Hébergeur de fichiers indépendant

ZHPDiag.txt

À propos

Type de fichier
Fichier TXT de 320 Ko (text/plain)
Confidentialité
Fichier public, envoyé le 7 décembre 2013 à 10:51, depuis l'adresse IP 92.153.x.x (France)
Sécurité
Ne contient aucun Virus ou Malware connus - Dernière vérification: 02/06/19
Statistiques
La présente page de téléchargement a été vue 1244 fois depuis l'envoi du fichier
Page de téléchargement

Aperçu du fichier


~ Rapport de ZHPDiag v2013.12.6.12 - Nicolas Coolman  (06/12/2013)
~ Lancé par slvanessa (07/12/2013 10:10:59)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit  (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
AVG 2012 v12.1.2238
Microsoft Security Client v4.4.0304.0
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3893 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 396 GB (88%) free of 449 GB

---\\ Mode de connexion au système
~ Computer Name: SLVANESSA-HP
~ User Name: slvanessa
~ All Users Names: slvanessa, HomeGroupUser$, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\slvanessa\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\slvanessa\AppData\Roaming\
~ %Desktop% : C:\Users\slvanessa\Desktop\
~ %Favorites% : C:\Users\slvanessa\Favorites\
~ %LocalAppData% : C:\Users\slvanessa\AppData\Local\
~ %StartMenu% : C:\Users\slvanessa\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 396 Go of 449 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 17 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 44 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 07:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.18/07/2010 - 02:33:03.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/09/2012 - 18:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes:  Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 6/1456
~ Mes musiques (My Musics) : 94/632
~ Mes Favoris (My Favorites) : 1/103
~ Mes Documents (My Documents) : 1/307
~ Mon Bureau (My Desktop) : 8/17
~ Menu demarrer (Programs) : 1/58
~ Hidden Files:  Scanned in 00mn 02s



---\\ Processus lancés
[MD5.371BA71B566260932DCCCF843BF6C7E7] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe   [2598520] [PID.2112]
[MD5.4814072025E3BD4A3544F3E0A31666EF] - (.Visicom Media Inc. (Powered by Panda Securi - Visicom Media Anti-phishing Domain Advisor.) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe   [232616] [PID.1096]
[MD5.D81F10E8A9D25A8527745BDB1F9638F2] - (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe   [1425952] [PID.1092]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe   [10376704] [PID.788]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin   [10368512] [PID.3320]
[MD5.AADD0892A428B133ABEF5EBCCE5E1799] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8281600] [PID.624]
[MD5.F720502AAA03FAB627A96E5EAADAA28D] - (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) -- C:\Program Files (x86)\WinZipper\winzipersvc.exe   [424104] [PID.1680]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65640] [PID.1968]
[MD5.EA1145DEBCD508FD25BD1E95C4346929] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe   [193288] [PID.1996]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe   [514232] [PID.1584]
[MD5.AB673BA95E8FA446E9C00AA7A34B96DA] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe   [5175856] [PID.2160]
~ Processes Running:  Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
~ Firefox Browser: 2 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {3f1fbbdd-1444-4838-b1b7-726d9bcf32ab} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 20 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: script helper for ie [64Bits] - {00cbb66b-1d3b-46d3-9577-323a336acb50} Clé orpheline
O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter [64Bits] - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Update Timer [64Bits] - {963B125B-8B21-49A2-A3A8-E37092276531} Clé orpheline
O2 - BHO: DataMngr [64Bits] - {9D717F81-9148-4f12-8568-69135F087DB0} Clé orpheline =>PUP.Datamngr
O2 - BHO: (no name) [64Bits] - {bb184e6d-26d1-461a-9226-b93ca8da2af9} Clé orpheline
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll =>Adware.Yontoo
~ BHO: 11 Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{A057A204-BACC-4D26-9990-79A187E2698E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{53BCF99A-B7BE-4D6D-B65D-EA2FD115B83F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{3F1FBBDD-1444-4838-B1B7-726D9BCF32AB} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{4D51F677-2A0B-43E2-B444-A2B384D24B91} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{77F8C945-4B74-4BD6-A073-E0D1997EDCE8} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{19803860-B306-423C-BBB5-F60A7D82CDE5} Clé orpheline
~ Toolbar:  Scanned in 00mn 01s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Canon MP280 series Manuel en ligne.lnk . (.CANON INC. - Easy Guide Viewer.)  -- C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe 
O4 - GS\Desktop [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Desktop [Public]: SLOW-PCfighter.lnk . (...)  -- C:\Program Files (x86)\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe (.not file.)
O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...)  -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico 
O4 - GS\Program [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.)  -- C:\Program Files (x86)\Audacity\audacity.exe  =>.The Audacity Team
O4 - GS\Program [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Program [Public]: Game Manager.lnk . (...)  -- C:\Program Files (x86)\bfgclient\bfgclient.exe
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.)  -- C:\Windows\ehome\ehshell.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (...)  -- C:\Program Files (x86)\Microsoft Security Client\msseces.exe (.not file.)
O4 - GS\Program [Public]: TuneUp Utilities 2012.lnk . (.TuneUp Software - TuneUp Utilities - Interface de démarrage.)  -- C:\Program Files (x86)\TuneUp Utilities 2012\Integrator.exe 
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.)  -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe 
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...)  -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.)  -- C:\Windows\system32\xpsrchvw.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.)  -- C:\Windows\system32\calc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.)  -- C:\Windows\system32\displayswitch.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.)  -- C:\Windows\system32\mblctr.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.)  -- C:\Windows\system32\mspaint.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.)  -- C:\Windows\system32\mstsc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.)  -- C:\Windows\system32\SnippingTool.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.)  -- C:\Windows\system32\SoundRecorder.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.)  -- C:\Windows\system32\StikyNot.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.)  -- C:\Windows\System32\mobsync.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.)  -- C:\Windows\system32\OobeFldr.dll  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.)  -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.)  -- C:\Windows\system32\charmap.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.)  -- C:\Windows\system32\dfrgui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.)  -- C:\Windows\system32\cleanmgr.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.)  -- C:\Windows\system32\perfmon.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.)  -- C:\Windows\system32\msinfo32.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.)  -- C:\Windows\system32\rstrui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...)  -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.)  -- C:\Windows\system32\migwiz\postmig.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.)  -- C:\Windows\system32\migwiz\migwiz.exe  =>.Microsoft Corporation
O4 - GS\QuickLaunch [slvanessa]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [slvanessa]: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [slvanessa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\TaskBar [slvanessa]: Microsoft Security Essentials.lnk . (...)  -- C:\Program Files (x86)\Microsoft Security Client\msseces.exe (.not file.)
O4 - GS\TaskBar [slvanessa]: Reset VLC media player preferences and cache files.lnk . (.VideoLAN - VLC media player 2.0.4.)  -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe  =>.VideoLAN
O4 - GS\TaskBar [slvanessa]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\TaskBar [slvanessa]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [slvanessa]: iMesh.lnk . (.iMesh, Inc - iMesh.)  -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe =>PUP.iMesh
O4 - GS\Program [slvanessa]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\Program [slvanessa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Accessories [slvanessa]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [slvanessa]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\Windows\system32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [slvanessa]: Run.lnk - Clé orpheline
O4 - GS\Accessories [slvanessa]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [slvanessa]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [slvanessa]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe  =>.Microsoft Corporation
O4 - GS\Desktop [slvanessa]: Manuel utilisateur ASIO4ALL v2.lnk . (...)  -- C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual Fr.pdf 
O4 - GS\Desktop [slvanessa]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [slvanessa]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe  =>.Nicolas Coolman
~ Global Startup: 55 Scanned in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [slvanessa]: OpenOffice.org 3.4.1.lnk . (...)  -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe 
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe  =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [orangeinside] . (...) -- C:\Users\slvanessa\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe 
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\slvanessa\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\slvanessa\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [AVG_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe 
O4 - HKLM\..\Wow6432Node\Run: [Anti-phishing Domain Advisor] . (.Visicom Media Inc. (Powered by Panda Securi - Visicom Media Anti-phishing Domain Advisor.) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe 
O4 - HKLM\..\Wow6432Node\Run: [CommonToolkitTray] . (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe 
O4 - HKLM\..\Wow6432Node\RunOnce: [AvgUninstallURL] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4131387925-2258615089-634791745-1000\..\Run: [orangeinside] . (...) -- C:\Users\slvanessa\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe 
O4 - HKUS\S-1-5-21-4131387925-2258615089-634791745-1000\..\RunOnce: [Uninstall C:\Users\slvanessa\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4131387925-2258615089-634791745-1000\..\RunOnce: [Uninstall C:\Users\slvanessa\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe  =>.Microsoft Corporation
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F0882DD-A4C7-4A66-8CFF-2E53E92B78B6}: NameServer = 178.33.41.181,46.4.70.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{678B8304-DA8C-4303-B355-2C420321E1BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8F0882DD-A4C7-4A66-8CFF-2E53E92B78B6}: NameServer = 178.33.41.181,46.4.70.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{678B8304-DA8C-4303-B355-2C420321E1BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8F0882DD-A4C7-4A66-8CFF-2E53E92B78B6}: NameServer = 178.33.41.181,46.4.70.20
O17 - HKLM\System\CS2\Services\Tcpip\..\{678B8304-DA8C-4303-B355-2C420321E1BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) -   C:\Program Files (x86)\MUSICT~1\Datamngr\x64\mgrldr.dll (.not file.) =>PUP.Datamngr
~ AppInit DLL:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: eSafe Service (eSafeSvc) . (...) - C:\ProgramData\eSafe\eSafeSvc.exe (.not file.) =>PUP.eSafeSecurity
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) - C:\Program Files (x86)\WinZipper\winzipersvc.exe
~ Services: 6 Scanned in 00mn 10s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
~ BEX: 2 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SLOW-PCfighter64-slvanessa-Notification.job   [392]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SLOW-PCfighter64-slvanessa-Startup.job   [390]
[MD5.00000000000000000000000000000000] [APT] [4813] (...) -- C:\Users\slvanessa\AppData\Local\Temp\launchie.vbs \\B (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)   [0]
[MD5.438F31336B3DC248ABC632F1C8F34A24] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [257416]
[MD5.00000000000000000000000000000000] [APT] [Dealply] (...) -- C:\Users\slvanessa\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe (.not file.)   [0]  =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.)   [0]  =>Hijacker.22Find
[MD5.00000000000000000000000000000000] [APT] [Java Update Scheduler] (...) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [LaunchApp] (...) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (.not file.)   [0]  =>PUP.MyPCBackup
[MD5.00000000000000000000000000000000] [APT] [Omiga Plus RunAsStdUser] (...) -- C:\Program Files (x86)\Omiga Plus\omigaplus.exe (.not file.)   [0]  =>Hijacker.OmigaPlus
[MD5.14D133377D80BB4F28B71C2BFDC4D41B] [APT] [PenWes] (...) -- C:\Program Files (x86)\PenWes\penwes.exe   [1426432]  =>PUP.Penwes
[MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [958576]
[MD5.C637FC4638A96165256B28D38DE7B953] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe   [49208]
[MD5.00000000000000000000000000000000] [APT] [RecoveryCDWin7] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe (.not file.)   [0]
[MD5.3EAB0C3140FA819968A2F582F7BCF5AD] [APT] [SLOW-PCfighter64-slvanessa-Notification] (.SPAMfighter ApS.) -- C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe   [441896]
[MD5.EE37861B791C8F0800FBC26B63F35857] [APT] [SLOW-PCfighter64-slvanessa-Startup] (.SPAMfighter ApS.) -- C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe   [13483048]
[MD5.00000000000000000000000000000000] [APT] [Test TimeTrigger] (...) -- C:\Users\slvanessa\AppData\Local\Temp\Runner.exe (.not file.)   [0]
[MD5.ABF13FCD4C8282CEB2A58EC9D25F0EB8] [APT] [TuneUpUtilities_Task_BkGndMaintenance2012] (.TuneUp Software.) -- C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe   [558392]
[MD5.00000000000000000000000000000000] [APT] [{20694AFA-798B-4F48-A3FE-FD12ECBD068F}] (...) -- C:\Program Files (x86)\IncrediMail\Bin\ImSetup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{367C6B0E-2BD8-4D48-82B8-294A81AD0559}] (...) -- C:\Program Files (x86)\PC_GEA~1\UNWISE.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{59ED684F-5E01-41A9-B26B-44EEBE6E97D5}] (...) -- E:\autorun.exe (.not file.)   [0]
[MD5.644F26C608667CE40813FFCFF351E0A2] [APT] [{66517324-FD40-4812-BB65-3BE107207357}] (.AVG Technologies CZ, s.r.o..) -- C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe   [6098992]
[MD5.00000000000000000000000000000000] [APT] [{9177F1E5-A83F-413E-9870-B0409BA9FA43}] (...) -- C:\Program Files (x86)\HP\Digital Imaging\{7F08A772-2816-4F46-84F1-49578502AD28}\setup\hwsetupwizard\setup_guide.exe (.not file.)   [0]
[MD5.8DFB7B44BAA1FAA4EEEC5D6E84797D9C] [APT] [{B58B9EBA-5B94-4B60-971F-142B465043D3}] (...) -- C:\Program Files (x86)\bfgclient\bfgclient.exe   [4468536]
[MD5.C155A13687144076286989EF078112C2] [APT] [{BE41A751-3AFB-490F-B213-EC04A4E5B6E3}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe   [1917440]
[MD5.00000000000000000000000000000000] [APT] [{C0C43F72-9113-4D80-B3DD-59F8C8982B5C}] (...) -- C:\Users\slvanessa\Desktop\Install_MSN_Messenger.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D0BF86B7-7291-4CA6-9E85-C2C4DBEF4294}] (...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)   [0]
[MD5.C155A13687144076286989EF078112C2] [APT] [{D14C777E-6F5E-4FEE-AD6E-5A5618424DC3}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe   [1917440]
[MD5.86F4A155854BF52631354AB8D63578F9] [APT] [{D4B0C225-3DEC-401B-8813-78EB17C0ADF9}] (.Macrovision Corporation.) -- C:\Program Files (x86)\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe   [778240]
[MD5.00000000000000000000000000000000] [APT] [{EE4227C8-1AE0-4667-8DB4-4B998628B9E0}] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)   [0]
~ Scheduled Task: 32 Scanned in 00mn 09s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (Avgldx64) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx64.sys
O41 - Driver:  (Avgmfx64) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\System32\DRIVERS\avgmfx64.sys
O41 - Driver:  (Avgtdia) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdia.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (MpKsl297f39ef) . (. - .) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8AA55869-2C66-4645-98D3-3875B903CDC1}\MpKsl297f39ef.sys (.not file.)
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {FF21C3E6-97FD-474F-9518-8DCBE94C2854}
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM][64Bits] -- ASIO4ALL
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- AVG
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {31CE1406-5C12-44C5-B6C5-0F55F2039DE3}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {3BF72D44-08F2-4F8D-ABD9-76860C63E7CD}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {445E399B-444F-4DE3-9ACA-061B1FC95190}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {996EEE69-10BB-4F30-AE40-6C1B9B7D17A4}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {A108BD40-0A8C-4385-8874-74C4B6086CC3}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {BF46C84D-1AC3-4CC3-A45C-EF6257B80984}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {D050583D-5CEC-47B1-88AA-8B328CAA8621}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {DFE4E6BB-70F0-4292-B7EB-7A3AD48EBB5C}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {F2A13695-0BD3-47E2-91E0-2F5DB86FA439}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {52E225FC-FCB4-41F7-837B-6E37FB05BD7B}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.05) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Anti-phishing Domain Advisor - (.Visicom Media Inc. (Powered by Panda Security).) [HKLM][64Bits] -- Anti-phishing Domain Advisor
O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1
O42 - Logiciel: Audacity 2.0.5 Packages - (...) [HKCU][64Bits] -- Audacity 2.0.5 Packages
O42 - Logiciel: Audacity Packages - (...) [HKCU][64Bits] -- Audacity Packages
O42 - Logiciel: Awakening: Le Clocher du Soleil Edition Collector - (...) [HKLM][64Bits] -- BFG-Awakening - Le Clocher du Soleil Edition Collector
O42 - Logiciel: Clockwork Tales: De Verre et d'Encre Edition Collector - (...) [HKLM][64Bits] -- BFG-Clockwork Tales - De Verre et d Encre Edition Collector
O42 - Logiciel: Cooking Academy 2: Cuisine du Monde - (...) [HKLM][64Bits] -- BFG-Cooking Academy 2 - Cuisine du Monde
O42 - Logiciel: ESU for Microsoft Windows 7 - (.Hewlett-Packard.) [HKLM][64Bits] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: Google Update Helper - (.BonanzaDeals.) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Adware.BonanzaDeals
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM][64Bits] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Java(TM) 6 Update 20 (64-bit) - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416020FF}
O42 - Logiciel: Left in the Dark: Personne à Bord - (...) [HKLM][64Bits] -- BFG-Left in the Dark - Personne a Bord
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM][64Bits] -- {E0E55FC1-C53D-4F8D-B14B-B59C312747C8}
O42 - Logiciel: Luxor 3 - (...) [HKLM][64Bits] -- BFG-Luxor 3
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {E102B843-786A-4F58-AF75-6504570E207B}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mountain Crime: Vengeance - (...) [HKLM][64Bits] -- BFG-Mountain Crime - Vengeance
O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}
O42 - Logiciel: Orange Inside - (.Orange.) [HKCU][64Bits] -- Orange Inside
O42 - Logiciel: Orange Installeur version 1.2.3.1 - (.Orange.) [HKLM][64Bits] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.3.1
O42 - Logiciel: Orange update - (.Orange.) [HKLM][64Bits] -- OrangeUpdateManager
O42 - Logiciel: PenWes [7309] - (...) [HKLM][64Bits] -- Penwes =>PUP.Penwes
O42 - Logiciel: Photo Notifier and Animation Creator - (.IncrediMail.) [HKLM][64Bits] -- {788A0222-5690-4212-AA9C-C48FD0E1C9AE}
O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM][64Bits] -- InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: SLOW-PCfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- {7648D847-AEBC-4DEF-ADA2-F93314A5F4F2}
O42 - Logiciel: SLOW-PCfighter - (.SPAMfighter ApS..) [HKLM][64Bits] -- SLOW-PCfighter
O42 - Logiciel: SpecialSavings - (.Special Savings.) [HKLM][64Bits] -- {09C14BAE-2D45-4133-B0FA-5EA4FE5CF978} =>PUP.SpecialSavings
O42 - Logiciel: ToolbarFR - (.Orange.) [HKLM][64Bits] -- {A047FE02-C91C-41CB-898C-4ED21B86025A}
O42 - Logiciel: TuneUp Utilities 2012 - (.TuneUp Software.) [HKLM][64Bits] -- TuneUp Utilities 2012
O42 - Logiciel: VLC media player 2.0.4 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: Visual Studio 2008 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
O42 - Logiciel: WinZipper - (.Taiwan Shui Mu Chih Ching Technology Limited..) [HKLM][64Bits] -- WinZipper
O42 - Logiciel: iMesh - (.iMesh Inc.) [HKCU][64Bits] -- iMesh =>PUP.iMesh
O42 - Logiciel: iMesh - (.iMesh Inc..) [HKLM][64Bits] -- {8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} =>PUP.iMesh
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 32 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5257df8ab469b940]  =>Rogue.PCPerformer
[HKCU\Software\APN PIP]
[HKCU\Software\APN]
[HKCU\Software\ATI]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Avg]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\LyricsParty] =>Adware.AddLyrics
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\SFT_France]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\blekkotb_001] =>Toolbar.Blekko
[HKCU\Software\AppDataLow\Software\iGraal]
[HKCU\Software\AppDataLow\Software\mediabarim] =>PUP.iMesh
[HKCU\Software\AppDataLow\Software\pc_gear_fr]
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\AppDataLow\Software\toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Auchan]
[HKCU\Software\Aurigma]
[HKCU\Software\Auslogics]
[HKCU\Software\Avg]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Big Fish Games, Inc.]
[HKCU\Software\Big Fish Games]
[HKCU\Software\BigBlueBubble]
[HKCU\Software\Blabbers] =>PUP.Blabbers
[HKCU\Software\BonanzaDealsLive] =>Adware.BonanzaDeals
[HKCU\Software\BrowserChoice]
[HKCU\Software\BrowserCompanion] =>PUP.Blabbers
[HKCU\Software\CDIP]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\ChatZum Toolbar]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CodeGear]
[HKCU\Software\Complitly] =>Adware.PredictAd
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\CyberLink]
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\DealPlyLive] =>PUP.DealPly
[HKCU\Software\EasyBits]
[HKCU\Software\FWT_DLM]
[HKCU\Software\Fighters]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\Fugazo]
[HKCU\Software\Gabest]
[HKCU\Software\Garmin]
[HKCU\Software\GoBit]
[HKCU\Software\Gogii Games]
[HKCU\Software\Gogii]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\Icaros]
[HKCU\Software\ImInstaller]
[HKCU\Software\Image-Line]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JollyBear]
[HKCU\Software\KC Softwares]
[HKCU\Software\Lake]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Magnet]
[HKCU\Software\Meridian93]
[HKCU\Software\Mindscape]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Myfree Codec]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\Nosibay]
[HKCU\Software\Oberon Media]
[HKCU\Software\Oberon]
[HKCU\Software\OceanMediaGames]
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\OpenOffice.org]
[HKCU\Software\OrangeInside]
[HKCU\Software\PlayfulAge]
[HKCU\Software\Policies]
[HKCU\Software\PopCap] =>Adware.PopCap
[HKCU\Software\PowerPack]
[HKCU\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Raptr]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung]
[HKCU\Software\Shaman Games]
[HKCU\Software\Skype]
[HKCU\Software\SoftVoice]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Softwis]
[HKCU\Software\SpecialBit Games]
[HKCU\Software\SpecialSavings] =>PUP.SpecialSavings
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Swift Creek Games LLC]
[HKCU\Software\Systweak]
[HKCU\Software\Torch]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Tuto4PC] =>PUP.Eorezo
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WildTangent]
[HKCU\Software\WinMaximizer]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\Zylom]
[HKCU\Software\ej-technologies]
[HKCU\Software\funkitron]
[HKCU\Software\kde.org]
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKCU\Software\pc_gear_fr]
[HKLM\Software\AMD]
[HKLM\Software\ASIO]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Agere]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CXT]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\Cyberlink]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\Fighters]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Speedchecker Limited]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\TuneUp]
[HKLM\Software\Volatile]
[HKLM\Software\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node\5257df8ab469b940]  =>Rogue.PCPerformer
[HKLM\Software\Wow6432Node\ASIO]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\AVG]
[HKLM\Software\Wow6432Node\AVS4YOU]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AedgePerformanceBCN] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Ahead]
[HKLM\Software\Wow6432Node\Amazon]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\AskTBar]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\Auchan]
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Bandoo] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\BcmSetup]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\BonanzaDealsLive] =>Adware.BonanzaDeals
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\BrowserCompanion] =>PUP.Blabbers
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\ChatZum Toolbar]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Common Toolkit Suite]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\DealPlyLive] =>PUP.DealPly
[HKLM\Software\Wow6432Node\EasyBits]
[HKLM\Software\Wow6432Node\Fighters]
[HKLM\Software\Wow6432Node\FlvPlayer]
[HKLM\Software\Wow6432Node\Freeze.com] =>Adware.Freeze
[HKLM\Software\Wow6432Node\Funmoods] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\GameInstaller]
[HKLM\Software\Wow6432Node\Garmin]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\ImInstaller]
[HKLM\Software\Wow6432Node\Image-Line]
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JAM Software]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KasperskyLab]
[HKLM\Software\Wow6432Node\Kaydara]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Lavasoft]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LightScribe]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MarkAny]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\Mindscape]
[HKLM\Software\Wow6432Node\Mircrosoft]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\MusicNet]
[HKLM\Software\Wow6432Node\Myfree Codec]
[HKLM\Software\Wow6432Node\NCH Software]
[HKLM\Software\Wow6432Node\NCH Swift Sound]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Oberon Media]
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Orange]
[HKLM\Software\Wow6432Node\Outsim]
[HKLM\Software\Wow6432Node\PENSEWEB]
[HKLM\Software\Wow6432Node\PIP]
[HKLM\Software\Wow6432Node\Photo Notifier and Animation Creator]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Propellerhead Software]
[HKLM\Software\Wow6432Node\Raptr]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Savings Wave Plugin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SearchquMediabarTb] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\SearchquSRTB] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\SecureDigitalServices]
[HKLM\Software\Wow6432Node\SoftVoice]
[HKLM\Software\Wow6432Node\SoftwareUpdater] =>PUP.Eorezo
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Supreme Savings Plugin] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\TUTO4PC] =>PUP.Eorezo
[HKLM\Software\Wow6432Node\The Learning Company]
[HKLM\Software\Wow6432Node\Torch]
[HKLM\Software\Wow6432Node\Trymedia Systems] =>Adware.Trymedia
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\Uniblue]
[HKLM\Software\Wow6432Node\V9]
[HKLM\Software\Wow6432Node\VBGenerator]
[HKLM\Software\Wow6432Node\VST]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\W3i]
[HKLM\Software\Wow6432Node\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Win32 Services]
[HKLM\Software\Wow6432Node\WinMaximizer]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\delta-homesSoftware] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\deskSvc]
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node\hdcode]
[HKLM\Software\Wow6432Node\iMeshSRTB] =>PUP.iMesh
[HKLM\Software\Wow6432Node\iMesh] =>PUP.iMesh
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\omigaplusSvc] =>Hijacker.OmigaPlus
[HKLM\Software\Wow6432Node\optimidata]
[HKLM\Software\Wow6432Node\pc_gear_fr]
[HKLM\Software\Wow6432Node\qvo6Software] =>Hijacker.Qvo6
[HKLM\Software\Wow6432Node\winzipersvc]
[HKLM\Software\Wow6432Node]
~ Key Software: 404 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/02/2013 - 21:05:25 - [151,785] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/12/2012 - 16:11:45 - [0,744] ----D C:\Program Files (x86)\ASIO4ALL v2
O43 - CFD: 14/07/2011 - 17:56:28 - [0,002] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 27/11/2013 - 14:48:42 - [45,734] ----D C:\Program Files (x86)\Audacity
O43 - CFD: 16/02/2012 - 19:44:46 - [157,270] ----D C:\Program Files (x86)\AVG
O43 - CFD: 05/12/2012 - 17:47:11 - [0] ----D C:\Program Files (x86)\AVS4YOU
O43 - CFD: 09/11/2013 - 21:47:44 - [565,479] ----D C:\Program Files (x86)\Awakening - Le Clocher du Soleil Edition Collector
O43 - CFD: 05/08/2013 - 16:33:06 - [678,244] ----D C:\Program Files (x86)\Barn Yarn
O43 - CFD: 01/09/2013 - 20:11:57 - [11,301] ----D C:\Program Files (x86)\bfgclient
O43 - CFD: 02/12/2013 - 11:59:07 - [0,851] ----D C:\Program Files (x86)\BonanzaDeals =>Adware.BonanzaDeals
O43 - CFD: 02/12/2013 - 12:00:18 - [0] ----D C:\Program Files (x86)\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 03/07/2013 - 11:43:53 - [16,510] ----D C:\Program Files (x86)\Canon
O43 - CFD: 04/11/2013 - 15:31:00 - [1056,768] ----D C:\Program Files (x86)\Clockwork Tales - De Verre et d Encre Edition Collector
O43 - CFD: 24/05/2013 - 08:47:19 - [215,496] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 16/01/2012 - 20:10:43 - [1,218] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 10/11/2013 - 20:55:46 - [92,750] ----D C:\Program Files (x86)\Cooking Academy 2 - Cuisine du Monde
O43 - CFD: 17/08/2013 - 12:05:09 - [0,851] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 17/08/2013 - 12:38:17 - [0] ----D C:\Program Files (x86)\DealPlyLive =>PUP.DealPly
O43 - CFD: 04/03/2012 - 16:40:59 - [0] ----D C:\Program Files (x86)\denouvel
O43 - CFD: 17/07/2013 - 19:50:53 - [0,008] ----D C:\Program Files (x86)\Desk 365 =>Hijacker.22Find
O43 - CFD: 13/11/2012 - 12:32:57 - [0] ----D C:\Program Files (x86)\DsNET Corp
O43 - CFD: 25/07/2013 - 21:20:39 - [360,923] ----D C:\Program Files (x86)\European Mystery - Un Parfum de Mystere Edition Collector
O43 - CFD: 22/06/2013 - 11:46:08 - [5,400] ----D C:\Program Files (x86)\Fighters
O43 - CFD: 22/01/2013 - 15:00:56 - [0,293] ----D C:\Program Files (x86)\File Scout =>PUP.FileScout
O43 - CFD: 02/12/2013 - 10:13:46 - [0] ----D C:\Program Files (x86)\Google
O43 - CFD: 04/08/2013 - 19:29:28 - [0,029] ----D C:\Program Files (x86)\GUM1A34.tmp
O43 - CFD: 25/07/2012 - 17:04:29 - [69,092] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 23/02/2012 - 12:59:50 - [12,906] ----D C:\Program Files (x86)\HP
O43 - CFD: 26/05/2012 - 17:50:08 - [0] ----D C:\Program Files (x86)\hpmonitor
O43 - CFD: 17/10/2011 - 14:58:22 - [34,213] ----D C:\Program Files (x86)\iLivid =>Adware.Bandoo
O43 - CFD: 25/07/2012 - 17:05:59 - [0] ----D C:\Program Files (x86)\Image-Line
O43 - CFD: 15/10/2013 - 12:58:04 - [51,994] ----D C:\Program Files (x86)\iMesh Applications =>PUP.iMesh
O43 - CFD: 03/07/2012 - 17:06:40 - [0,316] ----D C:\Program Files (x86)\Install-studio-scrap-v4
O43 - CFD: 24/06/2013 - 20:22:11 - [74,121] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 10/06/2011 - 18:56:03 - [6,280] ----D C:\Program Files (x86)\Intel
O43 - CFD: 11/04/2013 - 11:52:57 - [6,032] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 17/12/2011 - 22:21:43 - [86,648] ----D C:\Program Files (x86)\Java
O43 - CFD: 04/11/2013 - 11:28:14 - [594,415] ----D C:\Program Files (x86)\Left in the Dark - Personne a Bord
O43 - CFD: 21/07/2013 - 16:55:05 - [53,655] ----D C:\Program Files (x86)\Luxor 3
O43 - CFD: 05/12/2013 - 10:37:59 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 06/06/2011 - 12:35:44 - [0] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 14/11/2013 - 08:45:58 - [1,451] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 11/10/2013 - 13:27:26 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 05/12/2012 - 17:55:19 - [5,397] ----D C:\Program Files (x86)\Microsoft SkyDrive  =>.Microsoft Corporation
O43 - CFD: 16/05/2011 - 08:06:55 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 02/12/2013 - 12:07:13 - [1,645] ----D C:\Program Files (x86)\Mobogenie
O43 - CFD: 23/01/2013 - 18:08:56 - [0,080] ----D C:\Program Files (x86)\MonProduit
O43 - CFD: 13/11/2013 - 16:16:39 - [289,879] ----D C:\Program Files (x86)\Mountain Crime - Vengeance
O43 - CFD: 16/07/2012 - 18:47:26 - [0,002] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 06:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 22/01/2013 - 15:00:00 - [27,116] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 22/06/2013 - 19:36:32 - [10,585] ----D C:\Program Files (x86)\MyFree Codec
O43 - CFD: 27/11/2013 - 14:55:48 - [0,015] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 23/10/2013 - 17:30:54 - [0,590] ----D C:\Program Files (x86)\NCH Software
O43 - CFD: 03/07/2012 - 16:49:50 - [0] ----D C:\Program Files (x86)\Nosibay
O43 - CFD: 09/07/2013 - 20:43:10 - [4,583] ----D C:\Program Files (x86)\Oberon Media SIDR
O43 - CFD: 25/05/2013 - 08:56:59 - [0] ----D C:\Program Files (x86)\Omiga Plus =>Hijacker.OmigaPlus
O43 - CFD: 14/05/2011 - 19:13:17 - [20,599] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 22/01/2013 - 15:11:35 - [288,773] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 20/08/2011 - 18:37:56 - [34,144] ----D C:\Program Files (x86)\Orange
O43 - CFD: 02/03/2012 - 18:14:11 - [4,957] ----D C:\Program Files (x86)\Outsim
O43 - CFD: 25/05/2012 - 09:22:49 - [1,681] ----D C:\Program Files (x86)\PenWes =>PUP.Penwes
O43 - CFD: 14/07/2009 - 06:32:38 - [36,813] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 02/03/2013 - 09:32:16 - [0] ----D C:\Program Files (x86)\RelevantKnowledge =>Adware.RelevantKnowledge
O43 - CFD: 22/06/2013 - 19:37:57 - [2,433] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 17/10/2011 - 14:45:27 - [0,052] ----D C:\Program Files (x86)\SearchCore for Browsers =>Adware.SearchCore
O43 - CFD: 17/05/2012 - 13:26:02 - [0] ----D C:\Program Files (x86)\Software
O43 - CFD: 22/01/2013 - 15:01:31 - [7,873] ----D C:\Program Files (x86)\SpecialSavings =>PUP.SpecialSavings
O43 - CFD: 17/09/2013 - 14:10:00 - [0] ----D C:\Program Files (x86)\SRToolbar
O43 - CFD: 17/07/2010 - 17:43:42 - [0,663] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 25/07/2012 - 17:17:42 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 01/11/2013 - 15:36:34 - [76,042] ----D C:\Program Files (x86)\TuneUp Utilities 2012
O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 23/02/2012 - 13:36:02 - [94,079] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 02/03/2012 - 18:19:39 - [0] ----D C:\Program Files (x86)\VstPlugins
O43 - CFD: 26/10/2013 - 17:51:10 - [0] ----D C:\Program Files (x86)\Whilokii =>PUP.Whilokii
O43 - CFD: 18/07/2010 - 02:26:06 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 17/12/2012 - 20:52:26 - [2,105] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 15/05/2011 - 14:37:05 - [5,895] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 15/05/2011 - 14:36:49 - [5,090] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 18/07/2010 - 02:26:06 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:32:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/05/2011 - 19:13:04 - [6,208] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 07/12/2013 - 09:38:03 - [7,177] ----D C:\Program Files (x86)\WinZipper
O43 - CFD: 30/08/2012 - 15:51:42 - [0,315] ----D C:\Program Files (x86)\Yontoo =>Adware.Yontoo
O43 - CFD: 07/12/2013 - 10:10:44 - [17,202] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 24/05/2013 - 08:47:19 - [33,331] ----D C:\Program Files (x86)\Common Files\337
O43 - CFD: 08/11/2012 - 17:17:52 - [6,289] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 15/10/2013 - 13:50:53 - [45,947] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 05/12/2012 - 17:47:11 - [28,676] ----D C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 07/12/2010 - 09:14:33 - [0] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 31/05/2011 - 12:32:53 - [0,164] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 15/05/2011 - 12:14:43 - [5,138] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 08/09/2012 - 18:17:56 - [37,336] ----D C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 22/01/2013 - 15:01:58 - [7,959] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 08/02/2013 - 18:54:41 - [1,819] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 07/12/2010 - 09:02:02 - [0] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 17/07/2011 - 13:06:59 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 10/11/2011 - 09:07:30 - [9,634] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 17/07/2010 - 16:57:58 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 03/11/2013 - 18:50:29 - [0] ----D C:\ProgramData\.mono
O43 - CFD: 15/08/2013 - 23:07:42 - [0,004] ----D C:\ProgramData\2A2F6
O43 - CFD: 15/09/2013 - 17:48:53 - [0,004] ----D C:\ProgramData\35280
O43 - CFD: 20/08/2013 - 20:29:59 - [0,004] ----D C:\ProgramData\3B17F
O43 - CFD: 16/08/2013 - 10:34:19 - [159,145] ----D C:\ProgramData\Adobe
O43 - CFD: 21/05/2012 - 14:13:00 - [1,209] ----D C:\ProgramData\Anti-phishing Domain Advisor
O43 - CFD: 15/05/2011 - 12:15:03 - [0,009] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 10/11/2013 - 19:15:04 - [0,004] ----D C:\ProgramData\Arizona Rose and the Pirates' Riddles
O43 - CFD: 17/12/2011 - 22:22:18 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 06/11/2013 - 16:04:17 - [1063,760] ----D C:\ProgramData\AVG2012
O43 - CFD: 05/12/2012 - 17:37:18 - [0] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 03/08/2013 - 21:47:12 - [0,004] ----D C:\ProgramData\B172
O43 - CFD: 22/01/2013 - 15:01:16 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 01/09/2013 - 20:11:33 - [113,885] ----D C:\ProgramData\Big Fish
O43 - CFD: 29/07/2013 - 11:57:33 - [0] ----D C:\ProgramData\Big Fish Games
O43 - CFD: 23/10/2013 - 17:40:16 - [0,913] ----D C:\ProgramData\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 09/12/2012 - 17:56:00 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 14/05/2011 - 19:10:54 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 24/02/2012 - 12:16:05 - [0] --H-D C:\ProgramData\CanonEPP
O43 - CFD: 24/02/2012 - 12:23:07 - [0] --H-D C:\ProgramData\CanonIJEGV
O43 - CFD: 24/02/2012 - 12:16:05 - [0] --H-D C:\ProgramData\CanonIJEPPEX2
O43 - CFD: 24/02/2012 - 12:12:37 - [0,003] ----D C:\ProgramData\CanonIJMSetup
O43 - CFD: 17/06/2013 - 12:29:54 - [0] --H-D C:\ProgramData\CanonIJScan
O43 - CFD: 24/02/2012 - 12:16:06 - [0,002] --H-D C:\ProgramData\CanonIJSolutionMenuEX
O43 - CFD: 24/02/2012 - 12:11:44 - [0,065] ----D C:\ProgramData\CanonIJWSpt
O43 - CFD: 28/08/2013 - 09:43:27 - [0] ----D C:\ProgramData\Casual Arts
O43 - CFD: 22/10/2013 - 13:37:01 - [0] ----D C:\ProgramData\casualArts
O43 - CFD: 13/02/2013 - 11:50:36 - [0,003] ----D C:\ProgramData\clp
O43 - CFD: 05/08/2012 - 19:00:57 - [0] --H-D C:\ProgramData\Common Files
O43 - CFD: 17/09/2011 - 14:42:13 - [0,019] ----D C:\ProgramData\Computer Updater
O43 - CFD: 09/07/2012 - 20:57:18 - [0,040] ----D C:\ProgramData\CyberLink
O43 - CFD: 02/10/2013 - 14:22:39 - [0] ----D C:\ProgramData\DailyMagic
O43 - CFD: 01/07/2013 - 08:32:02 - [0,325] ----D C:\ProgramData\DealPlyLive =>PUP.DealPly
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 25/08/2013 - 18:20:08 - [0,114] ----D C:\ProgramData\DivoGames
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 21/11/2013 - 13:57:44 - [0] ----D C:\ProgramData\Elephant Games
O43 - CFD: 17/09/2011 - 14:52:57 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 08/09/2013 - 23:42:30 - [0,063] ----D C:\ProgramData\eSafe =>PUP.eSafeSecurity


Partager le fichier


Télécharger ZHPDiag.txt


Télécharger ZHPDiag.txt