14 sujets de 1 à 14 (sur un total de 14)
  • Auteur
    Messages
  • Tchepo
    Participant
    Nombre d'articles : 15

    [spoiler:2tgkm4u2]{# AdwCleaner v4.109 – Rapport créé le 26/01/2015 à 19:40:48
    # Mis à jour le 24/01/2015 par Xplode
    # Database : 2015-01-25.1 [Live]
    # Système d'exploitation : Windows 8.1 (64 bits)
    # Nom d'utilisateur : Martin – MSI
    # Exécuté depuis : C:UsersMartinDownloadsadwcleaner_4.109.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    Service Supprimé : IePluginServices
    [#] Service Supprimé : wpnfd_1_10_0_2

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:ProgramDataIePluginServices
    Dossier Supprimé : C:ProgramDataWindowsMangerProtect
    Dossier Supprimé : C:Program Files (x86)globalUpdate
    Dossier Supprimé : C:Program Files (x86)Optimizer Pro
    Dossier Supprimé : C:Program Files (x86)Settings Manager
    Dossier Supprimé : C:Program Files (x86)SupTab
    Dossier Supprimé : C:UsersMartinAppDataLocalTempCyti Web
    Dossier Supprimé : C:UsersMartinAppDataLocalglobalUpdate
    Dossier Supprimé : C:UsersMartinAppDataLocalDoctor_PC
    Dossier Supprimé : C:UsersMartinAppDataLocalGenesis_07290517
    Dossier Supprimé : C:UsersMartinAppDataRoamingFirefoxToolbar
    Dossier Supprimé : C:UsersMartinAppDataRoamingSystweak
    Dossier Supprimé : C:UsersMartinDocumentsOptimizer Pro
    Dossier Supprimé : C:UserswangzhisongAppDataLocalMobogenie
    Dossier Supprimé : C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultExtensionsfaststartff@gmail.com
    Fichier Supprimé : C:WINDOWSSysWOW64installd.exe
    Fichier Supprimé : C:WINDOWSSystem32roboot64.exe
    Fichier Supprimé : C:UsersMartindaemonprocess.txt
    Fichier Supprimé : C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultsearchpluginsdefault-search.xml
    Fichier Supprimé : C:Program Files (x86)Mozilla Firefoxbrowsersearchpluginsdefault-search.xml
    Fichier Supprimé : C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultsearchpluginstrovi-search.xml
    Fichier Supprimé : C:Program Files (x86)Mozilla Firefoxbrowsersearchpluginswebssearches.xml
    Fichier Supprimé : C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultuser.js

    ***** [ Tâches planifiées ] *****

    Tâche Supprimée : DoctorPC_Popup
    Tâche Supprimée : DoctorPC_Start

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Valeur Supprimée : HKLMSOFTWAREMozillaFirefoxExtensions [faststartff@gmail.com]
    Valeur Supprimée : HKLMSOFTWAREMozillaFirefoxExtensions [{d9a96531-b093-4d07-9e4c-9704a365c441}]
    Valeur Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionRun [smoother]
    Clé Supprimée : HKLMSYSTEMCurrentControlSetServicesEventlogApplicationIePluginServices
    Clé Supprimée : HKLMSYSTEMCurrentControlSetServicesEventlogApplicationWindowsMangerProtect
    Clé Supprimée : HKLMSOFTWAREClassesAppIDiedll.dll
    Clé Supprimée : HKCUSoftwareMozillaExtends
    Clé Supprimée : HKLMSOFTWAREClassesAppID{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{C007DADD-132A-624C-088E-59EE6CF0711F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{917CAAE9-DD47-4025-936E-1414F07DF5B8}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{726E90BE-DC22-4965-B215-E0784DC26F47}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{54739D49-AC03-4C57-9264-C5195596B3A1}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{917CAAE9-DD47-4025-936E-1414F07DF5B8}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Clé Supprimée : [x64] HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Clé Supprimée : [x64] HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
    Donnée Restaurée : HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Clé Supprimée : HKCUSoftware1ClickDownload
    Clé Supprimée : HKCUSoftwaregenesis
    Clé Supprimée : HKCUSoftwareGlobalUpdate
    Clé Supprimée : HKCUSoftwareInstallCore
    Clé Supprimée : HKCUSoftwareSoftonic
    Clé Supprimée : HKCUSoftwareSupHpUISoft
    Clé Supprimée : HKCUSoftwaresystweak
    Clé Supprimée : HKCUSoftwareAppDataLow{1146AC44-2F03-4431-B4FD-889BC837521F}
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwareCrossrider
    Clé Supprimée : HKCUSoftwareAppDataLowSoftwaredealscompare
    Clé Supprimée : HKLMSOFTWARE{1146AC44-2F03-4431-B4FD-889BC837521F}
    Clé Supprimée : HKLMSOFTWARE{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Clé Supprimée : HKLMSOFTWARE{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Clé Supprimée : HKLMSOFTWAREGlobalUpdate
    Clé Supprimée : HKLMSOFTWARESmdmF
    Clé Supprimée : HKLMSOFTWARESupDp
    Clé Supprimée : HKLMSOFTWARESupTab
    Clé Supprimée : HKLMSOFTWAREsupWindowsMangerProtect
    Clé Supprimée : HKLMSOFTWAREsupWPM
    Clé Supprimée : HKLMSOFTWAREsystweak
    Clé Supprimée : HKLMSOFTWAREVittalia
    Clé Supprimée : HKLMSOFTWAREwebssearchesSoftware
    Clé Supprimée : HKLMSOFTWAREWordProser_1.10.0.2
    Donnée Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows [AppInit_DLLs] – C:UsersMartinAppDataLocalLinkeyIEEXTE~1iedll.dll
    Donnée Supprimée : [x64] HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows [AppInit_DLLs] – C:UsersMartinAppDataLocalLinkeyIEEXTE~1iedll64.dll

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17416

    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerMain [Default_Page_URL]
    Paramètre Restauré : HKCUSoftwareMicrosoftInternet ExplorerMain [First Home Page]
    Paramètre Restauré : HKLMSOFTWAREMicrosoftInternet ExplorerMain [Default_Search_URL]
    Paramètre Restauré : HKLMSOFTWAREMicrosoftInternet ExplorerMain [Default_Page_URL]
    Paramètre Restauré : HKLMSOFTWAREMicrosoftInternet ExplorerMain [Search Page]
    Paramètre Restauré : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerMain [Default_Search_URL]
    Paramètre Restauré : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerMain [Default_Page_URL]
    Paramètre Restauré : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerMain [Search Page]

    -\ Mozilla Firefox v35.0 (x86 fr)

    [2bf5vgze.defaultprefs.js] – Ligne Supprimée : user_pref(« browser.newtab.url », « chrome://quick_start/content/index.html »);
    [2bf5vgze.defaultprefs.js] – Ligne Supprimée : user_pref(« browser.search.order.1 », « default-search.net »);
    [2bf5vgze.defaultprefs.js] – Ligne Supprimée : user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.__ICM_LITE__blacklist_domain.value », « %7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22an[…]
    [2bf5vgze.defaultprefs.js] – Ligne Supprimée : user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.__ICM_LITE__fifty_test_rules.value », « %7B%22DE%22%3A%7B%22ALL%22%3A%5B%22anastasiadate.com%22%2C%22optionweb.com%22%2C%22[…]
    [2bf5vgze.defaultprefs.js] – Ligne Supprimée : user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_bundledUrls.value », « %7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%2[…]
    [2bf5vgze.defaultprefs.js] – Ligne Supprimée : user_pref(« extensions.crossrider.bic », « 147808ed36fef1245b9f1b57df3efd50 »);
    [2bf5vgze.defaultprefs.js] – Ligne Supprimée : user_pref(« extensions.quick_start.enable_search1 », false);
    [2bf5vgze.defaultprefs.js] – Ligne Supprimée : user_pref(« extensions.quick_start.sd.closeWindowWithLastTab_prev_state », false);

    *************************

    AdwCleaner[R0].txt – [12290 octets] – [26/01/2015 19:39:38]
    AdwCleaner[S0].txt – [9905 octets] – [26/01/2015 19:40:48]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [9965 octets] ##########
    }[/spoiler:2tgkm4u2]

    Tchepo
    Participant
    Nombre d'articles : 15

    [spoiler:15l9mf8i]{Malwarebytes Anti-Malware
    http://www.malwarebytes.org

    Date de l'examen: 26/01/2015
    Heure de l'examen: 19:50:09
    Fichier journal: mal.txt
    Administrateur: Oui

    Version: 2.00.4.1028
    Base de données Malveillants: v2015.01.26.07
    Base de données Rootkits: v2015.01.14.01
    Licence: Essai
    Protection contre les malveillants: Activé(e)
    Protection contre les sites Web malveillants: Activé(e)
    Auto-protection: Désactivé(e)

    Système d'exploitation: Windows 8.1
    Processeur: x64
    Système de fichiers: NTFS
    Utilisateur: Martin

    Type d'examen: Examen « Menaces »
    Résultat: Terminé
    Objets analysés: 418817
    Temps écoulé: 9 min, 13 sec

    Mémoire: Activé(e)
    Démarrage: Activé(e)
    Système de fichiers: Activé(e)
    Archives: Activé(e)
    Rootkits: Désactivé(e)
    Heuristique: Activé(e)
    PUP: Avertir
    PUM: Activé(e)

    Processus: 0
    (Aucun élément malicieux detecté)

    Modules: 0
    (Aucun élément malicieux detecté)

    Clés du Registre: 11
    PUP.Optional.Linkey.A, HKLMSOFTWARECLASSESLinkey.Linkey, Mis en quarantaine, [22dd27d4dcad350196a350a7e81aa55b],
    PUP.Optional.Linkey.A, HKLMSOFTWAREWOW6432NODECLASSESLinkey.Linkey, Mis en quarantaine, [6d9296657118f93d56e332c55ca68080],
    PUP.Optional.Koyote.A, HKUS-1-5-21-1233262645-512252785-536942539-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREMICROSOFTWINDOWSCURRENTVERSIONUNINSTALLFree mp3 Wma Converter, Mis en quarantaine, [ec131cdfa4e563d379f7d490fe03a35d],
    PUP.Optional.Linkey.A, HKLMSOFTWARELINKEY, Mis en quarantaine, [9867807b385158de9625aa0a22e1ef11],
    PUP.Optional.Linkey.A, HKLMSOFTWAREWOW6432NODELINKEY, Mis en quarantaine, [d42bdd1e4e3b14225764b202847fad53],
    PUP.Optional.PlusHD.A, HKUS-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREAPPDATALOWSOFTWAREHD-V1.9, Mis en quarantaine, [8e71fffc87027eb817666f3307fcf10f],
    PUP.Optional.InternetSpeedChecker, HKUS-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREAPPDATALOWSOFTWAREInternet Speed Checker, Mis en quarantaine, [4cb386752d5c2a0cff66e0b5e71cd32d],
    PUP.Optional.Cinema.A, HKUS-1-5-21-1233262645-512252785-536942539-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWARECinemaP-1.9cV24.01-nv-ie, Mis en quarantaine, [b7481fdc4a3f3df90127c1d09c6741bf],
    PUP.Optional.CrossRider.A, HKUS-1-5-21-1233262645-512252785-536942539-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0SOFTWAREINSTALLEDBROWSEREXTENSIONS30935, Mis en quarantaine, [be414ab17118191de45c2b637d863fc1],
    PUP.Optional.GlobalUpdate.A, HKLMSOFTWAREMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSGOOGLEUPDATE.EXE, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWS NTCURRENTVERSIONIMAGE FILE EXECUTION OPTIONSGOOGLEUPDATE.EXE, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],

    Valeurs du Registre: 2
    PUP.Optional.Linkey.A, HKLMSOFTWARELINKEY|ie_jsurl, http://app.linkeyproject.com/popup/IE/background.js » onclick= »window.open(this.href);return false;, Mis en quarantaine, [9867807b385158de9625aa0a22e1ef11]
    PUP.Optional.Linkey.A, HKLMSOFTWAREWOW6432NODELINKEY|ie_jsurl, http://app.linkeyproject.com/popup/IE/background.js » onclick= »window.open(this.href);return false;, Mis en quarantaine, [d42bdd1e4e3b14225764b202847fad53]

    Données du Registre: 0
    (Aucun élément malicieux detecté)

    Dossiers: 19
    PUP.Optional.OffersWizard.A, C:Program Files (x86)Common FilesConfig, Mis en quarantaine, [867910eb157403332d8a227805feb848],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.com, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchrome, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontent, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapi, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comdefaults, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comdefaultspreferences, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionData, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDatauserCode, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comlocale, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comlocaleen-US, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskin, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.SmootherWeb.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultjetpackjid1-U7omKQ6kQfxMaQ@jetpack, Mis en quarantaine, [2dd2c9326b1e44f232e5056bf40f3ec2],
    PUP.Optional.SmootherWeb.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultjetpackjid1-U7omKQ6kQfxMaQ@jetpacksimple-storage, Mis en quarantaine, [2dd2c9326b1e44f232e5056bf40f3ec2],

    Fichiers: 184
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingYMJI.exe, Mis en quarantaine, [a758b04bc6c3c86e9127dafe49bc22de],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingZBDU.exe, Mis en quarantaine, [a6599764f29721153682f1e76e97e21e],
    PUP.Optional.Koyote.A, C:Program Files (x86)Free mp3 Wma ConverterUninstall.exe, Mis en quarantaine, [ec131cdfa4e563d379f7d490fe03a35d],
    PUP.Optional.Somoto, C:UsersMartinAppDataLocalTempbitool.dll, Mis en quarantaine, [699633c87f0add596aa9179f29d9d12f],
    PUP.Optional.InstallCore, C:UsersMartinAppDataLocalTempICReinstall_adobe-illustrator-cs5-cc.exe, Mis en quarantaine, [a25dde1db4d57bbb5a42e17b5ca98a76],
    PUP.Optional.Vittalia, C:UsersMartinAppDataLocalTempinstloffer.exe, Mis en quarantaine, [c639e6157f0add59e529b879db2710f0],
    PUP.Optional.Downloader, C:UsersMartinAppDataLocalTempFIFA14KeyGeneratorV3.3Setup__6196_il10181.exe, Mis en quarantaine, [e9161be0484181b53aa86e4c7f8247b9],
    PUP.Optional.Babylon, C:UsersMartinAppDataLocalTempsystemspeedup.exe, Mis en quarantaine, [37c852a9b3d682b401ed14b3e61b22de],
    PUP.Optional.OutBrowse, C:UsersMartinAppDataLocalTemp425942.exe.exe, Mis en quarantaine, [c738bc3f46431f17badc15d923df6a96],
    PUP.Optional.Conduit.A, C:UsersMartinAppDataLocalTempnso7478.exe, Mis en quarantaine, [2fd02ad1bacf0630c658b4f3e21f5fa1],
    PUP.Optional.Conduit.A, C:UsersMartinAppDataLocalTempnsv5C97.exe, Mis en quarantaine, [a25da3581a6f280ee539c1e6e31e5aa6],
    PUP.Optional.Conduit.A, C:UsersMartinAppDataLocalTempnsx3BAF.exe, Mis en quarantaine, [29d6619a1772d36351cdcbdcb24fdc24],
    PUP.Optional.SearchProtect.A, C:UsersMartinAppDataLocalTemputt743.tmp.exe, Mis en quarantaine, [df2046b5c8c1a39337d23f67d52c47b9],
    PUP.Optional.Conduit.A, C:UsersMartinAppDataLocalTempSearchProtectINT.exe, Mis en quarantaine, [906fd2291f6a112547b3ef51a55cad53],
    PUP.Optional.Linkey.A, C:UsersMartinAppDataLocalTempSettingsManagerSetup.exe, Mis en quarantaine, [956ae9121178e4520c7b79322cd58977],
    PUP.Optional.Amonetize, C:UsersMartinAppDataLocalTempBBQNZa_3.exe.part, Mis en quarantaine, [59a6eb10fc8d0036b88866cf4eb254ac],
    PUP.Optional.Somoto, C:UsersMartinAppDataLocalTempnsg2E90.tmp, Mis en quarantaine, [de213cbf41483501b42f671611f4ee12],
    PUP.Optional.SearchProtect.A, C:UsersMartinAppDataLocalTempnsi15D7.tmp, Mis en quarantaine, [fd0235c61e6bdd5958e4c3ee659c8d73],
    PUP.Optional.OffersWizard.A, C:Program Files (x86)Common FilesConfigver.xml, Mis en quarantaine, [867910eb157403332d8a227805feb848],
    PUP.Optional.OffersWizard.A, C:Program Files (x86)Common FilesConfiguninstinethnfd.exe, Mis en quarantaine, [867910eb157403332d8a227805feb848],
    PUP.Optional.DefaultSearch.A, C:Program Files (x86)Mozilla Firefoxbrowsersearchpluginsdefault-search.xml, Mis en quarantaine, [e8178279563386b049f6684ccc3728d8],
    PUP.Optional.WebsSearches.A, C:Program Files (x86)Mozilla Firefoxbrowsersearchpluginswebssearches.xml, Mis en quarantaine, [f00fb3482960ab8bd425348063a0ef11],
    PUP.Optional.Vitruvian.A, C:UsersMartinAppDataLocalTempvitruvian-installer-install-v0003, Mis en quarantaine, [fa0551aa80091c1a8406e9173fc6ee12],
    PUP.Optional.Vitruvian.A, C:UsersMartinAppDataLocalTempvitruvian-installer-processes-v0002, Mis en quarantaine, [5aa5ba418aff9b9b15756f9122e3a957],
    PUP.Optional.Vitruvian.A, C:UsersMartinAppDataLocalTempvitruvian-installer-scheduledtasks-v0001, Mis en quarantaine, [b8479c5f8603bd79b2d8a45c0df80ff1],
    PUP.Optional.Vitruvian.A, C:UsersMartinAppDataLocalTempvitruvian-installer-softwareregkeys-v0002, Mis en quarantaine, [ce3182799aefa1952466b24e31d45ba5],
    PUP.Optional.Vitruvian.A, C:UsersMartinAppDataLocalTempvitruvian-installer-vmdetect-v0001, Mis en quarantaine, [3dc25e9d28617cba8dfd8a764fb68a76],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141GoogleCrashHandler.exe, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141GoogleUpdate.exe, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141GoogleUpdateBroker.exe, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141GoogleUpdateHelper.msi, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141GoogleUpdateOnDemand.exe, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141goopdate.dll, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141goopdateres_en.dll, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141npGoogleUpdate4.dll, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141psmachine.dll, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.320141psuser.dll, Mis en quarantaine, [d02f47b4a0e93006d129e07a08fb45bb],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465GoogleCrashHandler.exe, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465GoogleUpdate.exe, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465GoogleUpdateBroker.exe, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465GoogleUpdateHelper.msi, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465GoogleUpdateOnDemand.exe, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465goopdate.dll, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465goopdateres_en.dll, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465npGoogleUpdate4.dll, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465psmachine.dll, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.341465psuser.dll, Mis en quarantaine, [59a6f4074a3fd95d97632e2ccf34817f],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377GoogleCrashHandler.exe, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377GoogleUpdate.exe, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377GoogleUpdateBroker.exe, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377GoogleUpdateHelper.msi, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377GoogleUpdateOnDemand.exe, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377goopdate.dll, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377goopdateres_en.dll, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377npGoogleUpdate4.dll, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377psmachine.dll, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.GlobalUpdate.A, C:UsersMartinAppDataLocalTempcomh.479377psuser.dll, Mis en quarantaine, [8976b14a6029bd7959a1f169778c07f9],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchrome.manifest, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.cominstall.rdf, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontent45a72609c890ce1242579e081ce1989b.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontent4d158b1c213f202aca3656f0c6921d1b.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontent9194fd9de05d64cf5257f65847e80b66.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentb534ac77362d82aa117acc54d8007695.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentbackground.html, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentbrowser.xul, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentdf55dc01d54654f6dc148904833effe3.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentdialog.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentf6b5b189ba0d348c98de3c3f9045a83c.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentffCoreFilesIndex.txt, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentoptions.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentoptions.xul, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentsearch_dialog.xul, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapi889c2c750af74f13d73b5ba91ec3ff3e.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapib1f567cb3ee5d1da5e46de5f34a9a02.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapi15ce78ab8ea7848f9603f723089098fa.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapi2652733608ca1f464eec4d6393709e0a.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapi29298e3ab3379fc702242e3444688797.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapi4e4c01b52f0a56ae53b1219dc376e8cd.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapi5d44fb4941bf63a84efe4819c0bf9204.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapi60cf16fd361885adb30bf6301135cdd2.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapi6b21d1ca6387154a5bbfc963731e9410.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapiacf8109285bfa967076e1ddd12fbe8f5.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapib3181a9e2909768abc34c70e68606a03.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapibc3d1c2ebcc3eba6d2bb582a8f57f850.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapibc59768edebde2ad68db701f481b1880.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapic3073a6524330cff6dc154ac7fef7c43.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapicd0d6033c2ecbdc6729d6252460c035b.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentapie6e60ba07d6aecbfaf23864a1bc9bb41.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore50adbce00135f5111c21d2cdd43ff1c.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore6d39eaf64a443e85249a6057d8944b1.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore1edcd8b9c2230c6b7d4d003abc71f585.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore206f4e79f52d4f111ff096bde79c02e1.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore313261ae8faed8d89fe7f2712b62fde0.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore34ad5ad4d4b65705811270dbc4c2c95e.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore551b50ca8325d6d824186b9cba469ea2.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore70db31e72269931c2f64361d3ca70f95.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore8329d8c41651c5439e6ab9c587f2cf2b.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore8b812f8b13fbce2d6222c4dffed936cd.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcore8f45b7c1cd7879fb985b8d95be36a7ea.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcoreaae3155b3697c42e68e6ed2cbeceae09.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcorebc73b5b74619e5e2c0562c6f90e1991e.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcorebe86b78fa0ff8bccde9ea012b250a28f.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcorecb12758abc49b9f1c3587114e1142262.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcorecbc9aa1bfb735f4e36ae2ae007869a18.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcored2486867988eec75c382ccb61fe0dcf8.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcoree968a673d3160ad0d2463dbe5cdb9254.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcoref808e8326f72c96efe2b698bbdc0c961.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcorefb44e2d8d84d6bcd33a9186ccec0b262.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comchromecontentcoreinstaller.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comdefaultspreferencesprefs.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDatamanifest.xml, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins.json, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins252.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins102.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins104.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins119.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins123.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins124.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins13.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins14.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins16.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins17.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins178.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins179.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins180.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins184.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins191.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins195.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins200.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins213.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins217.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins220.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins221.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins223.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins230.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins231.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins232.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins233.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins234.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins242.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins246.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins253.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins260.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins262.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins263.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins273.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins281.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins286.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins288.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins289.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins300.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins335.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins337.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins339.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins342.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins344.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins345.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins354.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins356.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins4.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins47.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins64.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins7.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins78.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins9.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins91.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDataplugins93.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDatauserCodebackground.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comextensionDatauserCodeextension.js, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comlocaleen-UStranslations.dtd, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinbutton1.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinbutton2.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinbutton3.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinbutton4.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinbutton5.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskincrossrider_statusbar.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinicon128.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinicon16.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinicon24.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinicon48.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinpanelarrow-up.png, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinpopup.html, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinskin.css, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],
    PUP.Optional.CrossRider.A, C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultextensionsOIBMBKA115048682@HYKFIU97176590.comskinupdate.css, Mis en quarantaine, [47b8a4574643aa8c8103d28a0201c63a],

    Secteurs physiques: 0
    (Aucun élément malicieux detecté)

    (end)}[/spoiler:15l9mf8i]

    Tchepo
    Participant
    Nombre d'articles : 15

    [spoiler:cer2vu29]{~ Rapport de ZHPDiag v2015.1.24.9 – Nicolas Coolman (24/01/2015)
    ~ Lancé par Martin (26/01/2015 20:08:25)
    ~ Facebook : https://www.facebook.com/nicolascoolman1 » onclick= »window.open(this.href);return false;
    ~ Adresse du Forum http://forum.nicolascoolman.fr » onclick= »window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Désactivée par l'utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17498
    MFIE: Mozilla Firefox 35.0.1 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8.1, 64-bit (Build 9600)
    Windows Server License Manager Script : OK
    ~ Windows(R) Operating System, OEM_DM channel
    Windows ID Activation : OK
    ~ Windows Partial Key : VMFD6
    Windows License : OK
    ~ Windows Remaining Initializations Number : 999
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Malwarebytes Anti-Malware version 2.0.4.1028
    Windows Defender W8 (Activate)

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 16 NPAPI
    Adobe Reader XI

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 8080 MB (67% free)
    System Restore: Activé (Enable)
    System drive C: has 38 GB (32%) free of 118 GB

    —\ Mode de connexion au système
    ~ Computer Name: MSI
    ~ User Name: Martin
    ~ All Users Names: UpdatusUser, Martin, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMartinAppDataRoamingZHP
    ~ %AppData% : C:UsersMartinAppDataRoaming
    ~ %Desktop% : C:UsersMartinDesktop
    ~ %Favorites% : C:UsersMartinFavorites
    ~ %LocalAppData% : C:UsersMartinAppDataLocal
    ~ %StartMenu% : C:UsersMartinAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 38 Go of 118 Go)
    D: CD-ROM drive (Not Inserted)
    E: Hard drive, Flash drive, Thumb drive (Free 501 Go of 677 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 41 Scanned in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] – (.Microsoft Corporation – Explorateur Windows.) (.23/08/2014 – 08:48:28.) — C:WindowsExplorer.exe [2374784]
    [MD5.48CFA7BE561A7BE144C29BB912055016] – (.Microsoft Corporation – Application de démarrage de Windows.) (.22/08/2013 – 10:58:29.) — C:WindowsSystem32Wininit.exe [144384]
    [MD5.4AF089160FE082E5EA5C4AA72782DCA2] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/11/2014 – 02:28:21.) — C:WindowsSystem32wininet.dll [2358272]
    [MD5.306EB21E5B480AE9065EA55AC8C35936] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.22/02/2014 – 10:45:48.) — C:WindowsSystem32Winlogon.exe [562176]
    [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] – (.Microsoft Corporation – Bibliothèque de licences.) (.21/12/2013 – 09:54:07.) — C:WindowsSystem32sppcomapi.dll [447488]
    [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.30/05/2014 – 04:03:03.) — C:Windowssystem32DriversAFD.sys [563200]
    [MD5.74B14192CF79A72F7536B27CB8814FBD] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.22/08/2013 – 13:43:41.) — C:Windowssystem32Driversatapi.sys [26464]
    [MD5.2FA6510E33F7DEFEC03658B74101A9B9] – (.Microsoft Corporation – CD-ROM File System Driver.) (.22/08/2013 – 12:40:15.) — C:Windowssystem32DriversCdfs.sys [88576]
    [MD5.C6796EA22B513E3457514D92DCDB1A3D] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.22/08/2013 – 09:46:35.) — C:Windowssystem32DriversCdrom.sys [164352]
    [MD5.A03F362C5557E238CBFA914689C77248] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.06/03/2014 – 10:22:50.) — C:Windowssystem32DriversDfsC.sys [134144]
    [MD5.D4B7ED39C7900384D9E5C1283F1E7926] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.24/07/2014 – 12:45:39.) — C:Windowssystem32DriversHDAudBus.sys [76800]
    [MD5.84CFC5EFA97D0C965EDE1D56F116A541] – (.Microsoft Corporation – Pilote de port i8042.) (.22/08/2013 – 12:39:15.) — C:Windowssystem32Driversi8042prt.sys [107520]
    [MD5.B7342B3C58E91107F6E946A93D9D4EFD] – (.Microsoft Corporation – IP Network Address Translator.) (.27/11/2013 – 13:02:29.) — C:Windowssystem32DriversIpNat.sys [142848]
    [MD5.7A1A3F213CDB3363D179D5014272025D] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.30/04/2014 – 07:41:46.) — C:Windowssystem32DriversMRxSmb.sys [402432]
    [MD5.0217532E19A748F0E5D569307363D5FD] – (.Microsoft Corporation – MBT Transport driver.) (.22/08/2013 – 12:37:02.) — C:Windowssystem32DriversnetBT.sys [282624]
    [MD5.038C77D577900EE39410662478BB0D50] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/07/2014 – 16:07:52.) — C:Windowssystem32Driversntfs.sys [2009920]
    [MD5.764B1121867B2D9B31C491668AC72B2B] – (.Microsoft Corporation – Pilote de port parallèle.) (.22/08/2013 – 12:40:02.) — C:Windowssystem32DriversParport.sys [94208]
    [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.22/08/2013 – 12:35:51.) — C:Windowssystem32DriversRasl2tp.sys [120832]
    [MD5.680C1DAE268B6FB67FA21B389A8B79EF] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.30/09/2013 – 04:59:53.) — C:Windowssystem32Driversrdpdr.sys [195584]
    [MD5.FFF28F9F6823EB1756C60F1649560BBF] – (.Microsoft Corporation – TDI Translation Driver.) (.22/08/2013 – 14:25:35.) — C:Windowssystem32Driverstdx.sys [107520]
    [MD5.64CA2B4A49A8EAF495E435623ECCE7DB] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.19/06/2014 – 03:13:36.) — C:Windowssystem32Driversvolsnap.sys [310080]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/162
    Mes musiques (My Musics) : 6/6 (Modified)
    ~ Mes Videos (My Videos) : 2/28
    ~ Mes Favoris (My Favorites) : 1/6
    ~ Mes Documents (My Documents) : 1/908
    ~ Mon Bureau (My Desktop) : 3/36
    ~ Menu demarrer (Programs) : 1/68
    ~ Hidden Files: Scanned in 00mn 00s

    —\ Processus lancés
    [MD5.3C13F26A4766752314A5413038BD86B4] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe [7229752] [PID.3440]
    [MD5.588BEEE7B106E6520F550A45897D00B2] – (.NVIDIA Corporation – NVIDIA NvTmru Application.) — C:Program Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe [1028384] [PID.1224]
    [MD5.63A2D767B9261B4F33F97BF88F2FB197] – (.Hewlett-Packard Co. – HP Digital Imaging Monitor.) — C:Program Files (x86)HPDigital Imagingbinhpqtra08.exe [276328] [PID.4524]
    [MD5.E02A512F30FC2A02A9CADEEC375FC969] – (.Creative Technology Ltd – THXAudio.) — C:Program Files (x86)CreativeTHX TruStudio ProTHXAudioCPTHXAudio.exe [1517056] [PID.3492]
    [MD5.B7995C675014EEBE77A0BEB7AFCCFC08] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe [91432] [PID.5096]
    [MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] – (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [958576] [PID.3432]
    [MD5.6226810F26227F083929AC5584122951] – (.Dropbox, Inc. – Dropbox.) — C:UsersMartinAppDataRoamingDropboxbinDropbox.exe [39207112] [PID.3400]
    [MD5.D658AB1B55127D18DCFBCAC8CAAEA522] – (.Hewlett-Packard – hpwuSchd Application.) — C:Program Files (x86)HPHP Software Updatehpwuschd2.exe [49208] [PID.5336]
    [MD5.2EBE05FD8ECBA5F230FC26E534E91A11] – (.Citrix Systems, Inc. – Citrix Connection Center.) — C:Program Files (x86)CitrixICA Clientconcentr.exe [395656] [PID.5876]
    [MD5.E33A5DEC4567EFA268DD268BAA4E3FC0] – (.Citrix Systems, Inc. – Citrix Receiver Application.) — C:Program Files (x86)CitrixReceiverReceiver.exe [1505608] [PID.5448]
    [MD5.17D9622BFE68386E8C647C4C7F8FEA3E] – (.Citrix Systems, Inc. – Citrix FTA, URL Redirector.) — C:Program Files (x86)CitrixICA Clientredirector.exe [153992] [PID.5604]
    [MD5.308F2EE28005510DE616409148CF077B] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [256896] [PID.5980]
    [MD5.2FB757B35C94B1C1C65BA35E4E7EC0F2] – (.Hewlett-Packard Co. – HP CUE Status Root.) — C:Program Files (x86)HPDigital ImagingbinhpqSTE08.exe [174952] [PID.5456]
    [MD5.F01A418BDDFC14D60E463C50CABC7750] – (.Hewlett-Packard Co. – HP CUE Alert Popup Window Objects.) — C:Program Files (x86)HPDigital Imagingbinhpqbam08.exe [565096] [PID.5748]
    [MD5.CB9C87514EF3D391CDE3AB8A33A6609C] – (.Citrix Systems, Inc. – Citrix Receiver.) — C:Program Files (x86)CitrixSelfServicePluginSelfServicePlugin.exe [54152] [PID.5872]
    [MD5.657DD66775AA2516472AE9F91E8BB58A] – (.Citrix Systems, Inc. – Citrix Connection Manager.) — C:Program Files (x86)CitrixICA Clientwfcrun32.exe [928136] [PID.5972]
    [MD5.B2F0B501A7C017F21C4B4417623895BD] – (.Hewlett-Packard – GPCore COM object.) — C:Program Files (x86)HPDigital Imagingbinhpqgpc01.exe [367976] [PID.6132]
    [MD5.265B49EF94A5AA713192EE97A7D248B5] – (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe [338032] [PID.5780]
    [MD5.72E7A13372047CA67AB84FAF2F49EF06] – (.Mozilla Corporation – Plugin Container for Firefox.) — C:Program Files (x86)Mozilla Firefoxplugin-container.exe [243312] [PID.6520]
    [MD5.786840D3A66E08C99B617BEA4E30B5C0] – (.Adobe Systems, Inc. – Adobe Flash Player 16.0 r0.) — C:WINDOWSSysWOW64MacromedFlashFlashPlayerPlugin_16_0_0_296.exe [1880752] [PID.6608]
    [MD5.883B2E1341E5BE906A7507308A6636DF] – (.Intel Corporation – IAStorIcon.) — C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe [285240] [PID.6372]
    [MD5.B2C418B16792E227BF6D18C7261ABCD9] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8161792] [PID.4488]
    [MD5.A9CA1AAD4E4890826D3C2E2F74CDF8E1] – (.Oracle Corporation – Java(TM) Update Checker.) — C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe [511872] [PID.6148]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultprefs.js
    M0 – MFSP: prefs.js [Martin – 2bf5vgze.default] http://www.google.be » onclick= »window.open(this.href);return false;
    M2 – MFEP: prefs.js [Martin – 2bf5vgze.defaultjid1-U7omKQ6kQfxMaQ@jetpack] [] Booster Web v1.7.7 (..)
    M2 – MFEP: prefs.js [Martin – 2bf5vgze.default{2f619316-b949-b5cc-904d-c5d3454b0a46}] [] Zoom It v1.7.7 (..)
    M2 – MFEP: prefs.js [Martin – 2bf5vgze.default{41501e63-3282-4838-65f5-e124b1849ca8}] [] Zoom It v1.7.7 (..)
    M2 – MFEP: prefs.js [Martin – 2bf5vgze.default{cd6ca582-358d-4fb4-ae06-82613f30701f}] [] Zoom It v1.7.7 (..)
    M2 – MFEP: Extension [Martin – 2bf5vgze.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
    P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:WINDOWSsystem32MacromedFlashNPSWF64_16_0_0_296.dll
    P2 – FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] – (. Microsoft Corporation – 5.1.30514.0.) — C:Program FilesMicrosoft Silverlight5.1.30514.0npctrl.dll
    P2 – FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] – (.Microsoft Corporation – Office Authorization plug-in for NPAPI browsers.) — C:Program FilesMicrosoft OfficeOffice14NPAUTHZ.dll
    P2 – FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] – (.Skype Limited – Facebook Video Calling Plugin.) — C:UsersMartinAppDataLocalFacebookVideoSkypenpFacebookVideoCalling.dll
    ~ Firefox Browser: 10 Scanned in 00mn 00s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.msn.com » onclick= »window.open(this.href);return false;
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.msn.com » onclick= »window.open(this.href);return false;
    R0 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Start Page = http://www.msn.com » onclick= »window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com » onclick= »window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.google.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Search Page = http://www.google.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com » onclick= »window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R3 – URLSearchHook: Microsoft Url Search Hook [64Bits] – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation – Navigateur Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) — C:WindowsSysWOW64ieframe.dll
    ~ IE Browser: 16 Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (21)
    ~ Hosts File: Scanned in 00mn 00s

    —\ Browser Helper Objects de navigateur (O2)
    O2 – BHO: Groove GFS Browser Helper [64Bits] – {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation – Microsoft SharePoint Workspace Extensions.) — C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.dll
    O2 – BHO: Java(tm) Plug-In SSV Helper [64Bits] – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binssv.dll
    O2 – BHO: URLRedirectionBHO [64Bits] – {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation – Microsoft Office Document Cache Handler.) — C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.dll
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation – Java(TM) Platform SE binary.) — C:Program Files (x86)Javajre7binjp2ssv.dll
    ~ BHO: 12 Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Martin]: µTorrent.lnk . (.BitTorrent Inc. – µTorrent.) — C:UsersMartinAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    ~ Global Startup: 1 Scanned in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe (.not file.)
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:WINDOWSsystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:WINDOWSsystem32hkcmd.exe
    O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:WINDOWSsystem32igfxpers.exe
    O4 – HKLM..Run: [RTHDVCPL] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. – Bluetooth Shell Extension.) — C:Program Files (x86)IntelBluetoothbtmshellex.dll
    O4 – HKLM..Run: [Radio Manager] . (.MSI – Radio Manager.) — C:Program Files (x86)SCMRadio Manager.exe
    O4 – HKLM..Run: [SCM] . (.MSI – SCM.) — C:Program Files (x86)SCMSCM.exe
    O4 – HKLM..Run: [THXCfg64] . (.Creative Technology Ltd. – Pas de description.) — C:Windowssystem32THXCfg64.dll
    O4 – HKLM..Run: [Nvtmru] . (.NVIDIA Corporation – NVIDIA NvTmru Application.) — C:Program Files (x86)NVIDIA CorporationNVIDIA Update Corenvtmru.exe
    O4 – HKLM..Run: [ShadowPlay] . (.NVIDIA Corporation – NVIDIA Capture Server Proxy.) — C:WINDOWSsystem32nvspcap64.dll
    O4 – HKCU..Run: [Sony PC Companion] . (.Sony – Sony PC Companion.) — C:Program Files (x86)SonySony PC CompanionPCCompanion.exe
    O4 – HKCU..Run: [Facebook Update] . (.Facebook Inc. – Programme d'installation de Facebook.) — C:UsersMartinAppDataLocalFacebookUpdateFacebookUpdate.exe
    O4 – HKCU..Run: [DAEMON Tools Lite] . (.Disc Soft Ltd – DAEMON Tools Lite.) — C:Program Files (x86)DAEMON Tools LiteDTLite.exe =>.DT Soft Ltd
    O4 – HKLM..Wow6432NodeRun: [IAStorIcon] . (.Intel Corporation – Delayed launcher.) — C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe
    O4 – HKLM..Wow6432NodeRun: [THX Audio Control Panel] . (.Creative Technology Ltd – THXAudio.) — C:Program Files (x86)CreativeTHX TruStudio ProTHXAudioCPTHXAudio.exe
    O4 – HKLM..Wow6432NodeRun: [UpdReg] . (.Creative Technology Ltd. – Creative UpdReg.) — C:WindowsUpdReg.exe
    O4 – HKLM..Wow6432NodeRun: [Super-Charger] . (.MSI – Super-Charger.) — C:Program Files (x86)MSISuper-ChargerSuper-Charger.exe
    O4 – HKLM..Wow6432NodeRun: [RemoteControl10] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [HP Software Update] . (.Hewlett-Packard – hpwuSchd Application.) — C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
    O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Wow6432NodeRun: [BCSSync] . (.Microsoft Corporation – Microsoft Office 2010 component.) — C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe =>.Microsoft Corporation
    O4 – HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program Files (x86)QuickTimeQTTask.exe
    O4 – HKLM..Wow6432NodeRun: [CitrixReceiver] C:ProgramDataMicrosoftWindowsStart MenuProgramsCitrixReceiver Updater.lnk (.not file.)
    O4 – HKLM..Wow6432NodeRun: [ConnectionCenter] . (.Citrix Systems, Inc. – Citrix Connection Center.) — C:Program Files (x86)CitrixICA Clientconcentr.exe
    O4 – HKLM..Wow6432NodeRun: [Redirector] . (.Citrix Systems, Inc. – Citrix FTA, URL Redirector.) — C:Program Files (x86)CitrixICA Clientredirector.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKUSS-1-5-21-1233262645-512252785-536942539-1002..Run: [Sony PC Companion] . (.Sony – Sony PC Companion.) — C:Program Files (x86)SonySony PC CompanionPCCompanion.exe
    O4 – HKUSS-1-5-21-1233262645-512252785-536942539-1002..Run: [Facebook Update] . (.Facebook Inc. – Programme d'installation de Facebook.) — C:UsersMartinAppDataLocalFacebookUpdateFacebookUpdate.exe
    O4 – HKUSS-1-5-21-1233262645-512252785-536942539-1002..Run: [DAEMON Tools Lite] . (.Disc Soft Ltd – DAEMON Tools Lite.) — C:Program Files (x86)DAEMON Tools LiteDTLite.exe =>.DT Soft Ltd
    ~ Application: Scanned in 00mn 00s

    —\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
    O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
    ~ IE Control Panel: 1 Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: &Envoyer à OneNote [64Bits] – {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:Program Files (x86)MICROS~1Office14ONBttnIE.dll (.not file.)
    O9 – Extra button: Notes &liées OneNote [64Bits] – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} — C:Program Files (x86)MICROS~1Office14ONBTTN~1.dll (.not file.)
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Winsock hijacker (Layered Service Provider) (O10)
    O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:WINDOWSsystem32napinsp.dll
    O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:WINDOWSsystem32pnrpnsp.dll
    O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:WINDOWSsystem32pnrpnsp.dll
    O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:WINDOWSsystem32NLAapi.dll
    O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:WINDOWSsystem32mswsock.dll =>.Microsoft Corporation
    O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:WINDOWSsystem32winrnr.dll
    O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corporation – Windows Sockets Helper DLL.) — C:WINDOWSsystem32wshbth.dll
    ~ Winsock: 7 Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{9F3C6097-ECFE-4934-91D5-7092E45D1E3F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpip..{CDAAEAE1-F7FD-4DF8-9DFD-6F60AB1DC1CC}: DhcpNameServer = 192.168.2.1
    O17 – HKLMSystemCCSServicesTcpip..{CDAAEAE1-F7FD-4DF8-9DFD-6F60AB1DC1CC}: DhcpDomain = Belkin
    O17 – HKLMSystemCS1ServicesTcpip..{9F3C6097-ECFE-4934-91D5-7092E45D1E3F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{CDAAEAE1-F7FD-4DF8-9DFD-6F60AB1DC1CC}: DhcpNameServer = 192.168.2.1
    O17 – HKLMSystemCS1ServicesTcpip..{CDAAEAE1-F7FD-4DF8-9DFD-6F60AB1DC1CC}: DhcpDomain = Belkin
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.2.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – AppInit_DLLs: . (.NVIDIA Corporation – NVIDIA shim initialization dll, Version 327.) – C:Windowssystem32nvinitx.dll
    ~ AppInit DLL: Scanned in 00mn 00s

    —\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
    ~ SSODL: 1 Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    O23 – Service: Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Motorola Solutions, Inc. – Bluetooth Device Monitor.) – C:Program Files (x86)IntelBluetoothdevmonsrv.exe
    O23 – Service: Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Motorola Solutions, Inc. – Bluetooth OBEX Service.) – C:Program Files (x86)IntelBluetoothobexsrv.exe
    O23 – Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. – Programme d'installation de Google.) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe =>.Google Inc
    O23 – Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation – IAStorDataSvc.) – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe
    O23 – Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation – Intel(R) Capability Licensing Service Inter.) – C:Program FilesInteliCLS ClientHeciServer.exe
    O23 – Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation – Intel(R) ME Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    O23 – Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation – Intel(R) Dynamic Application Loader Host In.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    O23 – Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation – Local Manageability Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    O23 – Service: (MBAMScheduler) . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
    O23 – Service: (MBAMService) . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
    O23 – Service: Micro Star SCM (Micro Star SCM) . (.Micro-Star International Co., Ltd. – MSI SCM Service.) – C:Program Files (x86)SCMMSIService.exe
    O23 – Service: MSI_SuperCharger (MSI_SuperCharger) . (.MSI – Super-Charger Service.) – C:Program Files (x86)MSISuper-ChargerChargeService.exe
    O23 – Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation – NVIDIA Streamer Service.) – C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    O23 – Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 327.0.) – C:WINDOWSsystem32nvvsvc.exe
    O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation – NVIDIA Settings Update Manager.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    O23 – Service: PnkBstrA (PnkBstrA) . (…) – C:WINDOWSSysWOW64PnkBstrA.exe
    O23 – Service: Qualcomm Atheros Killer Service (Qualcomm Atheros Killer Service) . (…) – C:Program FilesQualcomm AtherosKiller Network ManagerBFNService.exe
    O23 – Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation – User Notification Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    ~ Services: 19 Scanned in 00mn 04s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Default MHTML Editor: Last – .(…) – (.not file.)
    ~ Desktop Component: 4 Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk *) – File not found
    ~ BEX: 1 Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.A2A9C100FE1BE20A76C0B80D4CA44103] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [267440]
    [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002Core] (.Facebook Inc..) — C:UsersMartinAppDataLocalFacebookUpdateFacebookUpdate.exe [138096]
    [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002UA] (.Facebook Inc..) — C:UsersMartinAppDataLocalFacebookUpdateFacebookUpdate.exe [138096]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [116648]
    [MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (…) — C:Program Files (x86)IntelIntel(R) Update Managerbiniumsvc.exe [174368]
    [MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon] (…) — C:Program Files (x86)IntelIntel(R) Update Managerbiniumsvc.exe [174368]
    [MD5.00000000000000000000000000000000] [APT] [YMJI] (…) — C:UsersMartinAppDataRoamingYMJI.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [ZBDU] (…) — C:UsersMartinAppDataRoamingZBDU.exe (.not file.) [0]
    [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) — C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [561984]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsTasksAdobe Flash Player Updater.job [1002]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: FacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002Core – (.Facebook Inc..) — C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002Core.job [918]
    O39 – APT: FacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002Core – (.Facebook Inc..) — C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002Core [918]
    O39 – APT: FacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002UA – (.Facebook Inc..) — C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002UA.job [940]
    O39 – APT: FacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002UA – (.Facebook Inc..) — C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002UA [940]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1080]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1080]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1084]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1084]
    O39 – APT: YMJI – (…) — C:WindowsTasksYMJI.job [1346]
    O39 – APT: YMJI – (…) — C:WindowsSystem32TasksYMJI [1346]
    O39 – APT: ZBDU – (…) — C:WindowsTasksZBDU.job [1346]
    O39 – APT: ZBDU – (…) — C:WindowsSystem32TasksZBDU [1346]
    ~ Scheduled Task: 40 Scanned in 00mn 01s

    —\ Composants installés (ActiveSetup Installed Components) (O40)
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows Media Player 12.0 [64Bits] – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSysWOW64wmpdxm.dll =>.Microsoft Corporation
    O40 – ASIC: Themes Setup [64Bits] – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
    O40 – ASIC: Microsoft Windows [64Bits] – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program Files (x86)Windows MailWinMail.exe =>.Microsoft Corporation
    O40 – ASIC: Browsing Enhancements [64Bits] – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Windows Desktop Update [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
    O40 – ASIC: Web Platform Customizations [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d'initialisation d'Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
    O40 – ASIC: (no name) [64Bits] – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:WindowsSystem32mscories.dll
    ~ Active Setup: 9 Scanned in 00mn 00s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) – C:Windowssystem32driversafd.sys
    O41 – Driver: C:WindowsSystem32driversahcache.sys (ahcache) . (.Microsoft Corporation – Application Compatibility Cache.) – C:WindowsSystem32DRIVERSahcache.sys
    O41 – Driver: (BasicDisplay) . (.Microsoft Corporation – Microsoft Basic Display Driver.) – C:Windowssystem32driversBasicDisplay.sys
    O41 – Driver: (BasicRender) . (.Microsoft Corporation – Microsoft Basic Render Driver.) – C:Windowssystem32driversBasicRender.sys
    O41 – Driver: (BfLwf) . (.Qualcomm Atheros, Inc. – Killer Bandwidth Control Filter Driver.) – C:Windowssystem32DRIVERSbwcW8x64.sys
    O41 – Driver: cdrom.inf (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:Windowssystem32driverscdrom.sys
    O41 – Driver: (ctxusbm) . (.Citrix Systems, Inc. – Citrix USB Filter Driver.) – C:Windowssystem32DRIVERSctxusbm.sys
    O41 – Driver: C:WindowsSystem32driversdam.sys (dam) . (.Microsoft Corporation – DAM Kernel Driver.) – C:WindowsSystem32driversdam.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (Dfsc) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
    O41 – Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:Windowssystem32driversmssmbios.sys
    O41 – Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
    O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
    O41 – Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation – Named pipe service triggers.) – C:Windowssystem32driversnpsvctrig.sys
    O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
    O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:Windowssystem32DRIVERSpacer.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:Windowssystem32DRIVERStdx.sys
    O41 – Driver: C:WindowsSystem32driversvwififlt.sys (vwififlt) . (.Microsoft Corporation – Virtual WiFi Filter Driver.) – C:Windowssystem32DRIVERSvwififlt.sys
    ~ Drivers: 36 Scanned in 00mn 00s

    —\ Logiciels installés (O42)
    O42 – Logiciel: « FIFA 14 » – (…) [HKLM][64Bits] — {6049054B-DB11-48E1-A583-9A565D5C8856}_is1
    O42 – Logiciel: 64 Bit HP CIO Components Installer – (.Hewlett-Packard.) [HKLM][64Bits] — {FF21C3E6-97FD-474F-9518-8DCBE94C2854}
    O42 – Logiciel: Adobe Flash Player 16 NPAPI – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player NPAPI
    O42 – Logiciel: Adobe Reader XI (11.0.05) – Français – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {AC76BA86-7AD7-1036-7B44-AB0000000001}
    O42 – Logiciel: Apple Application Support – (.Apple Inc..) [HKLM][64Bits] — {46F044A5-CE8B-4196-984E-5BD6525E361D}
    O42 – Logiciel: Apple Software Update – (.Apple Inc..) [HKLM][64Bits] — {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
    O42 – Logiciel: Assassin's Creed IV Black Flag – (…) [HKLM][64Bits] — {E189015C-5812-4648-920E-F4CA6BE4B109}_is1
    O42 – Logiciel: Audacity 2.0.5 – (.Audacity Team.) [HKLM][64Bits] — Audacity_is1
    O42 – Logiciel: Battery Calibration – (.Micro-Star International Co., Ltd..) [HKLM][64Bits] — {619FA785-489B-4D22-911F-82D6EDF5BDB0}
    O42 – Logiciel: Battlefield 3™ – (.Electronic Arts.) [HKLM][64Bits] — {76285C16-411A-488A-BCE3-C83CB933D8CF}
    O42 – Logiciel: Battlelog Web Plugins – (.EA Digital Illusions CE AB.) [HKLM][64Bits] — Battlelog Web Plugins
    O42 – Logiciel: Booster-Web – (.Appli LLC.) [HKCU][64Bits] — Booster-Web
    O42 – Logiciel: BurnRecovery – (.Micro-Star International Co., Ltd..) [HKLM][64Bits] — {2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}
    O42 – Logiciel: Cardbox 3.0 – (.Cardbox Software Limited.) [HKLM][64Bits] — Cardbox 3.0
    O42 – Logiciel: Citrix Authentication Manager – (.Citrix Systems, Inc..) [HKLM][64Bits] — {CA55005D-94AC-4596-9646-679D6CC0D620}
    O42 – Logiciel: Citrix Receiver (DV) – (.Citrix Systems, Inc..) [HKLM][64Bits] — {ADE8A83D-BB70-4FB5-BA19-26C47EA31894}
    O42 – Logiciel: Citrix Receiver (Redirection Flash HDX) – (.Citrix Systems, Inc..) [HKLM][64Bits] — {C4E28723-0663-4012-9BDC-E21A14C1316C}
    O42 – Logiciel: Citrix Receiver (USB) – (.Citrix Systems, Inc..) [HKLM][64Bits] — {0E1C5B43-1837-4F98-A96B-79A8A0A5955F}
    O42 – Logiciel: Citrix Receiver – (.Citrix Systems, Inc..) [HKLM][64Bits] — CitrixOnlinePluginPackWeb
    O42 – Logiciel: Citrix Receiver Inside – (.Citrix Systems, Inc..) [HKLM][64Bits] — {D9EE360A-7C19-47EC-93C7-97DEFF64804B}
    O42 – Logiciel: Citrix Receiver Updater – (.Citrix Systems, Inc..) [HKLM][64Bits] — {5E8AC853-65BB-4C99-A09E-19B81851E14C}
    O42 – Logiciel: Citrix Receiver(Aero) – (.Citrix Systems, Inc..) [HKLM][64Bits] — {012C59CF-074A-43DA-8085-B6E636733B59}
    O42 – Logiciel: CyberLink PowerDVD 10 – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
    O42 – Logiciel: CyberLink PowerDVD 10 – (.CyberLink Corp..) [HKLM][64Bits] — {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
    O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM][64Bits] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 – Logiciel: DAEMON Tools Lite – (.Disc Soft Ltd.) [HKLM][64Bits] — DAEMON Tools Lite =>.DT Soft Ltd
    O42 – Logiciel: Diagram Designer – (…) [HKLM][64Bits] — Diagram Designer
    O42 – Logiciel: Dropbox – (.Dropbox, Inc..) [HKCU][64Bits] — Dropbox
    O42 – Logiciel: ETDWare PS/2-X64 11.13.0.2_WHQL – (.ELAN Microelectronic Corp..) [HKLM][64Bits] — Elantech
    O42 – Logiciel: Facebook Video Calling 3.1.0.521 – (.Skype Limited.) [HKLM][64Bits] — {2091F234-EB58-4B80-8C96-8EB78C808CF7}
    O42 – Logiciel: Foto-galerija – (.Microsoft Corporation.) [HKLM][64Bits] — {CB5CC924-4B5C-4682-BB21-F160C12F56AB}
    O42 – Logiciel: Fotoattēlu galerija – (.Microsoft Corporation.) [HKLM][64Bits] — {97368584-CA0D-45C6-8151-AE96A33A867B}
    O42 – Logiciel: Fotogalerie – (.Microsoft Corporation.) [HKLM][64Bits] — {3CBD94C1-BA15-488C-888B-D8DD296CC6DC}
    O42 – Logiciel: Fotogalerie – (.Microsoft Corporation.) [HKLM][64Bits] — {A1FBD2B3-6768-472D-BA46-C00EACBCE16C}
    O42 – Logiciel: Fotogalerii – (.Microsoft Corporation.) [HKLM][64Bits] — {ACE848B7-145C-4230-9B95-BA9C98A51AA6}
    O42 – Logiciel: Fotogalerija – (.Microsoft Corporation.) [HKLM][64Bits] — {1F0C818D-4A41-4E40-BAFB-BB940C82A518}
    O42 – Logiciel: Fotogalerija – (.Microsoft Corporation.) [HKLM][64Bits] — {6D9DD7D9-4167-4541-8DA8-619B9B802D72}
    O42 – Logiciel: Fotogalleri – (.Microsoft Corporation.) [HKLM][64Bits] — {E354D495-5DA4-4CCF-AB39-080F6A4141BE}
    O42 – Logiciel: Fotogalleriet – (.Microsoft Corporation.) [HKLM][64Bits] — {9F470E17-4FC3-4091-A508-D5347A16A2B9}
    O42 – Logiciel: Fotogaléria – (.Microsoft Corporation.) [HKLM][64Bits] — {9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}
    O42 – Logiciel: Fotoğraf Galerisi – (.Microsoft Corporation.) [HKLM][64Bits] — {DB7B6508-2AAB-4F26-99D4-74559A2F5E42}
    O42 – Logiciel: Fotótár – (.Microsoft Corporation.) [HKLM][64Bits] — {E50E3DBC-46AA-4827-B2A6-F995D81DF526}
    O42 – Logiciel: Free Mp3 Wma Converter V 2.2 – (.Koyote Lab Inc..) [HKLM][64Bits] — Free Mp3 Wma Converter_is1
    O42 – Logiciel: Galeria de Fotografias – (.Microsoft Corporation.) [HKLM][64Bits] — {F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}
    O42 – Logiciel: Galeria de Fotos – (.Microsoft Corporation.) [HKLM][64Bits] — {F5248B7E-779A-4FA4-8134-D1933D8680FA}
    O42 – Logiciel: Galeria fotografii – (.Microsoft Corporation.) [HKLM][64Bits] — {7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}
    O42 – Logiciel: Galerie de photos – (.Microsoft Corporation.) [HKLM][64Bits] — {446CC8CE-0E90-44F7-ADD0-774B243EF090}
    O42 – Logiciel: Galerie foto – (.Microsoft Corporation.) [HKLM][64Bits] — {C2F1EBBF-9AC4-4E0B-A7F4-74C9C7AD4813}
    O42 – Logiciel: Galerija fotografija – (.Microsoft Corporation.) [HKLM][64Bits] — {C5B383EB-B85B-481C-9946-34FBF021678B}
    O42 – Logiciel: Galería de fotos – (.Microsoft Corporation.) [HKLM][64Bits] — {8F7FECEC-088F-431D-A5FB-2B59E1E69943}
    O42 – Logiciel: Google Drive – (.Google, Inc..) [HKLM][64Bits] — {C60F3836-333A-4AE2-B526-CFDBA143A9BA}
    O42 – Logiciel: HP Customer Participation Program 14.0 – (.HP.) [HKLM][64Bits] — HPExtendedCapabilities
    O42 – Logiciel: HP Imaging Device Functions 14.0 – (.HP.) [HKLM][64Bits] — HP Imaging Device Functions
    O42 – Logiciel: HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7 – (.HP.) [HKLM][64Bits] — {19B5D345-8500-48A7-9737-558E5EEB063C} =>.Hewlett-Packard Co
    O42 – Logiciel: HP Solution Center 14.0 – (.HP.) [HKLM][64Bits] — HP Solution Center & Imaging Support Tools
    O42 – Logiciel: HP Update – (.Hewlett-Packard.) [HKLM][64Bits] — {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
    O42 – Logiciel: IBM SPSS Statistics 22 – (.IBM Corp.) [HKLM][64Bits] — {104875A1-D083-4A34-BC4F-3F635B7F8EF7}
    O42 – Logiciel: Intel(R) Control Center – (.Intel Corporation.) [HKLM][64Bits] — {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
    O42 – Logiciel: Intel(R) Management Engine Components – (.Intel Corporation.) [HKLM][64Bits] — {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
    O42 – Logiciel: Intel(R) Processor Graphics – (.Intel Corporation.) [HKLM][64Bits] — {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
    O42 – Logiciel: Intel(R) Rapid Storage Technology – (.Intel Corporation.) [HKLM][64Bits] — {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
    O42 – Logiciel: Intel(R) SDK for OpenCL – CPU Only Runtime Package – (.Intel Corporation.) [HKLM][64Bits] — {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
    O42 – Logiciel: Intel(R) Update Manager – (.Intel Corporation.) [HKLM][64Bits] — {12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}
    O42 – Logiciel: Intel® Trusted Connect Service Client – (.Intel Corporation.) [HKLM][64Bits] — {977D1ABF-4089-4CA7-BA33-CC75808B7ACE}
    O42 – Logiciel: Java 7 Update 67 – (.Oracle.) [HKLM][64Bits] — {26A24AE4-039D-4CA4-87B4-2F83217045FF}
    O42 – Logiciel: Junk Mail filter update – (.Microsoft Corporation.) [HKLM][64Bits] — {400C31E4-796F-4E86-8FDC-C3C4FACC6847}
    O42 – Logiciel: KB9X Radio Switch Driver – (.ENE TECHNOLOGY INC..) [HKLM][64Bits] — B16388B2E5D3CBA8F0EE88A8C5459BADAF4DE251
    O42 – Logiciel: Kobo – (.Rakuten Kobo Inc..) [HKLM][64Bits] — Kobo
    O42 – Logiciel: MSI Remind Manager – (.MSI.) [HKLM][64Bits] — {7359585E-A828-4EFC-8177-7D1883DDA0B5}
    O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM][64Bits] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 – Logiciel: MSVCRT110 – (.Microsoft.) [HKLM][64Bits] — {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
    O42 – Logiciel: MSVCRT110_amd64 – (.Microsoft.) [HKLM][64Bits] — {E9FA781F-3E80-4399-825A-AD3E11C28C77}
    O42 – Logiciel: MSVCRT_amd64 – (.Microsoft.) [HKLM][64Bits] — {D0B44725-3666-492D-BEF6-587A14BD9BD9}
    O42 – Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 – (.Malwarebytes Corporation.) [HKLM][64Bits] — Malwarebytes Anti-Malware_is1
    O42 – Logiciel: Mendeley Desktop 1.10.1 – (.Mendeley Ltd..) [HKLM][64Bits] — Mendeley Desktop
    O42 – Logiciel: Microsoft OneDrive – (.Microsoft Corporation.) [HKCU][64Bits] — OneDriveSetup.exe
    O42 – Logiciel: Microsoft Silverlight – (.Microsoft Corporation.) [HKLM][64Bits] — {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    O42 – Logiciel: Mises à jour NVIDIA 9.3.21 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
    O42 – Logiciel: Mozilla Firefox 35.0.1 (x86 fr) – (.Mozilla.) [HKLM][64Bits] — Mozilla Firefox 35.0.1 (x86 fr)
    O42 – Logiciel: Mozilla Maintenance Service – (.Mozilla.) [HKLM][64Bits] — MozillaMaintenanceService
    O42 – Logiciel: NVIDIA GeForce Experience 1.7.1 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
    O42 – Logiciel: NVIDIA Logiciel système PhysX 9.12.1031 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
    O42 – Logiciel: NVIDIA PhysX – (.NVIDIA Corporation.) [HKLM][64Bits] — {8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
    O42 – Logiciel: NVIDIA Pilote graphique 320.18 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
    O42 – Logiciel: NVIDIA Virtual Audio 1.2.9 – (.NVIDIA Corporation.) [HKLM][64Bits] — {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver
    O42 – Logiciel: Online Plug-in – (.Citrix Systems, Inc..) [HKLM][64Bits] — {F390D923-76F1-458E-8218-8C0C156CDCFD}
    O42 – Logiciel: Origin – (.Electronic Arts, Inc..) [HKLM][64Bits] — Origin
    O42 – Logiciel: Package de pilotes Windows – Intel (NETwNe64) net (08/07/2012 15.5.0.42) – (.Intel.) [HKLM][64Bits] — 3208E409D1A9ECC0257784D7C0AEAC3BA826402A
    O42 – Logiciel: PunkBuster Services – (.Even Balance, Inc..) [HKLM][64Bits] — PunkBusterSvc
    O42 – Logiciel: Qualcomm Atheros Killer Network Manager – (.Qualcomm Atheros.) [HKLM][64Bits] — InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}
    O42 – Logiciel: Qualcomm Atheros Killer Network Manager – (.Qualcomm Atheros.) [HKLM][64Bits] — {DF446558-ADF7-4884-9B2D-281979CCE71F}
    O42 – Logiciel: QuickTime 7 – (.Apple Inc..) [HKLM][64Bits] — {111EE7DF-FC45-40C7-98A7-753AC46B12FB}
    O42 – Logiciel: Raccolta foto – (.Microsoft Corporation.) [HKLM][64Bits] — {D04EBB49-C985-4A38-8695-62000861293A}
    O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 – Logiciel: Realtek PCIE Card Reader – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {C1594429-8296-4652-BF54-9DBE4932A44C}
    O42 – Logiciel: SCM – (. .) [HKLM][64Bits] — {FA8AB91A-0B41-4797-9015-9B3FBC7834CC}
    O42 – Logiciel: SPSS SmartViewer 15.0 – (.SPSS Inc..) [HKLM][64Bits] — {32FEA42D-3A59-49D9-8A2F-A3E2D8E663DF}
    O42 – Logiciel: Self-Service Plug-in – (.Citrix Systems, Inc..) [HKLM][64Bits] — {47117FCA-0D00-4B6D-9D68-00B763629463}
    O42 – Logiciel: Shop for HP Supplies – (.HP.) [HKLM][64Bits] — Shop for HP Supplies
    O42 – Logiciel: Sony Ericsson Update Engine – (.Sony Ericsson Communications AB.) [HKLM][64Bits] — Update Engine
    O42 – Logiciel: Sony PC Companion 2.10.174 – (.Sony.) [HKLM][64Bits] — {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
    O42 – Logiciel: Spotify – (.Spotify AB.) [HKCU][64Bits] — Spotify
    O42 – Logiciel: Super-Charger – (.MSI.) [HKLM][64Bits] — {7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1
    O42 – Logiciel: THX TruStudio Pro – (.Creative Technology Limited.) [HKLM][64Bits] — {4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}
    O42 – Logiciel: Ulead MediaStudio Pro 8.0 – (.Ulead Systems, Inc..) [HKLM][64Bits] — {A6E71574-2126-4E95-816E-32B2411C94BA}
    O42 – Logiciel: VLC media player 2.1.2 – (.VideoLAN.) [HKLM][64Bits] — VLC media player =>.VideoLAN
    O42 – Logiciel: Valokuvavalikoima – (.Microsoft Corporation.) [HKLM][64Bits] — {C32F4F5A-C9FB-427C-9F6F-9DB157611FFF}
    O42 – Logiciel: WinRAR 5.01 (32-bit) – (.win.rar GmbH.) [HKLM][64Bits] — WinRAR archiver
    O42 – Logiciel: WinZip 18.0 – (.WinZip Computing, S.L. .) [HKLM][64Bits] — {CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}
    O42 – Logiciel: Windows Driver Package – Intel (NETwNe64) net (09/12/2012 15.5.4.45) – (.Intel.) [HKLM][64Bits] — A007E57753F87B14A4737DA95057F173950A6A3D
    O42 – Logiciel: coverXP (remove only) – (…) [HKLM][64Bits] — coverXP
    O42 – Logiciel: µTorrent – (.BitTorrent Inc..) [HKCU][64Bits] — uTorrent =>P2P.BitTorrent
    O42 – Logiciel: Συλλογή φωτογραφιών – (.Microsoft Corporation.) [HKLM][64Bits] — {A19A8C25-272A-4CD6-8BA8-3772321A021B}
    O42 – Logiciel: Фотоальбом – (.Microsoft Corporation.) [HKLM][64Bits] — {087D261B-73AE-4B8A-8F18-2EE80DD2ED8B}
    O42 – Logiciel: Фотогалерия – (.Microsoft Corporation.) [HKLM][64Bits] — {32AA7594-09A9-437F-9541-5F760509B752}
    O42 – Logiciel: Фотографии (общедоступная версия) – (.Microsoft Corporation.) [HKLM][64Bits] — {2B068A64-F867-44E9-8827-A795647C8730}
    O42 – Logiciel: Фотоколекція – (.Microsoft Corporation.) [HKLM][64Bits] — {115356B4-8E81-43DB-BB2A-19E5ED95FBAF}
    O42 – Logiciel: גלריית התמונות – (.Microsoft Corporation.) [HKLM][64Bits] — {E37CD6E8-BC51-4D48-9840-803EC3B418D3}
    O42 – Logiciel: معرض الصور – (.Microsoft Corporation.) [HKLM][64Bits] — {5006FD66-7E9B-4F92-BD36-275AD7712348}
    O42 – Logiciel: フォト ギャラリー – (.Microsoft Corporation.) [HKLM][64Bits] — {CAF46B72-12E2-4FE7-A348-45999E69E1FE}
    O42 – Logiciel: 影像中心 – (.Microsoft Corporation.) [HKLM][64Bits] — {631C4E4F-6FDC-4CC0-A067-E9876A9BA7FD}
    O42 – Logiciel: 照片库 – (.Microsoft Corporation.) [HKLM][64Bits] — {017E337D-D709-437C-83DB-71F82AA78BF6}
    O42 – Logiciel: 사진 갤러리 – (.Microsoft Corporation.) [HKLM][64Bits] — {B413088F-F01D-467A-8F39-94F6EE473321}
    ~ Logic: 68 Scanned in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareAI_RecycleBin] =>Adware.Agent
    [HKCUSoftwareAdobe]
    [HKCUSoftwareAppDataLowSoftwareJavaSoft]
    [HKCUSoftwareAppDataLow]
    [HKCUSoftwareApple Computer, Inc.]
    [HKCUSoftwareApple Inc.]
    [HKCUSoftwareAudacity]
    [HKCUSoftwareBDUSBImmunizer]
    [HKCUSoftwareBVRP Software]
    [HKCUSoftwareBigfootNetworks]
    [HKCUSoftwareBitTorrent] =>P2P.BitTorrent
    [HKCUSoftwareBitdefender]
    [HKCUSoftwareCanon]
    [HKCUSoftwareCardbox]
    [HKCUSoftwareCitrix]
    [HKCUSoftwareClasses]
    [HKCUSoftwareClients]
    [HKCUSoftwareCreative Tech]
    [HKCUSoftwareCyberLink]
    [HKCUSoftwareDigitByteStudio]
    [HKCUSoftwareDisc Soft]
    [HKCUSoftwareDoctorPCConfig]
    [HKCUSoftwareDoctorPCLanguage]
    [HKCUSoftwareElantech]
    [HKCUSoftwareElectronic Arts]
    [HKCUSoftwareFacebook]
    [HKCUSoftwareGoogle]
    [HKCUSoftwareHP]
    [HKCUSoftwareHewlett-Packard]
    [HKCUSoftwareIM Providers]
    [HKCUSoftwareIntel]
    [HKCUSoftwareJavaSoft]
    [HKCUSoftwareKobo]
    [HKCUSoftwareLake]
    [HKCUSoftwareLicenses]
    [HKCUSoftwareLinkey] =>PUP.LinkeySearch
    [HKCUSoftwareLocal AppWizard-Generated Applications]
    [HKCUSoftwareMCAFEE]
    [HKCUSoftwareMacromedia]
    [HKCUSoftwareMalwarebytes' Anti-Malware]
    [HKCUSoftwareMeeSoft]
    [HKCUSoftwareMendeley Ltd.]
    [HKCUSoftwareMine]
    [HKCUSoftwareMozillaPlugins]
    [HKCUSoftwareMozilla]
    [HKCUSoftwareNVIDIA Corporation]
    [HKCUSoftwareNetscape]
    [HKCUSoftwareNico Mak Computing]
    [HKCUSoftwareOB]
    [HKCUSoftwareODBC]
    [HKCUSoftwarePolicies]
    [HKCUSoftwareRainbow Technologies]
    [HKCUSoftwareRealtek]
    [HKCUSoftwareRegisteredApplications]
    [HKCUSoftwareSPSS]
    [HKCUSoftwareSearchProtectWS] =>PUP.SearchProtect
    [HKCUSoftwareSkyhook Wireless]
    [HKCUSoftwareSkypeRS]
    [HKCUSoftwareSkype]
    [HKCUSoftwareSony]
    [HKCUSoftwareTeamViewer]
    [HKCUSoftwareTeleCharger]
    [HKCUSoftwareToggle]
    [HKCUSoftwareTrolltech]
    [HKCUSoftwareUbisoft]
    [HKCUSoftwareUlead Systems]
    [HKCUSoftwareVB and VBA Program Settings]
    [HKCUSoftwareValve]
    [HKCUSoftwareWinRAR SFX]
    [HKCUSoftwareWinRAR]
    [HKCUSoftwareWinZip Computing]
    [HKCUSoftwareWow6432Node]
    [HKCUSoftwareYMJI]
    [HKCUSoftwareZBDU]
    [HKCUSoftwareZebHelpProcess Helper]
    [HKCUSoftwarecoverXP]
    [HKCUSoftwarekde.org]
    [HKLMSoftwareAGEIA Technologies]
    [HKLMSoftwareATI Technologies]
    [HKLMSoftwareCanon]
    [HKLMSoftwareClasses]
    [HKLMSoftwareClients]
    [HKLMSoftwareCreative Tech]
    [HKLMSoftwareHewlett-Packard]
    [HKLMSoftwareICE]
    [HKLMSoftwareIntel]
    [HKLMSoftwareKhronos]
    [HKLMSoftwareMacromedia]
    [HKLMSoftwareMozillaPlugins]
    [HKLMSoftwareMozilla]
    [HKLMSoftwareNVIDIA Corporation]
    [HKLMSoftwareNico Mak Computing]
    [HKLMSoftwareNorton]
    [HKLMSoftwareODBC]
    [HKLMSoftwarePolicies]
    [HKLMSoftwareRealtek Semiconductor Corp.]
    [HKLMSoftwareRealtek]
    [HKLMSoftwareRegisteredApplications]
    [HKLMSoftwareSRS Labs]
    [HKLMSoftwareSkype]
    [HKLMSoftwareWaves Audio]
    [HKLMSoftwareWow6432NodeAGEIA Technologies]
    [HKLMSoftwareWow6432NodeAdobe]
    [HKLMSoftwareWow6432NodeAdwCleaner]
    [HKLMSoftwareWow6432NodeApple Computer, Inc.]
    [HKLMSoftwareWow6432NodeApple Inc.]
    [HKLMSoftwareWow6432NodeCLSYSTEM]
    [HKLMSoftwareWow6432NodeCanon]
    [HKLMSoftwareWow6432NodeCitrix]
    [HKLMSoftwareWow6432NodeClasses]
    [HKLMSoftwareWow6432NodeClient]
    [HKLMSoftwareWow6432NodeClients]
    [HKLMSoftwareWow6432NodeCreative Tech]
    [HKLMSoftwareWow6432NodeCyberLink]
    [HKLMSoftwareWow6432NodeDisc Soft]
    [HKLMSoftwareWow6432NodeEA Games]
    [HKLMSoftwareWow6432NodeEA Sports]
    [HKLMSoftwareWow6432NodeElectronic Arts]
    [HKLMSoftwareWow6432NodeEven Balance]
    [HKLMSoftwareWow6432NodeGoogle]
    [HKLMSoftwareWow6432NodeHewlett-Packard]
    [HKLMSoftwareWow6432NodeIBM]
    [HKLMSoftwareWow6432NodeInstallShield]
    [HKLMSoftwareWow6432NodeIntel]
    [HKLMSoftwareWow6432NodeJavaSoft]
    [HKLMSoftwareWow6432NodeJreMetrics]
    [HKLMSoftwareWow6432NodeKhronos]
    [HKLMSoftwareWow6432NodeLake]
    [HKLMSoftwareWow6432NodeLicenses]
    [HKLMSoftwareWow6432NodeMSI]
    [HKLMSoftwareWow6432NodeMacromedia]
    [HKLMSoftwareWow6432NodeMalwarebytes' Anti-Malware]
    [HKLMSoftwareWow6432NodeMendeley Ltd.]
    [HKLMSoftwareWow6432NodeMicro-Star International Co., Ltd.]
    [HKLMSoftwareWow6432NodeMozillaPlugins]
    [HKLMSoftwareWow6432NodeMozilla]
    [HKLMSoftwareWow6432NodeNPCCU]
    [HKLMSoftwareWow6432NodeNSSYSTEM]
    [HKLMSoftwareWow6432NodeNVIDIA Corporation]
    [HKLMSoftwareWow6432NodeNico Mak Computing]
    [HKLMSoftwareWow6432NodeNorton]
    [HKLMSoftwareWow6432NodeNtpad]
    [HKLMSoftwareWow6432NodeODBC]
    [HKLMSoftwareWow6432NodeOrigin Games]
    [HKLMSoftwareWow6432NodePolicies]
    [HKLMSoftwareWow6432NodeRainbow Technologies]
    [HKLMSoftwareWow6432NodeRealtek Semiconductor Corp.]
    [HKLMSoftwareWow6432NodeRealtek]
    [HKLMSoftwareWow6432NodeRegisteredApplications]
    [HKLMSoftwareWow6432NodeSPSS]
    [HKLMSoftwareWow6432NodeSiteSee]
    [HKLMSoftwareWow6432NodeSony]
    [HKLMSoftwareWow6432NodeSys Modules]
    [HKLMSoftwareWow6432NodeTeamViewer]
    [HKLMSoftwareWow6432NodeUbisoft]
    [HKLMSoftwareWow6432NodeUlead Systems]
    [HKLMSoftwareWow6432NodeValve]
    [HKLMSoftwareWow6432NodeVideoLAN]
    [HKLMSoftwareWow6432NodeVolatile]
    [HKLMSoftwareWow6432NodeWinRAR]
    [HKLMSoftwareWow6432NodeWow6432Node]
    [HKLMSoftwareWow6432Nodemcafeeupdater]
    [HKLMSoftwareWow6432Nodemozilla.org]
    [HKLMSoftwareWow6432Node]
    [HKLMSoftwaremcafeeupdater]
    ~ Key Software: 363 Scanned in 00mn 00s

    }[/spoiler:cer2vu29]

    Tchepo
    Participant
    Nombre d'articles : 15

    [spoiler:1udyebd6]{
    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 19/02/2014 – 19:12:45 – [] —-D C:Program Files (x86)Adobe
    O43 – CFD: 29/06/2013 – 11:59:15 – [0] —-D C:Program Files (x86)AGEIA Technologies
    O43 – CFD: 03/11/2013 – 12:44:13 – [] —-D C:Program Files (x86)Apple Software Update =>.Apple Inc
    O43 – CFD: 31/05/2014 – 08:55:17 – [] —-D C:Program Files (x86)Battlelog Web Plugins
    O43 – CFD: 09/08/2014 – 09:34:35 – [] —-D C:Program Files (x86)Citrix
    O43 – CFD: 26/01/2015 – 19:59:54 – [] —-D C:Program Files (x86)Common Files
    O43 – CFD: 27/11/2012 – 20:08:49 – [] —-D C:Program Files (x86)Creative
    O43 – CFD: 27/11/2012 – 20:32:33 – [] —-D C:Program Files (x86)CyberLink
    O43 – CFD: 06/07/2014 – 15:41:12 – [] —-D C:Program Files (x86)DAEMON Tools Lite =>.DT Soft Ltd
    O43 – CFD: 26/01/2015 – 19:59:54 – [] —-D C:Program Files (x86)Free mp3 Wma Converter
    O43 – CFD: 22/10/2013 – 06:04:52 – [] —-D C:Program Files (x86)Google
    O43 – CFD: 16/10/2013 – 19:53:06 – [] —-D C:Program Files (x86)HP
    O43 – CFD: 01/04/2014 – 16:08:06 – [] —-D C:Program Files (x86)IBM
    O43 – CFD: 11/11/2013 – 22:11:00 – [] –H-D C:Program Files (x86)InstallShield Installation Information
    O43 – CFD: 26/09/2014 – 07:57:45 – [] —-D C:Program Files (x86)Intel
    O43 – CFD: 11/12/2014 – 15:42:02 – [] —-D C:Program Files (x86)Internet Explorer
    O43 – CFD: 20/08/2014 – 18:44:35 – [] —-D C:Program Files (x86)Java
    O43 – CFD: 23/09/2014 – 18:13:35 – [] —-D C:Program Files (x86)Kobo
    O43 – CFD: 26/01/2015 – 19:47:17 – [] —-D C:Program Files (x86)Malwarebytes Anti-Malware
    O43 – CFD: 08/03/2014 – 11:13:45 – [] —-D C:Program Files (x86)MeeSoft
    O43 – CFD: 23/10/2013 – 15:15:30 – [0] —-D C:Program Files (x86)Microsoft
    O43 – CFD: 28/06/2013 – 23:27:42 – [] —-D C:Program Files (x86)Microsoft Analysis Services
    O43 – CFD: 28/06/2013 – 11:29:35 – [] —-D C:Program Files (x86)Microsoft Office
    O43 – CFD: 22/10/2014 – 16:37:00 – [] —-D C:Program Files (x86)Microsoft Silverlight
    O43 – CFD: 23/11/2012 – 06:17:21 – [] —-D C:Program Files (x86)Microsoft SkyDrive =>.Microsoft Corporation
    O43 – CFD: 28/06/2013 – 11:29:34 – [] —-D C:Program Files (x86)Microsoft SQL Server Compact Edition
    O43 – CFD: 28/06/2013 – 11:29:34 – [] —-D C:Program Files (x86)Microsoft Sync Framework
    O43 – CFD: 28/06/2013 – 11:29:42 – [] —-D C:Program Files (x86)Microsoft Synchronization Services
    O43 – CFD: 28/06/2013 – 23:27:56 – [] —-D C:Program Files (x86)Microsoft Visual Studio 8
    O43 – CFD: 01/11/2013 – 14:31:54 – [] —-D C:Program Files (x86)Microsoft.NET
    O43 – CFD: 26/01/2015 – 17:32:33 – [] —-D C:Program Files (x86)Mozilla Firefox
    O43 – CFD: 26/01/2015 – 20:00:33 – [] —-D C:Program Files (x86)Mozilla Maintenance Service
    O43 – CFD: 01/11/2013 – 14:33:15 – [] —-D C:Program Files (x86)MSBuild
    O43 – CFD: 27/11/2012 – 20:34:17 – [] —-D C:Program Files (x86)MSI
    O43 – CFD: 13/11/2013 – 20:17:24 – [] —-D C:Program Files (x86)NVIDIA Corporation
    O43 – CFD: 13/03/2014 – 19:15:29 – [] —-D C:Program Files (x86)QuickTime
    O43 – CFD: 28/06/2013 – 12:16:03 – [] —-D C:Program Files (x86)Realtek
    O43 – CFD: 30/10/2013 – 21:02:33 – [] —-D C:Program Files (x86)Reference Assemblies
    O43 – CFD: 27/11/2012 – 20:04:58 – [] —-D C:Program Files (x86)SCM
    O43 – CFD: 20/09/2013 – 14:04:28 – [] —-D C:Program Files (x86)Sony
    O43 – CFD: 20/09/2013 – 14:12:33 – [] —-D C:Program Files (x86)Sony Ericsson
    O43 – CFD: 28/06/2013 – 12:13:42 – [0] –H-D C:Program Files (x86)Temp
    O43 – CFD: 11/11/2013 – 22:10:41 – [] —-D C:Program Files (x86)Ulead Systems
    O43 – CFD: 11/11/2013 – 21:53:56 – [] —-D C:Program Files (x86)VideoLAN
    O43 – CFD: 02/04/2014 – 06:26:38 – [] —-D C:Program Files (x86)VPNFacile
    O43 – CFD: 13/11/2014 – 17:53:18 – [] —-D C:Program Files (x86)Windows Defender
    O43 – CFD: 19/11/2013 – 22:19:35 – [] —-D C:Program Files (x86)Windows Live
    O43 – CFD: 01/11/2013 – 14:31:55 – [] —-D C:Program Files (x86)Windows Mail =>.Microsoft Corporation
    O43 – CFD: 11/11/2013 – 22:11:00 – [] —-D C:Program Files (x86)Windows Media Components
    O43 – CFD: 13/04/2014 – 22:31:12 – [] —-D C:Program Files (x86)Windows Media Player =>.Microsoft Corporation
    O43 – CFD: 13/04/2014 – 22:31:12 – [] —-D C:Program Files (x86)Windows Multimedia Platform
    O43 – CFD: 22/08/2013 – 16:36:30 – [] —-D C:Program Files (x86)Windows NT
    O43 – CFD: 01/11/2013 – 14:31:55 – [] —-D C:Program Files (x86)Windows Photo Viewer
    O43 – CFD: 13/04/2014 – 22:31:12 – [] —-D C:Program Files (x86)Windows Portable Devices
    O43 – CFD: 01/11/2013 – 14:31:55 – [] -SH-D C:Program Files (x86)Windows Sidebar
    O43 – CFD: 22/08/2013 – 16:36:30 – [] —-D C:Program Files (x86)WindowsPowerShell
    O43 – CFD: 01/01/2014 – 19:16:48 – [] —-D C:Program Files (x86)WinRAR
    O43 – CFD: 26/01/2015 – 20:05:27 – [] —-D C:Program Files (x86)ZHPDiag =>.Nicolas Coolman
    O43 – CFD: 19/02/2014 – 19:12:47 – [] —-D C:Program Files (x86)Common FilesAdobe
    O43 – CFD: 03/11/2013 – 12:44:16 – [] —-D C:Program Files (x86)Common FilesApple
    O43 – CFD: 09/08/2014 – 09:34:20 – [] —-D C:Program Files (x86)Common FilesCitrix
    O43 – CFD: 15/05/2014 – 11:16:21 – [] —-D C:Program Files (x86)Common FilesDESIGNER
    O43 – CFD: 31/05/2014 – 08:53:46 – [] –H-D C:Program Files (x86)Common FilesEAInstaller
    O43 – CFD: 16/10/2013 – 19:52:29 – [] —-D C:Program Files (x86)Common FilesHewlett-Packard
    O43 – CFD: 16/10/2013 – 19:52:32 – [] —-D C:Program Files (x86)Common FilesHP
    O43 – CFD: 01/04/2014 – 16:08:46 – [] —-D C:Program Files (x86)Common FilesIBM
    O43 – CFD: 30/03/2014 – 11:02:53 – [] —-D C:Program Files (x86)Common FilesInstallShield
    O43 – CFD: 01/11/2013 – 14:25:28 – [] —-D C:Program Files (x86)Common FilesIntel
    O43 – CFD: 27/11/2012 – 20:00:34 – [] —-D C:Program Files (x86)Common FilesIntel Corporation
    O43 – CFD: 20/08/2014 – 18:44:37 – [] —-D C:Program Files (x86)Common FilesJava
    O43 – CFD: 21/11/2013 – 18:28:07 – [] —-D C:Program Files (x86)Common FilesMicrosoft Shared
    O43 – CFD: 27/11/2012 – 19:52:33 – [] —-D C:Program Files (x86)Common FilespostureAgent
    O43 – CFD: 22/08/2013 – 16:36:33 – [] —-D C:Program Files (x86)Common FilesServices
    O43 – CFD: 11/11/2013 – 22:10:42 – [] —-D C:Program Files (x86)Common FilesSONY Digital Images
    O43 – CFD: 25/09/2013 – 11:15:00 – [] —-D C:Program Files (x86)Common FilesSteam
    O43 – CFD: 20/11/2013 – 19:42:20 – [] —-D C:Program Files (x86)Common FilesSystem
    O43 – CFD: 11/11/2013 – 22:11:05 – [] —-D C:Program Files (x86)Common FilesUlead Systems
    O43 – CFD: 22/11/2012 – 14:14:08 – [] —-D C:Program Files (x86)Common FilesWindows Live
    O43 – CFD: 02/07/2013 – 10:02:57 – [] —-D C:ProgramDataAdobe
    O43 – CFD: 03/11/2013 – 12:44:12 – [] —-D C:ProgramDataApple
    O43 – CFD: 13/03/2014 – 19:15:21 – [] —-D C:ProgramDataApple Computer
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataApplication Data
    O43 – CFD: 26/01/2015 – 20:01:18 – [] —-D C:ProgramDataBigfoot Networks
    O43 – CFD: 01/11/2013 – 14:35:49 – [] -SH-D C:ProgramDataBureau
    O43 – CFD: 16/02/2014 – 16:10:08 – [] –H-D C:ProgramDataCanonBJ
    O43 – CFD: 09/08/2014 – 09:34:37 – [] —-D C:ProgramDataCitrix
    O43 – CFD: 23/09/2013 – 19:07:36 – [] —-D C:ProgramDataCyberLink
    O43 – CFD: 06/07/2014 – 15:42:05 – [] —-D C:ProgramDataDAEMON Tools Lite =>.DT Soft Ltd
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataDesktop
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataDocuments
    O43 – CFD: 31/05/2014 – 08:54:17 – [] —-D C:ProgramDataEA Core
    O43 – CFD: 31/05/2014 – 21:20:07 – [] —-D C:ProgramDataEA Logs
    O43 – CFD: 31/05/2014 – 08:54:19 – [] —-D C:ProgramDataElectronic Arts
    O43 – CFD: 25/08/2014 – 10:07:16 – [] —-D C:ProgramDataHP
    O43 – CFD: 16/10/2013 – 19:52:53 – [] —-D C:ProgramDataHP Product Assistant
    O43 – CFD: 26/09/2014 – 08:18:07 – [] —-D C:ProgramDataIntel
    O43 – CFD: 26/09/2014 – 07:57:33 – [] —-D C:ProgramDataIntel(R) Update Manager
    O43 – CFD: 26/01/2015 – 19:47:20 – [] —-D C:ProgramDataMalwarebytes
    O43 – CFD: 17/06/2014 – 09:27:50 – [] —-D C:ProgramDataMcAfee
    O43 – CFD: 01/11/2013 – 14:35:49 – [] -SH-D C:ProgramDataMenu Démarrer
    O43 – CFD: 11/12/2014 – 15:42:01 – [] -S–D C:ProgramDataMicrosoft
    O43 – CFD: 11/12/2014 – 15:41:36 – [] —-D C:ProgramDataMicrosoft Help
    O43 – CFD: 14/11/2014 – 08:04:47 – [] —-D C:ProgramDataMicrosoft OneDrive
    O43 – CFD: 22/11/2012 – 14:14:26 – [] —-D C:ProgramDataMicrosoft SkyDrive =>.Microsoft Corporation
    O43 – CFD: 01/11/2013 – 14:35:49 – [] -SH-D C:ProgramDataModèles
    O43 – CFD: 28/06/2013 – 11:45:05 – [] —-D C:ProgramDataMozilla
    O43 – CFD: 30/06/2013 – 21:56:41 – [] —-D C:ProgramDataNorton
    O43 – CFD: 22/11/2012 – 14:32:15 – [] —-D C:ProgramDataNortonInstaller
    O43 – CFD: 01/11/2013 – 14:31:57 – [] —-D C:ProgramDataNVIDIA
    O43 – CFD: 13/11/2013 – 20:17:30 – [] —-D C:ProgramDataNVIDIA Corporation
    O43 – CFD: 20/08/2014 – 18:44:42 – [0] —-D C:ProgramDataOracle
    O43 – CFD: 25/01/2015 – 20:16:28 – [] —-D C:ProgramDataOrigin
    O43 – CFD: 23/09/2014 – 18:13:33 – [] —-D C:ProgramDataPackage Cache
    O43 – CFD: 01/11/2013 – 14:31:57 – [] —-D C:ProgramDataPRICache
    O43 – CFD: 30/09/2013 – 05:00:03 – [] —-D C:ProgramDataregid.1991-06.com.microsoft
    O43 – CFD: 01/04/2014 – 16:09:19 – [] —-D C:ProgramDataSafeNet Sentinel
    O43 – CFD: 20/09/2013 – 14:04:28 – [] —-D C:ProgramDataSony
    O43 – CFD: 20/09/2013 – 14:12:43 – [] —-D C:ProgramDataSony Ericsson
    O43 – CFD: 01/04/2014 – 16:18:52 – [] —-D C:ProgramDataSPSS
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataStart Menu
    O43 – CFD: 30/10/2013 – 19:13:02 – [] —-D C:ProgramDataSun
    O43 – CFD: 27/11/2012 – 20:33:08 – [] —-D C:ProgramDataTemp
    O43 – CFD: 22/08/2013 – 15:45:52 – [] -SH-D C:ProgramDataTemplates
    O43 – CFD: 05/08/2014 – 20:41:24 – [] —-D C:ProgramDataTomTom
    O43 – CFD: 16/10/2013 – 19:55:56 – [] —-D C:ProgramDataWEBREG
    O43 – CFD: 01/01/2014 – 19:14:22 – [] —-D C:ProgramDataWinZip
    O43 – CFD: 22/08/2013 – 16:36:33 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAccessibility
    O43 – CFD: 30/09/2013 – 05:00:03 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 13/04/2014 – 22:31:17 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 06/07/2014 – 15:59:38 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsAssassin's Creed IV Black Flag
    O43 – CFD: 19/05/2014 – 09:13:06 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramscoverXP
    O43 – CFD: 01/11/2013 – 14:31:56 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsCreative
    O43 – CFD: 01/11/2013 – 14:33:15 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsCyberLink PowerDVD 10
    O43 – CFD: 06/07/2014 – 15:41:18 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsDAEMON Tools Lite =>.DT Soft Ltd
    O43 – CFD: 08/03/2014 – 11:13:46 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsDiagram Designer
    O43 – CFD: 25/01/2015 – 12:47:13 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsFIFA 14
    O43 – CFD: 11/06/2014 – 12:41:44 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsFree Audio Pack
    O43 – CFD: 24/01/2015 – 14:46:07 – [0] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsGames
    O43 – CFD: 05/11/2014 – 19:05:49 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Drive
    O43 – CFD: 01/11/2013 – 14:33:15 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsHP
    O43 – CFD: 01/04/2014 – 16:18:51 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsIBM SPSS Statistics
    O43 – CFD: 26/09/2014 – 07:57:35 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsIntel
    O43 – CFD: 20/08/2014 – 18:44:35 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
    O43 – CFD: 23/09/2014 – 18:13:34 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsKobo
    O43 – CFD: 22/08/2013 – 16:36:33 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 26/01/2015 – 19:47:19 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes Anti-Malware
    O43 – CFD: 10/01/2014 – 17:03:47 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMendeley Desktop
    O43 – CFD: 01/11/2013 – 14:33:15 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Office
    O43 – CFD: 22/10/2014 – 16:37:48 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Silverlight
    O43 – CFD: 01/11/2013 – 14:33:15 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsMSI
    O43 – CFD: 01/11/2013 – 14:33:15 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation
    O43 – CFD: 01/11/2013 – 14:31:57 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsQualcomm Atheros
    O43 – CFD: 13/03/2014 – 19:15:28 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsQuickTime
    O43 – CFD: 01/11/2013 – 14:33:15 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsSharePoint
    O43 – CFD: 01/11/2013 – 14:31:57 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsSony
    O43 – CFD: 30/03/2014 – 11:03:45 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsSPSS SmartViewer
    O43 – CFD: 29/07/2014 – 06:29:36 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsStartUp
    O43 – CFD: 13/04/2014 – 22:31:17 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsSystem Tools
    O43 – CFD: 30/09/2013 – 05:00:03 – [0] R-H-D C:ProgramDataMicrosoftWindowsStart MenuProgramsTablet PC
    O43 – CFD: 11/11/2013 – 22:11:01 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsUlead MediaStudio Pro 8.0
    O43 – CFD: 29/12/2013 – 12:19:24 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN
    O43 – CFD: 19/11/2013 – 22:22:53 – [] R—D C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows Live
    O43 – CFD: 01/01/2014 – 19:16:48 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinRAR
    O43 – CFD: 01/01/2014 – 19:14:12 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsWinZip
    O43 – CFD: 26/01/2015 – 20:05:27 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramsZHP =>.Nicolas Coolman
    O43 – CFD: 19/02/2014 – 19:12:44 – [] —-D C:UsersMartinAppDataRoamingAdobe
    O43 – CFD: 03/11/2013 – 19:43:45 – [] —-D C:UsersMartinAppDataRoamingApple Computer
    O43 – CFD: 25/08/2014 – 15:05:36 – [] —-D C:UsersMartinAppDataRoamingAudacity
    O43 – CFD: 11/11/2013 – 22:07:17 – [] —-D C:UsersMartinAppDataRoamingavidemux
    O43 – CFD: 24/01/2015 – 18:49:01 – [] —-D C:UsersMartinAppDataRoamingBooster-Web
    O43 – CFD: 23/09/2013 – 19:06:00 – [] —-D C:UsersMartinAppDataRoamingCyberLink
    O43 – CFD: 24/01/2015 – 18:31:22 – [] —-D C:UsersMartinAppDataRoamingDAEMON Tools Lite =>.DT Soft Ltd
    O43 – CFD: 09/08/2014 – 09:34:11 – [] —-D C:UsersMartinAppDataRoamingDownload Manager
    O43 – CFD: 26/01/2015 – 20:01:54 – [] —-D C:UsersMartinAppDataRoamingDropbox
    O43 – CFD: 11/06/2014 – 12:42:17 – [] —-D C:UsersMartinAppDataRoamingFreeAudioPack
    O43 – CFD: 16/10/2013 – 19:58:04 – [] —-D C:UsersMartinAppDataRoamingHP
    O43 – CFD: 23/10/2013 – 20:44:19 – [] —-D C:UsersMartinAppDataRoamingHpUpdate
    O43 – CFD: 07/08/2014 – 17:02:00 – [] —-D C:UsersMartinAppDataRoamingICAClient
    O43 – CFD: 01/11/2013 – 14:42:57 – [] —-D C:UsersMartinAppDataRoamingIdentities
    O43 – CFD: 28/06/2013 – 12:08:45 – [] —-D C:UsersMartinAppDataRoamingInstallShield
    O43 – CFD: 28/06/2013 – 10:34:03 – [] —-D C:UsersMartinAppDataRoamingIntel Corporation
    O43 – CFD: 28/06/2013 – 11:31:30 – [] —-D C:UsersMartinAppDataRoamingMacromedia
    O43 – CFD: 26/01/2015 – 19:47:20 – [0] —-D C:UsersMartinAppDataRoamingMalwarebytes
    O43 – CFD: 24/01/2015 – 18:51:49 – [] -S–D C:UsersMartinAppDataRoamingMicrosoft
    O43 – CFD: 28/06/2013 – 11:45:15 – [] —-D C:UsersMartinAppDataRoamingMozilla
    O43 – CFD: 30/05/2014 – 16:07:23 – [] —-D C:UsersMartinAppDataRoamingOrigin
    O43 – CFD: 24/01/2015 – 18:51:42 – [] —-D C:UsersMartinAppDataRoamingQuickScan
    O43 – CFD: 28/03/2014 – 08:46:19 – [] —-D C:UsersMartinAppDataRoamingSpotify
    O43 – CFD: 01/04/2014 – 16:22:35 – [] —-D C:UsersMartinAppDataRoamingSPSSInc
    O43 – CFD: 13/09/2013 – 15:49:26 – [] —-D C:UsersMartinAppDataRoamingTeamViewer
    O43 – CFD: 05/08/2014 – 20:39:15 – [] —-D C:UsersMartinAppDataRoamingTomTom
    O43 – CFD: 24/01/2015 – 19:00:31 – [] —-D C:UsersMartinAppDataRoaminguTorrent =>P2P.µTorrent
    O43 – CFD: 13/01/2015 – 23:59:51 – [] —-D C:UsersMartinAppDataRoamingvlc
    O43 – CFD: 23/09/2013 – 20:57:47 – [] —-D C:UsersMartinAppDataRoamingWebApp
    O43 – CFD: 01/01/2014 – 19:16:56 – [] —-D C:UsersMartinAppDataRoamingWinRAR
    O43 – CFD: 26/01/2015 – 20:08:36 – [] —-D C:UsersMartinAppDataRoamingZHP =>.Nicolas Coolman
    O43 – CFD: 17/06/2014 – 15:31:29 – [] —-D C:UsersMartinAppDataLocalAdobe
    O43 – CFD: 03/11/2013 – 12:44:14 – [] —-D C:UsersMartinAppDataLocalApple
    O43 – CFD: 03/11/2013 – 12:45:28 – [] —-D C:UsersMartinAppDataLocalApple Computer
    O43 – CFD: 01/11/2013 – 14:27:04 – [] -SH-D C:UsersMartinAppDataLocalApplication Data
    O43 – CFD: 01/01/2014 – 19:07:38 – [] —-D C:UsersMartinAppDataLocalcache
    O43 – CFD: 09/08/2014 – 09:35:12 – [] —-D C:UsersMartinAppDataLocalCitrix
    O43 – CFD: 04/10/2013 – 14:32:53 – [] —-D C:UsersMartinAppDataLocalCyberlink
    O43 – CFD: 21/01/2015 – 19:50:43 – [] —-D C:UsersMartinAppDataLocalDiagnostics
    O43 – CFD: 05/08/2014 – 20:37:50 – [] —-D C:UsersMartinAppDataLocalDownloaded Installations
    O43 – CFD: 21/11/2013 – 18:59:07 – [0] —-D C:UsersMartinAppDataLocalElevatedDiagnostics
    O43 – CFD: 29/07/2014 – 06:24:59 – [] -SH-D C:UsersMartinAppDataLocalEmieSiteList
    O43 – CFD: 29/07/2014 – 06:24:59 – [] -SH-D C:UsersMartinAppDataLocalEmieUserList
    O43 – CFD: 31/05/2014 – 08:55:18 – [] —-D C:UsersMartinAppDataLocalESN
    O43 – CFD: 09/03/2014 – 14:53:19 – [] —-D C:UsersMartinAppDataLocalFacebook
    O43 – CFD: 29/07/2014 – 08:03:48 – [] —-D C:UsersMartinAppDataLocalGame Updater
    O43 – CFD: 22/10/2013 – 06:04:55 – [] —-D C:UsersMartinAppDataLocalGoogle
    O43 – CFD: 01/11/2013 – 14:27:04 – [] -SH-D C:UsersMartinAppDataLocalHistorique
    O43 – CFD: 16/10/2013 – 19:58:04 – [] —-D C:UsersMartinAppDataLocalHP
    O43 – CFD: 01/04/2014 – 16:09:20 – [] —-D C:UsersMartinAppDataLocalIBM
    O43 – CFD: 01/04/2014 – 16:22:22 – [] —-D C:UsersMartinAppDataLocaljavasharedresources
    O43 – CFD: 29/09/2014 – 16:32:40 – [] —-D C:UsersMartinAppDataLocalKobo
    O43 – CFD: 28/06/2013 – 12:40:49 – [] —-D C:UsersMartinAppDataLocalMacromedia
    O43 – CFD: 10/01/2014 – 17:03:49 – [] —-D C:UsersMartinAppDataLocalMendeley Ltd
    O43 – CFD: 24/01/2015 – 19:02:08 – [] —-D C:UsersMartinAppDataLocalMicrosoft
    O43 – CFD: 08/12/2014 – 15:18:15 – [] —-D C:UsersMartinAppDataLocalMicrosoft Help
    O43 – CFD: 18/09/2013 – 19:50:01 – [] —-D C:UsersMartinAppDataLocalMozilla
    O43 – CFD: 28/06/2013 – 10:24:37 – [] —-D C:UsersMartinAppDataLocalMSI
    O43 – CFD: 01/11/2013 – 14:53:08 – [] —-D C:UsersMartinAppDataLocalNVIDIA
    O43 – CFD: 13/11/2013 – 20:19:00 – [] —-D C:UsersMartinAppDataLocalNVIDIA Corporation
    O43 – CFD: 20/06/2014 – 11:25:53 – [] —-D C:UsersMartinAppDataLocalOrigin
    O43 – CFD: 25/08/2014 – 10:08:00 – [] —-D C:UsersMartinAppDataLocalPackages
    O43 – CFD: 14/01/2014 – 21:17:13 – [] —-D C:UsersMartinAppDataLocalPrograms
    O43 – CFD: 31/05/2014 – 08:55:29 – [] —-D C:UsersMartinAppDataLocalPunkBuster
    O43 – CFD: 29/07/2014 – 07:21:26 – [] —-D C:UsersMartinAppDataLocalSetup Integrity Check
    O43 – CFD: 28/03/2014 – 08:11:20 – [] —-D C:UsersMartinAppDataLocalSpotify
    O43 – CFD: 26/01/2015 – 20:06:54 – [] —-D C:UsersMartinAppDataLocalTemp
    O43 – CFD: 01/11/2013 – 14:27:04 – [] -SH-D C:UsersMartinAppDataLocalTemporary Internet Files
    O43 – CFD: 05/08/2014 – 20:39:15 – [] —-D C:UsersMartinAppDataLocalTomTom
    O43 – CFD: 28/12/2013 – 15:26:16 – [] —-D C:UsersMartinAppDataLocalVirtualStore
    O43 – CFD: 26/03/2014 – 09:00:45 – [] —-D C:UsersMartinAppDataLocalWindows Live
    O43 – CFD: 14/05/2014 – 10:27:34 – [] —-D C:UsersMartinAppDataLocalWinZip
    O43 – CFD: 22/08/2013 – 16:36:32 – [] R—D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessibility
    O43 – CFD: 22/08/2013 – 16:36:32 – [] R—D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsAccessories
    O43 – CFD: 13/11/2014 – 19:17:38 – [] R—D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsAdministrative Tools
    O43 – CFD: 19/05/2014 – 09:13:06 – [] —-D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramscoverXP
    O43 – CFD: 08/03/2014 – 11:13:46 – [] —-D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsDiagram Designer
    O43 – CFD: 16/12/2014 – 07:23:23 – [] —-D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsDropbox
    O43 – CFD: 06/07/2013 – 09:19:02 – [0] —-D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsGames
    O43 – CFD: 22/08/2013 – 16:36:32 – [] —-D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsMaintenance
    O43 – CFD: 16/12/2014 – 07:23:27 – [] R—D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
    O43 – CFD: 01/11/2013 – 14:27:58 – [] R—D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsSystem Tools
    O43 – CFD: 01/01/2014 – 19:16:48 – [] —-D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramsWinRAR
    ~ Program Folder: 248 Scanned in 00mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.E94EB2A95D7D016E119C4D6868788831] – 14/01/2015 – 21:46:02 —A- . (.Microsoft Corporation – Connaissance des emplacements réseau 2.) — C:WindowsSystem32nlasvc.dll [391680]
    O44 – LFC:[MD5.FE11972797DED38CA55E88BD3579F6A2] – 14/01/2015 – 21:46:02 —A- . (.Microsoft Corporation – Indicateur d’état de la connectivité réseau.) — C:WindowsSystem32ncsi.dll [360448]
    O44 – LFC:[MD5.6319232C1CE39AC35316CF51910EEEB5] – 14/01/2015 – 21:46:02 —A- . (.Microsoft Corporation – Network Location Awareness 2.) — C:WindowsSystem32nlaapi.dll [86016]
    O44 – LFC:[MD5.DB32958F0E704EFBF7F15161A569E39F] – 14/01/2015 – 21:46:04 —A- . (.Microsoft Corporation – Windows NT WebDav Minirdr.) — C:WindowsSystem32Driversmrxdav.sys [140800]
    O44 – LFC:[MD5.F0CB6DB513CAC393D04A0FCE0A59E1BF] – 14/01/2015 – 21:46:06 —A- . (.Microsoft Corporation – Application Compatibility Cache.) — C:WindowsSystem32Driversahcache.sys [75776]
    O44 – LFC:[MD5.29A888F3136B2643E22113B5422B46F9] – 14/01/2015 – 21:46:07 —A- . (.Microsoft Corporation – Microsoft Remote Desktop Services Web Proxy.) — C:WindowsSystem32TSWbPrxy.exe [87040]
    O44 – LFC:[MD5.19424364D8C03B990C4281BE53963FD0] – 14/01/2015 – 21:46:09 —A- . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [225280]
    O44 – LFC:[MD5.61EA45A645854FE81D8A924E2D93DFFE] – 14/01/2015 – 21:47:17 —A- . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32audiosrv.dll [911360]
    O44 – LFC:[MD5.D1E3B8D9130C70F6A3D4FDB52373FF34] – 14/01/2015 – 21:47:17 —A- . (.Microsoft Corporation – WER Diagnostic Controller.) — C:WindowsSystem32werdiagcontroller.dll [37888]
    O44 – LFC:[MD5.6F237EE5DDA34EAF3D9C79D4A283E250] – 14/01/2015 – 21:47:18 —A- . (.Microsoft Corporation – Audio Engine.) — C:WindowsSystem32AudioEng.dll [482872]
    O44 – LFC:[MD5.E24D3259769A0218FE19BB306821C2E5] – 14/01/2015 – 21:47:18 —A- . (.Microsoft Corporation – Audio Ks Endpoint.) — C:WindowsSystem32AUDIOKSE.dll [394120]
    O44 – LFC:[MD5.A41B72F81B389786805CC4D5767B5FBC] – 14/01/2015 – 21:47:18 —A- . (.Microsoft Corporation – Code Integrity Module (Test).) — C:WindowsSystem32ci.dll [531616]
    O44 – LFC:[MD5.770BAA636F3B61DA7E414421444F84FD] – 14/01/2015 – 21:47:18 —A- . (.Microsoft Corporation – Isolation graphique de périphérique audio W.) — C:WindowsSystem32audiodg.exe [272248]
    O44 – LFC:[MD5.41C501FD9D42F3F04A8532C73E09F356] – 14/01/2015 – 21:47:18 —A- . (.Microsoft Corporation – Media Foundation Crash Dump Encryption DLL.) — C:WindowsSystem32EncDump.dll [108944]
    O44 – LFC:[MD5.428F083690D7AAA012338FD5A0663EE3] – 14/01/2015 – 21:47:18 —A- . (.Microsoft Corporation – Session audio.) — C:WindowsSystem32AudioSes.dll [500016]
    O44 – LFC:[MD5.0BCDEB035B9346D3C3C6C8BB1AA7F38C] – 14/01/2015 – 21:47:18 —A- . (.Microsoft Corporation – Windows Problem Reporting.) — C:WindowsSystem32wermgr.exe [139984]
    O44 – LFC:[MD5.8EBC741DDE9409038262E2F317ED7CCE] – 14/01/2015 – 21:47:19 —A- . (.Microsoft Corporation – DLL du rapport d’erreurs Windows.) — C:WindowsSystem32wer.dll [535640]
    O44 – LFC:[MD5.2C354FA91EF605007FD11BB89EED2266] – 14/01/2015 – 21:47:19 —A- . (.Microsoft Corporation – DLL du rapport d’incident dans le mode util.) — C:WindowsSystem32Faultrep.dll [413248]
    O44 – LFC:[MD5.8779FDAE68BC948B0FE152E758CC8DA7] – 14/01/2015 – 21:47:19 —A- . (.Microsoft Corporation – Générateur de points de terminaison du serv.) — C:WindowsSystem32AudioEndpointBuilder.dll [229888]
    O44 – LFC:[MD5.9404704666256045F5BA9B290953B4D0] – 14/01/2015 – 21:47:19 —A- . (.Microsoft Corporation – Rapport d’erreurs Windows.) — C:WindowsSystem32WerFaultSecure.exe [38264]
    O44 – LFC:[MD5.6DCD12586353DC6307AC781045CA13A4] – 14/01/2015 – 21:47:19 —A- . (.Microsoft Corporation – Rapports de problèmes Windows.) — C:WindowsSystem32WerFault.exe [465320]
    O44 – LFC:[MD5.93B0550500D1BD86CBAB9C4CC6B6A356] – 16/01/2015 – 11:57:27 —A- . (.Microsoft Corporation – Outil de suppression de logiciels malveilla.) — C:WindowsSystem32MRT.exe [113365784]
    O44 – LFC:[MD5.27B87D12641A73C77A7C49B1E9AC479F] – 26/01/2015 – 07:41:35 —A- . (…) — C:IFRToolLog.txt [1593]
    O44 – LFC:[MD5.129FE9BA38E368F412A3BA0F4C1676C6] – 26/01/2015 – 19:21:39 —A- . (…) — C:WindowsWindowsUpdate.log [1744037]
    O44 – LFC:[MD5.478CC94C937D235CB0A96AB8F2359D81] – 26/01/2015 – 19:47:12 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
    O44 – LFC:[MD5.9D7BFFDB5FA62B600DF1FCB4919D9D79] – 26/01/2015 – 19:47:12 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [64216]
    O44 – LFC:[MD5.0330DB3B455FA379EA4FAE3AD0B2268A] – 26/01/2015 – 20:00:33 —A- . (…) — C:WindowsPFRO.log [178488]
    O44 – LFC:[MD5.EBD10AB27CA58FAF0B486CC860A30793] – 26/01/2015 – 20:00:38 —A- . (…) — C:Windowssetupact.log [368216]
    O44 – LFC:[MD5.26C43960C99EE861A5D0EDC4DCF3B1C3] – 26/01/2015 – 20:00:50 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O44 – LFC:[MD5.2B74AB0135A499B43866BF1AD3F5FAB7] – 26/01/2015 – 20:02:36 -S-A- . (…) — C:Windowsbootstat.dat [67584]
    O44 – LFC:[MD5.FC1BAA9C667AD2FFD4CAC2AB06C01FD9] – 26/01/2015 – 20:07:12 —A- . (…) — C:WindowsSystem32PerfStringBackup.INI [1827432]
    O44 – LFC:[MD5.BBE8FEA86CF87190675F143783323899] – 26/01/2015 – 20:07:12 —A- . (…) — C:WindowsSystem32perfc009.dat [136128]
    O44 – LFC:[MD5.C25FC2316AACFABC7A391FBEC304D91D] – 26/01/2015 – 20:07:12 —A- . (…) — C:WindowsSystem32perfc00C.dat [159948]
    O44 – LFC:[MD5.13CBA46310D6E6CBDB8A4EB23F161425] – 26/01/2015 – 20:07:12 —A- . (…) — C:WindowsSystem32perfh009.dat [723514]
    O44 – LFC:[MD5.C9BAE1EACE16CA6B6459257D38CA75C9] – 26/01/2015 – 20:07:12 —A- . (…) — C:WindowsSystem32perfh00C.dat [813388]
    O44 – LFC:[MD5.988BEFBD9A2267D45A97BF24247FBB19] – 26/01/2015 – 20:07:33 —A- . (…) — C:PhysicalDisk0_MBR.bin [512]
    ~ Files: 36 Scanned in 00mn 02s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.714DF99355E60B5803E7D1119315B2D0] – 24/01/2015 – 18:51:29 —A- – C:WindowsPrefetchSEARCHPROTECTINT.EXE-77D48EA5.pf =>PUP.SearchProtect
    O45 – LFCP:[MD5.5F7B472BE173EDAC8BA1CECB40E0D99A] – 24/01/2015 – 16:30:10 —A- – C:WindowsPrefetchUTORRENT.EXE-5884B64D.pf =>P2P.µTorrent
    ~ Prefetcher: 2 Scanned in 00mn 00s

    —\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 – SEH:ShellExecuteHooks – Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:PROGRA~1MICROS~1Office14GROOVEEX.DLL
    O46 – SEH:ShellExecuteHooks – Groove GFS Stub Execution Hook [64Bits] – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:PROGRA~1MICROS~1Office14GROOVEEX.DLL
    ~ ShellExecuteHooks: Scanned in 00mn 00s

    —\ Déni du service (Local Security Authority) (O48)
    O48 – LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Notification Packages . (.Microsoft Corporation – Moteur du client de l’Éditeur de configuration de sécurité Windows.) — C:WindowsSystem32scecli.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Package de sécurité Kerberos.) — C:WindowsSystem32kerberos.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Authentication Package v1.0.) — C:WindowsSystem32msv1_0.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Fournisseur de sécurité TLS/SSL.) — C:WindowsSystem32schannel.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Microsoft Digest Access.) — C:WindowsSystem32wdigest.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Web Service Security Package.) — C:WindowsSystem32tspkg.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Pku2u Security Package.) — C:WindowsSystem32pku2u.dll
    O48 – LSA:Local Security Authority Security Packages . (.Microsoft Corporation – Live Security Package.) — C:WindowsSystem32livessp.dll
    ~ LSA: 9 Scanned in 00mn 00s

    —\ Contrôle du Safe Boot (CSB) (O49)
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalBasicDisplay.sys . (.Microsoft Corporation – Microsoft Basic Display Driver.) — C:WindowsSystem32DriversBasicDisplay.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalBasicRender.sys . (.Microsoft Corporation – Microsoft Basic Render Driver.) — C:WindowsSystem32DriversBasicRender.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimaldxgkrnl.sys . (.Microsoft Corporation – DirectX Graphics Kernel.) — C:WindowsSystem32Driversdxgkrnl.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalFsDepends.sys . (.Microsoft Corporation – File System Dependency Manager Mini Filter Driver.) — C:WindowsSystem32DriversFsDepends.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalsermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSMinimalvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkBasicDisplay.sys . (.Microsoft Corporation – Microsoft Basic Display Driver.) — C:WindowsSystem32DriversBasicDisplay.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkBasicRender.sys . (.Microsoft Corporation – Microsoft Basic Render Driver.) — C:WindowsSystem32DriversBasicRender.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkdxgkrnl.sys . (.Microsoft Corporation – DirectX Graphics Kernel.) — C:WindowsSystem32Driversdxgkrnl.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkFsDepends.sys . (.Microsoft Corporation – File System Dependency Manager Mini Filter Driver.) — C:WindowsSystem32DriversFsDepends.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkipnat.sys . (.Microsoft Corporation – IP Network Address Translator.) — C:WindowsSystem32Driversipnat.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworknsiproxy.sys . (.Microsoft Corporation – NSI Proxy.) — C:WindowsSystem32Driversnsiproxy.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkrdpencdd.sys . (…) — C:WindowsSystem32Driversrdpencdd.sys (.not file.)
    O49 – CSB:Control Safe Boot HKLM…CCSNetworksermouse.sys . (.Microsoft Corporation – Pilote de filtre souris série.) — C:WindowsSystem32Driverssermouse.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgr.sys . (.Microsoft Corporation – Volume Manager Driver.) — C:WindowsSystem32Driversvolmgr.sys
    O49 – CSB:Control Safe Boot HKLM…CCSNetworkvolmgrx.sys . (.Microsoft Corporation – Pilote d’extension du gestionnaire de volumes.) — C:WindowsSystem32Driversvolmgrx.sys
    ~ CSB: 17 Scanned in 00mn 00s

    —\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
    O52 – TDSD: Drivers32″msacm.l3acm »= »C:WindowsSystem32l3codeca.acm » . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    O52 – TDSD: drivers.desc »C:WindowsSystem32l3codeca.acm »= »Fraunhofer IIS MPEG Layer-3 Codec » . (.Fraunhofer Institut Integrierte Schaltungen – MPEG Layer-3 Audio Codec for MSACM.) — C:WindowsSystem32l3codeca.acm
    ~ TDSD: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
    O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – Credential Delegation Security Package.) — C:WindowsSystem32credssp.dll
    ~ MSCP: 2 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableVirtualization »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableInstallerDetection »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « PromptOnSecureDesktop »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableLUA »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableSecureUIAPaths »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « ConsentPromptBehaviorAdmin »=5
    O55 – MWPS:[HKLM…PoliciesSystem] – « ValidateAdminCodeSignatures »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableUIADesktopToggle »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableCursorSuppression »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « ConsentPromptBehaviorUser »=3
    O55 – MWPS:[HKLM…PoliciesSystem] – « dontdisplaylastusername »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « legalnoticecaption »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « legalnoticetext »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « scforceoption »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « shutdownwithoutlogon »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « undockwithoutlogon »=1
    O55 – MWPS:[HKLM…PoliciesSystem] – « FilterAdministratorToken »=0
    ~ MWPS: 17 Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – « ForceActiveDesktopOn »=0
    O56 – MWPE:[HKLM…policiesExplorer] – « NoActiveDesktopChanges »=1
    O56 – MWPE:[HKLM…policiesExplorer] – « NoActiveDesktop »=1
    ~ MWPE Keys: 6 Scanned in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.LSI – LSI 3ware SCSI Storport Driver.) — C:WindowsSystem32Drivers3ware.sys [108896]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.PMC-Sierra – PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) — C:WindowsSystem32Driversadp80xx.sys [782176]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.Advanced Micro Devices – AHCI 1.3 Device Driver.) — C:WindowsSystem32Driversamdsata.sys [79200]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.AMD Technologies Inc. – AMD Technology AHCI Compatible Controller Driver for Windows -.) — C:WindowsSystem32Driversamdsbs.sys [259424]
    O58 – SDL:22/08/2013 – 13:43:40 —A- . (.Advanced Micro Devices – Storage Filter Driver.) — C:WindowsSystem32Driversamdxata.sys [25952]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.PMC-Sierra, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [114016]
    O58 – SDL:13/08/2013 – 00:25:46 —A- . (.Windows (R) Win 7 DDK provider – BCM Function 2 Device Driver.) — C:WindowsSystem32Driversbcmfn2.sys [17624]
    O58 – SDL:29/08/2012 – 17:36:54 —A- . (.Motorola Solutions, Inc. – Bluetooth HighSpeed Filter Driver.) — C:WindowsSystem32Driversbtmhsf.sys [857472]
    O58 – SDL:25/09/2012 – 08:09:26 —A- . (.Qualcomm Atheros, Inc. – Killer Bandwidth Control Filter Driver.) — C:WindowsSystem32DriversbwcW8x64.sys [74096]
    O58 – SDL:22/08/2013 – 13:43:41 —A- . (.Broadcom Corporation – Broadcom NetXtreme II GigE VBD.) — C:WindowsSystem32Driversbxvbda.sys [531296]
    O58 – SDL:24/09/2013 – 06:10:34 —A- . (.Citrix Systems, Inc. – Citrix USB Filter Driver.) — C:WindowsSystem32Driversctxusbm.sys [97768]
    O58 – SDL:25/09/2012 – 08:52:04 —A- . (.Windows (R) Win 7 DDK provider – IEEE-1284.4-1999 Driver.) — C:WindowsSystem32DriversDot4.sys [151968]
    O58 – SDL:25/09/2012 – 08:52:04 —A- . (.Windows (R) Win 7 DDK provider – IEEE-1284.4 Print Class Driver.) — C:WindowsSystem32DriversDot4Prt.sys [27040]
    O58 – SDL:06/07/2014 – 15:41:12 —A- . (.Disc Soft Ltd – DAEMON Tools Virtual Bus Driver.) — C:WindowsSystem32Driversdtsoftbus01.sys [283064]
    O58 – SDL:25/09/2012 – 08:09:24 —A- . (.Qualcomm Atheros, Inc. – Killer e2200 PCI-E Gigabit Ethernet Controller.) — C:WindowsSystem32Driverse22w8x64.sys [164720]
    O58 – SDL:27/11/2012 – 16:51:01 —A- . (.ELAN Microelectronics Corp. – ETD Kernel Center.) — C:WindowsSystem32DriversETD.sys [295760]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.Broadcom Corporation – Broadcom NetXtreme II 10 GigE VBD.) — C:WindowsSystem32Driversevbda.sys [3357024]
    O58 – SDL:27/11/2012 – 16:49:30 —A- . (.Intel Corporation – Intel(R) Management Engine Interface.) — C:WindowsSystem32DriversHECIx64.sys [62784]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.Hewlett-Packard Company – Smart Array SAS/SATA Controller Media Driver.) — C:WindowsSystem32DriversHpSAMD.sys [64352]
    O58 – SDL:30/07/2013 – 19:47:35 —A- . (.Intel Corporation – Intel(R) Serial IO GPIO Controller Driver.) — C:WindowsSystem32DriversiaLPSSi_GPIO.sys [24568]
    O58 – SDL:25/07/2013 – 20:05:39 —A- . (.Intel Corporation – Intel(R) Serial IO I2C Controller Driver.) — C:WindowsSystem32DriversiaLPSSi_I2C.sys [99320]
    O58 – SDL:02/09/2012 – 03:01:56 —A- . (.Intel Corporation – Intel Rapid Storage Technology driver – x64.) — C:WindowsSystem32DriversiaStorA.sys [647736]
    O58 – SDL:10/08/2013 – 01:39:30 —A- . (.Intel Corporation – Intel Rapid Storage Technology driver (inbox) – x64.) — C:WindowsSystem32DriversiaStorAV.sys [651248]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver – x64.) — C:WindowsSystem32DriversiaStorV.sys [412000]
    O58 – SDL:06/08/2012 – 20:07:08 —A- . (.Intel Corporation – Intel(R) Centrino(R) Wireless (Bluetooth Adapter) Driver.) — C:WindowsSystem32DriversiBtFltCoex.sys [68136]
    O58 – SDL:03/10/2013 – 23:42:44 —A- . (.Intel Corporation – Intel Graphics Kernel Mode Driver.) — C:WindowsSystem32Driversigdkmd64.sys [4185600]
    O58 – SDL:27/11/2012 – 16:49:38 —A- . (.Intel(R) Corporation – Intel(R) Display Audio Driver.) — C:WindowsSystem32DriversIntcDAud.sys [342528]
    O58 – SDL:26/09/2013 – 10:08:22 —A- . (.Intel Corporation – Intel® WiDi Solution.) — C:WindowsSystem32Driversintelaud.sys [39320]
    O58 – SDL:26/09/2013 – 10:08:22 —A- . (.Intel Corporation – Intel® WiDi Solution.) — C:WindowsSystem32Driversiwdbus.sys [27032]
    O58 – SDL:22/08/2013 – 13:43:44 —A- . (.LSI Corporation – LSI Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [109408]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation – LSI SAS Gen2 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas2.sys [93536]
    O58 – SDL:22/08/2013 – 13:43:44 —A- . (.LSI Corporation – LSI SAS Gen3 Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas3.sys [81760]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation – LSI SSS PCIe/Flash Driver (StorPort).) — C:WindowsSystem32Driverslsi_sss.sys [82784]
    O58 – SDL:21/11/2014 – 06:14:08 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32Driversmbam.sys [25816]
    O58 – SDL:21/11/2014 – 06:14:12 —A- . (.Malwarebytes Corporation – Malwarebytes Chameleon Protection Driver.) — C:WindowsSystem32Driversmbamchameleon.sys [93400]
    O58 – SDL:26/01/2015 – 20:00:50 —A- . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:WindowsSystem32DriversMBAMSwissArmy.sys [129752]
    O58 – SDL:27/11/2012 – 16:50:24 —A- . (.Creative Technology Ltd. – Creative Audio Driver.) — C:WindowsSystem32DriversMBfilt64.sys [32344]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows.) — C:WindowsSystem32Driversmegasas.sys [56672]
    O58 – SDL:22/08/2013 – 13:43:45 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32Driversmegasr.sys [575840]
    O58 – SDL:22/08/2013 – 13:43:49 —A- . (.Marvell Semiconductor, Inc. – Marvell Flash Controller Driver.) — C:WindowsSystem32Driversmvumis.sys [63840]
    O58 – SDL:21/11/2014 – 06:14:26 —A- . (.Malwarebytes Corporation – Malwarebytes Web Access Control.) — C:WindowsSystem32Driversmwac.sys [64216]
    O58 – SDL:08/07/2013 – 19:37:41 —A- . (.Intel Corporation – Intel® Wireless WiFi Link Driver.) — C:WindowsSystem32DriversNETwew00.sys [3344352]
    O58 – SDL:05/09/2013 – 02:36:46 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 327.02.) — C:WindowsSystem32Driversnvlddmkm.sys [11273504]
    O58 – SDL:05/09/2013 – 02:37:00 —A- . (.NVIDIA Corporation – NVIDIA Windows Kernel Mode Driver, Version 327.02.) — C:WindowsSystem32Driversnvpciflt.sys [30496]
    O58 – SDL:22/08/2013 – 13:43:31 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [150368]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [168288]
    O58 – SDL:28/09/2013 – 00:01:44 —A- . (.NVIDIA Corporation – NVIDIA Virtual Audio Driver.) — C:WindowsSystem32Driversnvvad64v.sys [39200]
    O58 – SDL:27/11/2012 – 16:50:27 —A- . (.Realtek Semiconductor Corp. – Realtek(r) High Definition Audio Function Driver.) — C:WindowsSystem32DriversRTKVHD64.sys [4142864]
    O58 – SDL:04/07/2012 – 19:41:58 —A- . (.Realtek Semiconductor Corp. – Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) — C:WindowsSystem32DriversRtsPStor.sys [339600]
    O58 – SDL:22/08/2013 – 16:35:09 —A- . (.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) — C:WindowsSystem32Driverssecdrv.sys [23040]
    O58 – SDL:22/08/2013 – 13:43:31 —A- . (.Silicon Integrated Systems Corp. – SiS RAID Stor Miniport Driver.) — C:WindowsSystem32Driverssisraid2.sys [44896]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [81760]
    O58 – SDL:22/01/2014 – 08:52:10 —A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) – SAMSUNG USB Composite Device Driver (MSS Ver.3).) — C:WindowsSystem32Driversssudbus.sys [108800]
    O58 – SDL:22/01/2014 – 08:52:10 —A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) – SAMSUNG Android Modem Device Driver (MSS Ver.3).) — C:WindowsSystem32Driversssudmdm.sys [206080]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.Promise Technology, Inc. – Promise SuperTrak EX Series Driver for Windows x64.) — C:WindowsSystem32Driversstexstor.sys [31072]
    O58 – SDL:22/08/2013 – 13:40:24 —A- . (.The OpenVPN Project – TAP-Windows Virtual Network Driver.) — C:WindowsSystem32Driverstap0901.sys [40664]
    O58 – SDL:22/08/2013 – 13:43:34 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [19808]
    O58 – SDL:22/08/2013 – 13:43:34 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [168800]
    O58 – SDL:22/08/2013 – 13:43:34 —A- . (.VIA Corporation – VIA StorX RAID Controller Driver.) — C:WindowsSystem32DriversVSTXRAID.SYS [305504]
    ~ Drivers: 59 Scanned in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 20/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataRoamingBooster-WebBooster-Web-Installer.exe [583645]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalMicrosoftWindowsINetCacheIEKMB0TILJDoctor_pc[1].exe [587208]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalMicrosoftWindowsINetCacheIEKMB0TILJspstub[1].exe [0]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalMicrosoftWindowsINetCacheIEUUY8G3KDCytiWebSetup[1].exe [583112]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempQuarantine.exe [601088]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempnse5E10.tmpNSISPlugin.dll [339968]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempnse5E10.tmpSystem.dll [11264]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempnse5E10.tmpUAC.dll [13824]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempnse5E10.tmpnsDialogs.dll [9728]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempnse5E10.tmpnsExec.dll [6656]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempnszDDAC.tmpnsProcess.dll [4608]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempsmarter.exe [456648]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTemp{ACF3B3AC-234F-40AB-BF00-E2BE588339DD}.bat [0]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (.BitTorrent Inc..) — C:UsersMartinAppDataRoaminguTorrentuTorrent.exe [1374032] =>P2P.BitTorrent
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (.BitTorrent Inc..) — C:UsersMartinAppDataRoaminguTorrentupdates3.4.2_37754.exe [1374032] =>P2P.BitTorrent
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (.Client Connect LTD.) — C:UsersMartinAppDataLocalMicrosoftWindowsINetCacheIEUUY8G3KDSetup[1].exe [7854784]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (.ClientConnect.) — C:UsersMartinAppDataLocalMicrosoftWindowsINetCacheIENTEBHKH7spstub[1].exe [177760]
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (.SearchProtect.) — C:UsersMartinAppDataLocalMicrosoftWindowsINetCacheIEUUY8G3KDSearchProtectGeneric2[1].exe [167588] =>PUP.SearchProtect
    O61 – LFC: 24/01/2015 – 20:08:44 —A- . (.Speedchecker Limited.) — C:UsersMartinAppDataLocalMicrosoftWindowsINetCacheIEUUY8G3KDpcspeedup[1].exe [6580288] =>PUP.InternetSpeedChecker
    O61 – LFC: 25/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempLow~nsu.tmpAu_.exe [39537]
    O61 – LFC: 25/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinDocumentsFIFA 14instance0replay0.bin [1073741824]
    O61 – LFC: 26/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalLowBooster-WebUninstallUninstall.exe [39537]
    O61 – LFC: 26/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinAppDataLocalTempdropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3op4ku.dll [43008]
    O61 – LFC: 26/01/2015 – 20:08:44 —A- . (…) — C:UsersMartinDownloadsadwcleaner_4.109.exe [2194432]
    O61 – LFC: 26/01/2015 – 20:08:44 —A- . (.Malwarebytes Corporation.) — C:UsersMartinDownloadsmbam-setup-2.0.4.1028.exe [20447072]
    O61 – LFC: 26/01/2015 – 20:08:44 —A- . (.Nicolas Coolman.) — C:UsersMartinDownloadsZHPDiag2.exe [6872006] =>.Nicolas Coolman
    ~ 15748 Fichiers temporaires (Temporary files)
    ~ 4 Fichiers cookies (Cookies files)
    ~ Files: 26 Scanned in 00mn 00s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2015 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » %*
    O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » %*
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » %*
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet ExplorerIEXPLORE.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32WScript.exe
    O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
    O67 – Shell Spawning: [HKLM..openCommand] (…) — « %1 » /S
    O67 – Shell Spawning: [HKCU..openCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    ~ FASS Keys: 11 Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] – (Bing) – http://www.bing.com » onclick= »window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} – (Bing) – http://www.bing.com » onclick= »window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Enumère les service demarrés par Svchost (SSS) (O83)
    O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [208896]
    O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [155136]
    O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [155136]
    O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [324096]
    O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [1261056]
    O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [1063424]
    O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [914432]
    O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [30720]
    O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [110080]
    O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [150528]
    O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [107008]
    O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [1212928]
    O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [220672]
    O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [70656]
    O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [134144]
    O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [225280]
    O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service Configuration des services Bureau à distance.) — C:WindowsSystem32sessenv.dll [324096]
    O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [81408]
    O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [97792]
    O83 – Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation – Service BDE.) — C:WindowsSystem32bdesvc.dll [339456]
    O83 – Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation – Service d’infrastructure de localisation Windows.) — C:WindowsSystem32GeofenceMonitorService.dll [491520]
    O83 – Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation – Service de compte Microsoft®.) — C:WindowsSystem32wlidsvc.dll [1576960]
    O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – DLL du service des thèmes Windows Shell.) — C:WindowsSystem32themeservice.dll [50688]
    O83 – Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation – Gestionnaire d’installation de périphérique.) — C:WindowsSystem32DeviceSetupManager.dll [201728]
    O83 – Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation – Service Assistant Connectivité réseau Microsoft.) — C:WindowsSystem32ncasvc.dll [164352]
    O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [101376]
    O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire des connexions d’accès à distance.) — C:WindowsSystem32rasmans.dll [534528]
    O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [223744]
    O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [71680]
    O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [433664]
    O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [306688]
    O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [3557376]
    O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [1017856]
    O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [629760]
    ~ Services: 34 Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.24EFEFF991F61539A5D40523A7F0C854] [SPRF][08/03/2014] (…) — C:UsersMartinDesktopDiagramDesignerSetup.exe [1369271]
    [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation – InstallShield Update Service Setup Player Module.) — C:WindowsDownloaded Program Filesdwusplay.dll [24576]
    [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation – InstallShield Update Service Setup Player.) — C:WindowsDownloaded Program Filesdwusplay.exe [196608]
    [MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation – InstallShield Update Service Web Agent.) — C:WindowsDownloaded Program Filesisusweb.dll [172032]
    ~ Files: 4 Scanned in 00mn 00s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: « {1B4185EA-5BEB-435E-A082-D273A623BF0D} » | In – None – P6 – TRUE | .(.BitTorrent Inc. – µTorrent.) — C:UsersMartinAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    O87 – FAEL: « {3B3EAD52-F324-4D6F-AE16-96259B59E734} » | In – None – P17 – TRUE | .(.BitTorrent Inc. – µTorrent.) — C:UsersMartinAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    ~ Firewall: 2 Scanned in 00mn 01s

    —\ Enumère les données de la clé NameSpace (MNS) (O92)
    O92 – MNS: – {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
    O92 – MNS: – {374DE290-123F-4565-9164-39C4925E467B}
    O92 – MNS: – {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
    O92 – MNS: – {A0953C92-50DC-43bf-BE83-3742FED03C9C}
    O92 – MNS: – {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
    O92 – MNS: – {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
    ~ MNS: 6 Scanned in 00mn 00s
    }[/spoiler:1udyebd6]

    Tchepo
    Participant
    Nombre d'articles : 15

    [spoiler:1pcjjyqr]{

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 24/01/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Demand 03/10/2013 279000 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
    SS – | Auto 22/10/2013 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 22/10/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) – C:Program Files (x86)Common FilesInstallShieldDriver1150Intel 32IDriverT.exe
    SS – | Demand 28/02/2014 174368 | (iumsvc) . (…) – C:Program Files (x86)IntelIntel(R) Update Managerbiniumsvc.exe
    SS – | Demand 26/01/2015 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SS – | Demand 25/01/2015 1903472 | (Origin Client Service) . (.Electronic Arts.) – E:OriginOriginClientService.exe
    SS – | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) – C:Program Files (x86)SonySony PC CompanionPCCService.exe
    SS – | Demand 22/08/2013 37768 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SR – | Auto 27/08/2012 1112000 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) – C:Program Files (x86)IntelBluetoothdevmonsrv.exe
    SR – | Auto 06/09/2012 1124288 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) – C:Program Files (x86)IntelBluetoothobexsrv.exe
    SR – | Demand 22/08/2013 37768 | C:Program Files (x86)HPDigital Imagingbinhpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) – C:Windowssystem32svchost.exe
    SR – | Auto 22/08/2013 37768 | C:Program Files (x86)HPDigital Imagingbinhpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) – C:Windowssystem32svchost.exe
    SR – | Auto 02/09/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe
    SR – | Auto 20/06/2012 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
    SR – | Auto 27/11/2012 128896 | (Intel(R) ME Service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    SR – | Auto 27/11/2012 165760 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    SR – | Auto 18/07/2012 276864 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SR – | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
    SR – | Auto 21/11/2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
    SR – | Auto 13/09/2012 160768 | (Micro Star SCM) . (.Micro-Star International Co., Ltd..) – C:Program Files (x86)SCMMSIService.exe
    SR – | Auto 23/05/2012 142904 | (MSI_SuperCharger) . (.MSI.) – C:Program Files (x86)MSISuper-ChargerChargeService.exe
    SR – | Auto 22/08/2013 37768 | C:WindowsSystem32HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SR – | Auto 08/11/2013 15125280 | (NvStreamSvc) . (.NVIDIA Corporation.) – C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    SR – | Auto 29/08/2013 920864 | (nvsvc) . (.NVIDIA Corporation.) – C:WINDOWSsystem32nvvsvc.exe
    SR – | Auto 08/11/2013 1914656 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    SR – | Auto 22/08/2013 37768 | C:WindowsSystem32HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SR – | Auto 22/07/1658 0 | (PnkBstrA) . (…) – C:WINDOWSsystem32PnkBstrA.exe
    SR – | Auto 25/09/2012 490496 | (Qualcomm Atheros Killer Service) . (…) – C:Program FilesQualcomm AtherosKiller Network ManagerBFNService.exe
    SR – | Auto 18/07/2012 364416 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    SR – | Demand 22/07/1658 0 | (WdNisSvc) . (…) – C:Program Files (x86)Windows DefenderNisSrv.exe
    SR – | Auto 22/07/1658 0 | (WinDefend) . (…) – C:Program Files (x86)Windows DefenderMsMpEng.exe
    SR – | Auto 22/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    ~ Services: Scanned in 00mn 08s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Martin at 26/01/2015 20:09:16
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Scanned in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog » onclick= »window.open(this.href);return false;
    Run by Martin at 26/01/2015 20:09:18
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Liste des émulateurs de CD/DVD (MBR Hook)
    O42 – Logiciel: DAEMON Tools Lite – (.Disc Soft Ltd.) [HKLM][64Bits] — DAEMON Tools Lite =>.DT Soft Ltd
    ~ Emulateurs: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13008 – (24/01/2015)
    Clés trouvées (Keys found) : 2
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 1
    Fichiers trouvés (Files found) : 4

    [HKCUSoftwareMicrosoftWindowsCurrentVersionUninstalluTorrent] =>P2P.BitTorrent^
    [HKLMSoftwareWow6432NodeClassesInterface{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
    C:UsersMartinAppDataRoaminguTorrent =>P2P.µTorrent^
    [HKCUSoftwareAI_RecycleBin] =>Adware.Agent^
    [HKCUSoftwareBitTorrent] =>P2P.BitTorrent^
    [HKCUSoftwareLinkey] =>PUP.LinkeySearch^
    [HKCUSoftwareSearchProtectWS] =>PUP.SearchProtect^
    ~ Additionnel Scan: 476665 Items scanned in 00mn 21s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ » onclick= »window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ » onclick= »window.open(this.href);return false; =>.Browser Helper Objects de navigateur (O2)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ » onclick= »window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 3 Scanned in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://www.nicolascoolman.fr/blog/ » onclick= »window.open(this.href);return false; =>Adware.Agent
    http://nicolascoolman.fr/pup-linkeysearch » onclick= »window.open(this.href);return false; =>PUP.LinkeySearch
    http://nicolascoolman.fr/pup-searchprotect » onclick= »window.open(this.href);return false; =>PUP.SearchProtect
    http://nicolascoolman.fr/pup-internetspeedchecker » onclick= »window.open(this.href);return false; =>PUP.InternetSpeedChecker
    http://nicolascoolman.fr/toolbar-ask » onclick= »window.open(this.href);return false; =>Toolbar.Ask
    ~ MSI: 5 link(s) detected in 00mn 00s

    End of the scan (1414 lines in 01mn 18s)(0)}[/spoiler:1pcjjyqr]

    buckhulk
    Participant
    Nombre d'articles : 2398

    Voir la réponse :

    [spoiler:nqxyzpwx]Bonjour et Bienvenue sur SOSVirus,

    Un Bonjour , merci ne coûte rien.

    • Rend toi sur ce site technicland
    • Clique sur Scan une fois le scan terminé
    • Clique sur « Fix« 
    • Puis clique sur « Oui« 

    @+[/spoiler:nqxyzpwx]

    Tchepo
    Participant
    Nombre d'articles : 15

    Désolé j’ai été impoli :s…
    Je l’ai publié une première fois avec les formules d’usage mais le message étant trop long j’ai du le découper. Et après je pensais avoir laisser le bonjour.

    Un grand merci pour ton aide.

    Bien à toi,

    Martin

    buckhulk
    Participant
    Nombre d'articles : 2398
    Désolé j'ai été impoli :s...
    Je l'ai publié une première fois avec les formules d'usage mais le message étant trop long j'ai du le découper. Et après je pensais avoir laisser le bonjour.

    Pardonné !!

    Je m’appelle buckhulk… ^^

    C’est moi qui vais prendre en charge le soucis …. :P:

    [glow=red:4pfz94nx]Je te conseille de désactiver ton antivirus pour chaque téléchargement de logiciel de désinfection[/glow:4pfz94nx]

    Á savoir que je ne prend pas en charge les ordinateurs encore sous XP

    Nous allons commencer par passer ZHPCleaner afin de simplifier le téléchargement des outils qui suivront .

    ZHPCleaner

    Cliquer sur le bouton vert : télécharger en toute sécurité

    Patientez le temps de préparation du téléchargement
    ou :
    Mirroir

    penser à « baisser » le premier rapport (Scanner) sinon le second l’efface (Réparer)….

    Tutoriel : [spoiler:4pfz94nx][center:4pfz94nx][/center:4pfz94nx]
    [center:4pfz94nx]ZHPcleaner[/center:4pfz94nx]

    Désactivation de l'antivirus

    Ton moteur de recherche va se fermer il faudra le réouvir pour poster les rapports

    téléchargement : ZHPcleaner de Nicolas Cooleman

    Cliquer sur le bouton vert : télécharger en toute sécurité

    Patientez le temps de préparation du téléchargement
    Puis cliquer sur le Bouton Bleu

    cet outil ne nécessite aucune installation, il est très rapide car basé sur l'éxécution de scripts.

    Il restaure les paramètres Proxy par défaut,
    Il supprime les redirections des raccourcis de navigateurs (Infection par argument),
    Il restaure les pages de démarrage et de recherche dun navigateur Internet Explorer (Base de Registres),
    Il restaure la page de démarrage du navigateur Mozilla Firefox (Fichier de préférences),
    Il restaure la page de démarrage du navigateur Google Chrome (Fichier de préférences),
    Il restaure la page de démarrage du navigateur Opera (Fichier de préférences),
    Il supprime certains Browser Helper Object (BHO) nuisibles de navigateurs,
    Il supprime certaines Barres d'outil (Toolbar) nuisibles de navigateurs,
    Il répare le fournisseur de recherche par défaut (SearchScope),

    En cas de présence d'un proxy, un message apparaît avec la question suivante

    « Avez-vous installé ce proxy ? » suivi de l'adresse IP du proxy.

    Si vous n'avez pas installé de Proxy, cliquer sur « NON » pour accepter la réparation du proxy.

    les cases sont cochées suivant le ou les navigateurs présents
    Cliquer sur le popup qui apparait
    Puis sur scanner
    Laisser la barre de progression arriver jusqu’à la fin.
    A la fin du traitement, un rapport de nettoyage s’affiche dans le bloc-notes le fournir si demandé sinon :
    Cliquer sur réparer
    Fermeture des navigateurs pour le nettoyage
    Si tu veux réparer le fichier hote, il faut désactiver ton antivirus.

    [/spoiler:4pfz94nx]
    _______________________________________________________________________________________________________

    Ensuite pour bien continuer il va falloir que tu fasses un ZHPDiag :

    ZHPDiag ICI

    Cliquer sur le bouton vert : télécharger en toute sécurité

    Patientez le temps de préparation du téléchargement
    Puis cliquer sur le Bouton Bleu

    ou :
    Miroir

    Tutoriel : [spoiler:4pfz94nx][center:4pfz94nx]ZHPDiag[/center:4pfz94nx]

    suis bien les instructions

    1) * Télécharge ZHPDiag (de Nicolas coolman) sur ton bureau !!

    ZHPDiag (de Nicolas coolman)

    Cliquer sur le Bouton Vert : télécharger en toute sécurité
    Patientez le temps de la préparation du téléchargement
    Puis cliquez sur le Bouton Bleu (téléchargement)

    OU : miroir : ftp://zebulon.fr/ZHPDiag2.exe » onclick= »window.open(this.href);return false; (Lien direct)

    Si ton système d'exploitation est Vista ou Win7/8, lance les logiciels par simple clic droit et choisis « exécuter en tant qu'administrateur »

    a) * Une fois le téléchargement achevé,
    b) * double clique (ou clic droit pour seven , vista et 8 exécuter en tant qu'administrateur) sur ZHPDiag2.exe et suis les instructions.
    c) * L'outil va créer 2 icônes de racourcis : ZHPDiag >> ZHPFix
    d) * Clique droit sur le parchemin
    e) *A l'ouverture le programme te proposes « Rechercher » , « Configurer » , Complet –

    Clique sur « Complet » le scan démarre…….le rapport s'affiche

    Si tu cliques sur Configurer :
    * Des icônes apparaissent en bas de la fenêtre.
    * Clique sur le tournevis en bas à droite et choisis « Tous » puis « OK »

    2)* Maintenant clique sur « Rechercher ».

    * Important >> Pendant l analyse de ton PC par ZHPDIag ne touche à plus rien !!!!!
    * Laisse l'outil travailler, il peut être assez long

    3) * Le rapport s'affiche sur ton Bureau une fois terminé !

    une fenêtre peut s'ouvrir à la fin de la recherche :

    Il suffit de cliquer sur :
    le programme s'est installé correctement

    Tu peux fermer ZHPDiag

    IMPORTANT

    Les rapports de diagnostique sont trop long, ils dépassent la taille autorisée par les éditeurs des forums , il faut donc héberger les rapports :

    [center:4pfz94nx]Hébergement[/center:4pfz94nx]

    A/ – Héberge le rapport ZHPDiag.txt sur : Paste&Furious et « les captures d'écran sur » : sosUpload

    ou sur cjoint

    B/ – Cliques sur >> Parcourir (ou choisissez un fichier)

    C/ – Cherche le rapport de ZHPDiag que tu viens de faire qui est sur ton bureau

    D/ – Cliques sur >> envoyer le fichier (ou créer le lien)

    E/ – Un lien sera généré, Un lien de cette forme: http://cjoint.com/index.php?file=cjge368/cijSKAP5fU.txt » onclick= »window.open(this.href);return false;

    F/ – Il te suffit de le poster ici[/spoiler:4pfz94nx]
    _____________________________________________________________________________________________________

    Donc 3 rapports s’il te plait, Merci { ZHPCleaner (2) ZHPDiag (1) }

    Ne suis pas deux désinfections en même temps et si tu as un problème avec un outil parles-en .

    Ensuite donne moi des « nouvelles de ton ordinateur assez fréquement (comme un médecin pour adapter les « médicaments ») et héberges bien les rapports .

    Les outils doivent être téléchargés sur le bureau (c’est à dire dans un raccourcis de ton dossier téléchargement, puis tranférés sur ton bureau )

    Ouvert avec un clic droit (exécuter en tant que..).

    Même si ton ordinateur à l’air de mieux fonctionner , une désinfection doit être faite complètement

    Désinstalle tes µtorrent car bien qu’il ne soient pas infectieux , c’est leur utilisation (mauvaise) qui t’amènent des virus …Après si tu veux les remettre….. :electriksock:

    Regarde ICI

    Et aussi , à lire , instructif :

    [glow=red:4pfz94nx]Concernant les P2P[/glow:4pfz94nx]

    Tchepo
    Participant
    Nombre d'articles : 15

    Voilà les rapports:
    [spoiler:19h28xx6]{~ ZHPCleaner v2015.2.3.48 by Nicolas Coolman (03/02/2015)
    ~ Run by Martin (Administrator) (03/02/2015 19:10:17)
    ~ Forum : http://forum.nicolascoolman.fr » onclick= »window.open(this.href);return false;
    ~ Facebook : https://www.facebook.com/nicolascoolman1 » onclick= »window.open(this.href);return false;
    ~ State version : Version OK
    ~ Type : Scanner
    ~ Report : C:UsersMartinDesktopZHPCleaner.txt
    ~ Quarantine : C:UsersMartinAppDataRoamingZHPZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Windows 81, 64-bit (Build 9600)

    —\ Service. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Navigateur internet. (11)
    TROUVÉ Firefox: [2bf5vgze.default] URL HomePage : hxxps://www.google.be/?gws_rd=ssl » onclick= »window.open(this.href);return false;
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_b[…] (PUP.Monetization)
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_b[…] (PUP.Monetization)
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_b[…] (PUP.Monetization)
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_b[…] (PUP.Monetization)
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_l[…] (PUP.Monetization)
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_l[…] (PUP.Monetization)
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_n[…] (PUP.Monetization)
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_n[…] (PUP.Monetization)
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_r[…] (PUP.Monetization)
    TROUVÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_r[…] (PUP.Monetization)

    —\ Fichier hôte. (1)
    ~ Le fichier hôte est légitime. (21)

    —\ Tâche planifiée. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Explorateur ( Dossiers, Fichiers ). (3)
    TROUVÉ dossier: C:UsersMartinAppDataLocalTempAI_RecycleBin{BC96EC3F-FA69-4D06-9C4F-439429F76AA6} (Adware.Agent)
    TROUVÉ dossier: C:UsersMartinAppDataLocalTempAI_RecycleBin (Adware.Agent)
    TROUVÉ fichier: C:WINDOWSPrefetchSEARCHPROTECTINT.EXE-77D48EA5.pf (PUP.SearchProtect)

    —\ Base de Registres ( Clés, Valeurs, Données ). (59)
    TROUVÉ clé: HKCUSOFTWARESearchProtectWS [] (PUP.SearchProtect)
    TROUVÉ valeur: HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun\ConnectionCenter [« C:Program Files (x86)CitrixICA Clientconcentr.exe » /startup] ()
    TROUVÉ clé: HKCRInterface{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] (Toolbar.Ask)
    TROUVÉ clé: HKCRDisplayServer.TVWizard [TVWizard Class] (PUP.TVWizard)
    TROUVÉ clé: HKCRDisplayServer.TVWizard.1 [TVWizard Class] (PUP.TVWizard)
    TROUVÉ clé: HKCUSoftwareLinkey [] (PUP.LinkeySearch)
    TROUVÉ clé: HKCUSoftwareSearchProtectWS [] (PUP.SearchProtect)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{15919C62-F3FA-494A-B144-1DCED30BE34} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{19A0564D-A1A2-4065-ABDE-EF168D398930} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{19B14A2D-27AF-4ECE-A61C-381D1B5E445} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{1DF67160-50A4-470E-ACCA-289214F359} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{233C1E19-7AEA-4F9A-9EDC-11A18A3099} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{3F3E9E6C-1B67-419F-99C5-A2BF2C1A9C5} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{423C5EA4-1BA0-4451-B175-E1CD186DBD1C} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4A69E4F3-83CF-48F5-97CE-751D248EE96} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4A8E7242-D752-4F5B-999A-10DB82E61FE4} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4B3EB57D-666A-4A57-A8FF-C3B99FA402D} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4C646467-EDBB-4FAF-8DA3-A7BC2067B7C1} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4F7D0CE0-CFD6-44C5-BF54-FAC5467C42} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{53739D55-2E5E-4BDD-9AF4-6F99CC681A3} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{548E1C89-C1D7-4AEF-ACDA-B956D11EF0A0} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{5A5D2167-B9EA-4818-A7D7-A664AEA94C5} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{638446B8-20AA-40CD-8E82-D87C39B97DEC} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{656CDF87-F847-450E-AE61-BF825C38D8E} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{67205AE5-68CF-418F-98C9-8C79B66FE60} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{680AD3BE-9045-455B-9BC7-BED9DBBBE5D} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{6B8C739D-B516-41FA-9841-FCBDB9AD783} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{7230AAFB-7607-44A7-A493-ECE989EFA47} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{72A9C1AB-3A4E-46B9-B29D-76D8B085373B} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{7866B878-702B-46AB-94F6-88B74884F57F} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{7964B171-94BE-4F67-996F-2C739511F28} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{7B9E215-5F04-4516-BCD5-D638489E4B86} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{84C90800-CE15-4F69-A599-76465FD245F} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{86CBCAB3-52F-485F-9167-BDA6774744} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{8C4A9147-4775-4F4F-AED9-997F29423797} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{96B91853-273F-412A-8D66-1B7AE582B437} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{99E668F6-A883-45CF-A56B-C49BC3252BDA} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{9F067679-D163-445F-92F9-9C1D1BA81E96} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{A4E19BD8-526A-407B-9C20-E2B43AE48EC} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{A66D02CC-A8AA-4251-A5EA-34482AA8B67B} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{A6892C6B-C1F4-4903-9BBE-497A3399C15} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{AEC8157B-7FF2-4A0D-955-8577C8747A76} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{AFA39E67-F70B-4AA2-AF8A-A524C7642CB9} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{BE10B371-570B-43AE-AD93-3BD54F123736} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{C95DC927-6152-46CC-ACDB-F1A49AD54EFB} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{CA6689D0-8CBF-4444-B55D-9F297DB417} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{D1D53277-E660-49FD-A326-DA1192561C31} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{D7A32A47-4C5E-497B-9CC8-51BCCFE6882D} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{DA84D577-2544-41D9-AD85-1741CF541A0} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{DE0ED081-4F8D-4106-9CCD-EEBA5AA28B0} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{DFE47021-8EF8-4E62-8C0-C9E4F49CD9C6} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{E5B02D1B-B273-4333-A69F-481485FFAD37} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{EB0D2B3E-5D87-4DB3-B5A8-22832AD53DF} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{EB9A0858-2424-4FAE-A132-FD36DCA4AA1} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{F8DBACA-B832-493E-84D9-3A212239FB8D} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{FA440EEE-E853-4476-AD16-3DBE629F4469} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{FC4CA339-A6B3-46DC-B63D-F91418BF80F0} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{FC8EFE59-75D4-49BD-94CA-6EE7BD48B1B7} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    TROUVÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{FE635289-7D11-4735-9CB7-91C78DD342AC} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)

    —\ Bilan de la réparation
    ~ Aucune réparation effectuée.
    ~ Ce navigateur est absent (Google Chrome)
    ~ Ce navigateur est absent (Opera Software)

    —\ Statistiques
    ~ Items scannés : 95454
    ~ Items trouvés : 73
    ~ Items réparés : 0

    End of clean at 19:17:32
    ===================
    ZHPCleaner--03022015-19_17_32.txt
    }[/spoiler:19h28xx6]
    [spoiler:19h28xx6]{~ ZHPCleaner v2015.2.3.48 by Nicolas Coolman (03/02/2015)
    ~ Run by Martin (Administrator) (03/02/2015 19:19:31)
    ~ Forum : http://forum.nicolascoolman.fr » onclick= »window.open(this.href);return false;
    ~ Facebook : https://www.facebook.com/nicolascoolman1 » onclick= »window.open(this.href);return false;
    ~ State version : Version OK
    ~ Type : Réparer
    ~ Report : C:UsersMartinDesktopZHPCleaner.txt
    ~ Quarantine : C:UsersMartinAppDataRoamingZHPZHPCleaner_Quarantine.txt
    ~ UAC : Activate
    ~ Windows 81, 64-bit (Build 9600)

    —\ Service. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Navigateur internet. (11)
    REMPLACÉ Firefox: [2bf5vgze.default] URL HomePage : hxxps://www.google.be/?gws_rd=ssl » onclick= »window.open(this.href);return false;
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_b[…] (PUP.Monetization)
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_b[…] (PUP.Monetization)
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_b[…] (PUP.Monetization)
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_b[…] (PUP.Monetization)
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_l[…] (PUP.Monetization)
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_l[…] (PUP.Monetization)
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_n[…] (PUP.Monetization)
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_n[…] (PUP.Monetization)
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_r[…] (PUP.Monetization)
    REMPLACÉ: [2bf5vgze.default] – user_pref(« extensions.aOIBMBKA115048682HYKFIU97176590com69065.69065.internaldb.monetization_plugin_r[…] (PUP.Monetization)

    —\ Fichier hôte. (1)
    ~ Le fichier hôte est légitime. (21)

    —\ Tâche planifiée. (0)
    ~ Aucun élément malicieux trouvé.

    —\ Explorateur ( Dossiers, Fichiers ). (3)
    DEPLACÉ dossier: C:UsersMartinAppDataLocalTempAI_RecycleBin{BC96EC3F-FA69-4D06-9C4F-439429F76AA6} (Adware.Agent)
    DEPLACÉ dossier: C:UsersMartinAppDataLocalTempAI_RecycleBin (Adware.Agent)
    DEPLACÉ fichier: C:WINDOWSPrefetchSEARCHPROTECTINT.EXE-77D48EA5.pf (PUP.SearchProtect)

    —\ Base de Registres ( Clés, Valeurs, Données ). (58)
    SUPPRIMÉ clé: HKCUSOFTWARESearchProtectWS [] (PUP.SearchProtect)
    SUPPRIMÉ valeur: HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun\ConnectionCenter [« C:Program Files (x86)CitrixICA Clientconcentr.exe » /startup] ()
    SUPPRIMÉ clé: HKCRInterface{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] (Toolbar.Ask)
    SUPPRIMÉ clé: HKCRDisplayServer.TVWizard [TVWizard Class] (PUP.TVWizard)
    SUPPRIMÉ clé: HKCRDisplayServer.TVWizard.1 [TVWizard Class] (PUP.TVWizard)
    SUPPRIMÉ clé: HKCUSoftwareLinkey [] (PUP.LinkeySearch)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{15919C62-F3FA-494A-B144-1DCED30BE34} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{19A0564D-A1A2-4065-ABDE-EF168D398930} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{19B14A2D-27AF-4ECE-A61C-381D1B5E445} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{1DF67160-50A4-470E-ACCA-289214F359} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{233C1E19-7AEA-4F9A-9EDC-11A18A3099} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{3F3E9E6C-1B67-419F-99C5-A2BF2C1A9C5} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{423C5EA4-1BA0-4451-B175-E1CD186DBD1C} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4A69E4F3-83CF-48F5-97CE-751D248EE96} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4A8E7242-D752-4F5B-999A-10DB82E61FE4} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4B3EB57D-666A-4A57-A8FF-C3B99FA402D} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4C646467-EDBB-4FAF-8DA3-A7BC2067B7C1} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{4F7D0CE0-CFD6-44C5-BF54-FAC5467C42} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{53739D55-2E5E-4BDD-9AF4-6F99CC681A3} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{548E1C89-C1D7-4AEF-ACDA-B956D11EF0A0} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{5A5D2167-B9EA-4818-A7D7-A664AEA94C5} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{638446B8-20AA-40CD-8E82-D87C39B97DEC} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{656CDF87-F847-450E-AE61-BF825C38D8E} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{67205AE5-68CF-418F-98C9-8C79B66FE60} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{680AD3BE-9045-455B-9BC7-BED9DBBBE5D} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{6B8C739D-B516-41FA-9841-FCBDB9AD783} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{7230AAFB-7607-44A7-A493-ECE989EFA47} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{72A9C1AB-3A4E-46B9-B29D-76D8B085373B} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{7866B878-702B-46AB-94F6-88B74884F57F} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{7964B171-94BE-4F67-996F-2C739511F28} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{7B9E215-5F04-4516-BCD5-D638489E4B86} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{84C90800-CE15-4F69-A599-76465FD245F} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{86CBCAB3-52F-485F-9167-BDA6774744} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{8C4A9147-4775-4F4F-AED9-997F29423797} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{96B91853-273F-412A-8D66-1B7AE582B437} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{99E668F6-A883-45CF-A56B-C49BC3252BDA} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{9F067679-D163-445F-92F9-9C1D1BA81E96} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{A4E19BD8-526A-407B-9C20-E2B43AE48EC} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{A66D02CC-A8AA-4251-A5EA-34482AA8B67B} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{A6892C6B-C1F4-4903-9BBE-497A3399C15} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{AEC8157B-7FF2-4A0D-955-8577C8747A76} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{AFA39E67-F70B-4AA2-AF8A-A524C7642CB9} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{BE10B371-570B-43AE-AD93-3BD54F123736} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{C95DC927-6152-46CC-ACDB-F1A49AD54EFB} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{CA6689D0-8CBF-4444-B55D-9F297DB417} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{D1D53277-E660-49FD-A326-DA1192561C31} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{D7A32A47-4C5E-497B-9CC8-51BCCFE6882D} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{DA84D577-2544-41D9-AD85-1741CF541A0} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{DE0ED081-4F8D-4106-9CCD-EEBA5AA28B0} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{DFE47021-8EF8-4E62-8C0-C9E4F49CD9C6} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{E5B02D1B-B273-4333-A69F-481485FFAD37} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{EB0D2B3E-5D87-4DB3-B5A8-22832AD53DF} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{EB9A0858-2424-4FAE-A132-FD36DCA4AA1} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{F8DBACA-B832-493E-84D9-3A212239FB8D} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{FA440EEE-E853-4476-AD16-3DBE629F4469} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{FC4CA339-A6B3-46DC-B63D-F91418BF80F0} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{FC8EFE59-75D4-49BD-94CA-6EE7BD48B1B7} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)
    SUPPRIMÉ clé: HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{FE635289-7D11-4735-9CB7-91C78DD342AC} [C:Program Files (x86)Internet Speed Checker] (PUP.InternetSpeedChecker)

    —\ Bilan de la réparation
    ~ Réparation réalisée avec succès.
    ~ Ce navigateur est absent (Google Chrome)
    ~ Ce navigateur est absent (Opera Software)

    —\ Statistiques
    ~ Items scannés : 95455
    ~ Items trouvés : 0
    ~ Items réparés : 72

    End of clean at 19:26:34
    ===================
    ZHPCleaner-[R]-03022015-19_26_34.txt
    ZHPCleaner-
    -03022015-19_17_32.txt
    }[/spoiler:19h28xx6]

    Tchepo
    Participant
    Nombre d'articles : 15

    [spoiler:1ig7ypyi]{~ Rapport de ZHPDiag v2015.1.24.9 – Nicolas Coolman (24/01/2015)
    ~ Lancé par Martin (05/02/2015 19:08:36)
    ~ Facebook : https://www.facebook.com/nicolascoolman1 » onclick= »window.open(this.href);return false;
    ~ Adresse du Forum http://forum.nicolascoolman.fr » onclick= »window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Nouvelle version disponible
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17498
    MFIE: Mozilla Firefox 35.0.1 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 8.1, 64-bit (Build 9600)
    Windows Server License Manager Script : OK
    ~ Windows(R) Operating System, OEM_DM channel
    Windows ID Activation : OK
    ~ Windows Partial Key : VMFD6
    Windows License : OK
    ~ Windows Remaining Initializations Number : 999
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Malwarebytes Anti-Malware version 2.0.4.1028
    Windows Defender W8 (Activate)

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 16 NPAPI
    Adobe Reader XI

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 8080 MB (74% free)
    System Restore: Activé (Enable)
    System drive C: has 38 GB (32%) free of 118 GB

    —\ Mode de connexion au système
    ~ Computer Name: MSI
    ~ User Name: Martin
    ~ All Users Names: UpdatusUser, Martin, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMartinAppDataRoamingZHP
    ~ %AppData% : C:UsersMartinAppDataRoaming
    ~ %Desktop% : C:UsersMartinDesktop
    ~ %Favorites% : C:UsersMartinFavorites
    ~ %LocalAppData% : C:UsersMartinAppDataLocal
    ~ %StartMenu% : C:UsersMartinAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 38 Go of 118 Go)
    D: CD-ROM drive (Not Inserted)
    E: Hard drive, Flash drive, Thumb drive (Free 514 Go of 677 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    ~ Security Center: 41 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] – (.Microsoft Corporation – Explorateur Windows.) (.23/08/2014 – 08:48:28.) — C:WindowsExplorer.exe [2374784]
    [MD5.48CFA7BE561A7BE144C29BB912055016] – (.Microsoft Corporation – Application de démarrage de Windows.) (.22/08/2013 – 10:58:29.) — C:WindowsSystem32Wininit.exe [144384]
    [MD5.4AF089160FE082E5EA5C4AA72782DCA2] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/11/2014 – 02:28:21.) — C:WindowsSystem32wininet.dll [2358272]
    [MD5.306EB21E5B480AE9065EA55AC8C35936] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.22/02/2014 – 10:45:48.) — C:WindowsSystem32Winlogon.exe [562176]
    [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] – (.Microsoft Corporation – Bibliothèque de licences.) (.21/12/2013 – 09:54:07.) — C:WindowsSystem32sppcomapi.dll [447488]
    [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.30/05/2014 – 04:03:03.) — C:Windowssystem32DriversAFD.sys [563200]
    [MD5.74B14192CF79A72F7536B27CB8814FBD] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.22/08/2013 – 13:43:41.) — C:Windowssystem32Driversatapi.sys [26464]
    [MD5.2FA6510E33F7DEFEC03658B74101A9B9] – (.Microsoft Corporation – CD-ROM File System Driver.) (.22/08/2013 – 12:40:15.) — C:Windowssystem32DriversCdfs.sys [88576]
    [MD5.C6796EA22B513E3457514D92DCDB1A3D] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.22/08/2013 – 09:46:35.) — C:Windowssystem32DriversCdrom.sys [164352]
    [MD5.A03F362C5557E238CBFA914689C77248] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.06/03/2014 – 10:22:50.) — C:Windowssystem32DriversDfsC.sys [134144]
    [MD5.D4B7ED39C7900384D9E5C1283F1E7926] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.24/07/2014 – 12:45:39.) — C:Windowssystem32DriversHDAudBus.sys [76800]
    [MD5.84CFC5EFA97D0C965EDE1D56F116A541] – (.Microsoft Corporation – Pilote de port i8042.) (.22/08/2013 – 12:39:15.) — C:Windowssystem32Driversi8042prt.sys [107520]
    [MD5.B7342B3C58E91107F6E946A93D9D4EFD] – (.Microsoft Corporation – IP Network Address Translator.) (.27/11/2013 – 13:02:29.) — C:Windowssystem32DriversIpNat.sys [142848]
    [MD5.7A1A3F213CDB3363D179D5014272025D] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.30/04/2014 – 07:41:46.) — C:Windowssystem32DriversMRxSmb.sys [402432]
    [MD5.0217532E19A748F0E5D569307363D5FD] – (.Microsoft Corporation – MBT Transport driver.) (.22/08/2013 – 12:37:02.) — C:Windowssystem32DriversnetBT.sys [282624]
    [MD5.038C77D577900EE39410662478BB0D50] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/07/2014 – 16:07:52.) — C:Windowssystem32Driversntfs.sys [2009920]
    [MD5.764B1121867B2D9B31C491668AC72B2B] – (.Microsoft Corporation – Pilote de port parallèle.) (.22/08/2013 – 12:40:02.) — C:Windowssystem32DriversParport.sys [94208]
    [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.22/08/2013 – 12:35:51.) — C:Windowssystem32DriversRasl2tp.sys [120832]
    [MD5.680C1DAE268B6FB67FA21B389A8B79EF] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.30/09/2013 – 04:59:53.) — C:Windowssystem32Driversrdpdr.sys [195584]
    [MD5.FFF28F9F6823EB1756C60F1649560BBF] – (.Microsoft Corporation – TDI Translation Driver.) (.22/08/2013 – 14:25:35.) — C:Windowssystem32Driverstdx.sys [107520]
    [MD5.64CA2B4A49A8EAF495E435623ECCE7DB] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.19/06/2014 – 03:13:36.) — C:Windowssystem32Driversvolsnap.sys [310080]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/162
    Mes musiques (My Musics) : 6/6 (Modified)
    ~ Mes Videos (My Videos) : 2/14
    ~ Mes Favoris (My Favorites) : 1/3
    ~ Mes Documents (My Documents) : 1/458
    ~ Mon Bureau (My Desktop) : 3/22
    ~ Menu demarrer (Programs) : 1/34
    ~ Hidden Files: Scanned in 00mn 00s

    —\ Processus lancés
    [MD5.3C13F26A4766752314A5413038BD86B4] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe [7229752] [PID.2904]
    [MD5.8DF7F2A9B72B7CA4294BB9E59FEAEFCD] – (.Microsoft Corporation – Hôte Microsoft WWA.) — C:WINDOWSsyswow64wwahost.exe [514560] [PID.2600]
    [MD5.588BEEE7B106E6520F550A45897D00B2] – (.NVIDIA Corporation – NVIDIA NvTmru Application.) — C:Program Files (x86)NVIDIA CorporationNVIDIA Update CoreNvTmru.exe [1028384] [PID.3752]
    [MD5.63A2D767B9261B4F33F97BF88F2FB197] – (.Hewlett-Packard Co. – HP Digital Imaging Monitor.) — C:Program Files (x86)HPDigital Imagingbinhpqtra08.exe [276328] [PID.5316]
    [MD5.E02A512F30FC2A02A9CADEEC375FC969] – (.Creative Technology Ltd – THXAudio.) — C:Program Files (x86)CreativeTHX TruStudio ProTHXAudioCPTHXAudio.exe [1517056] [PID.4560]
    [MD5.B7995C675014EEBE77A0BEB7AFCCFC08] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe [91432] [PID.4148]
    [MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] – (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [958576] [PID.5112]
    [MD5.6226810F26227F083929AC5584122951] – (.Dropbox, Inc. – Dropbox.) — C:UsersMartinAppDataRoamingDropboxbinDropbox.exe [39207112] [PID.7728]
    [MD5.D658AB1B55127D18DCFBCAC8CAAEA522] – (.Hewlett-Packard – hpwuSchd Application.) — C:Program Files (x86)HPHP Software Updatehpwuschd2.exe [49208] [PID.5044]
    [MD5.17D9622BFE68386E8C647C4C7F8FEA3E] – (.Citrix Systems, Inc. – Citrix FTA, URL Redirector.) — C:Program Files (x86)CitrixICA Clientredirector.exe [153992] [PID.5760]
    [MD5.308F2EE28005510DE616409148CF077B] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [256896] [PID.3068]
    [MD5.2FB757B35C94B1C1C65BA35E4E7EC0F2] – (.Hewlett-Packard Co. – HP CUE Status Root.) — C:Program Files (x86)HPDigital ImagingbinhpqSTE08.exe [174952] [PID.5612]
    [MD5.F01A418BDDFC14D60E463C50CABC7750] – (.Hewlett-Packard Co. – HP CUE Alert Popup Window Objects.) — C:Program Files (x86)HPDigital Imagingbinhpqbam08.exe [565096] [PID.2264]
    [MD5.B2F0B501A7C017F21C4B4417623895BD] – (.Hewlett-Packard – GPCore COM object.) — C:Program Files (x86)HPDigital Imagingbinhpqgpc01.exe [367976] [PID.3280]
    [MD5.883B2E1341E5BE906A7507308A6636DF] – (.Intel Corporation – IAStorIcon.) — C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe [285240] [PID.4712]
    [MD5.B2C418B16792E227BF6D18C7261ABCD9] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8161792] [PID.3512]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersMartinAppDataRoamingMozillaFirefoxProfiles2bf5vgze.defaultprefs.js
    M2 – MFEP: prefs.js [Martin – 2bf5vgze.defaultjid1-U7omKQ6kQfxMaQ@jetpack] [] Booster Web v1.7.7 (..)
    M2 – MFEP: prefs.js [Martin – 2bf5vgze.default{41501e63-3282-4838-65f5-e124b1849ca8}] [] Zoom It v1.7.7 (..)
    M2 – MFEP: prefs.js [Martin – 2bf5vgze.default{cd6ca582-358d-4fb4-ae06-82613f30701f}] [] Zoom It v1.7.7 (..)
    M2 – MFEP: prefs.js [Martin – 2bf5vgze.default{f9d30738-7f19-a970-1a5f-5e5dc92544e5}] [] Zoom It v1.7.7 (..)
    ~ Firefox Browser: 10 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://google.be » onclick= »window.open(this.href);return false;
    ~ IE Browser: 16 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hôte est sain (The hosts file is clean) (21)
    ~ Hosts File: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Martin]: µTorrent.lnk . (.BitTorrent Inc. – µTorrent.) — C:UsersMartinAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    ~ Global Startup: 1 Legitimates Filtered in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [ETDCtrl] C:Program Files (x86)ElantechETDCtrl.exe (.not file.)
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:WINDOWSsystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:WINDOWSsystem32hkcmd.exe
    O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:WINDOWSsystem32igfxpers.exe
    O4 – HKLM..Run: [RTHDVCPL] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. – Bluetooth Shell Extension.) — C:Program Files (x86)IntelBluetoothbtmshellex.dll
    O4 – HKLM..Run: [Radio Manager] . (.MSI – Radio Manager.) — C:Program Files (x86)SCMRadio Manager.exe
    O4 – HKLM..Run: [SCM] . (.MSI – SCM.) — C:Program Files (x86)SCMSCM.exe
    O4 – HKLM..Run: [THXCfg64] . (.Creative Technology Ltd. – Pas de description.) — C:Windowssystem32THXCfg64.dll
    O4 – HKLM..Run: [Nvtmru] . (.NVIDIA Corporation – NVIDIA NvTmru Application.) — C:Program Files (x86)NVIDIA CorporationNVIDIA Update Corenvtmru.exe
    O4 – HKLM..Run: [ShadowPlay] . (.NVIDIA Corporation – NVIDIA Capture Server Proxy.) — C:WINDOWSsystem32nvspcap64.dll
    O4 – HKCU..Run: [Sony PC Companion] . (.Sony – Sony PC Companion.) — C:Program Files (x86)SonySony PC CompanionPCCompanion.exe
    O4 – HKCU..Run: [Facebook Update] . (.Facebook Inc. – Programme d'installation de Facebook.) — C:UsersMartinAppDataLocalFacebookUpdateFacebookUpdate.exe
    O4 – HKCU..Run: [DAEMON Tools Lite] . (.Disc Soft Ltd – DAEMON Tools Lite.) — C:Program Files (x86)DAEMON Tools LiteDTLite.exe =>.DT Soft Ltd
    O4 – HKLM..Wow6432NodeRun: [IAStorIcon] . (.Intel Corporation – Delayed launcher.) — C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorIconLaunch.exe
    O4 – HKLM..Wow6432NodeRun: [THX Audio Control Panel] . (.Creative Technology Ltd – THXAudio.) — C:Program Files (x86)CreativeTHX TruStudio ProTHXAudioCPTHXAudio.exe
    O4 – HKLM..Wow6432NodeRun: [UpdReg] . (.Creative Technology Ltd. – Creative UpdReg.) — C:WindowsUpdReg.exe
    O4 – HKLM..Wow6432NodeRun: [Super-Charger] . (.MSI – Super-Charger.) — C:Program Files (x86)MSISuper-ChargerSuper-Charger.exe
    O4 – HKLM..Wow6432NodeRun: [RemoteControl10] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [HP Software Update] . (.Hewlett-Packard – hpwuSchd Application.) — C:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
    O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Wow6432NodeRun: [BCSSync] . (.Microsoft Corporation – Microsoft Office 2010 component.) — C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe =>.Microsoft Corporation
    O4 – HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program Files (x86)QuickTimeQTTask.exe
    O4 – HKLM..Wow6432NodeRun: [CitrixReceiver] C:ProgramDataMicrosoftWindowsStart MenuProgramsCitrixReceiver Updater.lnk (.not file.)
    O4 – HKLM..Wow6432NodeRun: [Redirector] . (.Citrix Systems, Inc. – Citrix FTA, URL Redirector.) — C:Program Files (x86)CitrixICA Clientredirector.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKUSS-1-5-21-1233262645-512252785-536942539-1002..Run: [Sony PC Companion] . (.Sony – Sony PC Companion.) — C:Program Files (x86)SonySony PC CompanionPCCompanion.exe
    O4 – HKUSS-1-5-21-1233262645-512252785-536942539-1002..Run: [Facebook Update] . (.Facebook Inc. – Programme d'installation de Facebook.) — C:UsersMartinAppDataLocalFacebookUpdateFacebookUpdate.exe
    O4 – HKUSS-1-5-21-1233262645-512252785-536942539-1002..Run: [DAEMON Tools Lite] . (.Disc Soft Ltd – DAEMON Tools Lite.) — C:Program Files (x86)DAEMON Tools LiteDTLite.exe =>.DT Soft Ltd
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: &Envoyer à OneNote [64Bits] – {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:Program Files (x86)MICROS~1Office14ONBttnIE.dll (.not file.)
    O9 – Extra button: Notes &liées OneNote [64Bits] – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} — C:Program Files (x86)MICROS~1Office14ONBTTN~1.dll (.not file.)
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{9F3C6097-ECFE-4934-91D5-7092E45D1E3F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpip..{CDAAEAE1-F7FD-4DF8-9DFD-6F60AB1DC1CC}: DhcpNameServer = 192.168.2.1
    O17 – HKLMSystemCCSServicesTcpip..{CDAAEAE1-F7FD-4DF8-9DFD-6F60AB1DC1CC}: DhcpDomain = Belkin
    O17 – HKLMSystemCS1ServicesTcpip..{9F3C6097-ECFE-4934-91D5-7092E45D1E3F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{CDAAEAE1-F7FD-4DF8-9DFD-6F60AB1DC1CC}: DhcpNameServer = 192.168.2.1
    O17 – HKLMSystemCS1ServicesTcpip..{CDAAEAE1-F7FD-4DF8-9DFD-6F60AB1DC1CC}: DhcpDomain = Belkin
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.2.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – AppInit_DLLs: . (.NVIDIA Corporation – NVIDIA shim initialization dll, Version 327.) – C:Windowssystem32nvinitx.dll
    ~ AppInit DLL: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Qualcomm Atheros Killer Service (Qualcomm Atheros Killer Service) . (…) – C:Program FilesQualcomm AtherosKiller Network ManagerBFNService.exe
    ~ Services: 19 Legitimates Filtered in 00mn 04s

    —\ Tâches planifiées en automatique (O39)
    [MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (…) — C:Program Files (x86)IntelIntel(R) Update Managerbiniumsvc.exe [174368]
    [MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon] (…) — C:Program Files (x86)IntelIntel(R) Update Managerbiniumsvc.exe [174368]
    [MD5.00000000000000000000000000000000] [APT] [YMJI] (…) — C:UsersMartinAppDataRoamingYMJI.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [ZBDU] (…) — C:UsersMartinAppDataRoamingZBDU.exe (.not file.) [0]
    O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002Core [918]
    O39 – APT: – (..) — C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002UA [940]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1080]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1084]
    O39 – APT: YMJI – (…) — C:WindowsTasksYMJI.job [1346]
    O39 – APT: YMJI – (…) — C:WindowsSystem32TasksYMJI [1346]
    O39 – APT: ZBDU – (…) — C:WindowsTasksZBDU.job [1346]
    O39 – APT: ZBDU – (…) — C:WindowsSystem32TasksZBDU [1346]
    ~ Scheduled Task: 20 Legitimates Filtered in 00mn 02s

    —\ Logiciels installés (O42)
    O42 – Logiciel: Cardbox 3.0 – (.Cardbox Software Limited.) [HKLM][64Bits] — Cardbox 3.0
    O42 – Logiciel: coverXP (remove only) – (…) [HKLM][64Bits] — coverXP
    ~ Logic: 33 Legitimates Filtered in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareAI_RecycleBin] =>Adware.Agent
    [HKCUSoftwareCardbox]
    [HKCUSoftwareDoctorPCConfig]
    [HKCUSoftwareDoctorPCLanguage]
    [HKCUSoftwareMendeley Ltd.]
    [HKCUSoftwareOB]
    [HKCUSoftwareToggle]
    [HKCUSoftwareYMJI]
    [HKCUSoftwareZBDU]
    [HKCUSoftwarecoverXP]
    [HKLMSoftwareWow6432NodeClient]
    [HKLMSoftwareWow6432NodeMendeley Ltd.]
    [HKLMSoftwareWow6432NodeSiteSee]
    ~ Key Software: 359 Legitimates Filtered in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 19/05/2014 – 09:13:06 – [] —-D C:ProgramDataMicrosoftWindowsStart MenuProgramscoverXP
    O43 – CFD: 30/09/2013 – 05:00:03 – [0] R-H-D C:ProgramDataMicrosoftWindowsStart MenuProgramsTablet PC
    O43 – CFD: 28/01/2015 – 07:40:26 – [] -SH-D C:UsersMartinAppDataLocalEmieBrowserModeList
    O43 – CFD: 29/07/2014 – 08:03:48 – [] —-D C:UsersMartinAppDataLocalGame Updater
    O43 – CFD: 10/01/2014 – 17:03:49 – [] —-D C:UsersMartinAppDataLocalMendeley Ltd
    O43 – CFD: 29/07/2014 – 07:21:26 – [] —-D C:UsersMartinAppDataLocalSetup Integrity Check
    O43 – CFD: 19/05/2014 – 09:13:06 – [] —-D C:UsersMartinAppDataRoamingMicrosoftWindowsStart MenuProgramscoverXP
    ~ Program Folder: 248 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.27B87D12641A73C77A7C49B1E9AC479F] – 26/01/2015 – 07:41:35 —A- . (…) — C:IFRToolLog.txt [1593]
    ~ Files: 14 Legitimates Filtered in 00mn 01s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.5F7B472BE173EDAC8BA1CECB40E0D99A] – 24/01/2015 – 16:30:10 —A- – C:WindowsPrefetchUTORRENT.EXE-5884B64D.pf =>P2P.µTorrent
    ~ Prefetcher: 1 Legitimates Filtered in 00mn 00s

    —\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 – SEH:ShellExecuteHooks – Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:PROGRA~1MICROS~1Office14GROOVEEX.DLL
    O46 – SEH:ShellExecuteHooks – Groove GFS Stub Execution Hook [64Bits] – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:PROGRA~1MICROS~1Office14GROOVEEX.DLL
    ~ ShellExecuteHooks: Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – « EnableUIADesktopToggle »=0
    O55 – MWPS:[HKLM…PoliciesSystem] – « FilterAdministratorToken »=0
    ~ MWPS: 17 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – « NoActiveDesktopChanges »=1
    ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:13/08/2013 – 00:25:46 —A- . (.Windows (R) Win 7 DDK provider – BCM Function 2 Device Driver.) — C:WindowsSystem32Driversbcmfn2.sys [17624]
    O58 – SDL:25/09/2012 – 08:52:04 —A- . (.Windows (R) Win 7 DDK provider – IEEE-1284.4-1999 Driver.) — C:WindowsSystem32DriversDot4.sys [151968]
    O58 – SDL:25/09/2012 – 08:52:04 —A- . (.Windows (R) Win 7 DDK provider – IEEE-1284.4 Print Class Driver.) — C:WindowsSystem32DriversDot4Prt.sys [27040]
    O58 – SDL:27/11/2012 – 16:51:01 —A- . (.ELAN Microelectronics Corp. – ETD Kernel Center.) — C:WindowsSystem32DriversETD.sys [295760]
    O58 – SDL:22/01/2014 – 08:52:10 —A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) – SAMSUNG USB Composite Device Driver (MSS Ver.3).) — C:WindowsSystem32Driversssudbus.sys [108800]
    O58 – SDL:22/01/2014 – 08:52:10 —A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) – SAMSUNG Android Modem Device Driver (MSS Ver.3).) — C:WindowsSystem32Driversssudmdm.sys [206080]
    O58 – SDL:22/08/2013 – 13:43:32 —A- . (.Promise Technology, Inc. – Promise SuperTrak EX Series Driver for Windows x64.) — C:WindowsSystem32Driversstexstor.sys [31072]
    O58 – SDL:22/08/2013 – 13:40:24 —A- . (.The OpenVPN Project – TAP-Windows Virtual Network Driver.) — C:WindowsSystem32Driverstap0901.sys [40664]
    ~ Drivers: 59 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 03/02/2015 – 19:08:58 —A- . (…) — C:UsersMartinAppDataRoamingZHPZHPCleaner.exe [1463808] =>.Nicolas Coolman
    O61 – LFC: 03/02/2015 – 19:08:58 —A- . (…) — C:UsersMartinDownloadsZHPCleaner.exe [1463808] =>.Nicolas Coolman
    ~ 7939 Fichiers temporaires (Temporary files)
    ~ 2 Fichiers cookies (Cookies files)
    ~ Files: 3 Legitimates Filtered in 00mn 01s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2015 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] – (Bing) – http://www.bing.com » onclick= »window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} – (Bing) – http://www.bing.com » onclick= »window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.24EFEFF991F61539A5D40523A7F0C854] [SPRF][08/03/2014] (…) — C:UsersMartinDesktopDiagramDesignerSetup.exe [1369271]
    ~ Files: 4 Legitimates Filtered in 00mn 00s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: « {1B4185EA-5BEB-435E-A082-D273A623BF0D} » | In – None – P6 – TRUE | .(.BitTorrent Inc. – µTorrent.) — C:UsersMartinAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    O87 – FAEL: « {3B3EAD52-F324-4D6F-AE16-96259B59E734} » | In – None – P17 – TRUE | .(.BitTorrent Inc. – µTorrent.) — C:UsersMartinAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
    ~ Firewall: 2 Legitimates Filtered in 00mn 01s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 24/01/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Demand 03/10/2013 279000 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
    SS – | Auto 22/10/2013 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 22/10/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) – C:Program Files (x86)Common FilesInstallShieldDriver1150Intel 32IDriverT.exe
    SS – | Demand 28/02/2014 174368 | (iumsvc) . (…) – C:Program Files (x86)IntelIntel(R) Update Managerbiniumsvc.exe
    SS – | Demand 23/01/2015 114800 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SS – | Auto 22/08/2013 37768 | C:WindowsSystem32HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SS – | Demand 25/01/2015 1903472 | (Origin Client Service) . (.Electronic Arts.) – E:OriginOriginClientService.exe
    SS – | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) – C:Program Files (x86)SonySony PC CompanionPCCService.exe
    SR – | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SR – | Auto 27/08/2012 1112000 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) – C:Program Files (x86)IntelBluetoothdevmonsrv.exe
    SR – | Auto 06/09/2012 1124288 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) – C:Program Files (x86)IntelBluetoothobexsrv.exe
    SR – | Demand 22/08/2013 37768 | C:Program Files (x86)HPDigital Imagingbinhpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) – C:Windowssystem32svchost.exe
    SR – | Auto 22/08/2013 37768 | C:Program Files (x86)HPDigital Imagingbinhpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) – C:Windowssystem32svchost.exe
    SR – | Auto 02/09/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe
    SR – | Auto 20/06/2012 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
    SR – | Auto 27/11/2012 128896 | (Intel(R) ME Service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
    SR – | Auto 27/11/2012 165760 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
    SR – | Auto 18/07/2012 276864 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SR – | Auto 21/11/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
    SR – | Auto 21/11/2014 969016 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
    SR – | Auto 13/09/2012 160768 | (Micro Star SCM) . (.Micro-Star International Co., Ltd..) – C:Program Files (x86)SCMMSIService.exe
    SR – | Auto 23/05/2012 142904 | (MSI_SuperCharger) . (.MSI.) – C:Program Files (x86)MSISuper-ChargerChargeService.exe
    SR – | Auto 08/11/2013 15125280 | (NvStreamSvc) . (.NVIDIA Corporation.) – C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
    SR – | Auto 29/08/2013 920864 | (nvsvc) . (.NVIDIA Corporation.) – C:WINDOWSsystem32nvvsvc.exe
    SR – | Auto 08/11/2013 1914656 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    SR – | Auto 22/08/2013 37768 | C:WindowsSystem32HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SR – | Auto 22/07/1658 0 | (PnkBstrA) . (…) – C:WINDOWSsystem32PnkBstrA.exe
    SR – | Auto 25/09/2012 490496 | (Qualcomm Atheros Killer Service) . (…) – C:Program FilesQualcomm AtherosKiller Network ManagerBFNService.exe
    SR – | Auto 18/07/2012 364416 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    SR – | Demand 22/07/1658 0 | (WdNisSvc) . (…) – C:Program Files (x86)Windows DefenderNisSrv.exe
    SR – | Auto 22/07/1658 0 | (WinDefend) . (…) – C:Program Files (x86)Windows DefenderMsMpEng.exe
    SR – | Auto 22/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Demand 22/08/2013 37768 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 08s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Martin at 05/02/2015 19:09:32
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog » onclick= »window.open(this.href);return false;
    Run by Martin at 05/02/2015 19:09:34
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 13008 – (24/01/2015)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 1
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 1

    [HKCUSoftwareAI_RecycleBin] =>Adware.Agent^
    ~ Additionnel Scan: 478394 Items scanned in 00mn 22s

    —\ Informations complémentaires sur les modules
    ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ » onclick= »window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
    ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ » onclick= »window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
    ~ AMI: 2 Legitimates Filtered in 00mn 00s

    —\ Récapitulatif des détections trouvées sur votre station
    http://www.nicolascoolman.fr/blog/ » onclick= »window.open(this.href);return false; =>Adware.Agent
    ~ MSI: 1 link(s) detected in 00mn 00s

    ~ 777 Legitimates filtered by white list
    End of the scan (487 lines in 01mn 21s)(0)
    }[/spoiler:1ig7ypyi]

    Voilà un grand merci pour ton aide passe un bon week-end!

    buckhulk
    Participant
    Nombre d'articles : 2398

    plus grand chose , tu vas passer ce script et me refaire un ZHPDiag ensuite ! (hébergé ce sera mieux !)

    • Séléctionne et copie le script suivant :

      Script ZHPFix
      ShortcutFix
      M2 - MFEP: prefs.js [Martin - 2bf5vgze.defaultjid1-U7omKQ6kQfxMaQ@jetpack] [] Booster Web v1.7.7 (..) => PUP.BoosterWeb
      O4 - GSDesktop [Martin]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:UsersMartinAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
      OPT:O4 - HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:Program Files (x86)QuickTimeQTTask.exe
      O4 - HKLM..Wow6432NodeRun: [CitrixReceiver] C:ProgramDataMicrosoftWindowsStart MenuProgramsCitrixReceiver Updater.lnk (.not file.) => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [YMJI] (...) -- C:UsersMartinAppDataRoamingYMJI.exe (.not file.) [0] => Infection FakeAlert (Possible)
      [MD5.00000000000000000000000000000000] [APT] [ZBDU] (...) -- C:UsersMartinAppDataRoamingZBDU.exe (.not file.) [0] => Infection FakeAlert (Possible)
      O39 - APT: - (..) -- C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002Core [918] => Facebook Update Task User
      O39 - APT: - (..) -- C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-1233262645-512252785-536942539-1002UA [940] => Facebook Update Task User
      [HKCUSoftwareAI_RecycleBin] =>Adware.Agent
      [HKLMSoftwareWow6432NodeClient]
      O43 - CFD: 29/07/2014 - 07:21:26 - [] ----D C:UsersMartinAppDataLocalSetup Integrity Check
      O45 - LFCP:[MD5.5F7B472BE173EDAC8BA1CECB40E0D99A] - 24/01/2015 - 16:30:10 ---A- - C:WindowsPrefetchUTORRENT.EXE-5884B64D.pf =>P2P.µTorrent
      O87 - FAEL: "{1B4185EA-5BEB-435E-A082-D273A623BF0D}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:UsersMartinAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
      O87 - FAEL: "{3B3EAD52-F324-4D6F-AE16-96259B59E734}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:UsersMartinAppDataRoaminguTorrentuTorrent.exe =>P2P.BitTorrent
      [HKCUSoftwareAI_RecycleBin] =>Adware.Agent^
      ProxyFix
      EmptyPrefetch
      EmptyFlash
      SysRestore
      FirewallRAZ
      EmptyTemp

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Les lignes précedemment copiées doivent être collées dans le cadre
      3. Si c’est le cas, Clic sur « GO« 


      exemple :

    • Confirmes les nettoyages des données en cliquant sur « Oui« 
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

    et donc un ZHPDiag pour vérification
    :merci2:

    Tchepo
    Participant
    Nombre d'articles : 15

    Bonsoir,

    voici l’upload
    http://upload.sosvirus.net/download/umz259a3fpwrgcl1fmkmdj1xdn7u29h87l7jdpjb » onclick= »window.open(this.href);return false;

    Bien à vous,

    Martin :merci2:

    Tchepo
    Participant
    Nombre d'articles : 15

    Et l’upload ZHPDIAG

    http://upload.sosvirus.net/download/x1hmiu09nowwojj6qc73it0n8n96jzv8eg0j1njq » onclick= »window.open(this.href);return false;

    Bonne fin de w-e !

    buckhulk
    Participant
    Nombre d'articles : 2398

    :bravo1: pour moi c’est bon :

    [spoiler:2tf4zprc][/spoiler:2tf4zprc]

    Voici les canneds de fin et mes conseils , si tu as des questions …..

    [fin2desinf:2tf4zprc][/fin2desinf:2tf4zprc]
    [diapo2:2tf4zprc][/diapo2:2tf4zprc]

    mes conseils :
    fin de désinfection

    Pour commencer , à lire , instructif :

    [glow=red:2tf4zprc]Concernant les P2P[/glow:2tf4zprc]
    __________________________________________________________________________________

    Et aussi :

    Apprivoiser l’internet
    __________________________________________________________________________________

    Pour terminer :
    Les programmes que nous avons utilisés ne doivent pas être conservés.
    Beaucoup d’entre eux peuvent être dangereux et entrainer des dommages irréversibles sur ton système s’ils sont utilisés sans l’aide d’une personne qualifiée, de plus, fréquemment modifiés et mis à jour par leurs auteurs ils deviennent très rapidement obsolètes, en plus d’encombrer inutilement ton bureau.

    1/ Désinstallation des outils :
    Delfix

    Delfix à changé et est devenu plus performant !
    A – Télécharges DelFix sur votre bureau ICI
    Cliquer sur le bouton vert : télécharger en toute sécurité

    Patientez le temps de préparation du téléchargement

    B – Vous pouvez cocher la case « réactiver l’UAC » s’il a été désactivé !

    la case « supprimer les outils de désinfection est cochée par défaut !

    C – vous pouvez cocher la case « éffectuer une sauvegarde du registre ! (au cas ou il y est un pb.)
    D – vous pouvez cocher la case « purger la restauration système » tous les anciens points seront supprimés et un nouveau « sain » sera créé !
    E – enfin cliquez sur : exécuter
    ps : Pour usage simple si rien n’est indiqué le passer comme il est programmé !
    __________________________________________________________________________________

    2/ Puis nettoyage
    CCleaner

    Instalation et fonctionnement de Ccleaner (N’installe pas la Yahoo Toolbar)
    Cliquer sur le bouton vert : télécharger en toute sécurité

    Patientez le temps de préparation du téléchargement
    __________________________________________________________________________________

    a – Avec ce logiciel on va supprimer les fichiers temporaires et inutiles sur ton PC. Ce n’est pas un logiciel qui supprime les infections
    b- Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc….
    c- Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
    d- Lance le nettoyage autant de fois qu’il faut pour que ce soit vide !

    Attention aux programmes du démarrage , (qui restent actifs tout le temps (évidement))
    laisse Ccleaner comme il est paramétré , c’est plus léger mais c’est plus sur !!!
    pour les désactiver (les programmes au démarrage) , moi j’utilise ccleaner
    >> je l’ouvre >> onglet >> option , puis >>démarrage et je désactive certains programmes
    je te conseille de désactiver tous les programmes (surtout ceux que tu ne connais pas !) sinon >> recherche google !
    sauf l’antivirus !
    (sur les 3 ou 4 moteurs de recherche présent ! si..!)
    (les programmes seront toujours là quand tu en auras besoin mais ne « tourneront » plus continuellement !)

    puis à l’onglet recherche , supprimer , puis encore recherche et supprimer !plusieurs fois , jusqu’a ce qu’il n’y ai plus rien
    en suite la fin tu fermes et tu redemarres ton ordinateur pour que tes paramètrages soit pris en compte !

    ___________________________________________________________________________________
    3/ (si cela n’a pas été fait avec Delfix) Désactive la restauration système et crée un point de restauration

    1 – Dans la barre des tâches de Windows, clique sur Démarrer.
    2 – Clique avec le bouton droit de la souris sur Poste de travail puis clique sur Propriétés.
    3 – Dans l’onglet Restauration du système, coche « Désactiver la Restauration du système »
    4 – Clique sur Appliquer.
    5 – Ensuite décoche « Désactiver la restauration du système »
    6 – Clique sur appliquer puis ok

    Crée un point de restauration en cliquant sur démarrer => tous les programmes => accessoires => outils système => restauration du système => créer un point de restauration => tu mets un nom (par exemple : PR après désinfection) puis tu valides .
    ___________________________________________________________________________________

    OU : Logiciel de Lady >>(très simple d’utilisation) : oneclick-2-restore-point
    ___________________________________________________________________________________

    SXCU de Igor 51, Logiciel intéressant pour les mises à jour java, adobe , etc..
    ____________________________
    Tutoriel
    ___________________________________________________________________________________
    D’autre liens TRÈS utiles Pour les mises à jour :

    Java : https://www.sosvirus.net/telecharger/java/ » onclick= »window.open(this.href);return false;
    Adobe reader : https://www.sosvirus.net/telecharger/adobe-reader/ » onclick= »window.open(this.href);return false;
    Flash player : https://www.sosvirus.net/telecharger/flash-player/ » onclick= »window.open(this.href);return false;
    Update checker : https://www.sosvirus.net/telecharger/update-checker/ » onclick= »window.open(this.href);return false;
    Delfix : https://www.sosvirus.net/telecharger/delfix/ » onclick= »window.open(this.href);return false;
    Ccleaner : https://www.sosvirus.net/telecharger/ccleaner/ » onclick= »window.open(this.href);return false;
    Unchecky : https://www.sosvirus.net/telecharger/unchecky/ » onclick= »window.open(this.href);return false;
    Comodo : https://www.sosvirus.net/telecharger/comodo-firewall-windows/ » onclick= »window.open(this.href);return false;
    ___________________________________________________________________________________

    Maintenant je te propose un peu de lecture !

    1/ – Conserve MBAM ICI
    Cliquer sur le bouton vert : télécharger en toute sécurité

    Patientez le temps de préparation du téléchargement

    Il te servira à scanner les fichiers douteux en complément de l’antivirus et scanne le disque dur régulièrement. Mais n’oublie pas de faire la mise à jour avant de lancer le scan.

    2/ – Installe l’extension de sécurité adblock plus pour bloquer les publicités
    3/ – Extension pour ton navigateur internet : WOT

    Voici une extension à télécharger qui te permettra, en faisant tes recherches sur google, de savoir si le site proposé lors de tes recherches est un site de confiance ou un site à éviter car il pourrait infecter ton PC :

    Pour Firefox : WOT Firefox

    Pour internet explorer: WOT IE

    Pour Chrome : plus d’outils >> Extension >> plus d’extensions >> WOT

    4/ – Tutoriel pour t’aider à installer WOT

    5/ – Tu peux lire ce sujet sur les logiciels recommandés

    6/ – Quels sont les logiciels à éviter ?

    7/ – Si tu utilises FireFox, vérifie que tes plugins sont à jour

    8/ – Comment reconnaitre les PUPS ?

    9/ – Les Toolbars ce n’est pas obligatoire !

    10/ – La sécurité de son PC c’est quoi ?

    11/ – Maintenir ses programmes à jour : Sécunia

    – Sois plus vigilant(e) sur Internet à l’avenir !
    Voilà pour moi c’est terminé.
    Si tu as des questions n’hésite pas.

14 sujets de 1 à 14 (sur un total de 14)

Vous devez être connecté pour répondre à ce sujet.