 12:00:39 – [] —-D C:UsersJulienAppDataRoamingWebplayer
    O43 – CFD: 12/04/2012 – 18:39:47 – [] —-D C:UsersJulienAppDataRoamingWebPlayerBdd =>Adware.SocialSkinz
    O43 – CFD: 13/02/2014 – 12:54:53 – [] —-D C:UsersJulienAppDataRoamingWildTangent
    O43 – CFD: 19/10/2011 – 17:17:36 – [] —-D C:UsersJulienAppDataRoamingWinBatch
    O43 – CFD: 20/02/2014 – 08:41:08 – [] —-D C:UsersJulienAppDataRoamingwp_update =>PUP.WpManager
    O43 – CFD: 10/10/2014 – 15:56:57 – [] —-D C:UsersJulienAppDataRoamingZHP =>.Nicolas Coolman
    O43 – CFD: 11/08/2014 – 14:10:13 – [] —-D C:UsersJulienAppDataLocalAdobe
    O43 – CFD: 30/09/2014 – 13:50:28 – [] —-D C:UsersJulienAppDataLocalApple Computer
    O43 – CFD: 18/10/2011 – 18:19:32 – [] -SH-D C:UsersJulienAppDataLocalApplication Data
    O43 – CFD: 05/06/2014 – 16:23:59 – [] —-D C:UsersJulienAppDataLocalApps
    O43 – CFD: 18/10/2011 – 18:30:06 – [] —-D C:UsersJulienAppDataLocalATI
    O43 – CFD: 14/08/2014 – 08:22:37 – [] —-D C:UsersJulienAppDataLocalbdch
    O43 – CFD: 21/08/2014 – 23:11:41 – [0] —-D C:UsersJulienAppDataLocalCanon Easy-PhotoPrint EX
    O43 – CFD: 03/06/2014 – 12:17:56 – [] —-D C:UsersJulienAppDataLocalCANON_INC
    O43 – CFD: 17/09/2014 – 10:27:42 – [0] —-D C:UsersJulienAppDataLocalCrashDumps
    O43 – CFD: 02/10/2014 – 15:25:56 – [0] —-D C:UsersJulienAppDataLocalDeployment
    O43 – CFD: 10/09/2014 – 18:24:34 – [0] —-D C:UsersJulienAppDataLocalDiagnostics
    O43 – CFD: 30/09/2014 – 13:45:43 – [] —-D C:UsersJulienAppDataLocalDownloaded Installations
    O43 – CFD: 04/08/2013 – 10:31:08 – [0] —-D C:UsersJulienAppDataLocalElevatedDiagnostics
    O43 – CFD: 05/06/2014 – 16:28:43 – [] -SH-D C:UsersJulienAppDataLocalEmieSiteList
    O43 – CFD: 05/06/2014 – 16:28:43 – [] -SH-D C:UsersJulienAppDataLocalEmieUserList
    O43 – CFD: 10/05/2012 – 11:10:06 – [] —-D C:UsersJulienAppDataLocalF4
    O43 – CFD: 18/08/2012 – 12:05:49 – [] —-D C:UsersJulienAppDataLocalfontconfig
    O43 – CFD: 18/08/2012 – 12:05:48 – [] —-D C:UsersJulienAppDataLocalgegl-0.2
    O43 – CFD: 04/04/2013 – 17:04:15 – [] —-D C:UsersJulienAppDataLocalGoogle
    O43 – CFD: 22/02/2012 – 14:15:04 – [] —-D C:UsersJulienAppDataLocalHewlett-Packard
    O43 – CFD: 18/10/2011 – 18:29:06 – [] —-D C:UsersJulienAppDataLocalHewlett-Packard_Company
    O43 – CFD: 18/10/2011 – 18:19:32 – [] -SH-D C:UsersJulienAppDataLocalHistorique
    O43 – CFD: 10/10/2014 – 14:30:00 – [] —-D C:UsersJulienAppDataLocalHTC MediaHub
    O43 – CFD: 03/09/2014 – 10:12:25 – [] —-D C:UsersJulienAppDataLocalLG Electronics
    O43 – CFD: 03/11/2012 – 13:03:42 – [] —-D C:UsersJulienAppDataLocalMacromedia
    O43 – CFD: 02/10/2014 – 14:49:50 – [] —-D C:UsersJulienAppDataLocalMicrosoft
    O43 – CFD: 21/10/2013 – 19:52:31 – [] —-D C:UsersJulienAppDataLocalMicrosoft Games
    O43 – CFD: 05/11/2011 – 11:05:04 – [] —-D C:UsersJulienAppDataLocalMozilla
    O43 – CFD: 09/11/2012 – 20:55:35 – [] —-D C:UsersJulienAppDataLocalNokia
    O43 – CFD: 09/11/2012 – 20:58:46 – [] —-D C:UsersJulienAppDataLocalNokiaAccount
    O43 – CFD: 14/08/2014 – 19:22:28 – [0] —-D C:UsersJulienAppDataLocalPDFC
    O43 – CFD: 09/10/2014 – 16:21:01 – [] —-D C:UsersJulienAppDataLocalPokerStars.FR
    O43 – CFD: 17/07/2013 – 14:00:04 – [] —-D C:UsersJulienAppDataLocalPrograms
    O43 – CFD: 19/10/2011 – 12:47:30 – [] —-D C:UsersJulienAppDataLocalPunkBuster
    O43 – CFD: 18/10/2011 – 18:28:15 – [] —-D C:UsersJulienAppDataLocalRemEngine
    O43 – CFD: 09/11/2012 – 21:55:04 – [] —-D C:UsersJulienAppDataLocalSamsung
    O43 – CFD: 06/01/2012 – 11:53:34 – [] —-D C:UsersJulienAppDataLocalSecondLife
    O43 – CFD: 09/08/2013 – 10:14:43 – [] —-D C:UsersJulienAppDataLocalSkillbrains =>PUP.SkillBrains
    O43 – CFD: 22/03/2014 – 09:03:33 – [] —-D C:UsersJulienAppDataLocalSkype
    O43 – CFD: 18/02/2012 – 11:27:35 – [] —-D C:UsersJulienAppDataLocalSoftGrid Client
    O43 – CFD: 02/05/2012 – 12:57:55 – [] —-D C:UsersJulienAppDataLocalSoftware
    O43 – CFD: 10/10/2014 – 15:56:55 – [] —-D C:UsersJulienAppDataLocalTemp
    O43 – CFD: 18/10/2011 – 18:19:32 – [] -SH-D C:UsersJulienAppDataLocalTemporary Internet Files
    O43 – CFD: 17/07/2013 – 14:48:44 – [] —-D C:UsersJulienAppDataLocaltheHunter
    O43 – CFD: 08/11/2011 – 19:18:47 – [] —-D C:UsersJulienAppDataLocalThunderbird =>.Mozilla Corporation
    O43 – CFD: 02/10/2014 – 15:03:50 – [0] —-D C:UsersJulienAppDataLocalUnity
    O43 – CFD: 03/09/2013 – 10:27:29 – [] —-D C:UsersJulienAppDataLocalVirtualStore
    O43 – CFD: 28/03/2014 – 09:20:40 – [] —-D C:UsersJulienAppDataLocalWindows Live
    O43 – CFD: 03/09/2014 – 10:18:55 – [] —-D C:UsersJulienAppDataLocalWindowsContactPictures
    O43 – CFD: 08/10/2014 – 17:57:10 – [0] —-D C:UsersJulienAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    ~ 4 Dossier CLSID vide (CLSID Empty Folder)
    ~ Program Folder: 261 Scanned in 00mn 00s[/spoiler:2omvfpol]

  • Raz
    Participant
    Post count: 26

    Rapport ZHP part 1
    [spoiler:3g6a85ig]~ Rapport de ZHPDiag v2014.10.10.143 – Nicolas Coolman (10/10/2014)
    ~ Lancé par Julien (10/10/2014 15:54:36)
    ~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Adresse du Forum http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Désactivée par l'utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17280
    MFIE: Mozilla Firefox 23.0.1
    GCIE: Google Chrome v37.0.2062.124 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 3Q6C9
    Windows License : OK
    ~ Windows Remaining Initializations Number : 1
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Bitdefender Total Security v17.16.0.729
    Malwarebytes Anti-Malware version 2.0.2.1012
    Spybot – Search & Destroy v2.1.21
    Windows Defender W7 (Deactivate)

    —\ Logiciels d'optimisation du système
    CCleaner v4.09

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 15 Plugin
    Adobe Reader XI
    Java 7 Update 15 (64-bit)

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 4076 MB (31% free)
    System Restore: Activé (Enable)
    System drive C: has 219 GB (46%) free of 468 GB

    —\ Mode de connexion au système
    ~ Computer Name: JULIEN-HP
    ~ User Name: Julien
    ~ All Users Names: Julien, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersJulienAppDataRoamingZHP
    ~ %AppData% : C:UsersJulienAppDataRoaming
    ~ %Desktop% : C:UsersJulienDesktop
    ~ %Favorites% : C:UsersJulienFavorites
    ~ %LocalAppData% : C:UsersJulienAppDataLocal
    ~ %StartMenu% : C:UsersJulienAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 219 Go of 468 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 12 Go)
    E: CD-ROM drive (Not Inserted)
    F: Floppy drive, Flash card reader, USB Key (Not Inserted)
    G: Hard drive, Flash drive, Thumb drive (Free 335 Go of 452 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 41 Scanned in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 07:19:30.) — C:WindowsExplorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.39EBB9708453036A74C30C9A294023FF] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.18/08/2014 – 22:15:13.) — C:WindowsSystem32wininet.dll [2310656]
    [MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.04/03/2014 – 10:43:50.) — C:WindowsSystem32Winlogon.exe [455168]
    [MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.21/11/2010 – 04:24:16.) — C:WindowsSystem32sppcomapi.dll [232448]
    [MD5.FA886682CFC5D36718D3E436AACF10B9] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.30/05/2014 – 07:45:52.) — C:Windowssystem32DriversAFD.sys [497152]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.21/11/2010 – 04:23:51.) — C:Windowssystem32DriversnetBT.sys [261632]
    [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 03:37:55.) — C:Windowssystem32Driversntfs.sys [1684928]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.21/11/2010 – 04:24:33.) — C:Windowssystem32DriversRasl2tp.sys [129536]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32Driverstdx.sys [119296]
    [MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32Driversvolsnap.sys [295808]
    ~ Generic Processes: Scanned in 00mn 01s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/4977
    ~ Mes musiques (My Musics) : 3/127
    ~ Mes Videos (My Videos) : 2/281
    ~ Mes Favoris (My Favorites) : 1/26
    ~ Mes Documents (My Documents) : 2/40157
    ~ Mon Bureau (My Desktop) : 2/13
    ~ Menu demarrer (Programs) : 1/2
    ~ Hidden Files: Scanned in 01mn 32s

    —\ Processus lancés
    [MD5.2938773409FE568A11CD2D4BB810C01F] – (…) — C:Program Files (x86)HTCHTC Sync ManagerHTC Syncadb.exe [821600] [PID.2748]
    [MD5.554A50B5310E702029D3A675459108FF] – (.Hewlett-Packard – hpsysdrv.) — C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe [62768] [PID.3692]
    [MD5.72334F906C2E2B002CDD2FF9022FD957] – (.PixArt Imaging Incorporation – Registry Monitor.) — C:WindowsPhilipsSPC500NCMonitor.exe [319488] [PID.3648]
    [MD5.C72FB9CC856ECFF3B6459B27CB674638] – (.PixArt Imaging Incorporation – Registry Monitor.) — C:WindowsPixArtPac7302Monitor.exe [323584] [PID.3648]
    [MD5.DB1919F34AB9CD5F43B0ED463D7E8D28] – (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe [615256] [PID.2628]
    [MD5.54404B13D73BDCDD1A5AD261A9FD6310] – (.AMD – HydraDM.) — C:Program Files (x86)ATI TechnologiesHydraVisionHydraDM.exe [393216] [PID.3644]
    [MD5.2F85D5E63A1ECE08085D32C1B615BBFD] – (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe [1562264] [PID.1744]
    [MD5.5AB8DB8F9CADBFBB3C132E8316FE337E] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [852808] [PID.3708]
    [MD5.96B182BCB95057D4C7B8E25811BF6D2A] – (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe [22041192] [PID.4400]
    [MD5.5516C26A6AF8EB4E2CAB48EC98A74398] – (.Hewlett-Packard – hpwuSchd Application.) — C:Program Files (x86)HpHP Software Updatehpwuschd2.exe [54576] [PID.4480]
    [MD5.89388737815250C246BEAB71B7A61499] – (.Pas de propriétaire – MFManager.) — C:Program Files (x86)CanonImageBrowser EXMFManager.exe [69120] [PID.4504]
    [MD5.3B78ACCCAA5132638E7CF419F4A965C7] – (.CANON INC. – Canon Solution Menu EX.) — C:Program Files (x86)CanonSolution Menu EXCNSEMAIN.exe [1185112] [PID.4640]
    [MD5.3CB07566302BCEEB898DE270A0BEC175] – (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [946352] [PID.4676]
    [MD5.AF49D1C79EA49A7833017F290EE63B82] – (.Safer-Networking Ltd. – Spybot – Search & Destroy tray access.) — C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe [5624784] [PID.4812]
    [MD5.FA527B20A81462B981F8E3D030E9739A] – (.Adobe Systems Inc. – AcroTray.) — C:Program Files (x86)AdobeAcrobat 11.0Acrobatacrotray.exe [3477640] [PID.4980]
    [MD5.1DE859B82E381A645C44284A5044BC33] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [256896] [PID.4996]
    [MD5.39AC0E766D62C82D9A35C36A07222C0C] – (.Bitdefender – Bitdefender Wallet Chrome Extension Native.) — C:Program FilesBitdefenderBitdefenderAntispam32pmbxcrnmh.exe [62664] [PID.5644]
    [MD5.B247B655785E659EFA579E5089D50B45] – (.Mozilla Corporation – Thunderbird.) — C:Program Files (x86)Mozilla Thunderbirdthunderbird.exe [390256] [PID.6036]
    [MD5.A00D5FBFABBF281FD059BB0CDA55B6E8] – (.Microsoft Corporation – Windows Live Photo Gallery.) — C:Program Files (x86)Windows LivePhoto GalleryWLXPhotoGallery.exe [131440] [PID.7056]
    [MD5.BB38299368BFB04E0AAB2B4FEC8F6D1F] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8112128] [PID.6156]
    [MD5.3927397AC60D943DAF8808AFFED582B7] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [65192] [PID.1948]
    [MD5.CA793DCC1D5F619021EF1D37CC7A831E] – (.EasyBits Software AS – Shared EasyBits services for Windows.) — C:WindowsSysWOW64ezSharedSvcHost.exe [514232] [PID.2040]
    [MD5.5C8BC8A28798FD010E7ABC4E0D588CAA] – (.Nero AG – NService Application.) — C:Program Files (x86)HTCHTC Sync ManagerHSMServiceEntry.exe [87368] [PID.2232]
    [MD5.AD5DF6F4FBBC798636EDC66BFEC7D0DE] – (.Pas de propriétaire – Inkjet Printer/Scanner/Fax Extended Survey.) — C:Program Files (x86)CanonIJPLMIJPLMSVC.exe [116104] [PID.2276]
    [MD5.446462BBA744DA60379574926FD51EAB] – (.Pas de propriétaire – PassThruSvr Application.) — C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe [166912] [PID.2364]
    [MD5.9C1D7006D7EC85BE953C56570BB7B30E] – (.PDF Complete Inc – Dispatcher.) — C:Program Files (x86)PDF Completepdfsvc.exe [1127448] [PID.2428]
    [MD5.205E1B699FD3F2F9B036EEA2EC30C620] – (…) — C:WindowsSysWOW64PnkBstrA.exe [76888] [PID.2516]
    [MD5.95AA9E165C7DE1B64A11E8B18E91E499] – (.Safer-Networking Ltd. – Spybot-S&D 2 Scanner Service.) — C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe [1817560] [PID.2572]
    [MD5.D31398D4BB4907B517B6E784C2100C4A] – (.Safer-Networking Ltd. – Spybot-S&D 2 Background update service.) — C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe [1033688] [PID.2984]
    [MD5.6AE8E702D1027A9627DDE2B77BB9992B] – (.Safer-Networking Ltd. – Windows Security Center integration..) — C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe [171928] [PID.3224]
    [MD5.D75C4B4A8FE6D7FD74A7EECDBAEC729F] – (.Intel Corporation – Local Manageability Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe [326168] [PID.3488]
    [MD5.758C2CE427C343F780A205E28555C98D] – (.Intel Corporation – User Notification Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe [2656280] [PID.4420]
    ~ Processes Running: Scanned in 00mn 04s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersJulienAppDataLocalGoogleChromeUser DataDefaultPreferences

    —\ Liste des dossiers d'extension Google Chrome
    ~ Google Lines Browser: 0 Scanned in 00mn 11s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersJulienAppDataRoamingMozillaFirefoxProfilesaiuy1yx0.defaultprefs.js
    C:UsersJulienAppDataRoamingMozillaFirefoxProfilesaiuy1yx0.defaultuser.js
    M3 – MFPP: Plugins – [Julien] — C:UsersJulienAppDataRoamingMozillaFirefoxProfilesaiuy1yx0.defaultsearchpluginsaskcom.xml
    M2 – MFEP: prefs.js [Julien – aiuy1yx0.defaultbattlefieldplay4free@ea.com] [] Battlefield Play4Free v1.0.80.2 (..)
    M2 – MFEP: prefs.js [Julien – aiuy1yx0.default{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.22 (..)
    M2 – MFEP: Extension [Julien – aiuy1yx0.default] {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
    P2 – FPN:Firefox Plugin Navigator . (.Microsoft Corporation – np-mswmp.) — C:Program Files (x86)Mozilla FirefoxPluginsnp-mswmp.dll
    P2 – FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. – Adobe PDF Plug-In For Firefox and Netscape 11.0.01.) — C:Program Files (x86)Mozilla FirefoxPluginsnppdf32.dll
    P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:Windowssystem32MacromedFlashNPSWF64_15_0_0_152.dll
    P2 – FPN: [HKLM] [@java.com/DTPlugin,version=10.15.2] – (.Oracle Corporation – NPRuntime Script Plug-in Library for Java(TM) Deploy.) — C:Windowssystem32npDeployJava1.dll
    P2 – FPN: [HKLM] [@java.com/JavaPlugin,version=10.15.2] – (.Oracle Corporation – Next Generation Java Plug-in 10.15.2 for Mozilla browsers.) — C:Program FilesJavajre7binplugin2npjp2.dll
    P2 – FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] – (. Microsoft Corporation – 5.1.30514.0.) — C:Program FilesMicrosoft Silverlight5.1.30514.0npctrl.dll
    P2 – FPN: [HKLM] [adobe.com/AdobeAAMDetect] – (.Adobe Systems – A plugin to detect whether the Adobe Application Manager is installed.) — C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect64.dll
    ~ Firefox Browser: 13 Scanned in 00mn 00s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank
    R0 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Start Page = about:blank
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R3 – URLSearchHook: Microsoft Url Search Hook [64Bits] – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation – Navigateur Internet.) (11.00.9600.17239 (winblue_gdr.140724-2228)) — C:WindowsSysWOW64ieframe.dll
    R4 – HKLMSOFTWAREMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
    R4 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
    ~ IE Browser: 13 Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (15516)
    ~ Hosts File: Scanned in 00mn 07s

    —\ Browser Helper Objects de navigateur (O2)
    O2 – BHO: AcroIEHelperStub [64Bits] – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated – Adobe PDF Helper for Internet Explorer.) — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
    O2 – BHO: Bitdefender Wallet [64Bits] – {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender – Bitdefender Password Manager Internet Explo.) — C:Program FilesBitdefenderBitdefenderAntispam32pmbxie.dll
    O2 – BHO: Canon Easy-WebPrint EX BHO [64Bits] – {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. – Easy-WebPrint EX.) — C:Program Files (x86)CanonEasy-WebPrint EXewpexbho.dll
    O2 – BHO: Java(tm) Plug-In SSV Helper [64Bits] – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binssv.dll
    O2 – BHO: Windows Live ID Sign-in Helper [64Bits] – {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. – Microsoft® Windows Live ID Login Helper.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
    O2 – BHO: Adobe Acrobat Create PDF Toolbar Helper [64Bits] – {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated – Adobe PDF Toolbar for Internet Explorer.) — C:Program Files (x86)Common FilesAdobeAcrobatWCIEActiveXAcroIEFavClient.dll
    O2 – BHO: SkypeIEPluginBHO [64Bits] – {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. – Skype Click to Call for Internet Explorer.) — C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binjp2ssv.dll
    O2 – BHO: HP Network Check Helper [64Bits] – {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard – HP Network Check IE Plug-in.) — C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll
    O2 – BHO: SmartSelect [64Bits] – {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated – Adobe PDF Toolbar for Internet Explorer.) — C:Program Files (x86)Common FilesAdobeAcrobatWCIEActiveXAcroIEFavClient.dll
    O2 – BHO: Bitdefender Wallet [64Bits] – {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender – Bitdefender Password Manager Internet Explo.) — C:Program FilesBitdefenderBitdefenderAntispam32pmbxie.dll
    ~ BHO: 15 Scanned in 00mn 00s

    —\ Internet Explorer Toolbars (O3)
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: Snapfish.lnk . (…) — C:Program Files (x86)Hewlett-PackardSharedWizLink.exe
    O4 – GSProgram [Public]: Snapfish.lnk . (…) — C:Program Files (x86)Hewlett-PackardSharedWizLink.exe
    ~ Global Startup: 2 Scanned in 00mn 03s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [hpsysdrv] . (.Hewlett-Packard – hpsysdrv.) — c:program files (x86)hewlett-packardHP odometerhpsysdrv.exe =>.Hewlett-Packard Co
    O4 – HKLM..Run: [CanonMyPrinter] . (.CANON INC. – Canon My Printer.) — C:Program FilesCanonMyPrinterBJMyPrt.exe
    O4 – HKLM..Run: [SPC500NC_Monitor] . (.PixArt Imaging Incorporation – Registry Monitor.) — C:WindowsPhilipsSPC500NCMonitor.exe
    O4 – HKLM..Run: [Bdagent] . (.Bitdefender – Bitdefender Agent.) — C:Program FilesBitdefenderBitdefenderbdagent.exe
    O4 – HKLM..Run: [PAC7302_Monitor] . (.PixArt Imaging Incorporation – Registry Monitor.) — C:WindowsPixArtPAC7302Monitor.exe
    O4 – HKLM..Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated – Adobe Updater Startup Utility.) — C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe =>.Adobe Systems Incorporated
    O4 – HKLM..RunOnce: [NCPluginUpdater] . (.Hewlett-Packard – NCPluginUpdater.) — C:Program Files (x86)Hewlett-PackardHP Health CheckActiveCheckproduct_lineNCPluginUpdater.exe
    O4 – HKCU..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKCU..Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    O4 – HKCU..Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. – Search results cleaner.) — C:Program Files (x86)Spybot – Search & Destroy 2SDCleaner.exe
    O4 – HKCU..Run: [HydraVisionDesktopManager] . (.AMD – HydraDM.) — C:Program Files (x86)ATI TechnologiesHydraVisionHydraDM.exe
    O4 – HKCU..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe
    O4 – HKCU..Run: [GoogleChromeAutoLaunch_0BF31974579D4682A77A3CE6645E98F8] . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKLM..Wow6432NodeRun: [HP Software Update] . (.Hewlett-Packard – hpwuSchd Application.) — c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
    O4 – HKLM..Wow6432NodeRun: [Norton Online Backup] . (.Symantec Corporation – Norton Online Backup Service.) — C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exe =>.Symantec Corporation
    O4 – HKLM..Wow6432NodeRun: [Easybits Recovery] . (.EasyBits Software AS – Pas de description.) — C:Program Files (x86)EasyBits For KidsezRecover.exe =>.EasyBits Software AS
    O4 – HKLM..Wow6432NodeRun: [PDF Complete] . (.PDF Complete Inc – Sentry for PDF.) — C:Program Files (x86)PDF Completepdfsty.exe =>.PDF Complete Inc
    O4 – HKLM..Wow6432NodeRun: [CanonSolutionMenuEx] . (.CANON INC. – Canon Solution Menu EX.) — C:Program Files (x86)CanonSolution Menu EXCNSEMAIN.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [SDTray] . (.Safer-Networking Ltd. – Spybot – Search & Destroy tray access.) — C:Program Files (x86)Spybot – Search & Destroy 2SDTray.exe
    O4 – HKLM..Wow6432NodeRun: [StartCCC] . (.Advanced Micro Devices, Inc. – Catalyst® Control Center Launcher.) — C:Program Files (x86)ATI TechnologiesATI.ACECore-Staticamd64CLIStart.exe =>.Advanced Micro Devices, Inc
    O4 – HKLM..Wow6432NodeRun: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. – AcroTray.) — C:Program Files (x86)AdobeAcrobat 11.0AcrobatAcrotray.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKUS.DEFAULT..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKUS.DEFAULT..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
    O4 – HKUS.DEFAULT..Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
    O4 – HKUSS-1-5-18..Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-2748682294-2045192110-2013885159-1000..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
    O4 – HKUSS-1-5-21-2748682294-2045192110-2013885159-1000..Run: [Bitdefender Agent de l'application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
    O4 – HKUSS-1-5-21-2748682294-2045192110-2013885159-1000..Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. – Search results cleaner.) — C:Program Files (x86)Spybot – Search & Destroy 2SDCleaner.exe
    O4 – HKUSS-1-5-21-2748682294-2045192110-2013885159-1000..Run: [HydraVisionDesktopManager] . (.AMD – HydraDM.) — C:Program Files (x86)ATI TechnologiesHydraVisionHydraDM.exe
    O4 – HKUSS-1-5-21-2748682294-2045192110-2013885159-1000..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe
    O4 – HKUSS-1-5-21-2748682294-2045192110-2013885159-1000..Run: [GoogleChromeAutoLaunch_0BF31974579D4682A77A3CE6645E98F8] . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – HKUSS-1-5-21-2748682294-2045192110-2013885159-1000..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    ~ Application: Scanned in 00mn 00s

    —\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
    O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
    ~ IE Control Panel: 1 Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: @C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPluginx64.dll,-102 [64Bits] – {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (…) — C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckResourcesIconsHP.ico
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Winsock hijacker (Layered Service Provider) (O10)
    O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
    O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
    O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
    O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
    O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
    O10 – WLSP:00000000008Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
    ~ Winsock: 8 Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{3216E009-8AB3-417D-8B33-AA837F67E4E8}: DhcpNameServer = 192.168.1.254
    O17 – HKLMSystemCS1ServicesTcpip..{3216E009-8AB3-417D-8B33-AA837F67E4E8}: DhcpNameServer = 192.168.1.254
    O17 – HKLMSystemCS2ServicesTcpip..{3216E009-8AB3-417D-8B33-AA837F67E4E8}: DhcpNameServer = 192.168.1.254
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.254
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: application/x-msdownload [64Bits] – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
    ~ SSODL: 1 Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    O23 – Service: (AMD External Events Utility) . (.AMD – AMD External Events Service Module.) – C:WindowsSystem32atiesrxx.exe
    O23 – Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. – Programme d'installation de Google.) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe =>.Google Inc
    O23 – Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company – HP Support Assistant Service.) – C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe =>.Hewlett-Packard Co
    O23 – Service: HP Client Services (HPClientSvc) . (.Hewlett-Packard Company – HP Client Services.) – C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
    O23 – Service: HTCMonitorService (HTCMonitorService) . (.Nero AG – NService Application.) – C:Program Files (x86)HTCHTC Sync ManagerHSMServiceEntry.exe
    O23 – Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire – Inkjet Printer/Scanner/Fax Extended Survey.) – C:Program Files (x86)CanonIJPLMIJPLMSVC.exe
    O23 – Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation – Local Manageability Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    O23 – Service: Norton Online Backup (NOBU) . (.Symantec Corporation – Norton Online Backup Service.) – C:Program Files (x86)SymantecNorton Online BackupNOBuAgent.exe =>.Symantec Corporation
    O23 – Service: Internet Pass-Through Service (PassThru Service) . (.Pas de propriétaire – PassThruSvr Application.) – C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe
    O23 – Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc – Dispatcher.) – C:Program Files (x86)PDF Completepdfsvc.exe
    O23 – Service: PnkBstrA (PnkBstrA) . (…) – C:WindowsSysWOW64PnkBstrA.exe
    O23 – Service: SafeBox (SafeBox) . (.Bitdefender – Safebox Service.) – C:Program FilesBitdefenderBitdefender SafeBoxsafeboxservice.exe
    O23 – Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. – Spybot-S&D 2 Scanner Service.) – C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe
    O23 – Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. – Spybot-S&D 2 Background update service.) – C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe
    O23 – Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. – Windows Security Center integration..) – C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe
    O23 – Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation – User Notification Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    O23 – Service: Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender – Bitdefender Update Service.) – C:Program FilesBitdefenderBitdefenderupdatesrv.exe
    O23 – Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender – Bitdefender Security Service.) – C:Program FilesBitdefenderBitdefendervsserv.exe
    ~ Services: 19 Scanned in 00mn 05s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Default MHTML Editor: Last – .(…) – (.not file.)
    ~ Desktop Component: 4 Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk *) – File not found
    O34 – HKLM BootExecute: (sdnclean64.exe) – File not found
    ~ BEX: 2 Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.4ECFCAAE5CB380F58934F0DCF5F64E7F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [267440]
    [MD5.E7CDBC01674477840A64965E784374DE] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) — C:Program FilesCCleanerCCleaner.exe [4370712]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForJulien] (.Hewlett-Packard.) — C:Program Files (x86)Hewlett-PackardHP CeementHPCEE.exe [91704]
    [MD5.AF51D4FE088A3EFA5303B36FFFD0581B] [APT] [HPCeeScheduleForJULIEN-HP$] (.Hewlett-Packard.) — C:Program Files (x86)Hewlett-PackardHP CeementHPCEE.exe [91704]
    [MD5.A9D408678D172602A25C46FD1E76AAF1] [APT] [RMCreator] (.CyberLink.) — C:Program Files (x86)Hewlett-PackardRecoveryReminder.exe [517416]
    [MD5.24A63F38DF514E6774A850A0710760A4] [APT] [ServicePlan] (…) — C:Program Files (x86)Hewlett-PackardHP SetupRemEngine.exe [38456]
    [MD5.00000000000000000000000000000000] [APT] [wp_update] (…) — C:UsersJulienAppDataRoaming~gkqxybl.exe (.not file.) [0] =>PUP.WpManager
    [MD5.C91D1617AA711E7B058FD0960D41E436] [APT] [{0531C70B-4B4A-4DD1-AEED-C45514363B5A}] (.Nexon.) — C:UsersJulienDesktopCombatarms_eu.exe [645022474]
    [MD5.00000000000000000000000000000000] [APT] [{71DDFE9F-8B67-4EAB-B0C3-9D9E6E9D2BCB}] (…) — C:UsersJulienDownloadsSunbird Setup 1.0 Beta 1.exe (.not file.) [0]
    [MD5.BD7734C613C356C2CBEB0174BEAB8EC0] [APT] [HPSA Upgrade] (.Hewlett-Packard.) — C:ProgramDataHewlett-PackardHPSAUpgrade3HpSAUpgrade.exe [1248312]
    [MD5.0AE2C218A9AB6C16D79160CCE55B35FC] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) — C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSF.exe [525728]
    [MD5.0AE2C218A9AB6C16D79160CCE55B35FC] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) — C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSF.exe [525728]
    [MD5.16F1F09240540D9409DA192839C9D786] [APT] [Update Check] (.Hewlett-Packard Company.) — C:ProgramDataHewlett-PackardHP Support FrameworkResourcesUpdater7HPSFUpdater.exe [630584]
    [MD5.87E7F7F2E6885FBE191735786166022E] [APT] [WarrantyChecker_DeviceScan] (.Hewlett-Packard.) — C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe [1613528]
    [MD5.01F441F655D8CC4214BDF411D39D04AF] [APT] [Check for updates] (.Safer-Networking Ltd..) — C:Program Files (x86)Spybot – Search & Destroy 2SDUpdate.exe [3881928]
    [MD5.A58EAD767EAE964ED463FEDF25E750A2] [APT] [Refresh immunization] (.Safer-Networking Ltd..) — C:Program Files (x86)Spybot – Search & Destroy 2SDImmunize.exe [3609552]
    [MD5.03250DB0886A23B1F6C077C5D9F152B0] [APT] [Scan the system] (.Safer-Networking Ltd..) — C:Program Files (x86)Spybot – Search & Destroy 2SDScan.exe [3859928]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsTasksAdobe Flash Player Updater.job [1002]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1064]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1064]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1068]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1068]
    O39 – APT: HPCeeScheduleForJULIEN-HP$ – (.Hewlett-Packard.) — C:WindowsTasksHPCeeScheduleForJULIEN-HP$.job [346]
    O39 – APT: HPCeeScheduleForJULIEN-HP$ – (.Hewlett-Packard.) — C:WindowsSystem32TasksHPCeeScheduleForJULIEN-HP$ [346]
    O39 – APT: HPCeeScheduleForJulien – (.Hewlett-Packard.) — C:WindowsTasksHPCeeScheduleForJulien.job [336]
    O39 – APT: HPCeeScheduleForJulien – (.Hewlett-Packard.) — C:WindowsSystem32TasksHPCeeScheduleForJulien [336]
    ~ Scheduled Task: 25 Scanned in 00mn 15s

    —\ Composants installés (ActiveSetup Installed Components) (O40)
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows Media Player 12.0 [64Bits] – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSysWOW64wmpdxm.dll =>.Microsoft Corporation
    O40 – ASIC: Themes Setup [64Bits] – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
    O40 – ASIC: Internet Explorer [64Bits] – {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows [64Bits] – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program Files (x86)Windows MailWinMail.exe =>.Microsoft Corporation
    O40 – ASIC: Browsing Enhancements [64Bits] – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Windows Desktop Update [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
    O40 – ASIC: Web Platform Customizations [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
    O40 – ASIC: (no name) [64Bits] – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:Windowssystem32mscories.dll
    ~ Active Setup: 10 Scanned in 00mn 00s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Ancillary Function Driver for WinSock.) – C:Windowssystem32driversafd.sys
    O41 – Driver: (BdfNdisf) . (.BitDefender LLC – BitDefender Firewall NDIS6 Filter Driver.) – c:program filescommon filesbitdefenderbitdefender firewallbdfndisf6.sys
    O41 – Driver: (bdfwfpf) . (.BitDefender LLC – BitDefender Firewall WFP Filter Driver.) – C:Program FilesCommon FilesBitdefenderBitdefender Firewallbdfwfpf.sys
    O41 – Driver: (BDVEDISK) . (.BitDefender – FileVault Disk Driver.) – C:WindowsSystem32DRIVERSbdvedisk.sys
    O41 – Driver: (blbdrive) . (.Microsoft Corporation – BLB Drive Driver.) – C:Windowssystem32driversblbdrive.sys
    O41 – Driver: (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:WindowsSystem32DRIVERScdrom.sys
    O41 – Driver: C:WindowsSystem32driversdfsc.sys (DfsC) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
    O41 – Driver: C:WindowsSystem32driversdiscache.sys (discache) . (.Microsoft Corporation – System Indexer/Cache Driver.) – C:WindowsSystem32driversdiscache.sys
    O41 – Driver: (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:Windowssystem32driversmssmbios.sys
    O41 – Driver: (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
    O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
    O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
    O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:WindowsSystem32DRIVERSpacer.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
    O41 – Driver: C:WindowsSystem32DRIVERSRDPCDD.sys (RDPCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32DRIVERSRDPCDD.sys
    O41 – Driver: C:WindowsSystem32driversRDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation – RDP Encoder Miniport.) – C:WindowsSystem32driversrdpencdd.sys
    O41 – Driver: C:WindowsSystem32driversRdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation – RDP Reflector Driver Miniport.) – C:WindowsSystem32driversrdprefmp.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:WindowsSystem32DRIVERStdx.sys
    O41 – Driver: (TermDD) . (.Microsoft Corporation – Remote Desktop Server Driver.) – C:Windowssystem32driverstermdd.sys
    O41 – Driver: (VgaSave) . (.Microsoft Corporation – VGA/Super VGA Video Driver.) – C:Windowssystem32driversvga.sys
    O41 – Driver: C:WindowsSystem32rascfg.dll (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:WindowsSystem32DRIVERSwanarp.sys
    O41 – Driver: (WfpLwf) . (.Microsoft Corporation – WFP NDIS 6.20 Lightweight Filter Driver.) – C:WindowsSystem32DRIVERSwfplwf.sys
    ~ Drivers: 66 Scanned in 00mn 00s[/spoiler:3g6a85ig]

  • Raz
    Participant
    Post count: 26

    Rapport Malware Bytes
    [spoiler:371yhhl6]Malwarebytes Anti-Malware
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Date de l'examen: 10/10/2014
    Heure de l'examen: 13:26:28
    Fichier journal: Malwerbyte journal10102014.txt
    Administrateur: Oui

    Version: 2.00.2.1012
    Base de données Malveillants: v2014.10.10.04
    Base de données Rootkits: v2014.10.08.01
    Licence: Gratuite
    Protection contre les malveillants: Désactivé(e)
    Protection contre les sites Web malveillants: Désactivé(e)
    Self-protection: Désactivé(e)

    Système d'exploitation: Windows 7 Service Pack 1
    Processeur: x64
    Système de fichiers: NTFS
    Utilisateur: Julien

    Type d'examen: Examen “Menaces”
    Résultat: Terminé
    Objets analysés: 318233
    Temps écoulé: 10 min, 46 sec

    Mémoire: Activé(e)
    Démarrage: Activé(e)
    Système de fichiers: Activé(e)
    Archives: Activé(e)
    Rootkits: Désactivé(e)
    Heuristics: Activé(e)
    PUP: Avertir
    PUM: Activé(e)

    Processus: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Clés du Registre: 0
    (No malicious items detected)

    Valeurs du Registre: 0
    (No malicious items detected)

    Données du Registre: 0
    (No malicious items detected)

    Dossiers: 1
    PUP.Optional.SweetPacks.A, C:Program Files (x86)sweetpacks bundle uninstaller_LibreOffice_1531764, Mis en quarantaine, [40cc2fe4611b8fa705e30e0240c3f30d],

    Fichiers: 1
    PUP.Optional.SweetPacks.A, C:Program Files (x86)sweetpacks bundle uninstaller_LibreOffice_1531764uninstaller.exe, Mis en quarantaine, [40cc2fe4611b8fa705e30e0240c3f30d],

    Secteurs physiques: 0
    (No malicious items detected)

    (end)[/spoiler:371yhhl6]

    J’ai du mal à placer le rapport ZHP il me semble trop grand

    RAZ

  • Raz
    Participant
    Post count: 26

    Bonjour,

    Je viens solliciter votre aide car depuis quelques jours, mon pc, celui de ma femme et son smartphone ont les mêmes symptômes : pop up qui s ‘ouvre en demandant les coordonnées de compte google. C’est évidemment une tentative de phishing mais on arrive pas à s’en défaire ni à comprendre comment on a pu être infecté.

    Bref, Je vais commencer à détailler les symptômes de mon pc et une fois résolu, j’ouvrirai un second post pour le deuxième Pc infecté.

    Environ 5 pop up s’affichait au démarrage. J’ai retrouvé dans les tâches lancée au démarrage un certain wp-update que j’ai bloqué.
    Désormais, ces pop-ups se lancent quand j’ouvre Thunderbird.

    J’ai utilisé plusieurs outils de recherche de Malware : spybot, Malwarebytes anti-malwares et adwcleaner. J’ai également, suite à la lecture de votre poste, in stallé et lancé ZHP.
    Le symptôme persiste malgrès que spybot et Malwarebytes aient procédé à des désinfections mais je crois que ZHP a identifié des dysfonctionnements et la présence d’un virus.
    Voici les rapports :

    Spybot :
    [spoiler:1liojew6]Search results from Spybot – Search & Destroy

    10/10/2014 3:50:31 PM
    Scan took 00:26:09.
    26 items found.

    Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
    C:UsersJulienAppDataRoamingMacromediaFlash Player#SharedObjectsFCAR9BXAskype.com#uipreferences.sol
    Properties.size=253
    Properties.md5=8317CB37228A68101BCABE3C942D5518
    Properties.filedate=1412944253
    Properties.filedatetext=2014-10-10 14:30:52

    Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
    HKEY_USERSS-1-5-21-2748682294-2045192110-2013885159-1000SoftwareMicrosoftInternet ExplorerTypedURLs

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet SettingsUser Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERSS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet SettingsUser Agent

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS.DEFAULTSoftwareMicrosoftDirect3DMostRecentApplicationName

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERSS-1-5-21-2748682294-2045192110-2013885159-1000SoftwareMicrosoftDirect3DMostRecentApplicationName

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERSS-1-5-18SoftwareMicrosoftDirect3DMostRecentApplicationName

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftDirectDrawMostRecentApplicationName

    MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
    HKEY_USERSS-1-5-21-2748682294-2045192110-2013885159-1000SoftwareMicrosoftWindowsCurrentVersionAppletsPaintRecent File List

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionSetupInstallation Sources

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionSetupInstallation Sources

    Windows.OpenWith: [SBI $F7204896] Open with list – .AVI extension (Registry Key, nothing done)
    HKEY_USERSS-1-5-21-2748682294-2045192110-2013885159-1000SoftwareMicrosoftWindowsCurrentVersionExplorerFileExts.AVIOpenWithList

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
    HKEY_USERSS-1-5-21-2748682294-2045192110-2013885159-1000SoftwareMicrosoftWindowsCurrentVersionExplorerRecentDocs

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERS.DEFAULTSoftwareMicrosoftWindows MediaWMSDKGeneralComputerName

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERSS-1-5-21-2748682294-2045192110-2013885159-1000SoftwareMicrosoftWindows MediaWMSDKGeneralComputerName

    Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
    HKEY_USERSS-1-5-18SoftwareMicrosoftWindows MediaWMSDKGeneralComputerName

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERS.DEFAULTSoftwareMicrosoftWindows MediaWMSDKGeneralUniqueID

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERSS-1-5-21-2748682294-2045192110-2013885159-1000SoftwareMicrosoftWindows MediaWMSDKGeneralUniqueID

    Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
    HKEY_USERSS-1-5-18SoftwareMicrosoftWindows MediaWMSDKGeneralUniqueID

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERS.DEFAULTSoftwareMicrosoftWindows MediaWMSDKGeneralVolumeSerialNumber

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERSS-1-5-21-2748682294-2045192110-2013885159-1000SoftwareMicrosoftWindows MediaWMSDKGeneralVolumeSerialNumber

    Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
    HKEY_USERSS-1-5-18SoftwareMicrosoftWindows MediaWMSDKGeneralVolumeSerialNumber

    Cookie: [SBI $49804B54] Browser: Cookie (53) (Browser: Cookie, nothing done)

    Cache: [SBI $49804B54] Browser: Cache (707) (Browser: Cache, nothing done)

    Historique: [SBI $49804B54] Browser: History (170) (Browser: History, nothing done)

    Cookie: [SBI $49804B54] Browser: Cookie (10) (Browser: Cookie, nothing done)

    — Spybot – Search & Destroy version: 2.1.18.131 DLL (build: 20130516) —

    2013-05-16 blindman.exe (2.1.18.151)
    2013-05-16 explorer.exe (2.1.18.177)
    2013-05-16 SDBootCD.exe (2.1.18.109)
    2013-05-16 SDCleaner.exe (2.1.18.110)
    2013-05-16 SDDelFile.exe (2.1.18.94)
    2013-06-18 SDDisableProxy.exe
    2013-05-16 SDFiles.exe (2.1.18.135)
    2013-03-20 SDFileScanHelper.exe (2.1.16.1)
    2013-05-16 SDFSSvc.exe (2.1.18.208)
    2013-05-16 SDHookHelper.exe (2.1.18.2)
    2013-05-16 SDHookInst32.exe (2.1.18.2)
    2013-05-16 SDHookInst64.exe (2.1.18.2)
    2013-05-16 SDImmunize.exe (2.1.18.130)
    2013-05-16 SDLogReport.exe (2.1.18.107)
    2013-05-16 SDOnAccess.exe (2.1.18.4)
    2013-05-16 SDPESetup.exe (2.1.18.3)
    2013-05-16 SDPEStart.exe (2.1.18.86)
    2013-05-16 SDPhoneScan.exe (2.1.18.28)
    2013-05-16 SDPRE.exe (2.1.18.22)
    2013-05-16 SDPrepPos.exe (2.1.18.10)
    2013-05-16 SDQuarantine.exe (2.1.18.103)
    2013-05-16 SDRootAlyzer.exe (2.1.18.116)
    2013-05-16 SDSBIEdit.exe (2.1.18.39)
    2013-05-16 SDScan.exe (2.1.18.177)
    2013-05-16 SDScript.exe (2.1.18.53)
    2013-05-16 SDSettings.exe (2.1.18.136)
    2013-05-16 SDShell.exe (2.1.18.2)
    2013-05-16 SDShred.exe (2.1.18.107)
    2013-05-16 SDSysRepair.exe (2.1.18.101)
    2013-05-16 SDTools.exe (2.1.18.150)
    2013-07-25 SDTray.exe (2.1.21.129)
    2013-05-16 SDUpdate.exe (2.1.18.91)
    2013-05-16 SDUpdSvc.exe (2.1.18.76)
    2013-07-10 SDWelcome.exe (2.1.21.129)
    2013-05-15 SDWSCSvc.exe (2.1.18.2)
    2013-06-19 spybotsd2-translation-frx.exe
    2014-01-16 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
    2013-05-16 SDAV.dll
    2013-05-16 SDECon32.dll (2.1.18.113)
    2013-05-16 SDECon64.dll (2.1.18.113)
    2013-04-05 SDEvents.dll (2.1.16.2)
    2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
    2013-05-16 SDHook32.dll (2.1.18.2)
    2013-05-16 SDHook64.dll (2.1.18.2)
    2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
    2013-05-16 SDLicense.dll (2.1.18.0)
    2013-05-16 SDLists.dll (2.1.18.4)
    2013-05-16 SDResources.dll (2.1.18.7)
    2013-05-16 SDScanLibrary.dll (2.1.18.131)
    2013-05-16 SDTasks.dll (2.1.18.15)
    2013-05-16 SDWinLogon.dll (2.1.18.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2013-05-16 Tools.dll (2.1.18.36)
    2014-01-08 IncludesAdware-000.sbi (*)
    2014-01-08 IncludesAdware-001.sbi (*)
    2014-02-19 IncludesAdware-C.sbi (*)
    2014-01-13 IncludesAdware.sbi (*)
    2014-01-13 IncludesAdwareC.sbi (*)
    2010-08-13 IncludesCookies.sbi (*)
    2014-01-08 IncludesDialer-000.sbi (*)
    2014-01-08 IncludesDialer-001.sbi (*)
    2014-01-08 IncludesDialer-C.sbi (*)
    2014-01-13 IncludesDialer.sbi (*)
    2014-01-13 IncludesDialerC.sbi (*)
    2012-11-14 IncludesHeavyDuty.sbi (*)
    2014-01-08 IncludesHijackers-000.sbi (*)
    2014-01-08 IncludesHijackers-001.sbi (*)
    2014-01-08 IncludesHijackers-C.sbi (*)
    2014-01-13 IncludesHijackers.sbi (*)
    2014-01-13 IncludesHijackersC.sbi (*)
    2014-01-08 IncludesiPhone-000.sbi (*)
    2014-01-08 IncludesiPhone.sbi (*)
    2014-01-08 IncludesKeyloggers-000.sbi (*)
    2014-01-08 IncludesKeyloggers-C.sbi (*)
    2014-01-13 IncludesKeyloggers.sbi (*)
    2014-01-13 IncludesKeyloggersC.sbi (*)
    2014-01-09 IncludesMalware-001.sbi (*)
    2014-01-09 IncludesMalware-002.sbi (*)
    2014-02-05 IncludesMalware-003.sbi (*)
    2014-01-28 IncludesMalware-004.sbi (*)
    2014-01-09 IncludesMalware-005.sbi (*)
    2014-01-09 IncludesMalware-006.sbi (*)
    2014-01-09 IncludesMalware-007.sbi (*)
    2014-02-19 IncludesMalware-C.sbi (*)
    2014-01-13 IncludesMalware.sbi (*)
    2013-12-23 IncludesMalwareC.sbi (*)
    2014-01-15 IncludesPUPS-000.sbi (*)
    2014-01-15 IncludesPUPS-001.sbi (*)
    2014-01-15 IncludesPUPS-002.sbi (*)
    2014-02-19 IncludesPUPS-C.sbi (*)
    2012-11-14 IncludesPUPS.sbi (*)
    2014-01-07 IncludesPUPSC.sbi (*)
    2014-01-08 IncludesSecurity-000.sbi (*)
    2014-01-08 IncludesSecurity-C.sbi (*)
    2014-01-21 IncludesSecurity.sbi (*)
    2014-01-21 IncludesSecurityC.sbi (*)
    2014-01-08 IncludesSpyware-000.sbi (*)
    2014-01-08 IncludesSpyware-001.sbi (*)
    2014-01-08 IncludesSpyware-C.sbi (*)
    2014-01-21 IncludesSpyware.sbi (*)
    2014-01-21 IncludesSpywareC.sbi (*)
    2011-06-07 IncludesTracks.sbi (*)
    2012-11-19 IncludesTracks.uti (*)
    2014-01-15 IncludesTrojans-000.sbi (*)
    2014-01-15 IncludesTrojans-001.sbi (*)
    2014-01-15 IncludesTrojans-002.sbi (*)
    2014-01-15 IncludesTrojans-003.sbi (*)
    2014-01-15 IncludesTrojans-004.sbi (*)
    2014-01-15 IncludesTrojans-005.sbi (*)
    2014-01-15 IncludesTrojans-006.sbi (*)
    2014-01-15 IncludesTrojans-007.sbi (*)
    2014-01-15 IncludesTrojans-008.sbi (*)
    2014-01-15 IncludesTrojans-009.sbi (*)
    2014-02-19 IncludesTrojans-C.sbi (*)
    2014-01-15 IncludesTrojans-OG-000.sbi (*)
    2014-01-15 IncludesTrojans-TD-000.sbi (*)
    2014-01-15 IncludesTrojans-VM-000.sbi (*)
    2014-01-15 IncludesTrojans-VM-001.sbi (*)
    2014-01-15 IncludesTrojans-VM-002.sbi (*)
    2014-01-15 IncludesTrojans-VM-003.sbi (*)
    2014-01-15 IncludesTrojans-VM-004.sbi (*)
    2014-01-15 IncludesTrojans-VM-005.sbi (*)
    2014-01-15 IncludesTrojans-VM-006.sbi (*)
    2014-01-15 IncludesTrojans-VM-007.sbi (*)
    2014-01-15 IncludesTrojans-VM-008.sbi (*)
    2014-01-15 IncludesTrojans-VM-009.sbi (*)
    2014-01-15 IncludesTrojans-VM-010.sbi (*)
    2014-01-15 IncludesTrojans-VM-011.sbi (*)
    2014-01-15 IncludesTrojans-VM-012.sbi (*)
    2014-01-15 IncludesTrojans-VM-013.sbi (*)
    2014-01-15 IncludesTrojans-VM-014.sbi (*)
    2014-01-15 IncludesTrojans-VM-015.sbi (*)
    2014-01-15 IncludesTrojans-VM-016.sbi (*)
    2014-01-15 IncludesTrojans-VM-017.sbi (*)
    2014-01-15 IncludesTrojans-VM-018.sbi (*)
    2014-01-15 IncludesTrojans-VM-019.sbi (*)
    2014-01-15 IncludesTrojans-VM-020.sbi (*)
    2014-01-15 IncludesTrojans-VM-021.sbi (*)
    2014-01-15 IncludesTrojans-VM-022.sbi (*)
    2014-01-15 IncludesTrojans-VM-023.sbi (*)
    2014-01-15 IncludesTrojans-VM-024.sbi (*)
    2014-01-15 IncludesTrojans-ZB-000.sbi (*)
    2014-01-15 IncludesTrojans-ZL-000.sbi (*)
    2014-01-09 IncludesTrojans.sbi (*)
    2014-01-16 IncludesTrojansC-01.sbi (*)
    2014-01-16 IncludesTrojansC-02.sbi (*)
    2014-01-16 IncludesTrojansC-03.sbi (*)
    2014-01-16 IncludesTrojansC-04.sbi (*)
    2014-01-16 IncludesTrojansC-05.sbi (*)
    2014-01-09 IncludesTrojansC.sbi (*)[/spoiler:1liojew6]

    rapport Adw Cleaner
    [spoiler:1liojew6]# AdwCleaner v3.311 – Rapport créé le 10/10/2014 à 16:12:42
    # Mis à jour le 30/09/2014 par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : Julien – JULIEN-HP
    # Exécuté depuis : C:UsersJulienDesktopadwcleaner_3.311.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Tâches planifiées ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17280

    -\ Mozilla Firefox v23.0.1 (fr)

    -\ Google Chrome v37.0.2062.124

    *************************

    AdwCleaner[R0].txt – [8910 octets] – [02/10/2014 16:28:02]
    AdwCleaner[R1].txt – [911 octets] – [02/10/2014 16:38:09]
    AdwCleaner[R2].txt – [1029 octets] – [07/10/2014 23:21:49]
    AdwCleaner[R3].txt – [1150 octets] – [10/10/2014 16:11:22]
    AdwCleaner[S0].txt – [8591 octets] – [02/10/2014 16:30:06]
    AdwCleaner[S1].txt – [971 octets] – [02/10/2014 16:38:59]
    AdwCleaner[S2].txt – [1091 octets] – [07/10/2014 23:26:34]
    AdwCleaner[S3].txt – [1072 octets] – [10/10/2014 16:12:42]

    ########## EOF – C:AdwCleanerAdwCleaner[S3].txt – [1132 octets] ##########[/spoiler:1liojew6]

    Les autres rapports à la suite

Le sujet ‘Pop up intempestives phishing’ est fermé à de nouvelles réponses.