~ Rapport de ZHPDiag v2015.1.9.4 - Nicolas Coolman  (09/01/2015)
~ Lancé par PC Alain (12/01/2015 19:16:33)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17498
MFIE: Mozilla Firefox 34.0.5 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1, 64-bit  (Build 9600)
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
Avast Internet Security v10.0.2208
Spybot - Search & Destroy v2.2.25
Windows Defender W8 (Deactivate)

---\\ Logiciels d'optimisation du système
CCleaner v5.01

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 16 NPAPI
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4004 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 78 GB (51%) free of 150 GB

---\\ Mode de connexion au système
~ Computer Name: PC_ALAIN
~ User Name: PC Alain
~ All Users Names: PC Alain, HomeGroupUser$, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\PC Alain\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\PC Alain\AppData\Roaming\
~ %Desktop% : C:\Users\PC Alain\Desktop\
~ %Favorites% : C:\Users\PC Alain\Favorites\
~ %LocalAppData% : C:\Users\PC Alain\AppData\Local\
~ %StartMenu% : C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 78 Go of 150 Go)
D: Hard drive, Flash drive, Thumb drive (Free 168 Go of 761 Go)
F: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.85D47EB257B06094F052E0C8AEFA3BEE] - (.Microsoft Corporation - Explorateur Windows.) (.29/10/2014 - 04:57:42.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29/10/2014 - 02:25:54.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/11/2014 - 02:28:21.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.29/10/2014 - 02:22:52.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 04:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 10:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 12:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - Pilote de port i8042.) (.07/10/2014 - 04:29:50.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 13:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.08/10/2014 - 08:32:10.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.15/10/2014 - 09:32:37.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.30/09/2013 - 04:59:53.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 03:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/388
~ Mes musiques (My Musics) : 1/501
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 3/15117
~ Mon Bureau (My Desktop) : 2/106
~ Menu demarrer (Programs) : 1/39
~ Hidden Files:  Scanned in 00mn 06s



---\\ Processus lancés
[MD5.BEAF1CCDCF204CB38616FF4AA8FB9D6D] - (.ASUSTeK Computer Inc. - ALU MFC Application.) -- C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe   [196992] [PID.4516]
[MD5.C2F264DE604714CF5D6FAC21B4CACEC2] - (.Microsoft - Launcher.) -- C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe   [1593488] [PID.4648]
[MD5.8C9231025FAF86B78906B6C847531FFB] - (.ASUSTeK Computer Inc. - ASUS Routine Controller.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe   [2935424] [PID.4656]
[MD5.4624731A850366C5E049C93BCB5D41FD] - (.ASUSTeK Computer Inc. - EPUHelp.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe   [1256576] [PID.4368]
[MD5.9EC9218D94DB00C67BBB28DC62B8A46B] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX1000.exe   [762736] [PID.5688]
[MD5.4F011F572DAC7057DF9D6E9064AA77E8] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe   [2460488] [PID.5772]
[MD5.6226810F26227F083929AC5584122951] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\PC Alain\AppData\Roaming\Dropbox\bin\Dropbox.exe   [39207112] [PID.5444]
[MD5.E84F189BE4353A47EBF063D8EA3C4B63] - (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe   [5562736] [PID.5496]
[MD5.312C7978F0A42DB0475CE31D884DCE88] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe   [5227112] [PID.5620]
[MD5.AF49D1C79EA49A7833017F290EE63B82] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe   [5624784] [PID.5004]
[MD5.77C980C97A17D31B21CCCD3F2ED823CB] - (.QFX Software Corporation - KeyScrambler.) -- C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe   [508744] [PID.5244]
[MD5.59360FFECC83F76DCF786DB0477F622B] - (.Microsoft Corporation - Microsoft Office Document Cache Sync Client.) -- C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.exe   [81640] [PID.6416]
[MD5.2545A3C12E99CAA24F9367D7F5A80D83] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe   [287592] [PID.7052]
[MD5.DADDD62BEDC91BC96CFC794A2CA0D94A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [337520] [PID.5440]
[MD5.E6B65C40F24E207DF5937AA3641CA381] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8151040] [PID.2284]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\PC Alain\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 1 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\PC Alain\AppData\Roaming\Mozilla\Firefox\Profiles\lqp40z2s.default\prefs.js
M3 - MFPP: Plugins - [PC Alain] -- C:\Users\PC Alain\AppData\Roaming\Mozilla\Firefox\Profiles\lqp40z2s.default\searchplugins\yahoo-avast.xml
M0 - MFSP: prefs.js [PC Alain - lqp40z2s.default] http://fr.yahoo.com
M2 - MFEP: Extension [PC Alain - lqp40z2s.default] {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
M2 - MFEP: Extension [PC Alain - lqp40z2s.default] {9e891144-6b11-4b15-831d-1fc05f439ef4}.xpi
M2 - MFEP: Extension [PC Alain - lqp40z2s.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi  =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [PC Alain - lqp40z2s.default] {EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.1] - (.VideoLAN - VLC media player Web Plugin 2.2.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll  =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.3] - (.VideoLAN - VLC media player Web Plugin 2.2.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll  =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.4] - (.VideoLAN - VLC media player Web Plugin 2.2.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll  =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN - VLC media player Web Plugin 2.2.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll  =>.VideoLAN
~ Firefox Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com  =>PUP.StartSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com  =>PUP.StartSearch
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com  =>PUP.StartSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.search.yahoo.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com  =>PUP.StartSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://fr.yahoo.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com  =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com  =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com  =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com  =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com  =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com  =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 18 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15520)
~ Hosts File:  Scanned in 00mn 05s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: GoSave [64Bits] - {125d1951-8f2b-4706-b8ed-d0703b5f1863} . (...) -- C:\Program Files (x86)\GoSave\voSmldcDpktcRE.dll  =>PUP.GoSave
O2 - BHO: flashget urlcatch [64Bits] - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} . (.www.flashget.com - Flashget CatchUrl Module.) -- C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: YoutubeAdBlocke [64Bits] - {b20fd029-15c9-4d5d-a523-a34421293827} . (...) -- C:\Program Files (x86)\YoutubeAdBlocke\TZcTd7B39lrxb2.dll  =>PUP.YouTubeAdBlock
O2 - BHO: FlashGet GetFlash Class [64Bits] - {F156768E-81EF-470C-9057-481BA8380DBA} . (.www.flashget.com - Flashget GetFlash Module.) -- C:\Program Files (x86)\FlashGet\getflash.dll
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline
~ BHO: 10 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe   =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\WINDOWS\system32\nvspcap64.dll 
O4 - HKLM\..\Run: [VX1000] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\WINDOWS\vVX1000.exe 
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 
O4 - HKLM\..\Run: [Start WingMan Profiler] . (.Logicool Co. Ltd. - Logicool WingMan Event Monitor.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe 
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe 
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe 
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ASUS Cloud Corporation - ASUS WebStorage Panel.) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe 
O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [WD Quick View] . (.Western Digital Technologies, Inc. - WD Quick View.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe   =>.Western Digital Technologies
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe 
O4 - HKLM\..\Wow6432Node\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 
O4 - HKLM\..\Wow6432Node\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe 
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe   =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe 
O4 - HKLM\..\Wow6432Node\Run: [KeyScrambler] . (.QFX Software Corporation - KeyScrambler.) -- C:\Program Files (x86)\KeyScrambler\keyscrambler.exe 
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 
O4 - HKUS\S-1-5-21-2257578794-3172577338-128500371-1001\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe 
O4 - HKUS\S-1-5-21-2257578794-3172577338-128500371-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe 
O4 - HKUS\S-1-5-21-2257578794-3172577338-128500371-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll  =>.Microsoft Corporation
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F0C994C-8838-400D-BE70-4458F6BA1799}: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1C613D5-919A-4013-8FB2-6DBBA5CB0B80}: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F0C994C-8838-400D-BE70-4458F6BA1799}: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{C1C613D5-919A-4013-8FB2-6DBBA5CB0B80}: DhcpNameServer = 192.168.1.254 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 192.168.1.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: WSWSVCUchrome [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll  =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ASUS Com Service (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) . (.ASUSTeK Computer Inc. - Pas de description.) - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) . (.ASUSTeK Computer Inc. - AsSysCtr Application.) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.Pas de propriétaire - Asus WebStorage Windows Service.) - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) . (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Freemake Improver (Freemake Improver) . (.Freemake - FreemakeUtilsService.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce Experience Service.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) . (.Pas de propriétaire - Inkjet Printer/Scanner/Fax Extended Survey.) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 344.1.) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: RSTWmiService (RSTWmiService) . (.Intel Corporation - Intel(R) RAID Storage Technology Enterprise.) - C:\Program Files\Intel\CIM for Intel(R) RSTe\RSTWmiService.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: WD Backup (WDBackup) . (.Western Digital Technologies, Inc. - WD Backup Engine.) - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) . (.Western Digital Technologies, Inc. - WD Drive Service.) - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
~ Services: 25 Scanned in 00mn 19s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean64.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.4E48A7DF7ECACB38C686B2BEBAA687A3] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [267440]
[MD5.7529BF17445E16315A95B450CE985C11] [APT] [AsusVibeSchedule] (...) -- C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe   [1957040]
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [857888]
[MD5.805210C8DB11D5799E7172923959BF98] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [5489944]
[MD5.8C9231025FAF86B78906B6C847531FFB] [APT] [ASUS AI Suite II Execute] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe   [2935424]
[MD5.BEAF1CCDCF204CB38616FF4AA8FB9D6D] [APT] [ASUS Easy Update] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe   [196992]
[MD5.0074AFB0570FC1A6AC9771D0133DF44A] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe   [3907304]
[MD5.DF474E01CFC5F28CA952B0DBD6B132A9] [APT] [Refresh immunization] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe   [3633312]
[MD5.CDEB46FE688F062D3033209B29755203] [APT] [Scan the system] (.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe   [3885120]
[MD5.A8DD1AF22629B3AF743FFEA973192B69] [APT] [____Volume_7a2bfe60_4c84_43a7_8b59_aae56e5dfd76______Volume_0073e124_32a0_11e3_bea1_60a44ce921c4__] (.Western Digital Technologies, Inc..) -- C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe   [425840]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [1002]
~ Scheduled Task: 13 Scanned in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver:  (AsIO) . (...) - C:\Windows\Syswow64\drivers\AsIO.sys
O41 - Driver:  (AsUpIO) . (...) - C:\Windows\Syswow64\drivers\AsUpIO.sys
O41 - Driver:  (aswKbd) . (.AVAST Software - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys
O41 - Driver:  (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver:  (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver:  (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 46 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: AI Suite II - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {34D3688E-A737-44C5-9E2A-FF73618728E1}
O42 - Logiciel: ASUS Easy Update - (.ASUSTeK Computer Inc.) [HKLM][64Bits] -- {E7AA854E-6756-424E-84C2-4E47D5729AFF}
O42 - Logiciel: ASUS Launcher - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {40376CD0-67E0-4190-86CA-8BD8CBAC331C}
O42 - Logiciel: ASUS MX Suite - (.MAGIX AG.) [HKLM][64Bits] -- MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}
O42 - Logiciel: ASUS MX Suite - (.MAGIX AG.) [HKLM][64Bits] -- {9204F334-2A46-49F1-89C4-65CEB7AC1974}
O42 - Logiciel: ASUS Music Maker - (.MAGIX AG.) [HKLM][64Bits] -- MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}
O42 - Logiciel: ASUS Music Maker - (.MAGIX AG.) [HKLM][64Bits] -- {5E00D8DF-905B-41C7-B562-C126DE3A4167}
O42 - Logiciel: ASUS Video easy - (.MAGIX AG.) [HKLM][64Bits] -- MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}
O42 - Logiciel: ASUS Video easy - (.MAGIX AG.) [HKLM][64Bits] -- {7DB84618-76E3-4999-A9A0-D7D756E14129}
O42 - Logiciel: ASUS WebStorage Sync Agent - (.ASUS Cloud Corporation.) [HKLM][64Bits] -- ASUS WebStorage
O42 - Logiciel: ASUSDVD - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: ASUSDVD - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Alcor Micro USB Card Reader Driver  - (.Alcor Micro Corp..) [HKLM][64Bits] -- InstallShield_{EAF21E13-5DC6-4BE1-B186-A62BF926BD1E}
O42 - Logiciel: Any Video Converter 5.7.5 - (.Any-Video-Converter.com.) [HKLM][64Bits] -- Any Video Converter_is1
O42 - Logiciel: AsusVibe2.0 - (.ASUSTEK.) [HKLM][64Bits] -- Asus Vibe2.0
O42 - Logiciel: Avast Internet Security - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CIM for Intel(R) RSTe - (.Intel Corporation.) [HKLM][64Bits] -- {F7E5EE2B-0155-4fe2-80EF-7555C069EFA0}
O42 - Logiciel: CanoScan LiDE 110 Scanner Driver - (.Canon Inc..) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414
O42 - Logiciel: Canon Easy-PhotoPrint EX - (.Canon Inc..) [HKLM][64Bits] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (...) [HKLM][64Bits] -- CANONIJPLM100
O42 - Logiciel: Canon MP Navigator EX 4.0 - (...) [HKLM][64Bits] -- MP Navigator EX 4.0
O42 - Logiciel: Canon My Image Garden - (.Canon Inc..) [HKLM][64Bits] -- Canon My Image Garden
O42 - Logiciel: Canon My Image Garden Design Files - (.Canon Inc..) [HKLM][64Bits] -- Canon My Image Garden Design Files
O42 - Logiciel: Canon iP4900 series Printer Driver - (.Canon Inc..) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM][64Bits] -- DVD Shrink_is1
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM][64Bits] -- {6C5F8503-55D2-4398-858C-362B7A7AF51C}
O42 - Logiciel: FlashGet 1.9.6.1073 - (.http://www.FlashGet.com.) [HKLM][64Bits] -- FlashGet
O42 - Logiciel: Fotogalerie - (.Microsoft Corporation.) [HKLM][64Bits] -- {3CBD94C1-BA15-488C-888B-D8DD296CC6DC}
O42 - Logiciel: FreeCommander XE - (.Marek Jasinski.) [HKLM][64Bits] -- FreeCommander XE_is1
O42 - Logiciel: Freemake Video Converter version 4.1.5 - (.Ellora Assets Corporation.) [HKLM][64Bits] -- Freemake Video Converter_is1
O42 - Logiciel: GPL Ghostscript - (.Artifex Software Inc..) [HKLM][64Bits] -- GPL Ghostscript 9.14
O42 - Logiciel: Galeria de Fotografias - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5E338CE-E1C6-4F7D-8300-44DBD05B9F14}
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B}
O42 - Logiciel: Galería de fotos - (.Microsoft Corporation.) [HKLM][64Bits] -- {8F7FECEC-088F-431D-A5FB-2B59E1E69943}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {EAF826C0-245E-4D02-9D51-BA4C98717EAE}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7}
O42 - Logiciel: KeyScrambler - (.QFX Software Corporation.) [HKLM][64Bits] -- KeyScrambler
O42 - Logiciel: Logitech Gaming Software 5.10 - (.Logitech.) [HKLM][64Bits] -- {1444D2EE-C7AD-44A8-844F-2634B49353D1}  =>.Logitech Inc
O42 - Logiciel: MEDIADICO pour votre PC - (.LAventure.) [HKLM][64Bits] -- {BA9F5A23-5123-42CD-9433-F0F144B97219}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {9A3C5DC9-EEA9-4FB2-855A-26FE6DA733EA}
O42 - Logiciel: MediaInfo 0.7.71 - (.MediaArea.net.) [HKLM][64Bits] -- MediaInfo
O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM][64Bits] -- {9C5A08BF-BB99-4998-81BD-F6CC32483B34}
O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM][64Bits] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
O42 - Logiciel: Microsoft LifeCam - (.Microsoft Corporation.) [HKLM][64Bits] -- {6965A8D2-465D-4F98-9FAA-0E9E2348F329}
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Mozilla Firefox 34.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 34.0.5 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mozilla Thunderbird 31.3.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 31.3.0 (x86 fr)  =>.Mozilla Corporation
O42 - Logiciel: MultiCommander (x64) - (.Mathias Svensson.) [HKCU][64Bits] -- MultiCommander x64
O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: NVIDIA GeForce Experience 2.1.2 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.14.0702 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B455E95A-B804-439F-B533-336B1635AE97}
O42 - Logiciel: NVIDIA Pilote 3D Vision 344.11 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.32.1 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 344.11 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA Pilote graphique 344.11 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU][64Bits] -- PhotoFiltre 7
O42 - Logiciel: Raccolta foto - (.Microsoft Corporation.) [HKLM][64Bits] -- {D04EBB49-C985-4A38-8695-62000861293A}
O42 - Logiciel: Ralink RT2860 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] -- {8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: SW-Sustainer - (.Genuine P Software.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}  =>PUP.SafeWeb
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Scribus 1.4.4 (64bit) - (.The Scribus Team.) [HKLM][64Bits] -- Scribus 1.4.4
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Skype™ 6.21 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Sony Mobile Update Engine - (.Sony Mobile Communications Inc..) [HKLM][64Bits] -- Update Engine
O42 - Logiciel: Sony PC Companion 2.10.228 - (.Sony.) [HKLM][64Bits] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: UnityPDF version 1.0.1.0 - (.UnityPDF.) [HKLM][64Bits] -- {DBA31E1D-4CD2-4E8E-9EEB-ADBE24D8C04F}_is1
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: WD Quick View - (.Western Digital Technologies, Inc..) [HKLM][64Bits] -- {977F4EA1-2AF5-4DB3-875F-4AC87D210408}  =>.Western Digital Technologies
O42 - Logiciel: WD SmartWare - (.Western Digital Technologies, Inc..) [HKLM][64Bits] -- {532352DA-521D-496D-9FB0-1F8B2580D6DA}
O42 - Logiciel: WD SmartWare Installer - (.Western Digital Technologies, Inc..) [HKLM][64Bits] -- {1891b882-48f7-442d-98d0-c1ce533f25bd}
O42 - Logiciel: Why ASUS PC - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {5648F9D9-299E-408C-AC1F-59DC75894A1F}
O42 - Logiciel: XnView 2.13 - (.Gougelet Pierre-e.) [HKLM][64Bits] -- XnView_is1
O42 - Logiciel: eManual - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {0C84E634-EB68-4A54-B21E-A05EC87A4CC5}
O42 - Logiciel: Συλλογή φωτογραφιών - (.Microsoft Corporation.) [HKLM][64Bits] -- {A19A8C25-272A-4CD6-8BA8-3772321A021B}
O42 - Logiciel: 影像中心 - (.Microsoft Corporation.) [HKLM][64Bits] -- {631C4E4F-6FDC-4CC0-A067-E9876A9BA7FD}
O42 - Logiciel: 照片库 - (.Microsoft Corporation.) [HKLM][64Bits] -- {017E337D-D709-437C-83DB-71F82AA78BF6}
~ Logic: 65 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ASUS]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AnvSoft]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Appscion]
[HKCU\Software\AtuZi]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DVD Shrink]
[HKCU\Software\Digital River]
[HKCU\Software\ECAREME]
[HKCU\Software\Freemake]
[HKCU\Software\GPL Ghostscript]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Innovative Solutions]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\JetCar]
[HKCU\Software\Lake]
[HKCU\Software\Logitech]
[HKCU\Software\MAGIX AG]
[HKCU\Software\Macromedia]
[HKCU\Software\Magix]
[HKCU\Software\Mozilla Backup]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Multi Commander]
[HKCU\Software\MultiCommander]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QFX Software]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Sony]
[HKCU\Software\Stilesoft]
[HKCU\Software\TAdvCheckList]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VSO]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\VideoLAN]
[HKCU\Software\Vittalia]  =>PUP.Vittalia
[HKCU\Software\WSVCUPlugin]
[HKCU\Software\Waves Audio]
[HKCU\Software\WebApp]
[HKCU\Software\Western Digital]
[HKCU\Software\Wondershare]
[HKCU\Software\Wow6432Node]
[HKCU\Software\WsAudio_Device]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ej-technologies]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Artifex]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\ECAREME]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Logitech]
[HKLM\Software\MAGIX]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sony Mobile]
[HKLM\Software\VideoLAN]
[HKLM\Software\Waves Audio]
[HKLM\Software\Western Digital]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AtuZi]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Canon_Inc_IC]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\ECAREME]
[HKLM\Software\Wow6432Node\FGUpdate]
[HKLM\Software\Wow6432Node\Freemake]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\Innovative Solutions]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\LAventure]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\MAGIX]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Mediatek]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\PDFCreator]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PowerDVD10_Upgrade]
[HKLM\Software\Wow6432Node\QFX Software]
[HKLM\Software\Wow6432Node\Ralink]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SW-Booster]  =>PUP.SafeWeb
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SoftVTU]
[HKLM\Software\Wow6432Node\Sony Mobile]
[HKLM\Software\Wow6432Node\Sony]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WDPA]
[HKLM\Software\Wow6432Node\Western Digital]
[HKLM\Software\Wow6432Node\Wondershare]
[HKLM\Software\Wow6432Node\XnView]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\mystartsearchSoftware]  =>PUP.StartSearch
[HKLM\Software\Wow6432Node]
[HKLM\Software\cybelsoft]
~ Key Software: 327 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 05/09/2014 - 03:07:23 - [] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 22/11/2014 - 00:58:42 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 01/10/2014 - 03:17:51 - [0] ----D C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 13/06/2013 - 15:27:18 - [] ----D C:\Program Files (x86)\AmUStor
O43 - CFD: 25/08/2014 - 16:28:33 - [] ----D C:\Program Files (x86)\AnvSoft
O43 - CFD: 05/05/2014 - 02:46:13 - [] ----D C:\Program Files (x86)\ASUS
O43 - CFD: 28/11/2013 - 10:58:36 - [] ----D C:\Program Files (x86)\Canon
O43 - CFD: 22/11/2014 - 00:58:42 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 13/06/2013 - 15:31:31 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 17/11/2014 - 23:51:16 - [0] ----D C:\Program Files (x86)\DeltaFix
O43 - CFD: 08/11/2013 - 02:28:53 - [] ----D C:\Program Files (x86)\DVD Shrink
O43 - CFD: 08/11/2013 - 03:10:53 - [0] ----D C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 08/11/2013 - 03:15:31 - [] ----D C:\Program Files (x86)\FlashGet
O43 - CFD: 07/05/2014 - 02:11:44 - [] ----D C:\Program Files (x86)\FreeCommander XE
O43 - CFD: 18/11/2014 - 17:46:32 - [] ----D C:\Program Files (x86)\Freemake
O43 - CFD: 10/01/2014 - 01:45:48 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 15/11/2014 - 01:10:33 - [] ----D C:\Program Files (x86)\GoSave  =>PUP.GoSave
O43 - CFD: 13/10/2014 - 17:34:06 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/05/2014 - 01:41:53 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 11/12/2014 - 17:49:06 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 09/11/2014 - 17:06:41 - [] ----D C:\Program Files (x86)\KeyScrambler
O43 - CFD: 09/10/2013 - 10:23:27 - [] ----D C:\Program Files (x86)\LAventure
O43 - CFD: 05/05/2014 - 01:33:22 - [] ----D C:\Program Files (x86)\MarkAny
O43 - CFD: 03/10/2013 - 14:28:20 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 15/10/2014 - 01:55:44 - [] ----D C:\Program Files (x86)\Microsoft ASP.NET
O43 - CFD: 20/11/2013 - 02:32:33 - [] ----D C:\Program Files (x86)\Microsoft LifeCam
O43 - CFD: 31/05/2013 - 19:50:13 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 31/05/2013 - 19:54:12 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive  =>.Microsoft Corporation
O43 - CFD: 25/07/2014 - 01:42:37 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 14/12/2013 - 13:49:43 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 10/12/2014 - 00:16:46 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 10/12/2014 - 04:59:31 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 09/12/2014 - 02:59:08 - [] ----D C:\Program Files (x86)\Mozilla Thunderbird  =>.Mozilla Corporation
O43 - CFD: 25/10/2013 - 02:03:29 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 31/05/2013 - 19:52:50 - [] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 20/12/2013 - 19:57:44 - [] ----D C:\Program Files (x86)\MyFree Codec
O43 - CFD: 01/10/2014 - 03:17:23 - [] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 08/07/2014 - 03:35:59 - [] ----D C:\Program Files (x86)\PDFCreator
O43 - CFD: 22/11/2013 - 11:55:56 - [] ----D C:\Program Files (x86)\PhotoFiltre 7
O43 - CFD: 03/07/2014 - 20:14:59 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 25/10/2013 - 02:03:29 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 05/05/2014 - 01:31:35 - [] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 06/11/2014 - 12:15:58 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 13/10/2014 - 17:32:07 - [] ----D C:\Program Files (x86)\Sony
O43 - CFD: 06/11/2014 - 15:33:16 - [] ----D C:\Program Files (x86)\Sony Mobile
O43 - CFD: 02/01/2015 - 17:06:42 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 31/05/2013 - 19:34:46 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 08/04/2014 - 14:39:56 - [] ----D C:\Program Files (x86)\UnityPDF
O43 - CFD: 05/10/2013 - 22:41:46 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 22/11/2014 - 00:54:44 - [] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 13/12/2014 - 11:37:22 - [] ----D C:\Program Files (x86)\Western Digital
O43 - CFD: 12/11/2014 - 11:04:32 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 25/07/2014 - 01:42:25 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 21/11/2014 - 11:03:44 - [] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 21/11/2014 - 11:03:42 - [] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 21/11/2014 - 11:03:43 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 21/11/2014 - 11:03:41 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2014 - 11:03:43 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 25/10/2013 - 01:14:46 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 17/12/2013 - 16:21:06 - [] ----D C:\Program Files (x86)\XnView
O43 - CFD: 15/11/2014 - 01:10:33 - [] ----D C:\Program Files (x86)\YoutubeAdBlocke  =>PUP.YouTubeAdBlock
O43 - CFD: 12/01/2015 - 19:15:45 - [] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 08/10/2013 - 02:58:01 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 14/12/2013 - 13:49:45 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 03/07/2014 - 20:14:48 - [] ----D C:\Program Files (x86)\Common Files\Innovative Solutions
O43 - CFD: 31/05/2013 - 19:38:48 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 13/06/2013 - 15:23:24 - [] ----D C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 13/06/2013 - 15:30:42 - [] ----D C:\Program Files (x86)\Common Files\MAGIX Services
O43 - CFD: 03/07/2014 - 20:14:48 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 13/06/2013 - 15:23:22 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 06/11/2014 - 12:15:57 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 21/11/2014 - 11:03:35 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 13/12/2014 - 11:37:23 - [] ----D C:\Program Files (x86)\Common Files\Western Digital
O43 - CFD: 31/05/2013 - 19:54:03 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 12/11/2014 - 03:05:30 - [] ----D C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 13/11/2014 - 17:35:56 - [] ----D C:\ProgramData\13074571189917802962
O43 - CFD: 02/05/2014 - 23:26:57 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 13/06/2013 - 15:27:18 - [] ----D C:\ProgramData\AmUStor
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 13/06/2013 - 15:30:42 - [] ----D C:\ProgramData\ASUS
O43 - CFD: 31/05/2013 - 19:41:23 - [] ----D C:\ProgramData\ASUS WebStorage
O43 - CFD: 25/10/2013 - 02:50:10 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 25/10/2013 - 01:25:42 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 25/08/2014 - 10:37:03 - [] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 29/11/2013 - 00:38:10 - [0] --H-D C:\ProgramData\CanonEPP
O43 - CFD: 08/07/2014 - 02:01:52 - [] ----D C:\ProgramData\CanonIJ
O43 - CFD: 08/07/2014 - 02:01:52 - [] --H-D C:\ProgramData\CanonIJEGV
O43 - CFD: 29/11/2013 - 00:38:11 - [] --H-D C:\ProgramData\CanonIJEPPEX
O43 - CFD: 29/11/2013 - 00:38:10 - [0] --H-D C:\ProgramData\CanonIJEPPEX2
O43 - CFD: 29/11/2013 - 00:55:37 - [] --H-D C:\ProgramData\CanonIJMIG
O43 - CFD: 05/01/2015 - 18:19:34 - [] ----D C:\ProgramData\CanonIJPLM
O43 - CFD: 03/07/2014 - 20:39:12 - [] --H-D C:\ProgramData\CanonIJScan
O43 - CFD: 28/11/2013 - 13:32:13 - [] ----D C:\ProgramData\CanonIJWSpt
O43 - CFD: 09/09/2013 - 17:28:51 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 06/01/2015 - 14:44:28 - [] ----D C:\ProgramData\DVD Shrink
O43 - CFD: 13/11/2014 - 17:35:56 - [] ----D C:\ProgramData\engopppjmgpfjgbeddijmohbnbphchcl
O43 - CFD: 18/11/2014 - 17:47:01 - [] ----D C:\ProgramData\Freemake
O43 - CFD: 02/07/2014 - 17:11:46 - [] ----D C:\ProgramData\Innovative Solutions
O43 - CFD: 13/06/2013 - 15:23:09 - [] ----D C:\ProgramData\Intel
O43 - CFD: 24/07/2014 - 23:29:19 - [] ----D C:\ProgramData\ma-config.com
O43 - CFD: 06/09/2013 - 23:13:23 - [] ----D C:\ProgramData\MAGIX
O43 - CFD: 06/09/2013 - 17:44:28 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 25/10/2013 - 01:25:42 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 14/11/2013 - 18:29:02 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 19/02/2014 - 23:34:49 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 31/05/2013 - 19:54:11 - [] ----D C:\ProgramData\Microsoft SkyDrive  =>.Microsoft Corporation
O43 - CFD: 25/10/2013 - 01:25:42 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 06/09/2013 - 21:17:51 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 12/01/2015 - 18:03:00 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 03/07/2014 - 20:16:50 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 13/12/2014 - 11:37:48 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 25/10/2013 - 01:14:54 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 08/07/2014 - 02:01:53 - [] ----D C:\ProgramData\QFX Software
O43 - CFD: 13/06/2013 - 15:23:51 - [] ----D C:\ProgramData\Ralink Driver
O43 - CFD: 26/12/2014 - 12:09:43 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 05/05/2014 - 01:30:00 - [] ----D C:\ProgramData\Samsung
O43 - CFD: 06/11/2014 - 12:16:01 - [] ----D C:\ProgramData\Skype
O43 - CFD: 13/10/2014 - 17:32:07 - [] ----D C:\ProgramData\Sony
O43 - CFD: 13/10/2014 - 17:45:13 - [] ----D C:\ProgramData\Sony Mobile
O43 - CFD: 02/12/2013 - 12:41:59 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 04/12/2013 - 19:04:34 - [] ----D C:\ProgramData\Temp
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 13/11/2014 - 17:37:26 - [] ----D C:\ProgramData\Trusted Publisher  =>PUP.TopAppSoft
O43 - CFD: 08/11/2014 - 12:15:19 - [] ----D C:\ProgramData\VSO
O43 - CFD: 13/12/2014 - 11:37:22 - [] ----D C:\ProgramData\Western Digital
O43 - CFD: 12/11/2014 - 03:48:37 - [] ----D C:\ProgramData\Wondershare
O43 - CFD: 12/11/2014 - 03:38:20 - [] ----D C:\ProgramData\Wondershare Video Converter Ultimate
O43 - CFD: 05/09/2014 - 03:07:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 21/11/2014 - 11:13:40 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 21/11/2014 - 11:13:40 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 21/11/2014 - 11:13:40 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 25/08/2014 - 16:28:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
O43 - CFD: 25/10/2013 - 01:14:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 25/10/2013 - 01:14:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
O43 - CFD: 25/10/2014 - 11:33:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 28/11/2013 - 10:58:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 110 Manual
O43 - CFD: 25/08/2014 - 10:36:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4900 series
O43 - CFD: 29/11/2013 - 00:36:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 28/11/2013 - 13:24:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 110
O43 - CFD: 08/07/2014 - 03:33:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 08/11/2013 - 02:28:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
O43 - CFD: 07/05/2014 - 02:11:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander XE
O43 - CFD: 18/11/2014 - 17:46:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
O43 - CFD: 06/05/2014 - 03:29:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
O43 - CFD: 10/01/2014 - 01:45:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth  =>.Google Inc
O43 - CFD: 08/07/2014 - 02:01:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 09/11/2014 - 17:06:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
O43 - CFD: 25/10/2013 - 01:14:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAventure
O43 - CFD: 10/01/2014 - 02:32:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
O43 - CFD: 24/07/2014 - 23:29:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 20/11/2013 - 02:32:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
O43 - CFD: 14/12/2013 - 13:27:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 20/12/2013 - 19:57:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
O43 - CFD: 01/10/2014 - 03:17:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 08/07/2014 - 02:41:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
O43 - CFD: 22/11/2013 - 11:55:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 05/05/2014 - 01:30:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 27/08/2014 - 23:33:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.4
O43 - CFD: 06/11/2014 - 12:15:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 13/10/2014 - 17:34:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 14/11/2013 - 18:29:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
O43 - CFD: 22/08/2013 - 16:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 21/11/2014 - 11:13:41 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/09/2013 - 05:00:03 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 08/04/2014 - 14:39:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnityPDF
O43 - CFD: 08/11/2014 - 17:11:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 13/11/2014 - 18:59:51 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
O43 - CFD: 03/07/2014 - 20:39:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
O43 - CFD: 17/12/2013 - 16:21:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
O43 - CFD: 12/01/2015 - 19:15:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP  =>.Nicolas Coolman
O43 - CFD: 26/07/2014 - 18:05:59 - [] ----D C:\Users\PC Alain\AppData\Roaming\Adobe
O43 - CFD: 25/08/2014 - 16:29:00 - [] ----D C:\Users\PC Alain\AppData\Roaming\Anvsoft
O43 - CFD: 04/09/2013 - 16:06:26 - [] ----D C:\Users\PC Alain\AppData\Roaming\ASUS WebStorage
O43 - CFD: 25/10/2013 - 02:53:49 - [] ----D C:\Users\PC Alain\AppData\Roaming\AVAST Software
O43 - CFD: 08/03/2014 - 11:03:59 - [] ----D C:\Users\PC Alain\AppData\Roaming\Canon
O43 - CFD: 22/11/2014 - 00:58:03 - [0] ----D C:\Users\PC Alain\AppData\Roaming\com.wb.DC2
O43 - CFD: 04/12/2013 - 19:24:17 - [] ----D C:\Users\PC Alain\AppData\Roaming\CyberLink
O43 - CFD: 12/01/2015 - 18:04:27 - [] ----D C:\Users\PC Alain\AppData\Roaming\Dropbox
O43 - CFD: 06/01/2015 - 18:14:00 - [] ----D C:\Users\PC Alain\AppData\Roaming\dvdcss
O43 - CFD: 13/11/2014 - 17:47:27 - [0] ----D C:\Users\PC Alain\AppData\Roaming\EZDownloader
O43 - CFD: 08/11/2013 - 03:15:30 - [] ----D C:\Users\PC Alain\AppData\Roaming\FlashGet
O43 - CFD: 25/10/2013 - 01:44:24 - [] ----D C:\Users\PC Alain\AppData\Roaming\Identities
O43 - CFD: 18/11/2013 - 18:21:25 - [] ----D C:\Users\PC Alain\AppData\Roaming\InstallShield
O43 - CFD: 04/09/2013 - 16:07:23 - [] ----D C:\Users\PC Alain\AppData\Roaming\Intel Corporation
O43 - CFD: 04/09/2013 - 16:35:15 - [] ----D C:\Users\PC Alain\AppData\Roaming\Macromedia
O43 - CFD: 04/12/2013 - 19:35:12 - [] ----D C:\Users\PC Alain\AppData\Roaming\MAGIX
O43 - CFD: 12/11/2014 - 03:31:02 - [] ----D C:\Users\PC Alain\AppData\Roaming\MediaInfo
O43 - CFD: 08/07/2014 - 01:48:47 - [] -S--D C:\Users\PC Alain\AppData\Roaming\Microsoft
O43 - CFD: 06/09/2013 - 21:18:20 - [] ----D C:\Users\PC Alain\AppData\Roaming\Mozilla
O43 - CFD: 25/07/2014 - 02:01:19 - [] ----D C:\Users\PC Alain\AppData\Roaming\MultiCommander
O43 - CFD: 09/09/2013 - 17:28:13 - [] ----D C:\Users\PC Alain\AppData\Roaming\NVIDIA
O43 - CFD: 03/07/2014 - 23:41:58 - [0] ----D C:\Users\PC Alain\AppData\Roaming\PDFCreator
O43 - CFD: 22/11/2013 - 11:59:17 - [] ----D C:\Users\PC Alain\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 08/07/2014 - 02:01:59 - [] ----D C:\Users\PC Alain\AppData\Roaming\QFX Software
O43 - CFD: 05/05/2014 - 01:32:45 - [] ----D C:\Users\PC Alain\AppData\Roaming\Samsung
O43 - CFD: 04/05/2014 - 12:08:03 - [] ----D C:\Users\PC Alain\AppData\Roaming\Scribus
O43 - CFD: 14/12/2014 - 11:25:49 - [] ----D C:\Users\PC Alain\AppData\Roaming\Skype
O43 - CFD: 23/11/2014 - 16:22:59 - [0] ----D C:\Users\PC Alain\AppData\Roaming\SkypEmoticons
O43 - CFD: 08/09/2013 - 15:24:03 - [] ----D C:\Users\PC Alain\AppData\Roaming\Thunderbird  =>.Mozilla Corporation
O43 - CFD: 06/01/2015 - 23:56:43 - [] ----D C:\Users\PC Alain\AppData\Roaming\vlc
O43 - CFD: 12/11/2014 - 03:09:52 - [] ----D C:\Users\PC Alain\AppData\Roaming\Wondershare Video Converter Ultimate
O43 - CFD: 01/10/2014 - 02:20:18 - [] ----D C:\Users\PC Alain\AppData\Roaming\XnView
O43 - CFD: 12/01/2015 - 19:17:15 - [] ----D C:\Users\PC Alain\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 12/11/2014 - 03:38:04 - [] ----D C:\Users\PC Alain\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
O43 - CFD: 16/12/2014 - 02:10:50 - [] ----D C:\Users\PC Alain\AppData\Local\Adobe
O43 - CFD: 25/10/2013 - 01:12:01 - [] -SH-D C:\Users\PC Alain\AppData\Local\Application Data
O43 - CFD: 28/10/2013 - 00:36:21 - [] ----D C:\Users\PC Alain\AppData\Local\Apps
O43 - CFD: 03/10/2013 - 10:49:36 - [] ----D C:\Users\PC Alain\AppData\Local\ASUS
O43 - CFD: 28/02/2014 - 23:48:11 - [] ----D C:\Users\PC Alain\AppData\Local\Canon Easy-PhotoPrint EX
O43 - CFD: 09/09/2013 - 17:28:50 - [] ----D C:\Users\PC Alain\AppData\Local\Cyberlink
O43 - CFD: 06/11/2014 - 16:09:02 - [0] ----D C:\Users\PC Alain\AppData\Local\Diagnostics
O43 - CFD: 05/05/2014 - 01:29:24 - [] ----D C:\Users\PC Alain\AppData\Local\Downloaded Installations
O43 - CFD: 17/12/2014 - 10:49:48 - [] ----D C:\Users\PC Alain\AppData\Local\ElevatedDiagnostics
O43 - CFD: 22/05/2014 - 02:27:54 - [] -SH-D C:\Users\PC Alain\AppData\Local\EmieSiteList
O43 - CFD: 22/05/2014 - 02:27:54 - [] -SH-D C:\Users\PC Alain\AppData\Local\EmieUserList
O43 - CFD: 07/05/2014 - 02:11:43 - [] ----D C:\Users\PC Alain\AppData\Local\FreeCommanderXE
O43 - CFD: 28/07/2014 - 12:21:47 - [] ----D C:\Users\PC Alain\AppData\Local\FreemakeVideoConverter
O43 - CFD: 10/01/2014 - 01:45:49 - [] ----D C:\Users\PC Alain\AppData\Local\Google
O43 - CFD: 25/10/2013 - 01:12:01 - [] -SH-D C:\Users\PC Alain\AppData\Local\Historique
O43 - CFD: 06/05/2014 - 11:47:44 - [] ----D C:\Users\PC Alain\AppData\Local\Innovative Solutions
O43 - CFD: 01/02/2014 - 21:50:55 - [] ----D C:\Users\PC Alain\AppData\Local\IsolatedStorage
O43 - CFD: 10/01/2014 - 02:42:18 - [] ----D C:\Users\PC Alain\AppData\Local\Logitech
O43 - CFD: 06/09/2013 - 22:46:48 - [] ----D C:\Users\PC Alain\AppData\Local\Macromedia
O43 - CFD: 08/01/2015 - 19:28:46 - [] ----D C:\Users\PC Alain\AppData\Local\Microsoft
O43 - CFD: 04/11/2014 - 16:37:48 - [] ----D C:\Users\PC Alain\AppData\Local\Microsoft Help
O43 - CFD: 15/11/2013 - 16:06:52 - [] ----D C:\Users\PC Alain\AppData\Local\Microsoft_Corporation
O43 - CFD: 02/10/2013 - 04:05:22 - [] ----D C:\Users\PC Alain\AppData\Local\Mozilla
O43 - CFD: 24/11/2014 - 18:13:33 - [] ----D C:\Users\PC Alain\AppData\Local\MultiCommander (X64)
O43 - CFD: 09/01/2014 - 15:38:57 - [] ----D C:\Users\PC Alain\AppData\Local\NVIDIA
O43 - CFD: 31/07/2014 - 15:11:54 - [] ----D C:\Users\PC Alain\AppData\Local\NVIDIA Corporation
O43 - CFD: 08/01/2015 - 19:49:08 - [] ----D C:\Users\PC Alain\AppData\Local\Packages
O43 - CFD: 05/11/2013 - 12:57:03 - [] ----D C:\Users\PC Alain\AppData\Local\Programs
O43 - CFD: 05/05/2014 - 01:32:44 - [] ----D C:\Users\PC Alain\AppData\Local\Samsung
O43 - CFD: 28/04/2014 - 11:20:09 - [] ----D C:\Users\PC Alain\AppData\Local\Skype
O43 - CFD: 12/01/2015 - 19:15:56 - [] ----D C:\Users\PC Alain\AppData\Local\Temp
O43 - CFD: 25/10/2013 - 01:12:01 - [] -SH-D C:\Users\PC Alain\AppData\Local\Temporary Internet Files
O43 - CFD: 06/09/2014 - 15:57:02 - [] ----D C:\Users\PC Alain\AppData\Local\Thunderbird  =>.Mozilla Corporation
O43 - CFD: 18/08/2014 - 22:04:35 - [] ----D C:\Users\PC Alain\AppData\Local\VirtualStore
O43 - CFD: 11/10/2013 - 19:56:36 - [] ----D C:\Users\PC Alain\AppData\Local\Western Digital
O43 - CFD: 11/10/2013 - 19:56:35 - [] ----D C:\Users\PC Alain\AppData\Local\Western_Digital_Technolog
O43 - CFD: 18/08/2014 - 20:26:50 - [] ----D C:\Users\PC Alain\AppData\Local\Windows Live
O43 - CFD: 12/11/2014 - 03:05:31 - [] ----D C:\Users\PC Alain\AppData\Local\Wondershare
O43 - CFD: 22/08/2013 - 16:36:32 - [] R---D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - 16:36:32 - [] R---D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 21/11/2014 - 13:45:40 - [] R---D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 17/12/2014 - 00:13:35 - [] ----D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 08/11/2013 - 03:15:27 - [] ----D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlashGet
O43 - CFD: 18/11/2014 - 17:46:32 - [] ----D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
O43 - CFD: 02/10/2013 - 09:50:00 - [0] ----D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 22/08/2013 - 16:36:32 - [] ----D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 25/07/2014 - 01:59:01 - [] ----D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MultiCommander
O43 - CFD: 22/11/2013 - 11:55:56 - [0] ----D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 22/11/2014 - 00:54:45 - [] ----D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 17/12/2014 - 00:13:45 - [] R---D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 25/10/2013 - 01:12:41 - [] R---D C:\Users\PC Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 262 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.47CF9F5FD9ED52506BA0E2BA488E88A5] - 04/01/2015 - 14:48:19 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1827432]
O44 - LFC:[MD5.681AD6482F7D9297D59E9C4823432995] - 04/01/2015 - 14:48:19 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [135930]
O44 - LFC:[MD5.B1E03EB267B582211BA4E7E23755C763] - 04/01/2015 - 14:48:19 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [159742]
O44 - LFC:[MD5.995A971C9902876D5BDD7B76FB786D4C] - 04/01/2015 - 14:48:19 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [723316]
O44 - LFC:[MD5.4E82AF97340CEDFD4D7DB197204D623B] - 04/01/2015 - 14:48:19 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [812146]
O44 - LFC:[MD5.96F5BF3F7423603CB098B4708AD865D7] - 12/01/2015 - 18:04:57 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.E2225EFA565FDD4FE240F1161F72AFE9] - 12/01/2015 - 18:24:16 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [600535]
~ Files: 7 Scanned in 00mn 06s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Keys Export: 4 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{440ea3ed-52f6-11e4-8099-24fd52a26b29}\AutoRun\command. (...) -- E:\Startme.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys   [108896]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport  Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys   [782176]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys   [79200]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys   [259424]
O58 - SDL:22/08/2013 - 13:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys   [25952]
O58 - SDL:21/01/2013 - 09:03:04 ---A- . (.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\Windows\System32\Drivers\AmUStor.sys   [98304]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [114016]
O58 - SDL:30/08/2013 - 08:48:09 ---A- . (.AVAST Software - avast! Filtering TDI driver.) -- C:\Windows\System32\Drivers\aswFW.sys   [131232]
O58 - SDL:12/11/2014 - 04:11:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [29208]  =>.ALWIL Software
O58 - SDL:12/11/2014 - 04:11:01 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys   [28184]
O58 - SDL:12/11/2014 - 04:11:07 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswmonflt.sys   [83280]
O58 - SDL:12/11/2014 - 04:10:59 ---A- . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys   [449936]
O58 - SDL:28/04/2014 - 16:32:47 ---A- . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswndisflt.sys.1400230348093   [447888]
O58 - SDL:12/11/2014 - 04:11:07 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys   [93568]
O58 - SDL:12/11/2014 - 04:11:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65776]  =>.ALWIL Software
O58 - SDL:22/11/2014 - 00:02:56 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys   [1050432]
O58 - SDL:28/04/2014 - 16:32:54 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400230348093   [1039096]
O58 - SDL:12/11/2014 - 04:11:07 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys   [436624]
O58 - SDL:28/04/2014 - 16:32:54 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1400230348093   [423240]
O58 - SDL:12/11/2014 - 04:11:08 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys   [116728]
O58 - SDL:12/11/2014 - 04:11:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [267632]  =>.ALWIL Software
O58 - SDL:23/09/2013 - 13:04:04 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) -- C:\Windows\System32\Drivers\au630x64.sys   [792648]
O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2  Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys   [17624]
O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys   [531296]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys   [3357024]
O58 - SDL:13/10/2014 - 17:45:35 ---A- . (.Sony Mobile Communications - SOMC USB Flash Driver Filter.) -- C:\Windows\System32\Drivers\ggflt.sys   [16088]
O58 - SDL:13/10/2014 - 17:45:35 ---A- . (.Sony Mobile Communications - SOMC USB Flash Driver.) -- C:\Windows\System32\Drivers\ggsomc.sys   [30424]
O58 - SDL:16/02/2013 - 01:15:54 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys   [64624]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys   [64352]
O58 - SDL:30/07/2013 - 19:47:35 ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys   [24568]
O58 - SDL:25/07/2013 - 20:05:39 ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys   [99320]
O58 - SDL:28/05/2014 - 09:10:20 ---A- . (.Intel Corporation - Intel(R) Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys   [672104]
O58 - SDL:10/08/2013 - 01:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys   [651248]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys   [412000]
O58 - SDL:31/05/2013 - 15:53:12 ---A- . (.QFX Software Corporation - KeyScrambler Keyboard Encryption Driver.) -- C:\Windows\System32\Drivers\keyscrambler.sys   [222200]
O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [109408]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys   [93536]
O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys   [81760]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys   [82784]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys   [56672]
O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys   [575840]
O58 - SDL:22/08/2013 - 13:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys   [63840]
O58 - SDL:09/04/2014 - 20:06:16 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\netr28x.sys   [2514120]
O58 - SDL:02/06/2012 - 15:31:54 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\netr28x.sysinbox   [1737760]
O58 - SDL:17/09/2014 - 05:51:20 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\Drivers\nvhda64v.sys   [197408]
O58 - SDL:14/09/2014 - 00:48:03 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 344.11.) -- C:\Windows\System32\Drivers\nvlddmkm.sys   [13157696]
O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [150368]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [168288]
O58 - SDL:04/09/2014 - 20:14:38 ---A- . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\Drivers\nvvad64v.sys   [38048]
O58 - SDL:25/06/2014 - 19:02:12 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt630x64.sys   [871640]
O58 - SDL:19/03/2013 - 13:21:10 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys   [3363016]
O58 - SDL:22/08/2013 - 16:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [23040]
O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys   [44896]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [81760]
O58 - SDL:11/04/2014 - 09:39:14 ---A- . (.MCCI Corporation - SAMSUNG Android USB Composite Device Driver.) -- C:\Windows\System32\Drivers\ssadbus.sys   [169288]
O58 - SDL:11/04/2014 - 09:39:14 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadcm.sys   [17224]
O58 - SDL:11/04/2014 - 09:39:14 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadcmnt.sys   [17224]
O58 - SDL:11/04/2014 - 09:39:14 ---A- . (.MCCI Corporation - SAMSUNG Android USB Modem Filter Driver.) -- C:\Windows\System32\Drivers\ssadmdfl.sys   [21320]
O58 - SDL:11/04/2014 - 09:39:14 ---A- . (.MCCI Corporation - SAMSUNG Android USB Modem.) -- C:\Windows\System32\Drivers\ssadmdm.sys   [188232]
O58 - SDL:11/04/2014 - 09:39:14 ---A- . (.MCCI Corporation - SAMSUNG Android USB Diagnostic Serial Port Device Driver.) -- C:\Windows\System32\Drivers\ssadserd.sys   [158024]
O58 - SDL:11/04/2014 - 09:39:14 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadwh.sys   [17736]
O58 - SDL:11/04/2014 - 09:39:14 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\Drivers\ssadwhnt.sys   [17736]
O58 - SDL:11/04/2014 - 09:39:22 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys   [110336]
O58 - SDL:11/04/2014 - 09:39:22 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys   [206080]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys   [31072]
O58 - SDL:17/05/2014 - 01:40:02 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriverx64.sys   [100312]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [19808]
O58 - SDL:24/10/2014 - 14:35:36 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\Drivers\VirtualAudio.sys   [31080]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys   [168800]
O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS   [305504]
O58 - SDL:14/08/2013 - 07:08:28 ---A- . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\Drivers\wdcsam64.sys   [14464]
O58 - SDL:27/04/2010 - 16:57:12 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Virtual Bus Enumerator Driver.) -- C:\Windows\System32\Drivers\WmBEnum.sys   [26440]
O58 - SDL:27/04/2010 - 14:02:42 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Hid Filter Driver.) -- C:\Windows\System32\Drivers\WmFilter.sys   [43976]
O58 - SDL:27/04/2010 - 16:57:20 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Virtual Hid Device Driver.) -- C:\Windows\System32\Drivers\WmVirHid.sys   [16200]
O58 - SDL:27/04/2010 - 14:03:12 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Translation Driver.) -- C:\Windows\System32\Drivers\WmXlCore.sys   [77512]
O58 - SDL:23/03/2012 - 01:10:14 ---A- . (.ASUSTek Computer Inc. - ASUS Charger driver.) -- C:\Windows\SysWOW64\drivers\AiCharger.sys   [14848]
O58 - SDL:04/01/2008 - 06:34:42 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp32.sys   [10216]
O58 - SDL:04/01/2008 - 06:34:48 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys   [11832]
O58 - SDL:22/08/2012 - 10:54:10 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys   [15232]
O58 - SDL:03/08/2010 - 06:21:24 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsUpIO.sys   [14464]
O58 - SDL:02/04/2009 - 13:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS   [10296]
~ Drivers: 81 Scanned in 00mn 04s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 07/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\a518b2fb9e4917da1a97a93f3b36ef9e_fce8395c8fd8a876_8e912777872ba4e3_0_0.bin   [16384]
O61 - LFC: 07/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\a518b2fb9e4917da1a97a93f3b36ef9e_fce8395c8fd8a876_e421b2758c6ffad8_0_0.bin   [16384]
O61 - LFC: 07/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\a518b2fb9e4917da1a97a93f3b36ef9e_fce8395c8fd8a876_e421b2758c6ffad8_0_1.bin   [1048576]
O61 - LFC: 07/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\ff25a4f67ecc2f28d6a304bc5c26dbf_fce8395c8fd8a876_e330f25ac01818f1_3_0.bin   [16384]
O61 - LFC: 08/01/2015 - 19:17:30 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin   [111279]
O61 - LFC: 08/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\a518b2fb9e4917da1a97a93f3b36ef9e_fce8395c8fd8a876_4b0ff4e5195ae553_0_0.bin   [16384]
O61 - LFC: 08/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\a518b2fb9e4917da1a97a93f3b36ef9e_fce8395c8fd8a876_51b04655922475e9_0_0.bin   [16384]
O61 - LFC: 08/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\a518b2fb9e4917da1a97a93f3b36ef9e_fce8395c8fd8a876_6ff674beb7716334_0_0.bin   [16384]
O61 - LFC: 08/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\a518b2fb9e4917da1a97a93f3b36ef9e_fce8395c8fd8a876_6ff674beb7716334_1_0.bin   [16384]
O61 - LFC: 09/01/2015 - 19:17:34 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin   [4173527]
O61 - LFC: 10/01/2015 - 19:17:34 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\NVIDIA\NvBackend\Packages\00006b06\CoProc update.19212142.exe   [432376]
O61 - LFC: 10/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\a518b2fb9e4917da1a97a93f3b36ef9e_fce8395c8fd8a876_335c1bc233bbeab2_0_0.bin   [16384]
O61 - LFC: 12/01/2015 - 19:17:43 ---A- . (...) -- C:\Users\PC Alain\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsi2qzf.dll   [43008]
O61 - LFC: 12/01/2015 - 19:17:45 ---A- . (.Nicolas Coolman.) -- C:\Users\PC Alain\Desktop\ZHPDiag2.exe   [6868593]  =>.Nicolas Coolman
~ 54 Fichiers temporaires (Temporary files)
~ Files: 14 Scanned in 00mn 14s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [PC Alain - lqp40z2s.default] user_pref("extensions.wrc.SearchRules.google.com.url", "^http(s)?\\:\\/\\/((.)+\\.)?google\\.(com|[a-z\\.]{2,})\\/(.)*");  =>Toolbar.Ask
O69 - SBI: prefs.js [PC Alain - lqp40z2s.default] user_pref("extensions.wrc.SearchRules.public.avast.com.url", "^http(s)?\\:\\/\\/public\\.avast\\.com\\/(.)*");  =>Toolbar.Ask
O69 - SBI: prefs.js [PC Alain - lqp40z2s.default] user_pref("extensions.wrc.SearchRules.seznam.cz.url", "^http(s)?\\:\\/\\/search\\.seznam\\.cz\\/(.)*");  =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [214528]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [156160]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [156160]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [329216]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1360896]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1084416]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [926208]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [31744]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [151040]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [110592]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1265152]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [230400]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [71168]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [135168]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [226816]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [339968]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [101376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [348672]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll   [521728]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll   [1639424]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [59392]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [206848]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll   [166400]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [102912]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll   [542208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [226816]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [73728]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [452608]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [313344]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [3557376]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [933376]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [640000]
~ Services: 34 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.A88EC2A33D59251C4FB9508BE4831F38] [SPRF][12/01/2015] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\PC Alain\Desktop\ZHPDiag2.exe   [6868593]
~ Files: 1 Scanned in 00mn 00s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS:  - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS:  - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS:  - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS:  - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS:  - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS:  - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 10/12/2014 267440 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 10/07/1658 0 |  (AvastVBoxSvc) . (...) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
SS - | Demand 26/04/2011 2702848 |  (FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
SS - | Demand 27/08/2013 828376 |  (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 10/12/2014 114800 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 04/02/2013 155824 |  (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SS - | Auto 29/10/2014 38792 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 03/12/2014 81088 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 01/06/2012 920736 |  (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
SR - | Auto 01/06/2012 951936 |  (asHmComSvc) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
SR - | Auto 17/02/2012 149120 |  (AsSysCtrlService) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
SR - | Auto 19/12/2012 72192 |  (Asus WebStorage Windows Service) . (...) - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
SR - | Auto 12/11/2014 50344 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 12/11/2014 104416 |  (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 24/05/2011 1840128 |  (Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
SR - | Auto 13/11/2014 108032 |  (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
SR - | Auto 17/09/2014 1148744 |  (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SR - | Auto 28/05/2014 16232 |  (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 05/04/2010 116104 |  (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 27/08/2013 747520 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/05/2014 169432 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/05/2014 390616 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 24/06/2014 2820424 |  (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 17/09/2014 1795912 |  (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 13/09/2014 934216 |  (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe
SR - | Auto 26/09/2013 454640 |  (RSTWmiService) . (.Intel Corporation.) - C:\Program Files\Intel\CIM for Intel(R) RSTe\RSTWmiService.exe
SR - | Auto 15/10/2013 3921880 |  (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 20/09/2013 1042272 |  (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 13/09/2013 171416 |  (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Auto 13/09/2014 411968 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 02/12/2014 1042808 |  (WDBackup) . (.Western Digital Technologies, Inc..) - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
SR - | Auto 02/06/2014 296312 |  (WDDriveService) . (.Western Digital Technologies, Inc..) - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
SR - | Demand 10/07/1658 0 |  (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 |  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
~ Services:  Scanned in 00mn 06s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by PC Alain at 12/01/2015 19:18:37
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by PC Alain at 12/01/2015 19:18:39
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (09/01/2015)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 3
Fichiers trouvés  (Files found) : 3

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{125D1951-8F2B-4706-B8ED-D0703B5F1863}]   =>PUP.GoSave^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B20FD029-15C9-4D5D-A523-A34421293827}]   =>PUP.YouTubeAdBlock^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}]   =>PUP.SafeWeb^
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]   =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]   =>PUP.V9Software
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}]   =>Adware.Agent
C:\Program Files (x86)\GoSave   =>PUP.GoSave^
C:\Program Files (x86)\YoutubeAdBlocke   =>PUP.YouTubeAdBlock^
C:\ProgramData\Trusted Publisher   =>PUP.TopAppSoft^
[HKCU\Software\Vittalia]   =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\SW-Booster]   =>PUP.SafeWeb^
[HKLM\Software\Wow6432Node\mystartsearchSoftware]   =>PUP.StartSearch^
~ Additionnel Scan: 279178 Items scanned in 00mn 12s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/  =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/  =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/  =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-startsearch  =>PUP.StartSearch
http://www.nicolascoolman.fr/blog/  =>PUP.GoSave
http://nicolascoolman.fr/35828469-pup-youtubeadblocker-  =>PUP.YouTubeAdBlock
http://nicolascoolman.fr/pup-safeweb  =>PUP.SafeWeb
http://nicolascoolman.fr/pup-vittalia  =>PUP.Vittalia
http://www.nicolascoolman.fr/blog/  =>PUP.TopAppSoft
http://nicolascoolman.fr/toolbar-ask  =>Toolbar.Ask
http://nicolascoolman.fr/pup-v9software  =>PUP.V9Software
http://www.nicolascoolman.fr/blog/  =>Adware.Agent
~ MSI: 9 link(s) detected in 00mn 00s



End of the scan (1363 lines in 02mn 20s)(0)