Rapport de scan 2014-11-29T05:59:19+00:00
15 sujets de 1 à 15 (sur un total de 18)
  • Auteur
    Messages
  • freeanimal
    Participant
    Nombre d'articles : 11

    Bonjour
    ci joint mon rapport de scan :
    ############################## | UsbFix V 7.805 | [Recherche]

    Utilisateur: Oliver (Administrateur) # OLIVER-PC
    Mis à jour le 27/11/2014 par El Desaparecido – SosVirus
    Lancé à 12:47:18 | 29/11/2014

    Site Web : http://www.usbfix.net/
    Changelog : http://www.usbfix.net/maj/
    Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
    Upload Malware : https://www.sosvirus.net/upload_malware.php
    Détection en Live : http://comment-supprimer.fr/
    Contact : http://www.usbfix.net/contact/

    ################## | System information |

    MB: ASUSTeK COMPUTER INC. (P8H77-M LE)
    CPU: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
    GC: NVIDIA GeForce GT 610
    RAM -> [Total : 8074 Mo | Free : 6217 Mo]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft™ Windows 7 Ultimate (6.1.7601 64-Bit) Service Pack 1
    WB: Internet Explorer : 11.00.9600.16428
    WB: Google Chrome : 39.0.2171.71

    ################## | Security Information |

    AV: avast! Antivirus [(!) Désactivé |A jour]
    AS: Windows Defender [Actif |A jour]
    AS: avast! Antivirus [(!) Désactivé |A jour]
    AS: Malwarebytes Anti-Malware : 2.0.3.1025
    FW: Windows Firewall [Actif]
    SC: Security Center [Actif]
    WU: Windows Update [Actif]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Disque fixe # 150 Go (50 Go libre(s) – 33%) [] # NTFS
    D: -> Disque fixe # 781 Go (464 Go libre(s) – 59%) [] # NTFS
    F: -> Disque fixe # 100 Mo (32 Mo libre(s) – 32%) [System Reserved] # NTFS
    G: -> Disque amovible # 7 Go (7 Go libre(s) – 100%) [Transcend] # FAT32
    H: -> Disque amovible # 7 Go (7 Go libre(s) – 100%) [Transcend] # FAT32

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe,
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [SkyDrive] “C:UsersOliverAppDataLocalMicrosoftSkyDriveSkyDrive.exe” /background
    04 – HKCU..Run : [EPLTargetP0000000000000000] C:Windowssystem32spoolDRIVERSx643E_YATII2E.EXE /EPT “EPLTargetP0000000000000000” /M “L210 Series”
    04 – HKCU..Run : [CCleaner Monitoring] “C:Program FilesCCleanerCCleaner64.exe” /MONITOR
    04 – HKCU..Run : [GoogleChromeAutoLaunch_30BB2D3B5F6B7A5646DD40BF478A2406] “C:Program Files (x86)GoogleChromeApplicationchrome.exe” –no-startup-window
    04 – HKLM..Run : [USB3MON] “C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe”
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [QuickTime Task] “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    04 – HKLM..Run : [EEventManager] “C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe”
    04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
    04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARtkNGUI64.exe -s
    04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – [x64] HKLM..Run : [NvBackend] “C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe”
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-3443909541-3692748824-3244828282-1000..Run : [SkyDrive] “C:UsersOliverAppDataLocalMicrosoftSkyDriveSkyDrive.exe” /background
    04 – HKUS-1-5-21-3443909541-3692748824-3244828282-1000..Run : [EPLTargetP0000000000000000] C:Windowssystem32spoolDRIVERSx643E_YATII2E.EXE /EPT “EPLTargetP0000000000000000” /M “L210 Series”
    04 – HKUS-1-5-21-3443909541-3692748824-3244828282-1000..Run : [CCleaner Monitoring] “C:Program FilesCCleanerCCleaner64.exe” /MONITOR
    04 – HKUS-1-5-21-3443909541-3692748824-3244828282-1000..Run : [GoogleChromeAutoLaunch_30BB2D3B5F6B7A5646DD40BF478A2406] “C:Program Files (x86)GoogleChromeApplicationchrome.exe” –no-startup-window
    04 – HKUS-1-5-21-3443909541-3692748824-3244828282-1001..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-21-3443909541-3692748824-3244828282-1001..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    ################## | Registre |

    ################## | UsbFix – Information |

    Info : Comment supprimer l’infection des raccourcis sur USB ? (Video)
    Info : L’infection des raccourcis USB, c’est quoi ?
    Détection en Live : http://comment-supprimer.fr/

    ################## | Hijack |

    J’ai été infecté avec une clé USB et j’ai lancé USB Fix mais lors du nettoyage il me met un message :
    Autoit Error
    Line 40435 (File “C:UsbfixUsbfix.exe
    Error: Subscript used ou non accessible variable
    Que dois-je faire ?
    Merci de vos réponse.
    Freeanimal

    buckhulk
    Participant
    Nombre d'articles : 2398

    Je m’appelle buckhulk… ^^

    C’est moi qui vais prendre en charge le soucis …. :P:

    [glow=red:2r1zkpdm]Je te conseille de désactiver ton antivirus pour chaque téléchargement de logiciel de désinfection[/glow:2r1zkpdm]

    Á savoir que je ne prend pas en charge les ordinateur encore sous XP

    Nous allons commencer par passer ZHPCleaner afin de simplifier le téléchargement des outils qui suivront .

    ZHPCleaner ICI

    Ensuite pour bien continuer il va falloir que tu fasses un ZHPDiag : ZHPDiag ICI

    Donc 3 rapports s’il te plait, Merci { ZHPCleaner (2) ZHPDiag (1) }

    Ne suis pas deux désinfections en même temps et si tu as un problème avec un outil parles-en .

    Ensuite donne moi des “nouvelles de ton ordinateur assez fréquement (comme un médecin pour adapter les “médicaments”) et héberges bien les rapports .

    Les outils doivent être téléchargés sur le bureau (c’est à dire dans un raccourcis de ton dossier téléchargement, puis tranférés sur ton bureau )

    Ouvert avec un clic droit (exécuter en tant que..).

    Même si ton ordinateur à l’air de mieux fonctionner , une désinfection doit être faite complètement

    Désinstalle tes µtorrent car bien qu’il ne soient pas infectieux , c’est leur utilisation (mauvaise) qui t’amènent des virus …Après si tu veux les remettre….. :electriksock:

    Regarde ICI

    Et aussi , à lire , instructif :

    [glow=red:2r1zkpdm]Concernant les P2P[/glow:2r1zkpdm]

    On va tout recommencer si tu veux bien ! ;)

    freeanimal
    Participant
    Nombre d'articles : 11

    Bonjour Buckhulk
    Merci pour ton aide ! Voilà j’ai fait comme tu me l’a demandé :
    1 télécharger ZHP Cleaner, puis scan + rapport et réparer+rapport.
    2 télécharger ZHP Diag, puis recherche complète+rapport

    Je te joint les 3 rapports en deux messages car je ne peux mettre que 60000 caractères . J’espère avoir bien fait les choses car je suis novice en informatique.

    Spoiler for 55t6z5i1

    ZHPCleaner v2014.11.29.240 by Nicolas Coolman (29/11/2014)
    ~ Run by Oliver (Administrator) (30/11/2014 12:47:01)
    ~ Forum : http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Facebook : https://www.facebook.com/nicolascoolman1” onclick=”window.open(this.href);return false;
    ~ State version : Version OK
    ~ Type : Scanner
    ~ Report : C:UsersOliverDesktopZHPCleaner.txt
    ~ Quarantine : C:UsersOliverAppDataRoamingZHPZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Windows 7, 64-bit Service Pack 1 (Build 7601)

    —\ Service. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Navigateur internet. (2)
    TROUVÉ IE Params: Tabs ( res://ieframe.dll/tabswelcome.htm” onclick=”window.open(this.href);return false; )
    TROUVÉ Chrome URL: “hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl”,”www.google.com”]

    —\ Fichier hôte. (1)
    ~ Le fichier hôte est légitime. (21)

    —\ Tâche planifiée. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Explorateur ( Dossiers, Fichiers ). (2)
    TROUVÉ: C:UsersOliverAppDataRoaminginst.exe [ – ] (Adware.Pirrit)
    TROUVÉ: C:UsersOliverAppDataRoaminginst.exe [ – ] (Adware.GenericTask)

    —\ Base de Registres ( Clés, Valeurs, Données ). (7)
    TROUVÉ: HKCRCLSID{687F8E94-45D6-4685-A63D-1C7A140EF847} [DeltaSync Class] (Toolbar.DeltaSearch)
    TROUVÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
    TROUVÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
    TROUVÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
    TROUVÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
    TROUVÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
    TROUVÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)

    —\ Bilan de la réparation
    ~ Aucune réparation effectuée.
    ~ Ce navigateur est absent (Mozilla Firefox)
    ~ Ce navigateur est absent (Opera Software)
    ~ Réparation annulée par l'utilisateur (Internet Explorer)

    End of clean at 12:49:40[/spoiler:55t6z5i1]

    Spoiler for 55t6z5i1

    ~ ZHPCleaner v2014.11.29.240 by Nicolas Coolman (29/11/2014)
    ~ Run by Oliver (Administrator) (30/11/2014 12:50:18)
    ~ Forum : http://forum.nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Facebook : https://www.facebook.com/nicolascoolman1” onclick=”window.open(this.href);return false;
    ~ State version : Version OK
    ~ Type : Réparer
    ~ Report : C:UsersOliverDesktopZHPCleaner.txt
    ~ Quarantine : C:UsersOliverAppDataRoamingZHPZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Windows 7, 64-bit Service Pack 1 (Build 7601)

    —\ Service. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Navigateur internet. (2)
    REMPLACÉ IE Params: Tabs ( res://ieframe.dll/tabswelcome.htm” onclick=”window.open(this.href);return false; )
    REMPLACÉ Chrome URL: “hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl”,”www.google.com”]

    —\ Fichier hôte. (1)
    ~ Le fichier hôte est légitime. (21)

    —\ Tâche planifiée. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Explorateur ( Dossiers, Fichiers ). (1)
    DEPLACÉ: C:UsersOliverAppDataRoaminginst.exe [ – ] (Adware.Pirrit)

    —\ Base de Registres ( Clés, Valeurs, Données ). (7)
    SUPPRIMÉ: HKCRCLSID{687F8E94-45D6-4685-A63D-1C7A140EF847} [DeltaSync Class] (Toolbar.DeltaSearch)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
    SUPPRIMÉ: [X64] HKLMSOFTWAREMicrosoftInternet ExplorerExtension Compatibility{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)

    —\ Bilan de la réparation
    ~ Réparation réalisée avec succès.
    ~ Ce navigateur est absent (Mozilla Firefox)
    ~ Ce navigateur est absent (Opera Software)
    ~ Réparation annulée par l'utilisateur (Internet Explorer)

    End of clean at 12:52:55[/spoiler:55t6z5i1]

    freeanimal
    Participant
    Nombre d'articles : 11

    Deuxième message et troisième rapport de ZHP Diag

    Spoiler for 26voqwms

    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Désactivée par l'utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17420
    GCIE: Google Chrome v39.0.2171.71 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Windows(R) 7, OEM_COA_NSLP channel
    Windows ID Activation : OK
    ~ Windows Partial Key : J9JQ4
    Windows License : OK
    ~ Windows Remaining Initializations Number : 3
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Avast Free Antivirus v10.0.2208
    Malwarebytes Anti-Malware version 2.0.3.1025
    ESET Online Scanner v3
    Windows Defender W7 (Activate)

    —\ Logiciels d'optimisation du système
    CCleaner v5.00

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 15 Plugin
    Adobe Reader XI

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 8074.1 MB (73% free)
    System Restore: Activé (Enable)
    System drive C: has 49 GB (32%) free of 150 GB

    —\ Mode de connexion au système
    ~ Computer Name: OLIVER-PC
    ~ User Name: Oliver
    ~ All Users Names: UpdatusUser, Oliver, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersOliverAppDataRoamingZHP
    ~ %AppData% : C:UsersOliverAppDataRoaming
    ~ %Desktop% : C:UsersOliverDesktop
    ~ %Favorites% : C:UsersOliverFavorites
    ~ %LocalAppData% : C:UsersOliverAppDataLocal
    ~ %StartMenu% : C:UsersOliverAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 49 Go of 150 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 464 Go of 781 Go)
    E: CD-ROM drive (Not Inserted)
    F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvanced] Start_ShowNetConn: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 41 Scanned in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 13:19:30.) — C:WindowsExplorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 08:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.06/11/2014 – 09:17:24.) — C:WindowsSystem32wininet.dll [2365440]
    [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.17/07/2014 – 09:07:24.) — C:WindowsSystem32Winlogon.exe [455168]
    [MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.21/11/2010 – 10:24:16.) — C:WindowsSystem32sppcomapi.dll [232448]
    [MD5.FA886682CFC5D36718D3E436AACF10B9] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.30/05/2014 – 13:45:52.) — C:Windowssystem32DriversAFD.sys [497152]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 08:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 06:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.21/11/2010 – 10:23:47.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.21/11/2010 – 10:24:32.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.21/11/2010 – 10:23:47.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 06:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 07:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 09:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.21/11/2010 – 10:23:51.) — C:Windowssystem32DriversnetBT.sys [261632]
    [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 09:37:55.) — C:Windowssystem32Driversntfs.sys [1684928]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 07:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.21/11/2010 – 10:24:33.) — C:Windowssystem32DriversRasl2tp.sys [129536]
    [MD5.1B6163C503398B23FF8B939C67747683] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.21/11/2010 – 10:25:07.) — C:Windowssystem32Driversrdpdr.sys [165888]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 07:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.21/11/2010 – 10:24:32.) — C:Windowssystem32Driverstdx.sys [119296]
    [MD5.DF8126BD41180351A093A3AD2FC8903B] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.25/02/2011 – 13:25:38.) — C:Windowssystem32Driversvolsnap.sys [296320]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    Mes images (My Pictures) : 2/2 (Modified)
    ~ Mes Favoris (My Favorites) : 1/18
    ~ Mes Documents (My Documents) : 2/339
    ~ Mon Bureau (My Desktop) : 1/10
    ~ Menu demarrer (Programs) : 1/30
    ~ Hidden Files: Scanned in 00mn 00s

    —\ Processus lancés
    [MD5.4F46EA70C7579052F764D0F9B81D23C2] – (.NVIDIA Corporation – NVIDIA Update Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe [1797064] [PID.2096]
    [MD5.0EC83E2DA29365048CBEB9A9A963BDFA] – (.Microsoft Corporation – Microsoft OneDrive.) — C:UsersOliverAppDataLocalMicrosoftSkyDriveSkyDrive.exe [277672] [PID.2140]
    [MD5.F89773DFA9B8C95A3AC2AF1E7D99E483] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe [7229752] [PID.2828]
    [MD5.7515EC02E1F288107C95D5C195381235] – (.Intel Corporation – Intel(R) USB 3.0 Monitor.) — C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe [292088] [PID.3772]
    [MD5.46D3D19A4745B67DCA6692AFAB0E136D] – (.SEIKO EPSON CORPORATION – EEventManager Application.) — C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe [1058912] [PID.3808]
    [MD5.FFB8CB731D62EC434A552680E0F8EC1A] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe [5226600] [PID.3856]
    [MD5.14D6542607ACD4B2D1DDB1A36E0D8813] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [271744] [PID.3864]
    [MD5.3CFB25DB09EB90FD2BD4C89D75611E6D] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [856904] [PID.2076]
    [MD5.17D0F31B84A09B648A662AD5C06B5600] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8132608] [PID.5044]
    [MD5.CDA9313E34887A111B8309B55BCDCD82] – (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [411936] [PID.944]
    [MD5.E3F7EC811923F3F1A77B185F22638E5E] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344] [PID.1376]
    [MD5.177FF6608B48638D4066726F3A3F8444] – (…) — C:Program Files (x86)AdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe [102400] [PID.1340]
    [MD5.C5679E5186B2FC95BC76A8A9870D5456] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [64704] [PID.1736]
    [MD5.E536856E96A7605EBF580D62A868E5FE] – (…) — C:WindowsSysWOW64ASGT.exe [55296] [PID.2040]
    [MD5.3F56903E124E820AEECE6D471583C6C1] – (.Apple Inc. – Bonjour Service.) — C:Program Files (x86)BonjourmDNSResponder.exe [238888] [PID.2384]
    [MD5.C44B44E24B929631D9D7368F5B2B40CF] – (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe [161560] [PID.2516]
    [MD5.6D8A2EE4244630B290A837E79C0F37A1] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe [1871160] [PID.2552]
    [MD5.09D4503CBB6ADB3A54E7C7A75090B728] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe [968504] [PID.2820]
    [MD5.75F29D77B0540FCF47EE3BE000BBABDA] – (.Intel Corporation – Local Manageability Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe [277784] [PID.4684]
    [MD5.193AD338F2A64D17300AD640ADFA5D0A] – (.Intel Corporation – User Notification Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe [363800] [PID.5052]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersOliverAppDataLocalGoogleChromeUser DataDefaultPreferences

    —\ Liste des dossiers d'extension Google Chrome
    ~ Google Lines Browser: 0 Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:Windowssystem32MacromedFlashNPSWF64_15_0_0_239.dll
    P2 – FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] – (. Microsoft Corporation – 5.1.30514.0.) — C:Program FilesMicrosoft Silverlight5.1.30514.0npctrl.dll
    ~ Firefox Browser: 2 Scanned in 00mn 00s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.com” onclick=”window.open(this.href);return false;
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R0 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerAboutURLs,Tabs = http://google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R3 – URLSearchHook: Microsoft Url Search Hook [64Bits] – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation – Navigateur Internet.) (11.00.9600.17239 (winblue_gdr.140724-2228)) — C:WindowsSysWOW64ieframe.dll
    R4 – HKLMSOFTWAREMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
    R4 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
    ~ IE Browser: 18 Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (21)
    ~ Hosts File: Scanned in 00mn 00s

    —\ Browser Helper Objects de navigateur (O2)
    O2 – BHO: E-Web Print [64Bits] – {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} . (.SEIKO EPSON CORPORATION – ewps_tb.) — C:Program Files (x86)Epson SoftwareE-Web Printewps_tb.dll
    O2 – BHO: Java(tm) Plug-In SSV Helper [64Bits] – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binssv.dll
    O2 – BHO: avast! Online Security [64Bits] – {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software – IE Webrep plugin.) — C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
    O2 – BHO: Programme d’aide de l’Assistant de connexion au compte Microsoft [64Bits] – {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. – Microsoft® Windows Live ID Login Helper.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
    O2 – BHO: Google Toolbar Helper [64Bits] – {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. – Google Toolbar.) — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binjp2ssv.dll
    ~ BHO: 9 Scanned in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [RTHDVCPL] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARtkNGUI64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:Windowssystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:Windowssystem32hkcmd.exe
    O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:Windowssystem32igfxpers.exe
    O4 – HKLM..Run: [NvBackend] . (.NVIDIA Corporation – NVIDIA Update Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
    O4 – HKCU..Run: [SkyDrive] . (.Microsoft Corporation – Microsoft OneDrive.) — C:UsersOliverAppDataLocalMicrosoftSkyDriveSkyDrive.exe
    O4 – HKCU..Run: [EPLTargetP0000000000000000] . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) — C:Windowssystem32spoolDRIVERSx643E_YATII2E.exe =>.Epson Seiko Corporation
    O4 – HKCU..Run: [CCleaner Monitoring] . (.Piriform Ltd – CCleaner.) — C:Program FilesCCleanerCCleaner64.exe =>.Piriform Ltd
    O4 – HKLM..Wow6432NodeRun: [USB3MON] . (.Intel Corporation – Intel(R) USB 3.0 Monitor.) — C:Program Files (x86)IntelIntel(R) USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program Files (x86)QuickTimeQTTask.exe
    O4 – HKLM..Wow6432NodeRun: [EEventManager] . (.SEIKO EPSON CORPORATION – EEventManager Application.) — C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe
    O4 – HKLM..Wow6432NodeRun: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-3443909541-3692748824-3244828282-1000..Run: [SkyDrive] . (.Microsoft Corporation – Microsoft OneDrive.) — C:UsersOliverAppDataLocalMicrosoftSkyDriveSkyDrive.exe
    O4 – HKUSS-1-5-21-3443909541-3692748824-3244828282-1000..Run: [EPLTargetP0000000000000000] . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) — C:Windowssystem32spoolDRIVERSx643E_YATII2E.exe =>.Epson Seiko Corporation
    O4 – HKUSS-1-5-21-3443909541-3692748824-3244828282-1000..Run: [CCleaner Monitoring] . (.Piriform Ltd – CCleaner.) — C:Program FilesCCleanerCCleaner64.exe =>.Piriform Ltd
    ~ Application: Scanned in 00mn 00s

    —\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
    O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
    ~ IE Control Panel: 1 Scanned in 00mn 00s

    —\ Winsock hijacker (Layered Service Provider) (O10)
    O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
    O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
    O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
    O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
    O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
    O10 – WLSP:00000000008Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
    O10 – WLSP:00000000009Winsock LSP File . (.Apple Inc. – Bonjour Namespace Provider.) — C:Program Files (x86)BonjourmdnsNSP.dll
    ~ Winsock: 9 Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{51F65F25-C863-47BD-B818-0F72B5F63AD1}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{51F65F25-C863-47BD-B818-0F72B5F63AD1}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{51F65F25-C863-47BD-B818-0F72B5F63AD1}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – AppInit_DLLs: . (.NVIDIA Corporation – NVIDIA shim initialization dll, Version 335.) – C:Windowssystem32nvinitx.dll
    ~ AppInit DLL: Scanned in 00mn 00s

    —\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
    ~ SSODL: 1 Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) . (…) – C:Program Files (x86)AdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe
    O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    O23 – Service: ASGT (ASGT) . (…) – C:WindowsSysWOW64ASGT.exe
    O23 – Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software – avast! Service.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    O23 – Service: Service Bonjour (Bonjour Service) . (.Apple Inc. – Bonjour Service.) – C:Program Files (x86)BonjourmDNSResponder.exe
    O23 – Service: Epson Scanner Service (EpsonScanSvc) . (.Seiko Epson Corporation – Epson Scanner Service (64bit).) – C:Windowssystem32EscSvc64.exe
    O23 – Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) . (.SEIKO EPSON CORPORATION – EPSON Status Monitor 3.) – C:Program FilesCommon FilesEPSONEPW!3 SSRPE_WT50RP.exe =>.Epson Seiko Corporation
    O23 – Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. – Programme d'installation de Google.) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe =>.Google Inc
    O23 – Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation – Intel(R) Capability Licensing Service Inter.) – C:Program FilesInteliCLS ClientHeciServer.exe
    O23 – Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    O23 – Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation – Local Manageability Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    O23 – Service: (MBAMScheduler) . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
    O23 – Service: (MBAMService) . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
    O23 – Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 335.2.) – C:Windowssystem32nvvsvc.exe
    O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation – NVIDIA Settings Update Manager.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    O23 – Service: Skype Updater (SkypeUpdate) . (.Skype Technologies – Skype Updater Service.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    O23 – Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    O23 – Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation – User Notification Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    ~ Services: 18 Scanned in 00mn 07s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Default MHTML Editor: Last – .(…) – (.not file.)
    ~ Desktop Component: 4 Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk *) – File not found
    ~ BEX: 1 Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.F79623288F2A357AB20288B5DC4F452A] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [267440]
    [MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) — C:Program FilesAVAST SoftwareAvastAvastEmUpdate.exe [857888]
    [MD5.2E4EE47FBD9BB663A5220DBC38579986] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) — C:Program FilesCCleanerCCleaner.exe [5282584]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.00000000000000000000000000000000] [APT] [{09FF2DE5-71DC-41F8-8029-849B9175DA86}] (…) — C:UsersOliverDownloadsmp3gain-win-full-1_2_5.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{34DE3D19-39D7-4FAD-8CC1-6F8E146529C8}] (…) — C:UsersOliverDownloadsMSReaderPPCFRASetup.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{510A8553-E6D2-4ADD-8B6A-E1B8966C8764}] (…) — C:UsersOliverDownloadsFR_fr_DP5_DL_20100602.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{6EE15E8D-CA58-4914-A1C2-B892F090AE37}] (…) — E:LaCie.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{8005AE53-865F-4A38-B74A-609EA26C8E4A}] (…) — C:UsersOliverDownloadsesetsmartinstaller_enu.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{98DF8ECB-29E9-47BC-8DD0-342CD4CA76E6}] (…) — C:UsersOliverDownloadsRider_2_PC_jeu_gratuit.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{AE868D7F-E445-4C53-9286-FA0EF8687FEC}] (…) — D:Personnal DATAMon site DATAsetup hofmann france.exe (.not file.) [0]
    [MD5.AA1FFCCE383A227144FD62A019CD27CE] [APT] [{F435C670-98E1-494C-B804-0B7598BBE25D}] (.ESET.) — D:Applications – Logiciels – Anti virusAnti virusesetsmartinstaller_enu.exe [2322184]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsTasksAdobe Flash Player Updater.job [1002]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1066]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1066]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1070]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1070]
    ~ Scheduled Task: 19 Scanned in 00mn 01s

    —\ Composants installés (ActiveSetup Installed Components) (O40)
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows Media Player 12.0 [64Bits] – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSysWOW64wmpdxm.dll =>.Microsoft Corporation
    O40 – ASIC: Themes Setup [64Bits] – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
    O40 – ASIC: Internet Explorer [64Bits] – {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows [64Bits] – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program Files (x86)Windows MailWinMail.exe =>.Microsoft Corporation
    O40 – ASIC: Browsing Enhancements [64Bits] – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Windows Desktop Update [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
    O40 – ASIC: Web Platform Customizations [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
    O40 – ASIC: (no name) [64Bits] – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:Windowssystem32mscories.dll
    ~ Active Setup: 10 Scanned in 00mn 00s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Ancillary Function Driver for WinSock.) – C:Windowssystem32driversafd.sys
    O41 – Driver: (aswRdr) . (.AVAST Software – avast! WFP Redirect Driver.) – C:Windowssystem32driversaswRdr2.sys
    O41 – Driver: (aswSnx) . (.AVAST Software – avast! Virtualization Driver.) – C:Windowssystem32driversaswSnx.sys
    O41 – Driver: (aswSP) . (.AVAST Software – avast! self protection module.) – C:Windowssystem32driversaswSP.sys
    O41 – Driver: (blbdrive) . (.Microsoft Corporation – BLB Drive Driver.) – C:WindowsSystem32DRIVERSblbdrive.sys
    O41 – Driver: (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:WindowsSystem32DRIVERScdrom.sys
    O41 – Driver: C:WindowsSystem32cscsvc.dll (CSC) . (.Microsoft Corporation – Windows Client Side Caching Driver.) – C:WindowsSystem32driverscsc.sys
    O41 – Driver: C:WindowsSystem32driversdfsc.sys (DfsC) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
    O41 – Driver: C:WindowsSystem32driversdiscache.sys (discache) . (.Microsoft Corporation – System Indexer/Cache Driver.) – C:WindowsSystem32driversdiscache.sys
    O41 – Driver: (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:WindowsSystem32DRIVERSmssmbios.sys
    O41 – Driver: (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
    O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
    O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
    O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:WindowsSystem32DRIVERSpacer.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
    O41 – Driver: C:WindowsSystem32DRIVERSRDPCDD.sys (RDPCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32DRIVERSRDPCDD.sys
    O41 – Driver: C:WindowsSystem32driversRDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation – RDP Encoder Miniport.) – C:WindowsSystem32driversrdpencdd.sys
    O41 – Driver: C:WindowsSystem32driversRdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation – RDP Reflector Driver Miniport.) – C:WindowsSystem32driversrdprefmp.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:WindowsSystem32DRIVERStdx.sys
    O41 – Driver: (TermDD) . (.Microsoft Corporation – Remote Desktop Server Driver.) – C:WindowsSystem32DRIVERStermdd.sys
    O41 – Driver: (VgaSave) . (.Microsoft Corporation – VGA/Super VGA Video Driver.) – C:Windowssystem32driversvga.sys
    O41 – Driver: C:WindowsSystem32rascfg.dll (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:WindowsSystem32DRIVERSwanarp.sys
    O41 – Driver: (WfpLwf) . (.Microsoft Corporation – WFP NDIS 6.20 Lightweight Filter Driver.) – C:WindowsSystem32DRIVERSwfplwf.sys
    ~ Drivers: 69 Scanned in 00mn 00s

    —\ Logiciels installés (O42)
    O42 – Logiciel: ASUS GPU Tweak – (.ASUSTek COMPUTER INC..) [HKLM][64Bits] — InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}
    O42 – Logiciel: Adobe Flash Player 15 ActiveX – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player ActiveX
    O42 – Logiciel: Adobe Flash Player 15 Plugin – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player Plugin
    O42 – Logiciel: Adobe Help Center 2.1 – (.Adobe Systems.) [HKLM][64Bits] — {25569723-DC5A-4467-A639-79535BF01B71}
    O42 – Logiciel: Adobe Photoshop Elements 5.0 – (.Adobe Systems, Inc..) [HKLM][64Bits] — Adobe Photoshop Elements 5 =>.Adobe Systems Incorporated
    O42 – Logiciel: Adobe Reader XI (11.0.09) – Français – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {AC76BA86-7AD7-1036-7B44-AB0000000001}
    O42 – Logiciel: AnglaisFacile.com – Planet English – (…) [HKLM][64Bits] — afplanet
    O42 – Logiciel: Avast Free Antivirus – (.AVAST Software.) [HKLM][64Bits] — Avast
    O42 – Logiciel: AxCrypt 1.7.3156.0 – (.Axantum Software AB.) [HKLM][64Bits] — {8B49CDB9-824C-44D6-A5D3-D0235D3030B8}
    O42 – Logiciel: Bonjour – (.Apple Inc..) [HKLM][64Bits] — {07287123-B8AC-41CE-8346-3D777245C35B}
    O42 – Logiciel: CCleaner – (.Piriform.) [HKLM][64Bits] — CCleaner
    O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM][64Bits] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 – Logiciel: Dictionnaire Freelang (liste de mots) – (.Freelang.) [HKLM][64Bits] — {14B380D6-8205-4F9D-81D8-515235929F2A}_is1
    O42 – Logiciel: Dictionnaire Freelang 3.74 beta – (.Freelang.) [HKLM][64Bits] — {F53C4192-71DE-4B21-BE03-D6F8CBB5A238}_is1
    O42 – Logiciel: EPSON L210 Series Printer Uninstall – (.SEIKO EPSON Corporation.) [HKLM][64Bits] — EPSON L210 Series
    O42 – Logiciel: EPSON Scan – (.Seiko Epson Corporation.) [HKLM][64Bits] — EPSON Scanner
    O42 – Logiciel: ESET Online Scanner v3 – (…) [HKLM][64Bits] — ESET Online Scanner
    O42 – Logiciel: Epson Connect Printer Setup – (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] — {D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}
    O42 – Logiciel: Epson E-Web Print – (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] — {896667C8-53F8-47B8-B6B0-B113B10F05BC}
    O42 – Logiciel: Epson Easy Photo Print 2 – (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] — {DEDB47A3-C988-4A43-A645-E2CEA571E680}
    O42 – Logiciel: Epson Event Manager – (.Seiko Epson Corporation.) [HKLM][64Bits] — {8F01524C-0676-4CC1-B4AE-64753C723391}
    O42 – Logiciel: Epson User's Guide L210 Series – (…) [HKLM][64Bits] — L210 Series Useg
    O42 – Logiciel: FARO LS 1.1.406.58 – (.FARO Scanner Production.) [HKLM][64Bits] — {951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}
    O42 – Logiciel: FormatFactory 3.3.5.0 – (.Format Factory.) [HKLM][64Bits] — FormatFactory
    O42 – Logiciel: Galerie de photos – (.Microsoft Corporation.) [HKLM][64Bits] — {F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}
    O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM][64Bits] — Google Chrome
    O42 – Logiciel: Google Drive – (.Google, Inc..) [HKLM][64Bits] — {C60F3836-333A-4AE2-B526-CFDBA143A9BA}
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM][64Bits] — {18455581-E099-4BA8-BC6B-F34B2F06600C}
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM][64Bits] — {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM][64Bits] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 – Logiciel: Google Earth – (.Google.) [HKLM][64Bits] — {28E82311-8616-11E1-BEB0-B8AC6F97B88E}
    O42 – Logiciel: HPDiagnosticAlert – (.Microsoft.) [HKLM][64Bits] — {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
    O42 – Logiciel: IncrediMail – (.IncrediMail.) [HKLM][64Bits] — {2CF22C94-1369-4C04-9A5F-A4BC6D91B508}
    O42 – Logiciel: IncrediMail 2.0 – (.IncrediMail Ltd..) [HKLM][64Bits] — IncrediMail
    O42 – Logiciel: Inkscape 0.46 – (…) [HKLM][64Bits] — Inkscape
    O42 – Logiciel: Intel(R) Management Engine Components – (.Intel Corporation.) [HKLM][64Bits] — {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
    O42 – Logiciel: Intel(R) OpenCL CPU Runtime – (.Intel Corporation.) [HKLM][64Bits] — {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
    O42 – Logiciel: Intel(R) Processor Graphics – (.Intel Corporation.) [HKLM][64Bits] — {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
    O42 – Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver – (.Intel Corporation.) [HKLM][64Bits] — {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
    O42 – Logiciel: Intel® Trusted Connect Service Client – (.Intel Corporation.) [HKLM][64Bits] — {09536BA1-E498-4CC3-B834-D884A67D7E34}
    O42 – Logiciel: Java 7 Update 71 – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F03217071FF}
    O42 – Logiciel: Junk Mail filter update – (.Microsoft Corporation.) [HKLM][64Bits] — {F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}
    O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM][64Bits] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 – Logiciel: MSVCRT110 – (.Microsoft.) [HKLM][64Bits] — {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
    O42 – Logiciel: MSVCRT110_amd64 – (.Microsoft.) [HKLM][64Bits] — {E9FA781F-3E80-4399-825A-AD3E11C28C77}
    O42 – Logiciel: MSVCRT_amd64 – (.Microsoft.) [HKLM][64Bits] — {D0B44725-3666-492D-BEF6-587A14BD9BD9}
    O42 – Logiciel: Malwarebytes Anti-Malware version 2.0.3.1025 – (.Malwarebytes Corporation.) [HKLM][64Bits] — Malwarebytes Anti-Malware_is1
    O42 – Logiciel: Microsoft OneDrive – (.Microsoft Corporation.) [HKCU][64Bits] — OneDriveSetup.exe
    O42 – Logiciel: Microsoft Silverlight – (.Microsoft Corporation.) [HKLM][64Bits] — {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    O42 – Logiciel: Mises à jour NVIDIA 10.4.0 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
    O42 – Logiciel: NVIDIA Logiciel système PhysX 9.12.1031 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
    O42 – Logiciel: NVIDIA PhysX – (.NVIDIA Corporation.) [HKLM][64Bits] — {8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
    O42 – Logiciel: NVIDIA Pilote 3D Vision 335.23 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
    O42 – Logiciel: NVIDIA Pilote audio HD : 1.3.30.1 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
    O42 – Logiciel: NVIDIA Pilote du contrôleur 3D Vision 314.22 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
    O42 – Logiciel: NVIDIA Pilote graphique 335.23 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
    O42 – Logiciel: NVIDIA Stereoscopic 3D Driver – (.NVIDIA Corporation.) [HKLM][64Bits] — NVIDIAStereo
    O42 – Logiciel: PDFCreator – (.pdfforge.) [HKLM][64Bits] — {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
    O42 – Logiciel: PeaZip 5.1.1 – (.Giorgio Tani.) [HKLM][64Bits] — {5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1
    O42 – Logiciel: Photo Notifier and Animation Creator – (.IncrediMail Ltd..) [HKLM][64Bits] — Photo Notifier and Animation Creator
    O42 – Logiciel: Photo Notifier and Animation Creator – (.Nom de votre société.) [HKLM][64Bits] — {6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}
    O42 – Logiciel: QuickTime – (.Apple Inc..) [HKLM][64Bits] — {8DC42D05-680B-41B0-8878-6C14D24602DB}
    O42 – Logiciel: Realtek Ethernet Controller Driver – (.Realtek.) [HKLM][64Bits] — {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
    O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 – Logiciel: Skype Web Plugin – (.Skype Technologies S.A..) [HKLM][64Bits] — {B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}
    O42 – Logiciel: Skype™ 6.21 – (.Skype Technologies S.A..) [HKLM][64Bits] — {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
    O42 – Logiciel: Software Updater – (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] — {B307472F-7BD9-4040-9255-CE6D6A1196A3}
    O42 – Logiciel: VLC media player – (.VideoLAN.) [HKLM][64Bits] — VLC media player =>.VideoLAN
    O42 – Logiciel: Windows 7 Logon Background Changer – (.Julien MANICI.) [HKLM][64Bits] — {2E6044C5-3495-485F-91BC-46D1B6430E51}
    O42 – Logiciel: XAMPP – (.BitNami.) [HKLM][64Bits] — xampp
    O42 – Logiciel: jv16 PowerTools 1.3 – (…) [HKLM][64Bits] — jv16 PowerTools_is1
    ~ Logic: 51 Scanned in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareASUS]
    [HKCUSoftwareAVAST Software]
    [HKCUSoftwareAdobe]
    [HKCUSoftwareAppDataLowCOMODO]
    [HKCUSoftwareAppDataLowSoftwareJavaSoft]
    [HKCUSoftwareAppDataLow]
    [HKCUSoftwareApple Computer, Inc.]
    [HKCUSoftwareAvery Dennison]
    [HKCUSoftwareAxantum]
    [HKCUSoftwareCallingID]
    [HKCUSoftwareChromium]
    [HKCUSoftwareClasses]
    [HKCUSoftwareClients]
    [HKCUSoftwareDigital River]
    [HKCUSoftwareEPSON Software Updater]
    [HKCUSoftwareEPSON]
    [HKCUSoftwareESET]
    [HKCUSoftwareEarth Resource Mapping]
    [HKCUSoftwareEnterbrain]
    [HKCUSoftwareFreeTime]
    [HKCUSoftwareGFA]
    [HKCUSoftwareGNU]
    [HKCUSoftwareGabest]
    [HKCUSoftwareGoogle]
    [HKCUSoftwareHaali]
    [HKCUSoftwareIM Providers]
    [HKCUSoftwareIncrediMail]
    [HKCUSoftwareIntel]
    [HKCUSoftwareJavaSoft]
    [HKCUSoftwareLicenses]
    [HKCUSoftwareLocal AppWizard-Generated Applications]
    [HKCUSoftwareMacromedia]
    [HKCUSoftwareMalwarebytes' Anti-Malware]
    [HKCUSoftwareMozillaPlugins]
    [HKCUSoftwareNVIDIA Corporation]
    [HKCUSoftwareNetscape]
    [HKCUSoftwareNico Mak Computing]
    [HKCUSoftwareODBC]
    [HKCUSoftwarePDFCreator]
    [HKCUSoftwarePiriform]
    [HKCUSoftwarePolicies]
    [HKCUSoftwareRealtek]
    [HKCUSoftwareRunning Pillow]
    [HKCUSoftwareSEIKO EPSON CORPORATION]
    [HKCUSoftwareSEIKO EPSON]
    [HKCUSoftwareSkype]
    [HKCUSoftwareTeleCharger_v2]
    [HKCUSoftwareTranscend Elite]
    [HKCUSoftwareTranscend]
    [HKCUSoftwareTrolltech]
    [HKCUSoftwareUsbFix]
    [HKCUSoftwareVB and VBA Program Settings]
    [HKCUSoftwareVSO]
    [HKCUSoftwareVisan]
    [HKCUSoftwareWebApp]
    [HKCUSoftwareWow6432Node]
    [HKCUSoftwareZebHelpProcess Helper]
    [HKLMSoftwareAGEIA Technologies]
    [HKLMSoftwareATI Technologies]
    [HKLMSoftwareAxantum]
    [HKLMSoftwareCBSTEST]
    [HKLMSoftwareClasses]
    [HKLMSoftwareClients]
    [HKLMSoftwareDTS]
    [HKLMSoftwareDolby]
    [HKLMSoftwareEPSON]
    [HKLMSoftwareGoogle]
    [HKLMSoftwareIM Providers]
    [HKLMSoftwareIntel]
    [HKLMSoftwareKhronos]
    [HKLMSoftwareKnowles]
    [HKLMSoftwareMacromedia]
    [HKLMSoftwareMacrovision]
    [HKLMSoftwareMozillaPlugins]
    [HKLMSoftwareNVIDIA Corporation]
    [HKLMSoftwareODBC]
    [HKLMSoftwarePiriform]
    [HKLMSoftwarePolicies]
    [HKLMSoftwareRTLSetup]
    [HKLMSoftwareRealtek]
    [HKLMSoftwareRegisteredApplications]
    [HKLMSoftwareSRS Labs]
    [HKLMSoftwareSkype]
    [HKLMSoftwareSonicFocus]
    [HKLMSoftwareSonic]
    [HKLMSoftwareSynaptics]
    [HKLMSoftwareUSB2800]
    [HKLMSoftwareWaves Audio]
    [HKLMSoftwareWow6432NodeAGEIA Technologies]
    [HKLMSoftwareWow6432NodeASUS]
    [HKLMSoftwareWow6432NodeAVAST Software]
    [HKLMSoftwareWow6432NodeAdobe]
    [HKLMSoftwareWow6432NodeAdwCleaner]
    [HKLMSoftwareWow6432NodeApple Computer, Inc.]
    [HKLMSoftwareWow6432NodeApple Inc.]
    [HKLMSoftwareWow6432NodeAviSynth]
    [HKLMSoftwareWow6432NodeAvira]
    [HKLMSoftwareWow6432NodeChromium]
    [HKLMSoftwareWow6432NodeClasses]
    [HKLMSoftwareWow6432NodeClients]
    [HKLMSoftwareWow6432NodeComodo]
    [HKLMSoftwareWow6432NodeEPSON]
    [HKLMSoftwareWow6432NodeEset]
    [HKLMSoftwareWow6432NodeGNU]
    [HKLMSoftwareWow6432NodeGoogle]
    [HKLMSoftwareWow6432NodeHaaliMkx]
    [HKLMSoftwareWow6432NodeHewlett-Packard]
    [HKLMSoftwareWow6432NodeIM Providers]
    [HKLMSoftwareWow6432NodeInstallShield]
    [HKLMSoftwareWow6432NodeIntel]
    [HKLMSoftwareWow6432NodeJavaSoft]
    [HKLMSoftwareWow6432NodeJreMetrics]
    [HKLMSoftwareWow6432NodeKaydara]
    [HKLMSoftwareWow6432NodeKhronos]
    [HKLMSoftwareWow6432NodeLicenses]
    [HKLMSoftwareWow6432NodeMacromedia]
    [HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware (Trial)]
    [HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware]
    [HKLMSoftwareWow6432NodeMozillaPlugins]
    [HKLMSoftwareWow6432NodeMozilla]
    [HKLMSoftwareWow6432NodeNVIDIA Corporation]
    [HKLMSoftwareWow6432NodeODBC]
    [HKLMSoftwareWow6432NodePDF Architect]
    [HKLMSoftwareWow6432NodePDFCreator]
    [HKLMSoftwareWow6432NodePeaZip]
    [HKLMSoftwareWow6432NodePeaZip_additional]
    [HKLMSoftwareWow6432NodePolicies]
    [HKLMSoftwareWow6432NodeProtexis]
    [HKLMSoftwareWow6432NodeRealtek Semiconductor Corp.]
    [HKLMSoftwareWow6432NodeRealtek]
    [HKLMSoftwareWow6432NodeRegisteredApplications]
    [HKLMSoftwareWow6432NodeSOSVirus]
    [HKLMSoftwareWow6432NodeSkypeWebPlugin]
    [HKLMSoftwareWow6432NodeSkype]
    [HKLMSoftwareWow6432NodeSoftVTU]
    [HKLMSoftwareWow6432NodeSonic]
    [HKLMSoftwareWow6432NodeUSB2800]
    [HKLMSoftwareWow6432NodeVideoLAN]
    [HKLMSoftwareWow6432NodeVolatile]
    [HKLMSoftwareWow6432Nodemozilla.org]
    [HKLMSoftwareWow6432Node]
    ~ Key Software: 269 Scanned in 00mn 00s[/spoiler:26voqwms]

    freeanimal
    Participant
    Nombre d'articles : 11

    Suite du rapport ZHP Diag

    Spoiler for 2xd5u2yx

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 12/12/2012 – 16:13:54 – [] —-D C:Program Files (x86)Adobe
    O43 – CFD: 25/01/2014 – 14:30:22 – [] —-D C:Program Files (x86)AnglaisFacile.com
    O43 – CFD: 12/12/2012 – 09:52:03 – [] —-D C:Program Files (x86)ASUS
    O43 – CFD: 04/04/2014 – 17:03:08 – [] —-D C:Program Files (x86)Bonjour
    O43 – CFD: 26/10/2014 – 13:40:52 – [] —-D C:Program Files (x86)Common Files
    O43 – CFD: 19/04/2014 – 15:13:50 – [] —-D C:Program Files (x86)epson
    O43 – CFD: 26/08/2014 – 10:17:52 – [] —-D C:Program Files (x86)Epson Software
    O43 – CFD: 12/12/2012 – 13:21:30 – [] —-D C:Program Files (x86)ESET
    O43 – CFD: 12/12/2012 – 13:21:02 – [] —-D C:Program Files (x86)FreeTime
    O43 – CFD: 21/11/2013 – 08:46:16 – [] —-D C:Program Files (x86)Google
    O43 – CFD: 30/07/2013 – 13:18:46 – [] —-D C:Program Files (x86)IncrediMail
    O43 – CFD: 01/06/2014 – 15:37:36 – [] —-D C:Program Files (x86)Inkscape
    O43 – CFD: 21/01/2014 – 17:23:53 – [] –H-D C:Program Files (x86)InstallShield Installation Information
    O43 – CFD: 14/11/2013 – 17:51:07 – [] —-D C:Program Files (x86)Intel
    O43 – CFD: 12/11/2014 – 12:21:31 – [] —-D C:Program Files (x86)Internet Explorer
    O43 – CFD: 23/07/2014 – 07:37:34 – [] —-D C:Program Files (x86)Java
    O43 – CFD: 10/01/2013 – 15:14:08 – [] —-D C:Program Files (x86)Julien MANICI
    O43 – CFD: 10/09/2013 – 14:19:45 – [] —-D C:Program Files (x86)jv16 PowerTools
    O43 – CFD: 25/10/2014 – 13:21:36 – [] —-D C:Program Files (x86)Malwarebytes Anti-Malware
    O43 – CFD: 02/07/2014 – 13:28:13 – [0] —-D C:Program Files (x86)Microsoft
    O43 – CFD: 16/12/2012 – 15:07:29 – [] —-D C:Program Files (x86)Microsoft Office
    O43 – CFD: 25/07/2014 – 07:00:14 – [] —-D C:Program Files (x86)Microsoft Silverlight
    O43 – CFD: 20/12/2012 – 20:34:04 – [] —-D C:Program Files (x86)Microsoft SkyDrive =>.Microsoft Corporation
    O43 – CFD: 20/12/2012 – 20:37:26 – [] —-D C:Program Files (x86)Microsoft SQL Server Compact Edition
    O43 – CFD: 12/12/2012 – 20:24:40 – [] —-D C:Program Files (x86)Microsoft Works
    O43 – CFD: 18/12/2012 – 08:05:20 – [] —-D C:Program Files (x86)Microsoft.NET
    O43 – CFD: 02/07/2014 – 10:21:32 – [] —-D C:Program Files (x86)MP3Gain
    O43 – CFD: 14/07/2009 – 12:32:38 – [] —-D C:Program Files (x86)MSBuild
    O43 – CFD: 13/06/2014 – 13:08:27 – [] —-D C:Program Files (x86)Notepad++
    O43 – CFD: 02/07/2014 – 08:53:07 – [] —-D C:Program Files (x86)NVIDIA Corporation
    O43 – CFD: 28/02/2014 – 10:27:36 – [] —-D C:Program Files (x86)PDFCreator
    O43 – CFD: 31/08/2014 – 11:03:39 – [] —-D C:Program Files (x86)PeaZip
    O43 – CFD: 12/12/2012 – 13:30:36 – [] —-D C:Program Files (x86)Photo Notifier and Animation Creator
    O43 – CFD: 28/02/2013 – 18:14:13 – [] —-D C:Program Files (x86)QuickTime
    O43 – CFD: 12/12/2012 – 09:35:03 – [] —-D C:Program Files (x86)Realtek
    O43 – CFD: 14/07/2009 – 12:32:38 – [] —-D C:Program Files (x86)Reference Assemblies
    O43 – CFD: 07/11/2014 – 11:51:05 – [] R—D C:Program Files (x86)Skype
    O43 – CFD: 19/04/2014 – 14:23:25 – [] —-D C:Program Files (x86)SkypeWebPlugin
    O43 – CFD: 12/12/2012 – 09:31:17 – [0] —-D C:Program Files (x86)Temp
    O43 – CFD: 14/07/2009 – 11:57:06 – [0] –H-D C:Program Files (x86)Uninstall Information
    O43 – CFD: 12/12/2012 – 13:23:41 – [] —-D C:Program Files (x86)VideoLAN
    O43 – CFD: 22/02/2014 – 05:30:01 – [] —-D C:Program Files (x86)VSO
    O43 – CFD: 11/07/2013 – 12:23:37 – [] —-D C:Program Files (x86)Windows Defender
    O43 – CFD: 20/11/2013 – 09:29:06 – [] —-D C:Program Files (x86)Windows Live
    O43 – CFD: 12/04/2011 – 16:16:36 – [] —-D C:Program Files (x86)Windows Mail =>.Microsoft Corporation
    O43 – CFD: 16/10/2014 – 10:10:21 – [] —-D C:Program Files (x86)Windows Media Player =>.Microsoft Corporation
    O43 – CFD: 14/07/2009 – 12:32:38 – [] —-D C:Program Files (x86)Windows NT
    O43 – CFD: 12/04/2011 – 16:16:36 – [] —-D C:Program Files (x86)Windows Photo Viewer
    O43 – CFD: 21/11/2010 – 10:31:38 – [] —-D C:Program Files (x86)Windows Portable Devices
    O43 – CFD: 12/04/2011 – 16:16:36 – [] —-D C:Program Files (x86)Windows Sidebar
    O43 – CFD: 30/11/2014 – 12:54:37 – [] —-D C:Program Files (x86)ZHPDiag =>.Nicolas Coolman
    O43 – CFD: 12/12/2012 – 16:13:26 – [] —-D C:Program Files (x86)Common FilesAdobe
    O43 – CFD: 28/02/2013 – 18:14:10 – [] —-D C:Program Files (x86)Common FilesApple
    O43 – CFD: 15/05/2014 – 03:01:06 – [] —-D C:Program Files (x86)Common FilesDESIGNER
    O43 – CFD: 25/01/2014 – 14:41:38 – [] —-D C:Program Files (x86)Common FilesInstallShield
    O43 – CFD: 12/12/2012 – 09:34:17 – [] —-D C:Program Files (x86)Common FilesIntel
    O43 – CFD: 26/10/2014 – 13:40:52 – [] —-D C:Program Files (x86)Common FilesJava
    O43 – CFD: 20/12/2012 – 20:35:49 – [] —-D C:Program Files (x86)Common Filesmicrosoft shared
    O43 – CFD: 12/12/2012 – 09:36:16 – [] —-D C:Program Files (x86)Common FilespostureAgent
    O43 – CFD: 14/07/2009 – 10:20:08 – [] —-D C:Program Files (x86)Common FilesServices
    O43 – CFD: 20/09/2014 – 15:05:29 – [] —-D C:Program Files (x86)Common FilesSkype
    O43 – CFD: 14/07/2009 – 10:20:08 – [] —-D C:Program Files (x86)Common FilesSpeechEngines
    O43 – CFD: 12/12/2012 – 20:52:52 – [] —-D C:Program Files (x86)Common FilesSystem
    O43 – CFD: 20/12/2012 – 18:15:49 – [] —-D C:Program Files (x86)Common FilesWindows Live
    O43 – CFD: 14/04/2013 – 12:40:28 – [] —-D C:ProgramDataAdobe
    O43 – CFD: 04/04/2014 – 17:03:08 – [] —-D C:ProgramDataApple
    O43 – CFD: 28/02/2013 – 18:14:10 – [] —-D C:ProgramDataApple Computer
    O43 – CFD: 14/07/2009 – 12:08:56 – [] -SH-D C:ProgramDataApplication Data
    O43 – CFD: 30/12/2012 – 09:43:10 – [] —-D C:ProgramDataArcade Lab
    O43 – CFD: 02/07/2014 – 09:13:08 – [] —-D C:ProgramDataAVAST Software
    O43 – CFD: 02/01/2013 – 13:43:24 – [] —-D C:ProgramDataAWEM
    O43 – CFD: 11/12/2012 – 16:25:43 – [] -SH-D C:ProgramDataBureau
    O43 – CFD: 14/07/2009 – 12:08:56 – [] -SH-D C:ProgramDataDesktop
    O43 – CFD: 14/07/2009 – 12:08:56 – [] -SH-D C:ProgramDataDocuments
    O43 – CFD: 26/08/2014 – 10:16:37 – [] —-D C:ProgramDataEPSON
    O43 – CFD: 13/12/2013 – 11:37:03 – [] —-D C:ProgramDataFaceOffMax
    O43 – CFD: 11/12/2012 – 16:25:43 – [] -SH-D C:ProgramDataFavoris
    O43 – CFD: 14/07/2009 – 12:08:56 – [] -SH-D C:ProgramDataFavorites
    O43 – CFD: 15/09/2013 – 21:38:04 – [] —-D C:ProgramDataFLEXnet
    O43 – CFD: 21/11/2013 – 07:31:01 – [] —-D C:ProgramDataGoogle
    O43 – CFD: 12/12/2012 – 13:30:42 – [] —-D C:ProgramDataIM
    O43 – CFD: 12/12/2012 – 13:30:13 – [] —-D C:ProgramDataIncrediMail
    O43 – CFD: 12/12/2012 – 09:36:42 – [] —-D C:ProgramDataIntel
    O43 – CFD: 06/06/2014 – 04:34:18 – [] —-D C:ProgramDataIsolatedStorage
    O43 – CFD: 18/05/2014 – 07:53:17 – [] —-D C:ProgramDataMalwarebytes
    O43 – CFD: 11/12/2012 – 16:25:43 – [] -SH-D C:ProgramDataMenu Démarrer
    O43 – CFD: 02/07/2014 – 13:28:13 – [] -S–D C:ProgramDataMicrosoft
    O43 – CFD: 12/11/2014 – 12:06:06 – [] —-D C:ProgramDataMicrosoft Help
    O43 – CFD: 20/02/2014 – 12:48:41 – [] —-D C:ProgramDataMicrosoft OneDrive
    O43 – CFD: 20/12/2012 – 20:33:58 – [] —-D C:ProgramDataMicrosoft SkyDrive =>.Microsoft Corporation
    O43 – CFD: 11/12/2012 – 16:25:43 – [] -SH-D C:ProgramDataModèles
    O43 – CFD: 30/11/2014 – 12:28:11 – [] —-D C:ProgramDataNVIDIA
    O43 – CFD: 02/07/2014 – 08:53:07 – [] —-D C:ProgramDataNVIDIA Corporation
    O43 – CFD: 26/10/2014 – 13:40:56 – [0] —-D C:ProgramDataOracle
    O43 – CFD: 01/07/2014 – 14:57:41 – [0] —-D C:ProgramDataPackage Cache
    O43 – CFD: 12/12/2012 – 13:30:36 – [] —-D C:ProgramDataPhoto Notifier and Animation Creator
    O43 – CFD: 30/12/2012 – 10:23:43 – [] —-D C:ProgramDataPlayPond
    O43 – CFD: 07/11/2014 – 11:51:07 – [] —-D C:ProgramDataSkype
    O43 – CFD: 14/07/2009 – 12:08:56 – [] -SH-D C:ProgramDataStart Menu
    O43 – CFD: 24/02/2013 – 08:40:46 – [] —-D C:ProgramDataSun
    O43 – CFD: 27/01/2013 – 22:32:54 – [0] —AD C:ProgramDataTEMP
    O43 – CFD: 14/07/2009 – 12:08:56 – [] -SH-D C:ProgramDataTemplates
    O43 – CFD: 12/12/2012 – 16:23:31 – [] —-D C:ProgramDataUDL
    O43 – CFD: 04/03/2013 – 17:56:33 – [] —-D C:ProgramDataUlead Systems
    O43 – CFD: 24/08/2013 – 14:18:27 – [] —-D C:ProgramDataVisan
    O43 – CFD: 21/02/2014 – 17:24:02 – [] —-D C:ProgramDataVSO
    O43 – CFD: 24/02/2014 – 07:45:45 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 11/12/2012 – 22:16:38 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 25/01/2014 – 14:30:22 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsAnglaisFacile.com
    O43 – CFD: 12/12/2012 – 09:52:03 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsASUS
    O43 – CFD: 27/08/2014 – 07:37:49 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsAxantum AxCrypt
    O43 – CFD: 04/04/2014 – 17:03:08 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsBonjour
    O43 – CFD: 12/07/2014 – 09:00:18 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner
    O43 – CFD: 12/02/2014 – 10:35:52 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsDictionnaire Freelang
    O43 – CFD: 26/08/2014 – 10:17:36 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsEPSON
    O43 – CFD: 26/08/2014 – 10:15:09 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsEpson Software
    O43 – CFD: 25/06/2014 – 08:28:33 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsffdshow
    O43 – CFD: 30/07/2013 – 13:18:47 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsGames
    O43 – CFD: 21/11/2013 – 07:34:01 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome
    O43 – CFD: 07/11/2014 – 07:03:18 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Drive
    O43 – CFD: 31/01/2013 – 13:44:58 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Earth =>.Google Inc
    O43 – CFD: 30/07/2013 – 13:18:48 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsIncrediMail
    O43 – CFD: 26/10/2014 – 13:40:35 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
    O43 – CFD: 10/09/2013 – 14:19:45 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsjv16 PowerTools
    O43 – CFD: 14/07/2009 – 11:57:09 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 25/10/2014 – 13:21:36 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes Anti-Malware
    O43 – CFD: 14/09/2013 – 01:35:22 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Office
    O43 – CFD: 24/07/2014 – 12:01:12 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Silverlight
    O43 – CFD: 02/07/2014 – 10:21:32 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMP3Gain
    O43 – CFD: 12/12/2012 – 09:54:56 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation
    O43 – CFD: 27/02/2014 – 14:48:12 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsPDFCreator
    O43 – CFD: 03/11/2013 – 07:17:40 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsPeaZip
    O43 – CFD: 28/02/2013 – 18:14:11 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsQuickTime
    O43 – CFD: 20/09/2014 – 15:05:29 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype
    O43 – CFD: 15/01/2014 – 15:12:19 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup
    O43 – CFD: 12/04/2011 – 16:27:56 – [0] R-H-D C:ProgramDataMicrosoftWindowsStart MenuProgramsTablet PC
    O43 – CFD: 02/12/2013 – 20:13:38 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN
    O43 – CFD: 07/08/2014 – 14:07:34 – [0] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsVSO
    O43 – CFD: 21/11/2013 – 12:19:27 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows Live
    O43 – CFD: 07/12/2013 – 15:40:12 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsXAMPP
    O43 – CFD: 30/11/2014 – 12:54:37 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsZHP =>.Nicolas Coolman
    O43 – CFD: 06/06/2014 – 15:05:43 – [] —-D C:UsersOliverAppDataRoamingAdobe
    O43 – CFD: 02/07/2014 – 09:23:59 – [] —-D C:UsersOliverAppDataRoamingAVAST Software
    O43 – CFD: 02/07/2014 – 09:25:02 – [] —-D C:UsersOliverAppDataRoamingDropbox
    O43 – CFD: 14/11/2014 – 09:29:12 – [] —-D C:UsersOliverAppDataRoamingdvdcss
    O43 – CFD: 22/01/2014 – 10:12:40 – [] —-D C:UsersOliverAppDataRoamingEPSON
    O43 – CFD: 13/12/2013 – 11:34:25 – [] —-D C:UsersOliverAppDataRoamingFaceOffMax
    O43 – CFD: 03/07/2014 – 12:39:45 – [] —-D C:UsersOliverAppDataRoaminggtk-2.0
    O43 – CFD: 11/09/2013 – 13:40:33 – [] —-D C:UsersOliverAppDataRoamingHpUpdate
    O43 – CFD: 11/12/2012 – 16:26:00 – [] —-D C:UsersOliverAppDataRoamingIdentities
    O43 – CFD: 05/07/2014 – 14:01:32 – [] —-D C:UsersOliverAppDataRoamingInkscape
    O43 – CFD: 12/12/2012 – 09:36:01 – [] —-D C:UsersOliverAppDataRoamingInstallShield
    O43 – CFD: 06/06/2014 – 04:34:18 – [] —-D C:UsersOliverAppDataRoamingIsolatedStorage
    O43 – CFD: 31/10/2013 – 09:38:21 – [0] —-D C:UsersOliverAppDataRoamingJsoft
    O43 – CFD: 31/10/2013 – 09:38:21 – [] —-D C:UsersOliverAppDataRoamingjsoft.fr
    O43 – CFD: 25/06/2014 – 12:22:31 – [] —-D C:UsersOliverAppDataRoamingMacromedia
    O43 – CFD: 18/05/2014 – 07:53:19 – [0] —-D C:UsersOliverAppDataRoamingMalwarebytes
    O43 – CFD: 12/04/2011 – 16:27:56 – [0] —-D C:UsersOliverAppDataRoamingMedia Center Programs
    O43 – CFD: 18/09/2014 – 10:25:19 – [] -S–D C:UsersOliverAppDataRoamingMicrosoft
    O43 – CFD: 13/06/2014 – 13:08:27 – [] —-D C:UsersOliverAppDataRoamingNotepad++
    O43 – CFD: 12/12/2012 – 13:25:41 – [] —-D C:UsersOliverAppDataRoamingNVIDIA
    O43 – CFD: 10/07/2014 – 11:55:52 – [0] —-D C:UsersOliverAppDataRoamingOpera
    O43 – CFD: 31/08/2014 – 11:03:52 – [] —-D C:UsersOliverAppDataRoamingPeaZip
    O43 – CFD: 07/11/2014 – 11:53:20 – [] —-D C:UsersOliverAppDataRoamingSkype
    O43 – CFD: 07/07/2014 – 11:57:24 – [] —-D C:UsersOliverAppDataRoamingTranscend Elite
    O43 – CFD: 24/08/2013 – 14:18:27 – [] —-D C:UsersOliverAppDataRoamingVisan
    O43 – CFD: 28/11/2014 – 13:38:18 – [] —-D C:UsersOliverAppDataRoamingvlc
    O43 – CFD: 22/02/2014 – 05:29:26 – [0] —-D C:UsersOliverAppDataRoamingVso
    O43 – CFD: 12/10/2013 – 10:57:51 – [] —-D C:UsersOliverAppDataRoamingWinZip
    O43 – CFD: 30/11/2014 – 12:55:52 – [] —-D C:UsersOliverAppDataRoamingZHP =>.Nicolas Coolman
    O43 – CFD: 27/10/2014 – 13:30:37 – [] —-D C:UsersOliverAppDataLocalAdobe
    O43 – CFD: 11/12/2012 – 16:25:50 – [] -SH-D C:UsersOliverAppDataLocalApplication Data
    O43 – CFD: 02/07/2014 – 07:56:38 – [] —-D C:UsersOliverAppDataLocalApps
    O43 – CFD: 24/11/2014 – 12:38:35 – [] —-D C:UsersOliverAppDataLocalDiagnostics
    O43 – CFD: 12/02/2014 – 10:35:52 – [] —-D C:UsersOliverAppDataLocalDictionnaire Freelang
    O43 – CFD: 15/02/2013 – 09:49:59 – [] —-D C:UsersOliverAppDataLocalDoNotTrackPlus
    O43 – CFD: 24/03/2014 – 06:36:55 – [0] —-D C:UsersOliverAppDataLocalElevatedDiagnostics
    O43 – CFD: 13/11/2014 – 07:29:40 – [] -SH-D C:UsersOliverAppDataLocalEmieBrowserModeList
    O43 – CFD: 20/04/2014 – 07:27:42 – [] -SH-D C:UsersOliverAppDataLocalEmieSiteList
    O43 – CFD: 20/04/2014 – 07:27:42 – [] -SH-D C:UsersOliverAppDataLocalEmieUserList
    O43 – CFD: 06/06/2014 – 04:34:22 – [] —-D C:UsersOliverAppDataLocalFileViewPro
    O43 – CFD: 21/11/2013 – 08:46:17 – [] —-D C:UsersOliverAppDataLocalGoogle
    O43 – CFD: 11/12/2012 – 16:25:50 – [] -SH-D C:UsersOliverAppDataLocalHistorique
    O43 – CFD: 10/01/2013 – 15:14:58 – [] —-D C:UsersOliverAppDataLocalhttp___www.julien-manici
    O43 – CFD: 28/01/2013 – 22:18:29 – [0] —-D C:UsersOliverAppDataLocalIM
    O43 – CFD: 12/12/2012 – 13:45:22 – [] —-D C:UsersOliverAppDataLocalMacromedia
    O43 – CFD: 18/09/2014 – 10:25:34 – [] —-D C:UsersOliverAppDataLocalMicrosoft
    O43 – CFD: 21/12/2013 – 15:25:01 – [] —-D C:UsersOliverAppDataLocalMicrosoft Games
    O43 – CFD: 05/07/2014 – 12:38:02 – [] —-D C:UsersOliverAppDataLocalMicrosoft Help
    O43 – CFD: 02/07/2014 – 09:26:20 – [] —-D C:UsersOliverAppDataLocalNVIDIA
    O43 – CFD: 12/12/2012 – 13:24:00 – [] —-D C:UsersOliverAppDataLocalPrograms
    O43 – CFD: 14/03/2014 – 11:34:59 – [] —-D C:UsersOliverAppDataLocalSkype
    O43 – CFD: 30/11/2014 – 12:54:38 – [] —-D C:UsersOliverAppDataLocalTemp
    O43 – CFD: 11/12/2012 – 16:25:50 – [] -SH-D C:UsersOliverAppDataLocalTemporary Internet Files
    O43 – CFD: 25/07/2014 – 10:29:17 – [] —-D C:UsersOliverAppDataLocalVirtualStore
    O43 – CFD: 20/11/2013 – 09:26:35 – [] —-D C:UsersOliverAppDataLocalWindows Live
    O43 – CFD: 14/07/2009 – 11:54:32 – [] R—D C:UsersOliverAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 14/08/2014 – 07:07:45 – [] R—D C:UsersOliverAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 25/01/2014 – 14:30:22 – [0] —-D C:UsersOliverAppDataRoamingMicrosoftWindowsStart MenuProgramsAnglaisFacile.com
    O43 – CFD: 19/06/2014 – 14:28:43 – [] —-D C:UsersOliverAppDataRoamingMicrosoftWindowsStart MenuProgramsFormatFactory
    O43 – CFD: 30/12/2012 – 18:12:45 – [] —-D C:UsersOliverAppDataRoamingMicrosoftWindowsStart MenuProgramsGames
    O43 – CFD: 14/07/2009 – 11:49:38 – [] R—D C:UsersOliverAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 02/07/2014 – 10:21:32 – [0] —-D C:UsersOliverAppDataRoamingMicrosoftWindowsStart MenuProgramsMP3Gain
    O43 – CFD: 14/08/2014 – 07:07:45 – [] R—D C:UsersOliverAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    ~ Program Folder: 204 Scanned in 00mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.8A8CB073A4B9F9D97CFA8CA9C1C851CE] – 19/11/2014 – 08:48:38 —A- . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll [728064]
    O44 – LFC:[MD5.1306E6A1BF4D506CD687DF9F947270F2] – 19/11/2014 – 08:48:38 —A- . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll [241152]
    O44 – LFC:[MD5.B59EF013D567E5746F1DEE2565F747ED] – 22/11/2014 – 08:17:05 —A- . (.AVAST Software – avast! Screen Saver stub.) — C:WindowsavastSS.scr [43152]
    O44 – LFC:[MD5.9BE9F2B83DE80E2752B1405CC427E2EC] – 22/11/2014 – 08:17:06 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [29208]
    O44 – LFC:[MD5.1323269A92645705DEFA053F3596829D] – 22/11/2014 – 08:17:06 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [65776]
    O44 – LFC:[MD5.1A5BDDE65B648DC3AD48B6ECAA3AE9C8] – 22/11/2014 – 08:17:06 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [267632]
    O44 – LFC:[MD5.7509F07BA6F84C1E3B2C0D78A1F6F782] – 22/11/2014 – 08:17:06 —A- . (.AVAST Software – Stream Filter.) — C:WindowsSystem32Driversaswstm.sys [116728]
    O44 – LFC:[MD5.2DA1C1AEDF454F8E32A863A1AEACDD8C] – 22/11/2014 – 08:17:06 —A- . (.AVAST Software – avast! File System Minifilter for Windows 2.) — C:WindowsSystem32DriversaswMonFlt.sys [83280]
    O44 – LFC:[MD5.4750016EF9CC1DEC6DA3FE5AF9A7F095] – 22/11/2014 – 08:17:06 —A- . (.AVAST Software – avast! WFP Redirect Driver.) — C:WindowsSystem32DriversaswRdr2.sys [93568]
    O44 – LFC:[MD5.B1881A01E301990B671694CA1623F1B6] – 22/11/2014 – 08:17:06 —A- . (.AVAST Software – avast! self protection module.) — C:WindowsSystem32Driversaswsp.sys [436624]
    O44 – LFC:[MD5.6663B30328C239D2AB10D2583054CF2E] – 22/11/2014 – 08:17:06 —A- . (.AVAST Software – avast! start-up scanner.) — C:WindowsSystem32aswBoot.exe [364512]
    O44 – LFC:[MD5.E74FD717476B30E23F45354B8F3ACB30] – 22/11/2014 – 08:17:16 —A- . (.AVAST Software – avast! Virtualization Driver.) — C:WindowsSystem32Driversaswsnx.sys [1050432]
    O44 – LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] – 28/11/2014 – 11:00:42 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Drivers246D0899.sys [129752]
    O44 – LFC:[MD5.D74E3C688AA4F552EB9F55CB8EA67170] – 30/11/2014 – 12:28:11 —A- . (…) — C:Windowssetupact.log [56]
    O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 30/11/2014 – 12:28:11 —A- . (…) — C:Windowssetuperr.log [0]
    O44 – LFC:[MD5.B49BB14C6BFCBEAF87390130E0141529] – 30/11/2014 – 12:28:11 -S-A- . (…) — C:Windowsbootstat.dat [67584]
    O44 – LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] – 30/11/2014 – 12:28:50 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O44 – LFC:[MD5.8D709EF9C96F1CF046AFE2956C29C6FF] – 30/11/2014 – 12:32:07 —A- . (…) — C:WindowsWindowsUpdate.log [32204]
    O44 – LFC:[MD5.B5C6732324426706BE02C0A7DB1938BD] – 30/11/2014 – 12:33:08 —A- . (…) — C:WindowsSystem32PerfStringBackup.INI [1669656]
    O44 – LFC:[MD5.29BAA127146FC065F17D4B84D4A0166C] – 30/11/2014 – 12:33:08 —A- . (…) — C:WindowsSystem32perfc009.dat [122142]
    O44 – LFC:[MD5.936D0814935961693F0C0A3552799989] – 30/11/2014 – 12:33:08 —A- . (…) — C:WindowsSystem32perfc00C.dat [150184]
    O44 – LFC:[MD5.891EF4F9975A6410387B079535B19AE2] – 30/11/2014 – 12:33:08 —A- . (…) — C:WindowsSystem32perfh009.dat [654270]
    O44 – LFC:[MD5.4982EFB3AE3355B0CF0A598DD3516527] – 30/11/2014 – 12:33:08 —A- . (…) — C:WindowsSystem32perfh00C.dat [747660]
    ~ Files: 23 Scanned in 00mn 00s

    —\ Déni du service (Local Security Authority) (O48)
    O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – TLS / SSL Security Provider.) — C:WindowsSystem32schannel.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corp. – LiveSSP.) — C:WindowsSystem32livessp.dll
    ~ LSA: 9 Scanned in 00mn 00s

    —\ Contrôle du Safe Boot (CSB) (O49)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (.Microsoft Corporation – RDP Encoder Miniport.) — C:WindowsSystem32Driversrdpencdd.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvga.sys . (.Microsoft Corporation – VGA/Super VGA Video Driver.) — C:WindowsSystem32Driversvga.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvgasave.sys . (…) — C:WindowsSystem32Driversvgasave.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    ~ CSB: 13 Scanned in 00mn 00s

    —\ Clé de registre Shell MountPoints2 (MPKS) (O51)
    O51 – MPSK:{8171571d-56c9-11e2-8b1c-50465d4d3709}AutoRuncommand. (…) — G:WD SmartWare.exe (.not file.)
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
    O52 – TDSD: Drivers32″msacm.l3acm”=”C:WindowsSystem32l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    O52 – TDSD: drivers.desc”C:WindowsSystem32l3codeca.acm”=”Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    ~ TDSD: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre StartupReg (SMSR) (O53)
    O53 – SMSR:HKLM…startupregAdobe Photo Downloader [Key] . (.Adobe Systems Incorporated – Adobe Photo Downloader 3.0 component.) — C:Program Files (x86)AdobePhotoshop Elements 5.0apdproxy.exe
    O53 – SMSR:HKLM…startupregEPSON TX101 [Key] . (…) — C:Windowssystem32spoolDRIVERSx643E_IATIEDI.exe (.not file.)
    O53 – SMSR:HKLM…startupregmsnmsgr [Key] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program Files (x86)Windows LiveMessengermsnmsgr.exe
    ~ SMSR Keys: 3 Scanned in 00mn 00s

    —\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
    O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    ~ MSCP: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorAdmin”=5
    O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorUser”=3
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableInstallerDetection”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPaths”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableVirtualization”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “ValidateAdminCodeSignatures”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “dontdisplaylastusername”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticecaption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticetext”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “scforceoption”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “shutdownwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “undockwithoutlogon”=1
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “SoftwareSASGeneration”=1
    ~ MWPS: 17 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktop”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “ForceActiveDesktopOn”=0
    ~ MWPE Keys: 3 Scanned in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:28/11/2014 – 11:00:42 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Drivers246D0899.sys [129752]
    O58 – SDL:22/06/2014 – 11:25:54 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Drivers48230029.sys [122584]
    O58 – SDL:14/07/2009 – 08:52:21 —A- . (.Adaptec, Inc. – Adaptec Windows SAS/SATA Storport Driver.) — C:WindowsSystem32Driversadp94xx.sys [491088]
    O58 – SDL:14/07/2009 – 08:52:21 —A- . (.Adaptec, Inc. – Adaptec Windows SATA Storport Driver.) — C:WindowsSystem32Driversadpahci.sys [339536]
    O58 – SDL:14/07/2009 – 08:52:21 —A- . (.Adaptec, Inc. – Adaptec StorPort Ultra320 SCSI Driver (X64).) — C:WindowsSystem32Driversadpu320.sys [182864]
    O58 – SDL:14/07/2009 – 08:52:21 —A- . (.Acer Laboratories Inc. – ALi mini IDE Driver.) — C:WindowsSystem32Driversaliide.sys [15440]
    O58 – SDL:11/03/2011 – 13:41:12 —A- . (.Advanced Micro Devices – AHCI 1.2 Device Driver.) — C:WindowsSystem32Driversamdsata.sys [107904]
    O58 – SDL:14/07/2009 – 08:52:20 —A- . (.AMD Technologies Inc. – AMD Technology AHCI Compatible Controller Driver for Windows -.) — C:WindowsSystem32Driversamdsbs.sys [194128]
    O58 – SDL:11/03/2011 – 13:41:12 —A- . (.Advanced Micro Devices – Storage Filter Driver.) — C:WindowsSystem32Driversamdxata.sys [27008]
    O58 – SDL:14/07/2009 – 08:52:21 —A- . (.Adaptec, Inc. – Adaptec RAID Storport Driver.) — C:WindowsSystem32Driversarc.sys [87632]
    O58 – SDL:14/07/2009 – 08:52:21 —A- . (.Adaptec, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [97856]
    O58 – SDL:22/11/2014 – 08:17:06 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [29208] =>.ALWIL Software
    O58 – SDL:22/11/2014 – 08:17:06 —A- . (.AVAST Software – avast! File System Minifilter for Windows 2003/Vista.) — C:WindowsSystem32DriversaswMonFlt.sys [83280]
    O58 – SDL:22/11/2014 – 08:17:06 —A- . (.AVAST Software – avast! WFP Redirect Driver.) — C:WindowsSystem32DriversaswRdr2.sys [93568]
    O58 – SDL:22/11/2014 – 08:17:06 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [65776] =>.ALWIL Software
    O58 – SDL:22/11/2014 – 08:17:16 —A- . (.AVAST Software – avast! Virtualization Driver.) — C:WindowsSystem32Driversaswsnx.sys [1050432]
    O58 – SDL:02/07/2014 – 09:13:34 —A- . (.AVAST Software – avast! Virtualization Driver.) — C:WindowsSystem32Driversaswsnx.sys.1404267811835 [1039096]
    O58 – SDL:22/11/2014 – 08:17:06 —A- . (.AVAST Software – avast! self protection module.) — C:WindowsSystem32Driversaswsp.sys [436624]
    O58 – SDL:02/07/2014 – 09:13:34 —A- . (.AVAST Software – avast! self protection module.) — C:WindowsSystem32Driversaswsp.sys.1404267811835 [423240]
    O58 – SDL:22/11/2014 – 08:17:06 —A- . (.AVAST Software – Stream Filter.) — C:WindowsSystem32Driversaswstm.sys [116728]
    O58 – SDL:22/11/2014 – 08:17:06 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [267632] =>.ALWIL Software
    O58 – SDL:11/06/2009 – 03:34:23 —A- . (.Broadcom Corporation – Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) — C:WindowsSystem32Driversb57nd60a.sys [270848]
    O58 – SDL:11/06/2009 – 03:41:06 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) — C:WindowsSystem32DriversBrFiltLo.sys [18432]
    O58 – SDL:11/06/2009 – 03:41:06 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) — C:WindowsSystem32DriversBrFiltUp.sys [8704]
    O58 – SDL:14/07/2009 – 08:19:07 —A- . (.Brother Industries Ltd. – Pilote Brother Série I/F (WDM).) — C:WindowsSystem32DriversBrSerId.sys [286720]
    O58 – SDL:11/06/2009 – 03:41:10 —A- . (.Brother Industries Ltd. – Brother Serial driver (WDM version).) — C:WindowsSystem32DriversBrSerWdm.sys [47104]
    O58 – SDL:11/06/2009 – 03:41:10 —A- . (.Brother Industries Ltd. – Brother USB MDM Driver.) — C:WindowsSystem32DriversBrUsbMdm.sys [14976]
    O58 – SDL:11/06/2009 – 03:41:10 —A- . (.Brother Industries Ltd. – Brother USB Serial Driver.) — C:WindowsSystem32DriversBrUsbSer.sys [14720]
    O58 – SDL:11/06/2009 – 03:34:28 —A- . (.Broadcom Corporation – Broadcom NetXtreme II GigE VBD.) — C:WindowsSystem32Driversbxvbda.sys [468480]
    O58 – SDL:14/07/2009 – 08:52:31 —A- . (.CMD Technology, Inc. – CMD PCI IDE Bus Driver.) — C:WindowsSystem32Driverscmdide.sys [17488]
    O58 – SDL:14/07/2009 – 08:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
    O58 – SDL:23/07/2007 – 21:59:12 —A- . (.eMPIA Technology, Inc. – USB 27xx WDM Driver.) — C:WindowsSystem32DriversetDevice64.sys [527744]
    O58 – SDL:14/06/2007 – 17:11:12 —A- . (.eMPIA Technology Inc. – EM27xx / EM28xx Filter Driver.) — C:WindowsSystem32DriversetFilter64.sys [281088]
    O58 – SDL:23/07/2007 – 22:00:18 —A- . (.eMPIA Technology, Inc. – USB 27xx WDM Upper Filter.) — C:WindowsSystem32DriversetScan64.sys [9216]
    O58 – SDL:11/06/2009 – 03:34:33 —A- . (.Broadcom Corporation – Broadcom NetXtreme II 10 GigE VBD.) — C:WindowsSystem32Driversevbda.sys [3286016]
    O58 – SDL:18/04/2012 – 15:05:06 —A- . (.GARMIN Corp. – Generic WDM Support Driver.) — C:WindowsSystem32Driversgrmngen.sys [30568]
    O58 – SDL:18/04/2012 – 15:05:16 —A- . (.GARMIN Corp. – grmnusb.sys.) — C:WindowsSystem32Driversgrmnusb.sys [19304]
    O58 – SDL:11/06/2009 – 03:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
    O58 – SDL:17/07/2012 – 18:12:08 —A- . (.Intel Corporation – Intel(R) Management Engine Interface.) — C:WindowsSystem32DriversHECIx64.sys [62784]
    O58 – SDL:21/11/2010 – 10:23:47 —A- . (.Hewlett-Packard Company – Smart Array SAS/SATA Controller Media Driver.) — C:WindowsSystem32DriversHpSAMD.sys [78720]
    O58 – SDL:11/03/2011 – 13:41:26 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver – x64.) — C:WindowsSystem32DriversiaStorV.sys [410496]
    O58 – SDL:14/12/2012 – 02:42:22 —A- . (.Intel Corporation – Intel Graphics Kernel Mode Driver.) — C:WindowsSystem32Driversigdkmd64.sys [5353888]
    O58 – SDL:14/07/2009 – 08:48:04 —A- . (.Intel Corp./ICP vortex GmbH – Intel/ICP Raid Storport Driver.) — C:WindowsSystem32Driversiirsp.sys [44112]
    O58 – SDL:06/12/2011 – 02:23:08 —A- . (.Intel(R) Corporation – Intel(R) Display Audio Driver.) — C:WindowsSystem32DriversIntcDAud.sys [331264]
    O58 – SDL:23/02/2010 – 07:46:36 —A- . (.ASUSTeK Computer Inc. – ASUS Kernel Mode Driver for NT.) — C:WindowsSystem32DriversIOMap64.sys [23680]
    O58 – SDL:18/07/2013 – 23:43:39 —A- . (.Intel Corporation – Intel(R) USB 3.0 Host Controller Switch Driver.) — C:WindowsSystem32Driversiusb3hcs.sys [20464]
    O58 – SDL:18/07/2013 – 23:43:39 —A- . (.Intel Corporation – Intel(R) USB 3.0 Hub Driver.) — C:WindowsSystem32Driversiusb3hub.sys [358896]
    O58 – SDL:18/07/2013 – 23:43:39 —A- . (.Intel Corporation – Intel(R) USB 3.0 eXtensible Host Controller Driver.) — C:WindowsSystem32Driversiusb3xhc.sys [795632]
    O58 – SDL:29/07/2010 – 00:25:10 —A- . (.Initio Corporation – Initio Default Vendor Specific Device Driver.) — C:WindowsSystem32Driversivusb.sys [29720]
    O58 – SDL:14/07/2009 – 08:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT FC Driver (StorPort).) — C:WindowsSystem32Driverslsi_fc.sys [114752]
    O58 – SDL:14/07/2009 – 08:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [106560]
    O58 – SDL:14/07/2009 – 08:48:04 —A- . (.LSI Corporation – LSI SAS Gen2 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas2.sys [65600]
    O58 – SDL:14/07/2009 – 08:48:04 —A- . (.LSI Corporation – LSI Fusion-MPT SCSI Driver (StorPort).) — C:WindowsSystem32Driverslsi_scsi.sys [115776]
    O58 – SDL:01/10/2014 – 11:11:12 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
    O58 – SDL:01/10/2014 – 11:11:16 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
    O58 – SDL:30/11/2014 – 12:28:50 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O58 – SDL:14/07/2009 – 08:48:04 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows 7Server 2008 R2 for.) — C:WindowsSystem32Driversmegasas.sys [35392]
    O58 – SDL:14/07/2009 – 08:48:04 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32DriversMegaSR.sys [284736]
    O58 – SDL:01/10/2014 – 11:11:26 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [63704]
    O58 – SDL:14/07/2009 – 08:48:26 —A- . (.IBM Corporation – IBM ServeRAID Controller Driver.) — C:WindowsSystem32Driversnfrd960.sys [51264]
    O58 – SDL:10/03/2012 – 09:58:30 —A- . (…) — C:WindowsSystem32Driversnvflash.sys [15168]
    O58 – SDL:20/03/2014 – 23:02:52 —A- . (.NVIDIA Corporation – NVIDIA HDMI Audio Driver.) — C:WindowsSystem32Driversnvhda64v.sys [197408]
    O58 – SDL:20/03/2014 – 23:02:56 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 335.23.) — C:WindowsSystem32Driversnvlddmkm.sys [12708128]
    O58 – SDL:11/03/2011 – 13:41:34 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [148352]
    O58 – SDL:11/03/2011 – 13:41:34 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [166272]
    O58 – SDL:14/07/2009 – 08:45:46 —A- . (.QLogic Corporation – QLogic Fibre Channel Stor Miniport Driver.) — C:WindowsSystem32Driversql2300.sys [1524816]
    O58 – SDL:14/07/2009 – 08:45:45 —A- . (.QLogic Corporation – QLogic iSCSI Storport Miniport Driver.) — C:WindowsSystem32Driversql40xx.sys [128592]
    O58 – SDL:29/09/2011 – 16:30:34 —A- . (.Realtek – Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) — C:WindowsSystem32DriversRt64win7.sys [646248]
    O58 – SDL:13/12/2011 – 17:27:30 —A- . (.Realtek Semiconductor Corp. – Realtek(r) High Definition Audio Function Driver.) — C:WindowsSystem32DriversRTKVHD64.sys [4718952]
    O58 – SDL:11/06/2009 – 03:37:19 —A- . (.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) — C:WindowsSystem32Driverssecdrv.sys [23040]
    O58 – SDL:14/07/2009 – 07:00:40 —A- . (.Brother Industries Ltd. – Pilote Brother Série I/F (WDM).) — C:WindowsSystem32Driversserial.sys [94208]
    O58 – SDL:14/07/2009 – 08:45:45 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [43584]
    O58 – SDL:14/07/2009 – 08:45:46 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [80464]
    O58 – SDL:19/12/2013 – 21:48:28 —A- . (.Synaptics Incorporated – Synaptics SMBus Driver.) — C:WindowsSystem32DriversSmb_driver_Intel.sys [31472]
    O58 – SDL:14/07/2009 – 08:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
    O58 – SDL:11/06/2007 – 13:34:18 —A- . (.Windows (R) Server 2003 DDK provider – Universal Serial Bus Camera Driver.) — C:WindowsSystem32DriversTP6810.SYS [200832]
    O58 – SDL:14/07/2009 – 08:45:55 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [17488]
    O58 – SDL:14/07/2009 – 08:45:55 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [161872]
    O58 – SDL:02/04/2009 – 19:30:14 —A- . (…) — C:WindowsSysWOW64driversASUSHWIO.SYS [10296]
    ~ Drivers: 79 Scanned in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 25/11/2014 – 12:55:57 —A- . (…) — C:UsersOliverAppDataLocalGoogleChromeUser DataWidevineCDM1.4.6.703_platform_specificwin_x86widevinecdmadapter.dll [146760]
    O61 – LFC: 29/11/2014 – 12:55:57 —A- . (…) — C:UsersOliverAppDataLocalAdobeAcrobat11.0UserCache.bin [98756]
    O61 – LFC: 29/11/2014 – 12:55:59 —A- . (…) — C:UsersOliverDownloadsTéléchargements Logiciels de dépanageAppManagerSetup_1.44.exe [499976]
    O61 – LFC: 29/11/2014 – 12:55:59 —A- . (…) — C:UsersOliverDownloadsTéléchargements Logiciels de dépanagebitdefender_isecurity.exe [7043336]
    O61 – LFC: 29/11/2014 – 12:55:59 —A- . (…) — C:UsersOliverDownloadsadwcleaner_4-102_fr_430277.exe [2148864]
    O61 – LFC: 29/11/2014 – 12:55:59 —A- . (.Bitdefender LLC.) — C:UsersOliverDownloadsTéléchargements Logiciels de dépanageBDUSBImmunizerLauncher.exe [4071672]
    O61 – LFC: 29/11/2014 – 12:55:59 —A- . (.El Desaparecido – SosVirus.net – UsbFix.net.) — C:UsersOliverDownloadsTéléchargements Logiciels de dépanageUsbFix_7.805.exe [3709699]
    O61 – LFC: 29/11/2014 – 12:55:59 —A- . (.Kaspersky Lab.) — C:UsersOliverDownloadsTéléchargements Logiciels de dépanagepure13.0.2.558abcdFR_5556_trial.exe [195096656]
    O61 – LFC: 29/11/2014 – 12:55:59 —A- . (.Piriform Ltd.) — C:UsersOliverDownloadsccsetup500.exe [5162080]
    O61 – LFC: 30/11/2014 – 12:55:59 —A- . (…) — C:UsersOliverAppDataRoamingZHPZHPCleaner.exe [1408000] =>.Nicolas Coolman
    O61 – LFC: 30/11/2014 – 12:55:59 —A- . (…) — C:UsersOliverDownloadsZHPCleaner.exe [1408000] =>.Nicolas Coolman
    O61 – LFC: 30/11/2014 – 12:55:59 —A- . (.Nicolas Coolman.) — C:UsersOliverDownloadsZHPDiag2.exe [6864042] =>.Nicolas Coolman
    ~ 34 Fichiers temporaires (Temporary files)
    ~ 2 Fichiers cookies (Cookies files)
    ~ Files: 12 Scanned in 00mn 02s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net.)” onclick=”window.open(this.href);return false; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 22/11/2014 – C:Windowssystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
    O64 – Services: CurCS – 22/11/2014 – C:Windowssystem32driversaswMonFlt.sys (aswMonFlt) .(.AVAST Software – avast! File System Minifilter for Windows 2.) – LEGACY_ASWMONFLT
    O64 – Services: CurCS – 22/11/2014 – C:Windowssystem32driversaswRdr2.sys (aswRdr) .(.AVAST Software – avast! WFP Redirect Driver.) – LEGACY_ASWRDR
    O64 – Services: CurCS – 22/11/2014 – C:WindowsSystem32DriversaswRvrt.sys (aswRvrt) .(…) – LEGACY_ASWRVRT
    O64 – Services: CurCS – 22/11/2014 – C:Windowssystem32driversaswSnx.sys (aswSnx) .(.AVAST Software – avast! Virtualization Driver.) – LEGACY_ASWSNX
    O64 – Services: CurCS – 22/11/2014 – C:Windowssystem32driversaswSP.sys (aswSP) .(.AVAST Software – avast! self protection module.) – LEGACY_ASWSP
    O64 – Services: CurCS – 22/11/2014 – C:WindowsSystem32DriversaswVmm.sys (aswVmm) .(…) – LEGACY_ASWVMM
    O64 – Services: CurCS – 01/10/2014 – C:Windowssystem32driversmbam.sys (MBAMProtector) .(.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – LEGACY_MBAMPROTECTOR
    O64 – Services: CurCS – 30/11/2014 – C:Windowssystem32driversMBAMSwissArmy.sys (MBAMSwissArmy) .(.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – LEGACY_MBAMSWISSARMY
    O64 – Services: CurCS – 01/10/2014 – C:Windowssystem32driversmwac.sys (MBAMWebAccessControl) .(.Malwarebytes Corporation – Malwarebytes Web Access Control.) – LEGACY_MBAMWEBACCESSCONTROL
    O64 – Services: CurCS – 11/06/2009 – C:WindowsSystem32Driverssecdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) – LEGACY_SECDRV
    ~ Legacy: 82 Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32WScript.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” /S
    O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 11 Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (…) — C:Program Files (x86)Mozilla Firefoxfirefox.exe (.not file.)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les service demarrés par Svchost (SSS) (O83)
    O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [72192]
    O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [80384]
    O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [80384]
    O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [236032]
    O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [777728]
    O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [859648]
    O83 – Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32Audiosrv.dll [680960]
    O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [99328]
    O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire de connexions d’accès distant.) — C:WindowsSystem32rasmans.dll [344064]
    O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [97792]
    O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [64512]
    O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [359424]
    O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [316928]
    O83 – Search Svchost Services: TermService (TermService) . (.Microsoft Corporation – Gestionnaire des connexions distantes du serveur hôte de session Burea.) — C:WindowsSystem32termsrv.dll [683520]
    O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [2477536]
    O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [849920]
    O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [370688]
    O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [569344]
    O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [30720]
    O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [70144]
    O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [156672]
    O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [67584]
    O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [242688]
    O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service Configuration des services Bureau à distance.) — C:WindowsSystem32sessenv.dll [121856]
    O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [136704]
    O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [111104]
    O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [1110016]
    O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [90624]
    O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [84480]
    O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [209920]
    O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – DLL du service des thèmes Windows Shell.) — C:WindowsSystem32themeservice.dll [44544]
    O83 – Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation – Service BDE.) — C:WindowsSystem32bdesvc.dll [100864]
    O83 – Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation – Service Installation de logiciels.) — C:WindowsSystem32appmgmts.dll [193536]
    ~ Services: 33 Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.B8026EBDE7FDC4C7A379D09251C2EA79] [SPRF][02/03/2013] (…) — C:ProgramData6DCCC2EADD.sys [88]
    [MD5.264C2B7550E294C35691DDA369D716C3] [SPRF][02/03/2013] (…) — C:ProgramDataKGyGaAvL.sys [2516]
    [MD5.AF7CE12C4F3DC8CB2B07685C916BBCFE] [SPRF][22/02/2014] (.VSO Software – low level access layer for CD/DVD/BD devices.) — C:UsersOliverAppDataRoamingpcouffin.sys [82816]
    [MD5.1558D0623A648DCCFF4A1ABAA71FA69F] [SPRF][07/12/2013] (.BitNami – Pas de description.) — C:UsersOliverDesktopxampp-win32-1.8.2-3-VC9-installer.exe [106500008]
    ~ Files: 4 Scanned in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 26/11/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Demand 14/12/2012 277616 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
    SS – | Demand 12/12/2012 1436424 | (FLEXnet Licensing Service 64) . (.Acresso Software Inc..) – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService64.exe
    SS – | Auto 21/11/2013 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 21/11/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 21/11/2013 194032 | (gusvc) . (.Google.) – C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Auto 15/03/2013 1266464 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    SS – | Auto 03/04/2014 315008 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    SR – | Auto 14/09/2006 102400 | (AdobeActiveFileMonitor5.0) . (…) – C:Program Files (x86)AdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe
    SR – | Auto 12/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SR – | Auto 17/01/2012 55296 | (ASGT) . (…) – C:WindowsSysWOW64ASGT.exe
    SR – | Auto 22/11/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    SR – | Auto 12/12/2008 238888 | (Bonjour Service) . (.Apple Inc..) – C:Program Files (x86)BonjourmDNSResponder.exe
    SR – | Auto 12/12/2011 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) – C:Windowssystem32EscSvc64.exe
    SR – | Auto 27/02/2012 151648 | (EPSON_PM_RPCV4_05) . (.SEIKO EPSON CORPORATION.) – C:Program FilesCommon FilesEPSONEPW!3 SSRPE_WT50RP.exe
    SR – | Auto 02/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
    SR – | Auto 07/02/2012 161560 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    SR – | Auto 07/02/2012 277784 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SR – | Auto 01/10/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
    SR – | Auto 01/10/2014 968504 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
    SR – | Auto 04/03/2014 922968 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
    SR – | Auto 04/03/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    SR – | Auto 07/02/2012 363800 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    SR – | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 11/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 05s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Oliver at 30/11/2014 12:56:45
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Scanned in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Oliver at 30/11/2014 12:56:47
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (26/11/2014)
    Clés trouvées (Keys found) : 2
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 0

    [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
    ~ Additionnel Scan: 251979 Items scanned in 00mn 11s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/” onclick=”window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/” onclick=”window.open(this.href);return false; =>.Browser Helper Objects de navigateur (O2)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/” onclick=”window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/” onclick=”window.open(this.href);return false; =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
    ~ AMI: 4 Scanned in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.fr/toolbar-conduit” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
    ~ MSI: 1 link(s) detected in 00mn 00s

    End of the scan (1239 lines in 01mn 23s)(0)[/spoiler:2xd5u2yx]

    Merci pour ton aide
    Freeanimal

    buckhulk
    Participant
    Nombre d'articles : 2398

    Plus grand chose Pour les deux premiers rapport , c’est OK ,

    recommence ZHPDiag :

    ZHPDiag[/center:1oj288cb]

    suis bien les instructions

    1) * Télécharge ZHPDiag (de Nicolas coolman) sur ton bureau !!

    ZHPDiag (de Nicolas coolman)

    OU : miroir : ftp://zebulon.fr/ZHPDiag2.exe” onclick=”window.open(this.href);return false; (Lien direct)

    – Cliquer sur le Bouton Bleu + Nicolas Coolman :

    Si ton système d’exploitation est Vista ou Win7/8, lance les logiciels par simple clic droit et choisis “exécuter en tant qu’administrateur”

    a) * Une fois le téléchargement achevé,
    b) * double clique (ou clic droit pour seven , vista et 8 exécuter en tant qu’administrateur) sur ZHPDiag2.exe et suis les instructions.
    c) * L’outil va créer 2 icônes de racourcis : ZHPDiag >> ZHPFix
    d) * Clique droit sur le parchemin
    e) *A l’ouverture le programme te proposes “Rechercher” , “Configurer” , Complet –

    Clique sur “Complet” le scan démarre…….le rapport s’affiche

    Si tu cliques sur Configurer :
    * Des icônes apparaissent en bas de la fenêtre.
    * Clique sur le tournevis en bas à droite et choisis “Tous” puis “OK”

    2)* Maintenant clique sur “Rechercher”.

    * Important >> Pendant l analyse de ton PC par ZHPDIag ne touche à plus rien !!!!!
    * Laisse l’outil travailler, il peut être assez long

    3) * Le rapport s’affiche sur ton Bureau une fois terminé !

    une fenêtre peut s’ouvrir à la fin de la recherche :

    Il suffit de cliquer sur :
    le programme s’est installé correctement

    Tu peux fermer ZHPDiag

    IMPORTANT
    [les rapports étant trop long, les héberger :

    Rappel des dépôts

    1 sosvirus>>Utilisation

    2 : cjoint>> Utilisation

    3 pjoint

    pour le rapport ZHPDiag il faut l’héberger :

    Hébergement[/center:1oj288cb]

    Les rapports de diagnostique sont trop long, ils dépassent la taille autorisée par les éditeurs des forums , il faut donc héberger le rapport :

    A/ – Héberge le rapport ZHPDiag.txt sur : SoSVirus Upload et “les captures d’écran aussi”

    ou sur cjoint

    B/ – Cliques sur >> Parcourir (ou choisissez un fichier)

    C/ – Cherche le rapport de ZHPDiag que tu viens de faire qui est sur ton bureau

    D/ – Cliques sur >> envoyer le fichier (ou créer le lien)

    E/ – Un lien sera généré, Un lien de cette forme: http://cjoint.com/index.php?file=cjge368/cijSKAP5fU.txt” onclick=”window.open(this.href);return false;

    F/ – Il te suffit de le poster ici

    freeanimal
    Participant
    Nombre d'articles : 11

    Bonjour
    Pas mal d’infos intéressantes. Donc je t’envoie le dernier rapport de ZHP Diag ici :
    Rapport ZHPDiag du01/12/2014

    Merci pour ton aide, c’est un peu “Hard” car je ne maîtrise pas encore le langage informatique mais ça va le faire !
    freeanimal

    buckhulk
    Participant
    Nombre d'articles : 2398
    Merci pour ton aide, c'est un peu "Hard" car je ne maîtrise pas encore le langage informatique mais ça va le faire ! 

    Évidement que ça va le faire :p
    si tu ne comprend pas quelque chose , demande j’essayerais de te l’expliquer….. :p:

    Déjà tu as utilisé Pjjoint qui est plus difficile que les autres alors….

    Pas grand chose , je te conseille de désinstaller incrédimail et ESET Online Scanner v3 => ESET

    Ensuite tu vas passer ce script et après me refaire un ZHPDiag en me disant comment ton ordi fonctionne ?
    :merci2:

    • Séléctionne et copie le script suivant :

      Script ZHPFix
      ShortcutFix
      [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified => SYSTEM : Active Desktop désactivé et configuration refusée
      [HKCUSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvanced] Start_ShowNetConn: Modified => PUA.StartShow
      OPT:O4 - HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:Program Files (x86)QuickTimeQTTask.exe
      [MD5.00000000000000000000000000000000] [APT] [{09FF2DE5-71DC-41F8-8029-849B9175DA86}] (...) -- C:UsersOliverDownloadsmp3gain-win-full-1_2_5.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{34DE3D19-39D7-4FAD-8CC1-6F8E146529C8}] (...) -- C:UsersOliverDownloadsMSReaderPPCFRASetup.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{510A8553-E6D2-4ADD-8B6A-E1B8966C8764}] (...) -- C:UsersOliverDownloadsFR_fr_DP5_DL_20100602.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{6EE15E8D-CA58-4914-A1C2-B892F090AE37}] (...) -- E:LaCie.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{8005AE53-865F-4A38-B74A-609EA26C8E4A}] (...) -- C:UsersOliverDownloadsesetsmartinstaller_enu.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{98DF8ECB-29E9-47BC-8DD0-342CD4CA76E6}] (...) -- C:UsersOliverDownloadsRider_2_PC_jeu_gratuit.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{AE868D7F-E445-4C53-9286-FA0EF8687FEC}] (...) -- D:Personnal DATAMon site DATAsetup hofmann france.exe (.not file.) [0] => Fichier absent
      O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM][64Bits] -- {2CF22C94-1369-4C04-9A5F-A4BC6D91B508} => Messaging.Incredimail
      O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM][64Bits] -- IncrediMail => Messaging.Incredimail
      [HKCUSoftwareIncrediMail] => Messaging.Incredimail
      O43 - CFD: 30/07/2013 - 13:18:46 - [] ----D C:Program Files (x86)IncrediMail => Messaging.Incredimail
      O43 - CFD: 12/12/2012 - 13:30:42 - [] ----D C:ProgramDataIM => Messaging.IncrediMail
      O43 - CFD: 12/12/2012 - 13:30:13 - [] ----D C:ProgramDataIncrediMail => Messaging.Incredimail
      O43 - CFD: 30/07/2013 - 13:18:48 - [] ----D C:ProgramDataMicrosoftWindowsStart MenuProgramsIncrediMail => Messaging.Incredimail
      O43 - CFD: 28/01/2013 - 22:18:29 - [0] ----D C:UsersOliverAppDataLocalIM => Messaging.IncrediMail
      O43 - CFD: 28/01/2013 - 22:18:29 - [0] ----D C:UsersOliverAppDataLocalIM => Messaging.IncrediMail
      [MD5.B8026EBDE7FDC4C7A379D09251C2EA79] [SPRF][02/03/2013] (...) -- C:ProgramData6DCCC2EADD.sys [88]
      OPT:SR - | Auto 12/12/2008 238888 | (Bonjour Service) . (.Apple Inc..) - C:Program Files (x86)BonjourmDNSResponder.exe
      [HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
      [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
      ProxyFix
      EmptyPrefetch
      EmptyFlash
      SysRestore
      FirewallRAZ
      EmptyTemp

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Les lignes précedemment copiées doivent être collées dans le cadre
      3. Si c’est le cas, Clic sur “GO


      exemple :

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

    ;)

    freeanimal
    Participant
    Nombre d'articles : 11

    Bonjour, j’ai fait comme cité ci dessus et je t’envoie mon rapport.

    Rapport ZHP Fix du 02/12/2014

    Merci, à bientôt
    freeanimal

    buckhulk
    Participant
    Nombre d'articles : 2398

    :super: impeccable maintenant tu peux me faire un nouveau ZHPDiag s’il te plait pour vérification :

    ZHPDiag[/center:39yyjjsd]

    suis bien les instructions

    1) * Télécharge ZHPDiag (de Nicolas coolman) sur ton bureau !!

    ZHPDiag (de Nicolas coolman)

    OU : miroir : ftp://zebulon.fr/ZHPDiag2.exe” onclick=”window.open(this.href);return false; (Lien direct)

    – Cliquer sur le Bouton Bleu + Nicolas Coolman :

    Si ton système d’exploitation est Vista ou Win7/8, lance les logiciels par simple clic droit et choisis “exécuter en tant qu’administrateur”

    a) * Une fois le téléchargement achevé,
    b) * double clique (ou clic droit pour seven , vista et 8 exécuter en tant qu’administrateur) sur ZHPDiag2.exe et suis les instructions.
    c) * L’outil va créer 2 icônes de racourcis : ZHPDiag >> ZHPFix
    d) * Clique droit sur le parchemin
    e) *A l’ouverture le programme te proposes “Rechercher” , “Configurer” , Complet –

    Clique sur “Complet” le scan démarre…….le rapport s’affiche

    Si tu cliques sur Configurer :
    * Des icônes apparaissent en bas de la fenêtre.
    * Clique sur le tournevis en bas à droite et choisis “Tous” puis “OK”

    2)* Maintenant clique sur “Rechercher”.

    * Important >> Pendant l analyse de ton PC par ZHPDIag ne touche à plus rien !!!!!
    * Laisse l’outil travailler, il peut être assez long

    3) * Le rapport s’affiche sur ton Bureau une fois terminé !

    une fenêtre peut s’ouvrir à la fin de la recherche :

    Il suffit de cliquer sur :
    le programme s’est installé correctement

    Tu peux fermer ZHPDiag

    IMPORTANT

    Les rapports de diagnostique sont trop long, ils dépassent la taille autorisée par les éditeurs des forums , il faut donc héberger les rapports :

    Hébergement[/center:39yyjjsd]

    A/ – Héberge le rapport ZHPDiag.txt sur : SoSVirus Upload et “les captures d’écran aussi”

    ou sur cjoint

    B/ – Cliques sur >> Parcourir (ou choisissez un fichier)

    C/ – Cherche le rapport de ZHPDiag que tu viens de faire qui est sur ton bureau

    D/ – Cliques sur >> envoyer le fichier (ou créer le lien)

    E/ – Un lien sera généré, Un lien de cette forme: http://cjoint.com/index.php?file=cjge368/cijSKAP5fU.txt” onclick=”window.open(this.href);return false;

    F/ – Il te suffit de le poster ici

    freeanimal
    Participant
    Nombre d'articles : 11

    Bonjour, j’ai fait comme tu me l’as demandé.
    Scan complet avec ZHP Diag2 puis recherche avec le même logficiel dont les rapport sont ci dessous.

    rapport complet du 03/12/2014

    rapport recherche du 03/12/2014

    Je dois te signaler cependant que depuis que j’ai effectué ces modifs sur mon ordi, dès que je le rallume, il met plus de temps que d’habitude pour ouvrir la page d’accueil. J’appuie sur le bouton ON, il lance le logo de démarrage (les 4 fenêtres colorées) puis écran noir mais je vois et peux bouger le curseur. Il reste comme ça pendant environ 30 à 40 secondes puis lance la page d’accueil. Je ne sais pas si c’est important mais il ne le faisait pas avant.
    Merci pour tout et à bientôt !
    Freeanimal

    g3n-h@ckm@ng3n-h@ckm@n
    Moderator
    Nombre d'articles : 8285

    bonjour tu peux décrire exactement ce qui est sur l interface de usbfix au moment du message d’erreur pendant le nettoyage ?

    freeanimal
    Participant
    Nombre d'articles : 11

    Je ne comprends pas trop ta question mais voici ce que j’ai fait :
    1/ Mise à jour de USB Fix
    2/ Lancement du logiciel après avoir introduit ma clef USB infectée
    3/ Nettoyage et pas de message d’erreurs particulier
    4/ rapport de USB Fix ci dessous

    Rapport USB Fix du 03/12/2014

    freeanimal
    Participant
    Nombre d'articles : 11

    Je crois que le lien du dernier message n’est pas bon, je te je renvoie

    Rapport USB Fix du 03/12/2014
    Merci à bientôt
    freeanimal

    buckhulk
    Participant
    Nombre d'articles : 2398

    bon si tu pouvais refaire un ZHPDiag après le passage d’USBFix donc, s’il te plait Merci !

    un seul c’est suffisant , complet c ‘est bien !

    explique bien tes problèmes si tu en as encore ? , pour moi il n’y a plus rien :

    Spoiler for 1dyp4mbx

    [/spoiler:1dyp4mbx]

    c’est quoi : Logiciel: jv16 PowerTools 1.3 , tu le connais ? de plus ce logiciel n’est pas à jour !

    PS : ne plus écrire en rouge s’il te plait , j’ai du mal à lire !
    :merci2:

15 sujets de 1 à 15 (sur un total de 18)
  • Vous devez être connecté pour répondre à ce sujet.