ThierP
Participant
Nombre d'articles : 22

~ Rapport de ZHPDiag v2014.5.28.76 – Nicolas Coolman (28/05/2014)
~ Lancé par Thierry_P (29/05/2014 00:05:44)
~ Adresse du Site Web http://nicolascoolman.fr » onclick= »window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

—\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17107
MFIE: Mozilla Firefox 29.0.1

—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System – Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : TQ89T
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ Logiciels de protection du système
avast! Internet Security v9.0.2018
Malwarebytes Anti-Malware version 2.0.2.1012
Spybot – Search & Destroy v2.2.25
Windows Defender W7 (Activate)

—\ Logiciels d’optimisation du système
CCleaner v4.01

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Java 7 Update 55

—\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6121 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 58 GB (30%) free of 186 GB

—\ Mode de connexion au système
~ Computer Name: THIERRY_P-PC
~ User Name: Thierry_P
~ All Users Names: Thierry_P, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:UsersThierry_PAppDataRoamingZHP
~ %AppData% : C:UsersThierry_PAppDataRoaming
~ %Desktop% : C:UsersThierry_PDesktop
~ %Favorites% : C:UsersThierry_PFavorites
~ %LocalAppData% : C:UsersThierry_PAppDataLocal
~ %StartMenu% : C:UsersThierry_PAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 58 Go of 186 Go)
D: Hard drive, Flash drive, Thumb drive (Free 8 Go of 254 Go)
E: CD-ROM drive (Not Inserted)

—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
[HKCUSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvanced] Start_ShowMyGames: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 07:19:30.) — C:WindowsExplorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.06/03/2014 – 07:22:40.) — C:WindowsSystem32wininet.dll [2260480]
[MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.04/03/2014 – 10:43:50.) — C:WindowsSystem32Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 14:27:26.) — C:WindowsSystem32sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/09/2013 – 02:09:10.) — C:Windowssystem32DriversAFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 10:19:21.) — C:Windowssystem32DriversCdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 10:26:32.) — C:Windowssystem32DriversDfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 11:43:43.) — C:Windowssystem32DriversHDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 10:23:20.) — C:Windowssystem32DriversnetBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 03:37:55.) — C:Windowssystem32Driversntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.20/11/2010 – 11:52:35.) — C:Windowssystem32DriversRasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.20/11/2010 – 12:06:41.) — C:Windowssystem32Driversrdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 10:21:56.) — C:Windowssystem32Driverstdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 14:34:02.) — C:Windowssystem32Driversvolsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/672
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 3/1957
~ Mon Bureau (My Desktop) : 1/19
~ Menu demarrer (Programs) : 1/59
~ Hidden Files: Scanned in 00mn 01s

—\ Processus lancés
[MD5.868E3486E7EC522330344152A5535783] – (.ASUS – SmartLogon Application.) — C:Program Files (x86)ASUSSmartLogonsensorsrv.exe [305720] [PID.2404]
[MD5.5EA707336336DDFADE5FD3726CEA1523] – (.NVIDIA Corporation – NVIDIA GeForce Experience Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe [2199840] [PID.2132]
[MD5.F6987FF6C6D683F79FDCE707B071A997] – (.SFX TEAM – SuperCopier 2 (explorer file copy replaceme.) — C:Program Files (x86)SuperCopier2SuperCopier2.exe [955392] [PID.2596]
[MD5.7E6ACA6B6C89B7CD098944A9159DAED3] – (.TomTom – System Tray application for TomTom HOME.) — C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe [248208] [PID.3092]
[MD5.57B4D34232852BFE4453BE571DF90D21] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [103720] [PID.3440]
[MD5.5BB1F77C8AF725A15EC9366498D275BB] – (.ASUS – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [5732992] [PID.3504]
[MD5.79A3B950988F8D2B81906D0C0473158B] – (.ASUS – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [170624] [PID.3524]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] – (.ASUS – HControlUser.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe [105016] [PID.3548]
[MD5.FD22B00049F775E952371E9C3DAC631B] – (.Pas de propriétaire – Wireless Console 3.) — C:Program Files (x86)ASUSWireless Console 3wcourier.exe [1601536] [PID.3576]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] – (.ASUS – AsScrPro.) — C:WindowsAsScrPro.exe [3058304] [PID.3592]
[MD5.7E7C0EB0F46307C18A5C46C346F549D4] – (…) — C:ExpressGateUtilVAWinAgent.exe [21504] [PID.3680]
[MD5.A35751D0563DFC4D3A219080365D6319] – (.France Telecom SA – Pas de description.) — C:Program Files (x86)CardDetectorICON515CardDetector.exe [282624] [PID.3660]
[MD5.92BC91BEB19BE1F03DB9664AD47120B2] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastui.exe [3888648] [PID.4052]
[MD5.B0EEFE535D15C5D0176B916B1BB95501] – (.Broadcom Corporation. – Bluetooth Headset Skype Proxy.) — C:Program FilesWIDCOMMBluetooth SoftwareBluetoothHeadsetProxy.exe [13600] [PID.5716]
[MD5.EB9668A40C4AFFB5126319663DAC9376] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8020480] [PID.1744]
[MD5.718D79F2E7EC3AFFD3661DA81F93BBEA] – (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [413128] [PID.1016]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] – (.ASUS – ASLDR Service.) — C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe [84536] [PID.1408]
[MD5.7910158929571214A959D5A6D16DD9C0] – (.ASUS – GFNEXSrv.) — C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe [96896] [PID.1432]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344] [PID.1464]
[MD5.55FF0FFE359702D2E2B99DF5CBB3DD06] – (.AVAST Software – avast! firewall service.) — C:Program FilesAVAST SoftwareAvastafwServ.exe [109048] [PID.2072]
[MD5.3F442897D7ED5B84849B81AD5DB29E09] – (.France Telecom SA – Pas de description.) — C:Program Files (x86)Common FilesFrance TelecomShared ModulesFTRTSVCFTRTSVC.exe [77824] [PID.2476]
[MD5.01F61F0F2B551EAEE2C12619B13B93D2] – (.ASUS – HControl.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exe [166528] [PID.3276]
[MD5.C50CD479FD1BB886244E2663DFFBCF6A] – (.NVIDIA Corporation – NVIDIA Network Service.) — C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe [1618888] [PID.3804]
[MD5.98EF79CC2B07398AC525F9EA1AE0366F] – (.Safer-Networking Ltd. – Spybot-S&D 2 Scanner Service.) — C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe [3921880] [PID.4192]
[MD5.E4FAD21646088D79F8889B6531396ACF] – (.TomTom – Windows Service for TomTom HOME.) — C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe [93072] [PID.4436]
[MD5.0ADF410187B71C9B855721C8D59CEC7A] – (…) — C:ExpressGateUtilVAWinService.exe [77312] [PID.4504]
[MD5.149126216A694E6BA84E92ECA77AAE3B] – (.ASUS – ATKOSD.) — C:Program Files (x86)ASUSATK PackageATK HotkeyATKOSD.exe [2488888] [PID.4992]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] – (.ASUS – KBFiltr.) — C:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exe [113208] [PID.5000]
[MD5.4A7C441D99D86704D194E7678873B95D] – (.ASUS – WDC.) — C:Program Files (x86)ASUSATK PackageATK HotkeyWDC.exe [174648] [PID.5012]
[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] – (.Yahoo! Inc. – AutoUpater Service Module.) — C:Program Files (x86)Yahoo!SoftwareUpdateYahooAUService.exe [602392] [PID.5084]
[MD5.14BF6B3AB327D519ED007CDDC56F6900] – (.Safer-Networking Ltd. – Spybot-S&D 2 Background update service.) — C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe [1042272] [PID.3228]
[MD5.820EBE67AB99F033FDE25B2692157991] – (.Safer-Networking Ltd. – Windows Security Center integration..) — C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe [171416] [PID.3356]
[MD5.0803906D607A9B83184447B75B60ECC2] – (.Intel Corporation – Local Manageability Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe [325656] [PID.2552]
[MD5.EB79C6C91A99930015EF29AE7FA802D1] – (.Intel Corporation – User Notification Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe [2655768] [PID.1248]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] – (.Google Inc. – Programme d’installation de Google.) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [135664] [PID.3432]
~ Processes Running: Scanned in 00mn 01s

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:UsersThierry_PAppDataRoamingMozillaFirefoxProfilesw6u5djfg.defaultprefs.js
M3 – MFPP: Plugins – [Thierry_P] — C:UsersThierry_PAppDataRoamingMozillaFirefoxProfilesw6u5djfg.defaultsearchpluginspastedleaks.xml
M3 – MFPP: Plugins – [Thierry_P] — C:UsersThierry_PAppDataRoamingMozillaFirefoxProfilesw6u5djfg.defaultsearchpluginsprivatelee-https.xml
M3 – MFPP: Plugins – [Thierry_P] — C:UsersThierry_PAppDataRoamingMozillaFirefoxProfilesw6u5djfg.defaultsearchpluginsqwantcom.xml
~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 02s
~ Nombre de lignes (Lines number): 47916

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: (no name) – [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 – Toolbar: (no name) – [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Applications lancées au démarrage du système (O4)
O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
O4 – HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
O4 – HKLM..Run: [IntelTBRunOnce] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
O4 – HKLM..Run: [SynAsusAcpi] C:Program Files (x86)SynapticsSynTPSynAsusAcpi.exe (.not file.)
O4 – HKLM..Run: [THXCfg64] . (.Creative Technology Ltd. – Pas de description.) — C:Windowssystem32THXCfg64.dll
O4 – HKLM..Run: [IntelliPoint] . (.Microsoft Corporation – IPoint.exe.) — C:Program FilesMicrosoft IntelliPointipoint.exe
O4 – HKLM..Run: [NvBackend] . (.NVIDIA Corporation – NVIDIA GeForce Experience Backend.) — C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
O4 – HKLM..Run: [ShadowPlay] . (.NVIDIA Corporation – NVIDIA Capture Server Proxy.) — C:Windowssystem32nvspcap64.dll
O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKCU..Run: [SuperCopier2.exe] . (.SFX TEAM – SuperCopier 2 (explorer file copy replaceme.) — C:Program Files (x86)SuperCopier2SuperCopier2.exe
O4 – HKCU..Run: [TomTomHOME.exe] . (.TomTom – System Tray application for TomTom HOME.) — C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe
O4 – HKLM..Wow6432NodeRun: [UpdateLBPShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe
O4 – HKLM..Wow6432NodeRun: [CLMLServer] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe
O4 – HKLM..Wow6432NodeRun: [UpdateP2GoShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe
O4 – HKLM..Wow6432NodeRun: [Nuance PDF Reader-reminder] . (.Nuance Communications, Inc. – Ereg.) — C:Program Files (x86)NuancePDF ReaderEregEreg.exe
O4 – HKLM..Wow6432NodeRun: [FLxHCIm] . (.Windows (R) Win 7 DDK provider – Fresco Logic.) — C:Program FilesFresco Logic IncFresco Logic USB3.0 Host ControllerhostFLxHCIm.exe
O4 – HKLM..Wow6432NodeRun: [ATKOSD2] . (.ASUS – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe
O4 – HKLM..Wow6432NodeRun: [ATKMEDIA] . (.ASUS – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe
O4 – HKLM..Wow6432NodeRun: [HControlUser] . (.ASUS – HControlUser.) — C:Program Files (x86)ASUSATK PackageATK HotkeyHControlUser.exe
O4 – HKLM..Wow6432NodeRun: [Wireless Console 3] . (.Pas de propriétaire – Wireless Console 3.) — C:Program Files (x86)ASUSWireless Console 3wcourier.exe
O4 – HKLM..Wow6432NodeRun: [ASUS Screen Saver Protector] . (.ASUS – AsScrPro.) — C:WindowsAsScrPro.exe
O4 – HKLM..Wow6432NodeRun: [THX TruStudio NB Settings] . (.Creative Technology Ltd – THXAudioNB.) — C:Program Files (x86)CreativeTHX TruStudioTHXNBSetTHXAudNB.exe
O4 – HKLM..Wow6432NodeRun: [UpdReg] . (.Creative Technology Ltd. – Creative UpdReg.) — C:WindowsUpdReg.exe
O4 – HKLM..Wow6432NodeRun: [VAWinAgent] . (…) — C:ExpressGateUtilVAWinAgent.exe
O4 – HKLM..Wow6432NodeRun: [CardDetectorICON515] . (.France Telecom SA – Pas de description.) — C:Program Files (x86)CardDetectorICON515CardDetector.exe
O4 – HKLM..Wow6432NodeRun: [BEWINTERNET-FR-DMGP-V2SessionManager] . (.France Telecom SA – Pas de description.) — C:Program Files (x86)OrangeIEWInternetSessionManagerSessionManager.exe
O4 – HKLM..Wow6432NodeRun: [NPSStartup] Clé orpheline
O4 – HKLM..Wow6432NodeRun: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-511304696-1716332751-1817636174-1000..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-511304696-1716332751-1817636174-1000..Run: [SuperCopier2.exe] . (.SFX TEAM – SuperCopier 2 (explorer file copy replaceme.) — C:Program Files (x86)SuperCopier2SuperCopier2.exe
O4 – HKUSS-1-5-21-511304696-1716332751-1817636174-1000..Run: [TomTomHOME.exe] . (.TomTom – System Tray application for TomTom HOME.) — C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe
~ Application: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{674C37E4-510B-4A99-A6E8-E3B4B71D2A3D}: DhcpNameServer = 192.168.42.129
O17 – HKLMSystemCCSServicesTcpip..{B7C25ACC-F0A5-4E03-9FA2-56C6FB030CB6}: DhcpNameServer = 192.168.0.254
O17 – HKLMSystemCS1ServicesTcpip..{674C37E4-510B-4A99-A6E8-E3B4B71D2A3D}: DhcpNameServer = 192.168.42.129
O17 – HKLMSystemCS1ServicesTcpip..{B7C25ACC-F0A5-4E03-9FA2-56C6FB030CB6}: DhcpNameServer = 192.168.0.254
O17 – HKLMSystemCS2ServicesTcpip..{674C37E4-510B-4A99-A6E8-E3B4B71D2A3D}: DhcpNameServer = 192.168.42.129
O17 – HKLMSystemCS2ServicesTcpip..{B7C25ACC-F0A5-4E03-9FA2-56C6FB030CB6}: DhcpNameServer = 192.168.0.254
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 – Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. – Windows Security Center integration..) – C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe
O23 – Service: VideAceWindowsService (VideAceWindowsService) . (…) – C:ExpressGateUtilVAWinService.exe
O23 – Service: WTService (WTService) . (.Pas de propriétaire – User Mode Tablet Driver.) – C:WindowsSystem32atwtusb.exe
~ Services: 21 Legitimates Filtered in 00mn 04s

—\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{1ED57DD2-8399-4F3C-89FC-2A02C810DCBB}] (…) — E:DirectXDXSETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5026ECD9-18DF-4EE3-B46D-8F0A96666FB6}] (…) — E:setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5DF8E686-0878-46EE-B84C-0FDA64B64030}] (…) — C:UsersThierry_PDownloadsPoiEdit2007-2-FRA(1).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6696DA69-22B3-40C0-B90B-B58425089CE4}] (…) — C:UsersThierry_PDocumentsMy Gamesimprovement_mod_v5.1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6D046B3D-E8D5-4D27-A719-CCB735FC86AE}] (…) — C:UsersThierry_PDownloadsimprovement_mod_v5.1improvement_mod_v5.1.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A06A97C7-3117-4C99-86EB-151C4E37BB82}] (…) — E:setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A6E55E78-58E6-4078-89E5-E0AC18D9556D}] (…) — E:setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B5D0FB7F-109C-4F06-ADF7-A0B3DE015473}] (…) — C:UsersThierry_PDownloadsNew_PC_Studio_1.5.1.10064_2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BEAE9E92-466F-4358-AF5C-5E2784D0A510}] (…) — C:Program Files (x86)AtariNeverwinter Nights 2nwn2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EB49721F-6DF4-47F8-9245-73CB72CFDC6C}] (…) — C:UsersThierry_PDocumentsNWN RessourcesNWN2 outilsLetoLeto0.3.1.67.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{ECF98C4F-AEC8-403A-9ACC-A96B583B8C4B}] (…) — C:Program Files (x86)AtariNeverwinter Nights 2nwn2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F18100BE-B593-46FA-89FC-104B21F061D6}] (…) — C:Program Files (x86)InstallShield Installation Information{C4A4722E-79F9-417C-BD72-8D359A090C97}setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F1F75EE6-2D28-401E-B585-0C64855260C9}] (…) — C:UsersThierry_PDownloadsimprovement_mod_v5.1.exe (.not file.) [0]
O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1078]
O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1082]
~ Scheduled Task: 36 Legitimates Filtered in 00mn 02s

—\ Logiciels installés (O42)
O42 – Logiciel: BOSS – (.BOSS Development Team.) [HKLM][64Bits] — BOSS
O42 – Logiciel: FreeTorrentViewer – (.Free Torrent Viewer.) [HKLM][64Bits] — FreeTorrentViewer
O42 – Logiciel: Yahoo! Toolbar – (…) [HKLM][64Bits] — Yahoo! Companion
~ Logic: 41 Legitimates Filtered in 00mn 00s

—\ HKCU & HKLM Software Keys
[HKLMSoftwareGNRC]
~ Key Software: 386 Legitimates Filtered in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 04/06/2013 – 09:56:33 – [] —-D C:Program Files (x86)FreeTorrentViewer
O43 – CFD: 04/02/2014 – 11:15:31 – [] —-D C:Program Files (x86)The Load Order Sorting Tool
O43 – CFD: 26/05/2013 – 19:32:17 – [] —-D C:ProgramDataNexusDB3
O43 – CFD: 04/06/2013 – 09:58:05 – [] —-D C:UsersThierry_PAppDataRoamingFreeTorrentViewer
O43 – CFD: 09/06/2013 – 10:21:13 – [] —-D C:UsersThierry_PAppDataLocalECSD
O43 – CFD: 09/07/2011 – 19:01:31 – [] —-D C:UsersThierry_PAppDataLocalNWN2 Toolset
O43 – CFD: 04/06/2013 – 09:56:33 – [] —-D C:UsersThierry_PAppDataRoamingMicrosoftWindowsStart MenuProgramsFreeTorrentViewer
O43 – CFD: 10/05/2013 – 18:00:41 – [] —-D C:UsersThierry_PAppDataRoamingMicrosoftWindowsStart MenuProgramsRouteConverter
~ 3 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 220 Legitimates Filtered in 00mn 00s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.9FA44E747737A8E1C78F32D3B31EB7E2] – 15/05/2014 – 00:49:42 —A- . (…) — C:WindowsSystem32nvcoproc.bin [3774821]
O44 – LFC:[MD5.8B208DB0322F8879A62B53DF03BF5DEF] – 20/05/2014 – 03:44:03 —A- . (…) — C:WindowsSystem32nvinfo.pb [26069]
O44 – LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] – 28/05/2014 – 13:18:23 —A- . (…) — C:WindowsSystem32acovcnt.exe [45056]
O44 – LFC:[MD5.992AD8D8409E43611C992AD0743FEDC2] – 28/05/2014 – 15:49:54 —A- . (…) — C:Windowswin.ini [593]
~ Files: 77 Legitimates Filtered in 00mn 02s

—\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 – SMSR:HKLM…startupregMacroKeyManager [Key] . (.Pas de propriétaire – Macro Key Manager MFC Application.) — C:WindowsSystem32WTMKM.exe
O53 – SMSR:HKLM…startupregYontoo Desktop [Key] . (…) — C:UsersThierry_PAppDataRoamingYontooYontooDesktop.exe (.not file.) =>Adware.Yontoo
~ SMSR Keys: 7 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – « EnableUIADesktopToggle »=0
O55 – MWPS:[HKLM…PoliciesSystem] – « FilterAdministratorToken »=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 – MWPE:[HKLM…policiesExplorer] – « NoActiveDesktopChanges »=1
~ MWPE Keys: 7 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:24/02/2010 – 11:20:40 —A- . (.Protect Software GmbH – ProtectDisc x64/x86 Hybrid Driver.) — C:WindowsSystem32Driversacedrv11.sys [191616]
O58 – SDL:20/04/2014 – 10:14:42 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [29208] =>.ALWIL Software
O58 – SDL:20/04/2014 – 10:14:42 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [65776] =>.ALWIL Software
O58 – SDL:20/04/2014 – 10:14:42 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [208416] =>.ALWIL Software
O58 – SDL:30/10/2011 – 15:44:32 —A- . (…) — C:WindowsSystem32Driversatksgt.sys [314016]
O58 – SDL:14/12/2009 – 11:44:24 —A- . (.Infowatch – Cryptographic Algorithm Lib Driver..) — C:WindowsSystem32DriversCSCrySec.sys [85048]
O58 – SDL:14/12/2009 – 11:44:24 —A- . (.Infowatch – Virtual Volume Container Driver (wnet).) — C:WindowsSystem32DriversCSVirtualDiskDrv.sys [66104]
O58 – SDL:14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
O58 – SDL:10/06/2009 – 21:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
O58 – SDL:20/07/2009 – 10:29:40 —A- . (.Pas de propriétaire – Keyboard Filter Driver.) — C:WindowsSystem32Driverskbfiltr.sys [15416]
O58 – SDL:30/10/2011 – 15:44:32 —A- . (…) — C:WindowsSystem32Driverslirsgt.sys [43680]
O58 – SDL:08/03/2009 – 18:16:14 —A- . (.Windows (R) Codename Longhorn DDK provider – Mouse Filter Driver.) — C:WindowsSystem32Driversmoufiltr.sys [7680]
O58 – SDL:14/07/2009 – 02:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
O58 – SDL:14/06/2010 – 09:32:54 —A- . (.Teruten Inc – File System Mini Filter Drvier.) — C:WindowsSystem32DriversTFsExDisk.sys [16448]
O58 – SDL:17/04/2010 – 00:07:28 —A- . (…) — C:WindowsSystem32DriversTurboB.sys [13832]
O58 – SDL:17/04/2009 – 02:18:26 —A- . (.Windows (R) Codename Longhorn DDK provider – Virtual Hid Device.) — C:WindowsSystem32Driverswalvhid.sys [7808]
O58 – SDL:24/07/2006 – 16:05:00 —A- . (…) — C:WindowsSysWOW64driversStarOpen.sys [5632]
O58 – SDL:14/06/2010 – 09:32:54 —A- . (.Teruten Inc – File System Mini Filter Drvier.) — C:WindowsSysWOW64driversTFsExDisk.Sys [16448]
~ Drivers: 96 Legitimates Filtered in 00mn 00s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.nethttp://www.sosvirus.net.) [HKLM] — Usbfix
O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Liste les services legacy du registre (LALS) (O64)
O64 – Services: CurCS – 20/04/2014 – C:Windowssystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
~ Legacy: 99 Legitimates Filtered in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] – (Bing) – http://www.bing.com » onclick= »window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.DF83FF1C378246B1A12F19A74404FF87] [SPRF][06/07/2012] (…) — C:ProgramDatabdinstall.bin [94570]
[MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][07/07/2010] (…) — C:ProgramDataFullRemove.exe [131472]
[MD5.9EC73884D7D7BFEC9EED7EAF3122A0BE] [SPRF][28/05/2014] (…) — C:UsersThierry_PDesktopadwcleaner_3.211.exe [1327971]
~ Files: 3 Legitimates Filtered in 00mn 00s

—\ Recherche de clés de registre Tracing (O100)
HKLMSOFTWAREWow6432NodeMicrosoftTracingBingBar_RASAPI32 =>Toolbar.Bing
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingIminentSetup_2-KFRPtAWP-1__RASAPI32 =>Adware.IMBooster
HKLMSOFTWAREWow6432NodeMicrosoftTracingIminentSetup_2-KFRPtAWP-1__RASMANCS =>Adware.IMBooster
HKLMSOFTWAREWow6432NodeMicrosoftTracingyontoo-C4-442C_RASAPI32 =>Adware.Yontoo
HKLMSOFTWAREWow6432NodeMicrosoftTracingyontoo-C4-442C_RASMANCS =>Adware.Yontoo
~ BTK: 395 Legitimates Filtered in 00mn 00s

—\ Recherche de clés de registre CLSID (O101)
[HKCRCLSID{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCRCLSID{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4588 Legitimates Filtered in 00mn 04s

—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Demand 14/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
SS – | Demand 10/06/2011 79360 | (Creative ALchemy AL6 Licensing Service) . (.Creative Labs.) – C:Program Files (x86)Common FilesCreative Labs SharedServiceAL6Licensing.exe
SS – | Demand 10/06/2011 79360 | (Creative Audio Engine Licensing Service) . (.Creative Labs.) – C:Program Files (x86)Common FilesCreative Labs SharedServiceCTAELicensing.exe
SS – | Demand 12/01/2011 135664 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Auto 20/03/2014 285795 | (HOSTS Anti-PUPs) . (…) – C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware.exe
SS – | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) – C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
SS – | Demand 09/07/2011 421376 | (maconfservice) . (.CybelSoft.) – C:Program Filesma-config.comx64maconfservice.exe
SS – | Demand 10/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
SS – | Demand 20/02/2014 569024 | (Steam Client Service) . (.Valve Corporation.) – C:Program Files (x86)Common FilesSteamSteamService.exe
SR – | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
SR – | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
SR – | Auto 20/04/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
SR – | Auto 20/04/2014 109048 | (avast! Firewall) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastafwServ.exe
SR – | Auto 11/03/2010 873248 | (btwdins) . (.Broadcom Corporation..) – C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe
SR – | Auto 11/09/2009 77824 | C:Program Files (x86)COMMON~1France TelecomShared ModulesFTRTSVCFTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) – C:Program Files (x86)Common FilesFrance TelecomShared ModulesFTRTSVCFTRTSVC.exe
SR – | Auto 12/01/2011 135664 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SR – | Auto 06/10/2010 325656 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
SR – | Auto 30/04/2014 1618888 | (NvNetworkService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNetServiceNvNetworkService.exe
SR – | Auto 30/04/2014 21009352 | (NvStreamSvc) . (.NVIDIA Corporation.) – C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamsvc.exe
SR – | Auto 20/05/2014 927520 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
SR – | Auto 15/10/2013 3921880 | (SDScannerService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDFSSvc.exe
SR – | Auto 20/09/2013 1042272 | (SDUpdateService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDUpdSvc.exe
SR – | Auto 13/09/2013 171416 | (SDWSCService) . (.Safer-Networking Ltd..) – C:Program Files (x86)Spybot – Search & Destroy 2SDWSCSvc.exe
SR – | Auto 20/05/2014 413128 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
SR – | Auto 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) – C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe
SR – | Auto 17/04/2010 134928 | (TurboBoost) . (.Intel(R) Corporation.) – C:Program FilesIntelTurboBoostTurboBoost.exe
SR – | Auto 06/10/2010 2655768 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
SR – | Auto 21/08/2010 77312 | (VideAceWindowsService) . (…) – C:ExpressGateUtilVAWinService.exe
SR – | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
SR – | Auto 03/06/2009 660640 | (WTService) . (…) – C:WindowsSystem32atwtusb.exe
SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 09/11/2008 602392 | (YahooAUService) . (.Yahoo! Inc..) – C:Program Files (x86)Yahoo!SoftwareUpdateYahooAUService.exe
~ Services: Scanned in 00mn 04s

—\ Scan Additionnel (O88)
Database Version : 13026 – (28/05/2014)
Clés trouvées (Keys found) : 14
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2

[HKLMSoftwareMicrosoftShared ToolsMSConfigstartupregYontoo Desktop] =>Adware.Yontoo^
[HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeDealply] =>PUP.DealPly
[HKLMSoftwareWow6432NodeMicrosoftTracingBingBar_RASAPI32] =>Toolbar.Bing
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsB2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLMSoftwareMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeDealPlyUpdate] =>PUP.DealPly
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodesA97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsF754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionUninstallYahoo! Companion] =>Toolbar.Yahoo
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKCRCLSID{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCRCLSID{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
~ Additionnel Scan: 269169 Items scanned in 00mn 18s

—\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/adware-yontoo » onclick= »window.open(this.href);return false; =>Adware.Yontoo
http://nicolascoolman.fr/adware-imbooster » onclick= »window.open(this.href);return false; =>Adware.IMBooster
http://nicolascoolman.fr/pup-dealply » onclick= »window.open(this.href);return false; =>PUP.DealPly
http://nicolascoolman.fr/pup-sweetim » onclick= »window.open(this.href);return false; =>PUP.SweetIM
http://nicolascoolman.fr/pup-tarma » onclick= »window.open(this.href);return false; =>PUP.Tarma
~ MSI: 5 link(s) detected in 00mn 00s

~ 1025 Legitimates filtered by white list
End of the scan (498 lines in 00mn 59s)(0)

Voila pour les 3 rapports…

Passe une bonne nuit :dodo10:
Je continue demain pour la suite de tes consignes…
A+