CommentCaMarche
Recherche
Posez votre question Signaler

Rempli de virus ! :/

narcisse80 5Messages postés vendredi 27 septembre 2013Date d'inscription 28 septembre 2013Dernière intervention - Dernière réponse le 30 sept. 2013 à 12:17
Bonsoir, je suis totalement nul en informatique etc et j'ai pleins de virus sur mon PC (windows 8) récemment acheté, j'ai search-gol, my optimizer pro, (qv06 pas sûr que je l'ai encore), updateui.exe,.. je suis desepéré, help me s'il vous plaît
Lire la suite 
Réponse
+1
moins plus
Bonjour,

--> Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Scanner".

--> Une fois le scan terminé, choisis l'option "Nettoyer".

--> Redémarre le PC comme demandé puis poste le rapport. Il est enregistré dans C:\AdwCleaner sous le nom d'AdwCleaner[S0].
narcisse80 5Messages postés vendredi 27 septembre 2013Date d'inscription 28 septembre 2013Dernière intervention - 28 sept. 2013 à 00:51
Merci, voici le rapport je pense : # AdwCleaner v3.005 - Rapport créé le 28/09/2013 à 00:43:50
# Mis à jour le 22/09/2013 par Xplode
# Système d'exploitation : Windows 8 (64 bits)
# Nom d'utilisateur : Antoine H - ANTOINE
# Exécuté depuis : C:\Users\Antoine H\Downloads\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

Service Supprimé : WsysSvc

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\BitGuard
Dossier Supprimé : C:\ProgramData\boost_interprocess
Dossier Supprimé : C:\ProgramData\DSearchLink
Dossier Supprimé : C:\ProgramData\eSafe
Dossier Supprimé : C:\Program Files (x86)\delta
Dossier Supprimé : C:\Program Files (x86)\MyPC Backup
Dossier Supprimé : C:\Users\Antoine H\AppData\Local\lollipop
Dossier Supprimé : C:\Users\ANTOIN~1\AppData\Local\Temp\eIntaller
Dossier Supprimé : C:\Users\ANTOIN~1\AppData\Local\Temp\Wajam
Dossier Supprimé : C:\Users\Antoine H\AppData\LocalLow\delta
Dossier Supprimé : C:\Users\Antoine H\AppData\Roaming\BabSolution
Dossier Supprimé : C:\Users\Antoine H\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Antoine H\AppData\Roaming\delta
Dossier Supprimé : C:\Users\Antoine H\Documents\optimizer pro
Dossier Supprimé : C:\Program Files (x86)\Software
Dossier Supprimé : C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Fichier Supprimé : C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Fichier Supprimé : C:\windows\System32\Tasks\EPUpdater

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\delta.deltaappCore
Clé Supprimée : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Clé Supprimée : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Clé Supprimée : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Clé Supprimée : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Clé Supprimée : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane
Clé Supprimée : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Clé Supprimée : HKLM\SOFTWARE\80dedbe53cb940
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Clé Supprimée : HKCU\Software\BabSolution
Clé Supprimée : HKCU\Software\DataMngr
[#] Clé Supprimée : HKCU\Software\DataMngr_Toolbar
Clé Supprimée : HKCU\Software\lollipop
Clé Supprimée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\delta-homesSoftware
Clé Supprimée : HKLM\Software\eSafeSecControl
Clé Supprimée : HKLM\Software\qvo6Software
Clé Supprimée : [x64] HKLM\SOFTWARE\DomaIQ

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16482


-\\ Google Chrome v29.0.1547.76

[ Fichier : C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Supprimée : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [8217 octets] - [28/09/2013 00:42:52]
AdwCleaner[S0].txt - [7611 octets] - [28/09/2013 00:43:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7671 octets] ##########
Répondre
narcisse80 5Messages postés vendredi 27 septembre 2013Date d'inscription 28 septembre 2013Dernière intervention - 28 sept. 2013 à 00:54
J'avais essayé de désinstaller des programmes suspects avec revo uninstaller aussi
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
--> Relance AdwCleaner et choisis "Désinstaller".

--> Télécharge ZHPDiag (de Nicolas Coolman).

--> Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (N'oublie pas de cocher "Créer une icône sur le Bureau").

--> Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.

--> Clique sur "Configurer" puis sur la loupe la plus à droite "Diagnostic avec légitimes".

--> A la fenêtre "Voulez-vous un rapport full options ?", clique sur Oui et patiente le temps du scan.

--> Une fois le scan terminé, un rapport est créé sur le Bureau.

--> Utilise le site http://pjjoint.malekal.com/ pour me transmettre le rapport ZHPDiag car il est plutôt long. Copie-colle le lien donné par le site dans ton prochain message.
narcisse80 5Messages postés vendredi 27 septembre 2013Date d'inscription 28 septembre 2013Dernière intervention - 28 sept. 2013 à 14:27
http://pjjoint.malekal.com/files.php?id=ZHPDiag_20130928_y13r8r8e9o14
Désolé j'ai mit les deux, merci bcp en tout cas, j'espère que ça va réussir ce que tu vas me dire
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
~ Rapport de ZHPDiag v2013.9.28.51 - Nicolas Coolman (28/09/2013)
~ Lancé par Antoine H (28/09/2013 13:00:59)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16484
GCIE: Google Chrome v29.0.1547.76 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1497.0
Norton Internet Security v20.3.0.36
Windows Defender W8

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3977 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 398 GB (58%) free of 677 GB

---\\ Mode de connexion au système
~ Computer Name: ANTOINE
~ User Name: Antoine H
~ All Users Names: HomeGroupUser$, Antoine H, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Antoine H\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Antoine H\AppData\Roaming\
~ %Desktop% : C:\Users\Antoine H\Desktop\
~ %Favorites% : C:\Users\Antoine H\Favorites\
~ %LocalAppData% : C:\Users\Antoine H\AppData\Local\
~ %StartMenu% : C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 398 Go of 677 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 29 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.BDE820861D8107C67E182DF66A27074F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/12/2012 - 01:29:16.) -- C:\Windows\System32\wininet.dll [2246656]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.877D60D6E4156EC4A2E0B6871D41BED9] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.06/11/2012 - 04:52:49.) -- C:\Windows\system32\Drivers\MRxSmb.sys [366080]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.11D7A4A4A1DA60F394F53B413DCDF0DE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/01/2013 - 02:29:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1934056]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes: Scanned in 00mn 02s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2975
~ Mes musiques (My Musics) : 1/3211
~ Mes Videos (My Videos) : 2/226
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/15044
~ Mon Bureau (My Desktop) : 2/6
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 29s



---\\ Processus lancés
[MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.1960]
[MD5.53B399A4785651C6B638541FD282E9AF] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8024576] [PID.6120]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://google.fr
G0 - GCSP: Preference [User Data\Default] http://www.searchgol.com =>Hijacker.SearchGol
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [chdboodilddefglllfoimeceomkpmkbi] SaltarSmart v.1.0.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mkfokfffehpeedafpekjeddnmnjhmcmk] Norton Identity Protection v.2013.3.2.10 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 16 Scanned in 00mn 09s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\IPS\IPSBHO.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SaltarSmart [64Bits] - {d99a4ec9-00bd-4fe4-85a5-4db018351265} . (.SaltarSmart - SaltarSmart.) -- C:\Program Files (x86)\SaltarSmart\SaltarSmartbho.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} Clé orpheline
~ BHO: 7 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\Desktop [Public]: VideoPlayer.lnk . (.Tuguu SL - VAFPlayer.) -- C:\Program Files (x86)\VideoPlayer\VAFPlayer.exe =>PUP.VAFPlayer
O4 - GS\Program [Public]: Adobe Photoshop Elements 11.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Elements 11.) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\Photoshop Elements 11.0.exe
O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Microsoft Office PowerPoint Viewer 2007.lnk . (...) -- C:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Microsoft Office.lnk . (...) -- C:\windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O4 - GS\Program [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
O4 - GS\Program [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\windows\WinStore\WinStore.htm
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.)
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d'écran.) -- C:\windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d'actions.) -- C:\windows\system32\psr.exe
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [Antoine H]: Google Chrome.lnk . (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\QuickLaunch [Antoine H]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Antoine H]: File Explorer.lnk . (...) -- C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\TaskBar [Antoine H]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
O4 - GS\TaskBar [Antoine H]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Antoine H]: Microsoft Office.lnk . (...) -- C:\windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O4 - GS\TaskBar [Antoine H]: Norton Internet Security.lnk . (.Symantec Corporation - Norton Protection Center UI Stub.) -- C:\Program Files (x86)\Norton Internet Security\Engine64\20.3.0.36\uiStub.exe
O4 - GS\TaskBar [Antoine H]: User Guide.lnk . (.Samsung Electronics CO,. LTD. - Runmanual.) -- C:\Program Files (x86)\Samsung\User Guide\RunManual.exe
O4 - GS\Program [Antoine H]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Antoine H]: S Agent.lnk . (...) -- C:\Program Files (x86)\Samsung\S Agent\CommonAgent.exe (.not file.)
O4 - GS\Accessories [Antoine H]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Desktop [Antoine H]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop [Antoine H]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Antoine H]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 38 Scanned in 00mn 09s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [Bitcasa] . (.Bitcasa, Inc - Bitcasa for Windows.) -- C:\Program Files\Bitcasa\Bitcasa.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
~ Application: Scanned in 00mn 01s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{17D1B2B3-4092-4ECC-9719-96841FE8DE6A}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{17D1B2B3-4092-4ECC-9719-96841FE8DE6A}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.0.66.10 109.0.66.20
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\windows\system32\CbFsMntNtf3.dll
~ SSODL: 2 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\windows\SysWow64\CbFsMntNtf3.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 11.0 (component).) - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: (Easy Launcher) . (.Samsung Electronics CO., LTD. - EasyLauncher.) - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: SW Update Service (SWUpdateService) . (.Samsung Electronics CO., LTD. - SW Update Agent.) - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update SaltarSmart (Update SaltarSmart) . (.SaltarSmart - SaltarSmart.) - C:\Program Files (x86)\SaltarSmart\updateSaltarSmart.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent (ZAtheros Bt and Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
~ Services: 16 Scanned in 00mn 12s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1086]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1090]
[MD5.BDBDF1121722D142980D547BE5DA9E75] [APT] [advRecovery] (.SEC.) -- C:\Program Files\Samsung\Recovery\WCScheduler.exe [3474480]
[MD5.82C362A81EE4E441CD85260C8E9E708A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [251784]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.F493BC001D91A63FA18AC1156706D880] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d] (.Intel Corporation.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824]
[MD5.F493BC001D91A63FA18AC1156706D880] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon] (.Intel Corporation.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824]
[MD5.1A8FAA5D7FBEB599FCC8C1021FA72987] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\WSCStub.exe [163432]
[MD5.EBB6E052762BDC16A3A8927D1E6E91F5] [APT] [Settings] (.Samsung Electronics CO., LTD..) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2624048]
[MD5.3832D44C0811EED1338B34328EB493EB] [APT] [Norton Error Analyzer] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\SymErr.exe [54096]
[MD5.3832D44C0811EED1338B34328EB493EB] [APT] [Norton Error Processor] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\SymErr.exe [54096]
~ Scheduled Task: 14 Scanned in 00mn 14s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: (cbfs3) . (.EldoS Corporation - Callback File System Driver.) - C:\windows\system32\drivers\cbfs3.sys
O41 - Driver: (ccSet_NARA) . (.Symantec Corporation - Common Client Settings Driver.) - C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 40 Scanned in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Photoshop Elements 11 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Photoshop Elements 11
O42 - Logiciel: Adobe Reader X (10.1.3) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
O42 - Logiciel: Bitcasa version 0.9.20.4135 - (.Bitcasa Inc..) [HKLM][64Bits] -- {EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Easy File Share - (.Samsung Electronics CO.,LTD..) [HKLM][64Bits] -- {A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}
O42 - Logiciel: Fotogalerie - (.Microsoft Corporation.) [HKLM][64Bits] -- {B19E03EA-067C-412F-A81E-271720E601AB}
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {FE8DFDD0-A543-4A83-B7A9-C411138194D5}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Help Desk - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {22B32087-797D-4A1B-AFA7-072C87580ADC}
O42 - Logiciel: Intel AppUp(SM) center - (.Intel.) [HKLM][64Bits] -- Intel AppUp(SM) center 33070
O42 - Logiciel: Intel(R) Manageability Engine Firmware Recovery Agent - (.Intel Corporation.) [HKLM][64Bits] -- {A6C48A9F-694A-4234-B3AA-62590B668927}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {FA00A3CC-7440-4938-A271-F186F50DD40D}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {F842F8B0-6942-4930-821F-543E976B2C66}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}
O42 - Logiciel: Norton Online Backup ARA - (.Symantec Corporation.) [HKLM][64Bits] -- NARA
O42 - Logiciel: PSE11 STI Installer - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {98CE8819-87AA-4814-8167-ADDDD513485F}
O42 - Logiciel: Plants vs. Zombies - (.PopCap Games.) [HKLM][64Bits] -- Plants vs. Zombies =>Adware.PopCap
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros Communications.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801}
O42 - Logiciel: Qualcomm Atheros Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Raccolta foto - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CAC8DE-288A-410D-A4A4-0190060E69AE}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Recovery - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: S Agent - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {39648D75-C1D7-4590-8A83-0A160AF3FFA3}
O42 - Logiciel: SW Update - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {43C711D9-67C9-4793-80D4-E957D638D531}
O42 - Logiciel: SaltarSmart 3.0.0 - (.SaltarSmart.) [HKLM][64Bits] -- SaltarSmart
O42 - Logiciel: Settings - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {8CB5C357-12E5-41B1-A024-D57D4E6F32D9}
O42 - Logiciel: Support Center - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {5422229D-6131-404C-8107-9B3F87EF65BB}
O42 - Logiciel: Support Center FAQ - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {02F04AFA-243D-4E6A-9556-60F8D2539547}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: User Guide - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {AAD986C1-5AC0-4E83-AEA4-44E10B78FB4A}
O42 - Logiciel: VideoPlayer v2.0.6 - (.TUGUU SL.) [HKLM][64Bits] -- VideoPlayer =>PUP.VAFPlayer
O42 - Logiciel: avast! Free Antivirus v8.0.1497.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
~ Logic: 83 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Atheros]
[HKCU\Software\Bitcasa]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Google]
[HKCU\Software\InstalledThirdPartyPrograms]
[HKCU\Software\Intel]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Norton]
[HKCU\Software\Policies]
[HKCU\Software\PopCap] =>Adware.PopCap
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SaltarSmart]
[HKCU\Software\Samsung]
[HKCU\Software\Software]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\mozilla]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Airplane]
[HKLM\Software\Atheros]
[HKLM\Software\Bitcasa]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\EldoS]
[HKLM\Software\InstalledOptions]
[HKLM\Software\InstalledThirdPartyPrograms]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Samsung]
[HKLM\Software\SonicFocus]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\VsMntNtf]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Dell]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PopCap] =>Adware.PopCap
[HKLM\Software\Wow6432Node\Qualcomm Atheros]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Samsung Electronics CO., LTD.]
[HKLM\Software\Wow6432Node\Samsung]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Sonic]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\VsMntNtf]
[HKLM\Software\Wow6432Node]
~ Key Software: 132 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/04/2013 - 14:58:10 - [1566,834] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 22/04/2013 - 14:27:20 - [83,870] ----D C:\Program Files (x86)\Bluetooth Suite
O43 - CFD: 26/09/2013 - 22:22:09 - [340,209] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 22/04/2013 - 14:34:29 - [177,272] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 25/09/2013 - 21:04:32 - [322,904] ----D C:\Program Files (x86)\Google
O43 - CFD: 28/09/2013 - 00:17:54 - [73,678] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 22/04/2013 - 14:44:33 - [298,684] ----D C:\Program Files (x86)\Intel
O43 - CFD: 22/04/2013 - 13:42:27 - [4,907] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 26/09/2013 - 22:31:51 - [32,959] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 22/04/2013 - 14:53:22 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 26/07/2012 - 09:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 26/09/2013 - 22:24:34 - [0] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 07/08/2012 - 13:22:54 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 26/09/2013 - 22:31:40 - [26,527] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 22/04/2013 - 14:31:11 - [507,592] ----D C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 22/04/2013 - 14:50:00 - [20,116] ----D C:\Program Files (x86)\Norton Online Backup ARA
O43 - CFD: 22/04/2013 - 14:49:53 - [71,387] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 22/04/2013 - 14:50:55 - [51,331] ----D C:\Program Files (x86)\PopCap Games =>Adware.PopCap
O43 - CFD: 22/04/2013 - 12:04:32 - [0,036] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 28/09/2013 - 00:45:31 - [2,739] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 07/08/2012 - 13:22:54 - [39,311] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 26/09/2013 - 23:00:28 - [1,175] ----D C:\Program Files (x86)\SaltarSmart
O43 - CFD: 22/04/2013 - 14:44:08 - [685,949] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 22/04/2013 - 14:50:09 - [8,374] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 22/04/2013 - 15:05:36 - [2,446] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 28/09/2013 - 00:18:05 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 24/09/2013 - 11:59:34 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 26/09/2013 - 23:12:07 - [8,637] ----D C:\Program Files (x86)\VideoPlayer
O43 - CFD: 28/09/2013 - 00:05:02 - [6,523] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 22/04/2013 - 11:57:13 - [1,083] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 22/04/2013 - 14:53:21 - [97,600] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 22/04/2013 - 11:57:13 - [7,000] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 22/04/2013 - 12:29:47 - [3,719] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 09:12:59 - [7,635] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 22/04/2013 - 11:57:13 - [5,356] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 28/09/2013 - 13:00:51 - [16,935] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 22/04/2013 - 15:01:39 - [281,337] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 22/04/2013 - 14:28:16 - [0,071] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 22/04/2013 - 12:01:07 - [1,943] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/09/2013 - 22:31:55 - [40,357] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 22/04/2013 - 11:59:49 - [0,187] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 22/04/2013 - 14:56:29 - [4,502] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 22/04/2013 - 14:30:30 - [0,650] ----D C:\Program Files (x86)\Common Files\QCA_Bluetooth
O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 22/04/2013 - 14:56:29 - [0,301] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 26/09/2013 - 22:22:09 - [0,595] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 22/04/2013 - 11:57:13 - [10,264] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 22/04/2013 - 14:52:16 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 27/09/2013 - 21:31:22 - [1177,738] ----D C:\ProgramData\Adobe
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 24/09/2013 - 12:02:09 - [0] ----D C:\ProgramData\Atheros
O43 - CFD: 28/09/2013 - 01:17:06 - [522,169] ----D C:\ProgramData\AVAST Software
O43 - CFD: 28/09/2013 - 00:47:06 - [0,040] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 22/04/2013 - 12:36:08 - [0,782] ----D C:\ProgramData\ColorMode
O43 - CFD: 22/04/2013 - 14:36:26 - [0,003] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 22/04/2013 - 14:45:20 - [2,317] ----D C:\ProgramData\Intel
O43 - CFD: 27/09/2013 - 23:00:18 - [-1161,639] -S--D C:\ProgramData\Microsoft
O43 - CFD: 24/09/2013 - 12:00:32 - [763,206] ----D C:\ProgramData\Norton
O43 - CFD: 22/04/2013 - 14:31:02 - [0,718] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 24/09/2013 - 12:11:29 - [32,479] ----D C:\ProgramData\PopCap Games =>Adware.PopCap
O43 - CFD: 05/08/2012 - 22:11:10 - [0,125] ----D C:\ProgramData\PRICache
O43 - CFD: 22/04/2013 - 12:04:08 - [0,021] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 22/04/2013 - 11:23:24 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 19/06/2013 - 17:39:36 - [351,344] ----D C:\ProgramData\Samsung
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 22/04/2013 - 14:50:08 - [0,005] ----D C:\ProgramData\Symantec
O43 - CFD: 24/09/2013 - 11:59:34 - [0,002] ----D C:\ProgramData\Synaptics
O43 - CFD: 24/09/2013 - 21:51:49 - [0] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 28/09/2013 - 00:50:10 - [336,476] ----D C:\ProgramData\WinClon
O43 - CFD: 25/09/2013 - 21:11:48 - [0,075] ----D C:\Users\Antoine H\AppData\Roaming\Adobe
O43 - CFD: 24/09/2013 - 12:01:46 - [0] ----D C:\Users\Antoine H\AppData\Roaming\Atheros
O43 - CFD: 24/09/2013 - 12:57:46 - [0,001] ----D C:\Users\Antoine H\AppData\Roaming\Macromedia
O43 - CFD: 26/09/2013 - 16:51:51 - [0,743] -S--D C:\Users\Antoine H\AppData\Roaming\Microsoft
O43 - CFD: 24/09/2013 - 11:59:01 - [0] ----D C:\Users\Antoine H\AppData\Roaming\Synaptics
O43 - CFD: 28/09/2013 - 13:02:33 - [0,031] ----D C:\Users\Antoine H\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 25/09/2013 - 21:11:48 - [14,993] ----D C:\Users\Antoine H\AppData\Local\Adobe
O43 - CFD: 24/09/2013 - 11:58:21 - [0] -SH-D C:\Users\Antoine H\AppData\Local\Application Data
O43 - CFD: 25/09/2013 - 20:55:18 - [1,579] ----D C:\Users\Antoine H\AppData\Local\Apps
O43 - CFD: 26/09/2013 - 22:25:08 - [0,121] ----D C:\Users\Antoine H\AppData\Local\avgchrome
O43 - CFD: 24/09/2013 - 20:49:15 - [0] ----D C:\Users\Antoine H\AppData\Local\bitcasa
O43 - CFD: 24/09/2013 - 12:02:13 - [0] ----D C:\Users\Antoine H\AppData\Local\BMExplorer
O43 - CFD: 28/09/2013 - 00:11:30 - [5,819] ----D C:\Users\Antoine H\AppData\Local\CrashDumps
O43 - CFD: 25/09/2013 - 20:56:00 - [0] ----D C:\Users\Antoine H\AppData\Local\Deployment
O43 - CFD: 24/09/2013 - 20:48:23 - [0,459] ----D C:\Users\Antoine H\AppData\Local\Diagnostics
O43 - CFD: 25/09/2013 - 21:04:46 - [116,714] ----D C:\Users\Antoine H\AppData\Local\Google
O43 - CFD: 24/09/2013 - 11:58:21 - [0] -SH-D C:\Users\Antoine H\AppData\Local\Historique
O43 - CFD: 28/09/2013 - 00:07:26 - [164,417] ----D C:\Users\Antoine H\AppData\Local\Microsoft
O43 - CFD: 24/09/2013 - 11:59:55 - [100,053] ----D C:\Users\Antoine H\AppData\Local\Packages
O43 - CFD: 26/09/2013 - 23:09:34 - [0] ----D C:\Users\Antoine H\AppData\Local\Programs
O43 - CFD: 24/09/2013 - 12:00:58 - [0] ----D C:\Users\Antoine H\AppData\Local\Samsung
O43 - CFD: 26/09/2013 - 23:09:54 - [0] ----D C:\Users\Antoine H\AppData\Local\Software
O43 - CFD: 28/09/2013 - 13:00:38 - [75,588] ----D C:\Users\Antoine H\AppData\Local\Temp
O43 - CFD: 24/09/2013 - 11:58:21 - [0] -SH-D C:\Users\Antoine H\AppData\Local\Temporary Internet Files
O43 - CFD: 24/09/2013 - 11:58:57 - [0] ----D C:\Users\Antoine H\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 24/09/2013 - 12:00:15 - [0] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/07/2012 - 09:13:00 - [0] ----D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 28/09/2013 - 00:05:04 - [0,005] ----D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 27/09/2013 - 23:38:01 - [0] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 107 Scanned in 02mn 08s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.85FF5B4DAD9287928368EA4DD9DBEF4D] - 28/09/2013 - 13:00:57 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1048543]
O44 - LFC:[MD5.E230742572901375ECA4DE8F21DFF519] - 28/09/2013 - 09:11:31 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.A83C9C15680BB9E270ACF7172068E287] - 28/09/2013 - 01:18:20 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\Drivers\aswFsBlk.sys [33400]
O44 - LFC:[MD5.EC7148DB4D126C81426A67602822E62C] - 28/09/2013 - 01:18:19 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [378944]
O44 - LFC:[MD5.997F6977294B9ACB7F400431DF8E3A4A] - 28/09/2013 - 01:18:13 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [72016]
O44 - LFC:[MD5.0E422E9CB7CD9C0AA6D4DFEAFA086EAA] - 28/09/2013 - 01:18:12 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [64288]
O44 - LFC:[MD5.58B93BA20D4693D0800D2B0A62B8059D] - 28/09/2013 - 01:18:08 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1030952]
O44 - LFC:[MD5.9FE455C916C656144B004E3EB48507CE] - 28/09/2013 - 01:18:06 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [204880]
O44 - LFC:[MD5.286193DC28CFB4CEB8D378E20A0850A9] - 28/09/2013 - 01:18:04 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O44 - LFC:[MD5.5C40B8D77EBEE1DE0E7A8CDD0CD75773] - 28/09/2013 - 01:18:02 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [80816]
O44 - LFC:[MD5.460403D865C633E2FB39C772BA993641] - 28/09/2013 - 01:18:02 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [287840]
O44 - LFC:[MD5.460403D865C633E2FB39C772BA993641] - 28/09/2013 - 01:18:02 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [287840]
O44 - LFC:[MD5.5F1BE751FC8515C34BC307DE976F4BF9] - 28/09/2013 - 01:17:30 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [41664]
O44 - LFC:[MD5.1F72ED1BC9C97CE2914D8D7CC780B57E] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [3624158]
O44 - LFC:[MD5.40E53FDB9A18E00FFCED1EAC827DFBD6] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\SysNative\perfc007.dat [155360]
O44 - LFC:[MD5.6112AD483F3B8EB0BBF4180E72557E3F] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [132614]
O44 - LFC:[MD5.AAD97C2035BCB8847E808E6ED3A4FCEE] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [155650]
O44 - LFC:[MD5.C6D6698B5F5A99B8FBF89D838E46755A] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\SysNative\perfc010.dat [152608]
O44 - LFC:[MD5.7CAE23C58ED98F60D550FB2BE5D598F2] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\SysNative\perfh007.dat [741800]
O44 - LFC:[MD5.AC7F07AEA252F2954C1A01AB35758053] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [710244]
O44 - LFC:[MD5.663802563B7A0F044D034F1193E32EBE] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [800978]
O44 - LFC:[MD5.6D6AEF1D7422512B5ACB3D3BB2510878] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\SysNative\perfh010.dat [780976]
O44 - LFC:[MD5.1F72ED1BC9C97CE2914D8D7CC780B57E] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [3624158]
O44 - LFC:[MD5.40E53FDB9A18E00FFCED1EAC827DFBD6] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\System32\perfc007.dat [155360]
O44 - LFC:[MD5.6112AD483F3B8EB0BBF4180E72557E3F] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132614]
O44 - LFC:[MD5.AAD97C2035BCB8847E808E6ED3A4FCEE] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155650]
O44 - LFC:[MD5.C6D6698B5F5A99B8FBF89D838E46755A] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\System32\perfc010.dat [152608]
O44 - LFC:[MD5.7CAE23C58ED98F60D550FB2BE5D598F2] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\System32\perfh007.dat [741800]
O44 - LFC:[MD5.AC7F07AEA252F2954C1A01AB35758053] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710244]
O44 - LFC:[MD5.663802563B7A0F044D034F1193E32EBE] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [800978]
O44 - LFC:[MD5.6D6AEF1D7422512B5ACB3D3BB2510878] - 28/09/2013 - 00:52:03 ---A- . (...) -- C:\Windows\System32\perfh010.dat [780976]
O44 - LFC:[MD5.4C5ACB8C700374A08CB0A9F9CDCB4824] - 28/09/2013 - 00:46:26 ---A- . (...) -- C:\Windows\setupact.log [24494]
O44 - LFC:[MD5.7BF71C39465DB83474275EE356F76D46] - 28/09/2013 - 00:45:32 ---A- . (...) -- C:\Windows\PFRO.log [19140]
O44 - LFC:[MD5.6D1B8A9A2C0BD4851D8AF1AB43E67AD9] - 25/09/2013 - 23:15:11 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [1455368]
O44 - LFC:[MD5.3E70676B18292EF37017E8895EBF9AC3] - 25/09/2013 - 23:14:54 ---A- . (.Microsoft Corporation - Édition DirectShow..) -- C:\Windows\SysNative\qedit.dll [595968]
O44 - LFC:[MD5.3E70676B18292EF37017E8895EBF9AC3] - 25/09/2013 - 23:14:54 ---A- . (.Microsoft Corporation - Édition DirectShow..) -- C:\Windows\System32\qedit.dll [595968]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/09/2013 - 11:59:09 ---A- . (...) -- C:\Windows\System32\Drivers\144D_SAMSUNG_na_3570R_P08R.mrk [0]
~ Files: 37 Scanned in 00mn 24s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 13/03/2172 - 19:56:53 ----D - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.B4D68B9AB7D70E33EEB1F7EAAD1E6FA1] - 24/09/2013 - 11:56:28 ---A- - C:\Windows\Prefetch\AgAppLaunch.db
O45 - LFCP:[MD5.F51F5EE86E38AD31DCF78B7A178CDAB5] - 24/09/2013 - 11:58:58 ---A- - C:\Windows\Prefetch\BYTECODEGENERATOR.EXE-9C808144.pf
O45 - LFCP:[MD5.7A49941CB43992FBCDEB77DBC8AC2B65] - 24/09/2013 - 11:59:07 ---A- - C:\Windows\Prefetch\BYTECODEGENERATOR.EXE-353D57C0.pf
O45 - LFCP:[MD5.8BCB8B111BCD34C2F189E818824DD121] - 24/09/2013 - 11:59:14 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-CEFAA268.pf
O45 - LFCP:[MD5.2E0D4679EB575D33FB4A4F84EA48D0D5] - 24/09/2013 - 11:59:40 ---A- - C:\Windows\Prefetch\MSETUP.EXE-69E2B41C.pf
O45 - LFCP:[MD5.EB2AB7648354C13CAE3DE5B3F0457AE6] - 24/09/2013 - 11:59:43 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-AAB0060C.pf
O45 - LFCP:[MD5.224E074DD77E3B3E3F452470E52FE378] - 24/09/2013 - 11:59:51 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-DCDBD980.pf
O45 - LFCP:[MD5.D3B08CF93FB676B1BE388B8D70AC129F] - 24/09/2013 - 11:59:55 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C5D469F3.pf
O45 - LFCP:[MD5.9996CF2E69BB49225151F6F724DE8A55] - 24/09/2013 - 11:59:59 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-D9597FE9.pf
O45 - LFCP:[MD5.3659A48C02601219465099C92C6704BF] - 24/09/2013 - 12:00:00 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-2877F8F1.pf
O45 - LFCP:[MD5.BC43986DF6CF246398ABFC0BE5DF7A49] - 24/09/2013 - 12:00:05 ---A- - C:\Windows\Prefetch\IE4UINIT.EXE-97F7E751.pf
O45 - LFCP:[MD5.D186E654E6C304832FC3E0EFFD8BCC38] - 24/09/2013 - 12:00:13 ---A- - C:\Windows\Prefetch\WINMAIL.EXE-83E66E4B.pf
O45 - LFCP:[MD5.114D637F82E24C66C1957774754726DC] - 24/09/2013 - 12:00:14 ---A- - C:\Windows\Prefetch\UNREGMP2.EXE-800E8C32.pf
O45 - LFCP:[MD5.D47D8213E27BA681323888D7B156B626] - 24/09/2013 - 12:00:17 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7DABA587.pf
O45 - LFCP:[MD5.1BDADD53DC45602473CFD01D7785D409] - 24/09/2013 - 12:01:01 ---A- - C:\Windows\Prefetch\SYMSILENT.EXE-F1A2F213.pf
O45 - LFCP:[MD5.71049F18D38EFCC1C99085A95DA359C1] - 24/09/2013 - 12:01:15 ---A- - C:\Windows\Prefetch\WCSCHEDULER.EXE-C975E01A.pf
O45 - LFCP:[MD5.DA75E1941FF92F50171A207A88D3204E] - 24/09/2013 - 12:01:19 ---A- - C:\Windows\Prefetch\INSTSTUB.EXE-94984855.pf
O45 - LFCP:[MD5.3795326A7F63615C49F671D6B0D93747] - 24/09/2013 - 12:01:25 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-A4FD33DD.pf
O45 - LFCP:[MD5.705DD36E93F
Ajouter un commentaire
Réponse
+0
moins plus
Tu as deux antivirus, Avast et Norton, il faut n'en garder qu'un.

--> Copie tout le texte présent en gras ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").


Script ZHPFix
SysRestore
G0 - GCSP: Preference [User Data\Default] http://www.searchgol.com
G2 - GCE: Preference [User Data\Default] [chdboodilddefglllfoimeceomkpmkbi] SaltarSmart v.1.0.0 (Désactivé)
O2 - BHO: SaltarSmart [64Bits] - {d99a4ec9-00bd-4fe4-85a5-4db018351265} . (.SaltarSmart - SaltarSmart.) -- C:\Program Files (x86)\SaltarSmart\SaltarSmartbho.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O4 - GS\Desktop [Public]: VideoPlayer.lnk . (.Tuguu SL - VAFPlayer.) -- C:\Program Files (x86)\VideoPlayer\VAFPlayer.exe
O23 - Service: Update SaltarSmart (Update SaltarSmart) . (.SaltarSmart - SaltarSmart.) - C:\Program Files (x86)\SaltarSmart\updateSaltarSmart.exe
O42 - Logiciel: SaltarSmart 3.0.0 - (.SaltarSmart.) [HKLM][64Bits] -- SaltarSmart
O42 - Logiciel: VideoPlayer v2.0.6 - (.TUGUU SL.) [HKLM][64Bits] -- VideoPlayer
[HKCU\Software\SaltarSmart]
O43 - CFD: 26/09/2013 - 23:00:28 - [1,175] ----D C:\Program Files (x86)\SaltarSmart
O43 - CFD: 26/09/2013 - 23:12:07 - [8,637] ----D C:\Program Files (x86)\VideoPlayer
O43 - CFD: 28/09/2013 - 00:47:06 - [0,040] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 26/09/2013 - 23:09:54 - [0] ----D C:\Users\Antoine H\AppData\Local\Software
C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\feignjcdbggijogkdpeljgllgehempia
O61 - LFC: 26/09/2013 - 22:25:06 ---A- . (...) -- C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_feignjcdbggijogkdpeljgllgehempia_0.localstorage [3072]
O61 - LFC: 26/09/2013 - 22:25:06 ---A- . (...) -- C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_feignjcdbggijogkdpeljgllgehempia_0.localstorage-journal [3608]
O61 - LFC: 26/09/2013 - 22:41:03 ---A- . (.Tuguu S.L.U.) -- C:\Users\Antoine H\Downloads\Setup.exe [243280]
O61 - LFC: 26/09/2013 - 22:41:19 ---A- . (.Tuguu S.L.U.) -- C:\Users\Antoine H\Downloads\Setup (1).exe [243280]
O61 - LFC: 26/09/2013 - 22:52:35 ---A- . (.Tuguu S.L.U.) -- C:\Users\Antoine H\Downloads\Setup (2).exe [243248]
O61 - LFC: 26/09/2013 - 22:53:12 ---A- . (.Tuguu S.L.U.) -- C:\Users\Antoine H\Downloads\Setup (3).exe [243256]
C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\chdboodilddefglllfoimeceomkpmkbi
O61 - LFC: 27/09/2013 - 23:45:27 ---A- . (...) -- C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.fr_0.localstorage [3072]
O61 - LFC: 27/09/2013 - 23:45:27 ---A- . (...) -- C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.fr_0.localstorage-journal [512]
C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhcfmaahmpmacphcjdfmcjgdflhkgall
C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fhcfmaahmpmacphcjdfmcjgdflhkgall_0
O61 - LFC: 28/09/2013 - 09:37:33 ---A- . (...) -- C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage [5120]
O61 - LFC: 28/09/2013 - 09:37:34 ---A- . (...) -- C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage-journal [5672]
O87 - FAEL: "{871A15A9-8A63-4B22-8412-C338952B1768}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.)
SR - | Auto 30/08/2013 206624 | (Update SaltarSmart) . (.SaltarSmart.) - C:\Program Files (x86)\SaltarSmart\updateSaltarSmart.exe
C:\Windows\Prefetch\POPCAPGAME1.EXE-6A87FC49.pf
C:\Windows\Prefetch\DSEARCHLINK.EXE-94DAECA9.pf
C:\Windows\Prefetch\ADDLYRICS.EXE-6C544A5E.pf
C:\Windows\Prefetch\LYRICSBUDDY-1-HELPER.EXE-6CC5AFAC.pf
C:\Windows\Prefetch\MYDELTATB.EXE-D675DEA7.pf
C:\Windows\Prefetch\DELTA BABYLON.EXE-4BB5996A.pf
C:\Windows\Prefetch\DSEARCHLINK.EXE-6BFC083E.pf
C:\Windows\Prefetch\MYDELTATB.EXE-FAE6EB8C.pf
C:\Windows\Prefetch\BABMAINT.EXE-EB30460C.pf
C:\Windows\Prefetch\QVO6.EXE-16837BFF.pf
C:\Windows\Prefetch\ADDLYRICS3.EXE-0232D4AD.pf
C:\Windows\Prefetch\LYRICSMONKEY_1060-1053.EXE-9447B2AC.pf
C:\Windows\Prefetch\LYRICSMONKEY-1-HELPER.EXE-F645FDA2.pf
C:\Windows\Prefetch\OPTIMIZERPRO.EXE-E196B491.pf
C:\Windows\Prefetch\OPTIMIZER_PRO.EXE-0D924A7A.pf
C:\Windows\Prefetch\OPTIMIZER_PRO.TMP-D19DBAAC.pf
C:\Windows\Prefetch\OBBOXORE.EXE-EAAA987B.pf
C:\Windows\Prefetch\BOXOREINSTALLER.EXE-5028E38C.pf
C:\Windows\Prefetch\OPTIMIZERPRO.EXE-FA03D2EB.pf
C:\Windows\Prefetch\WAJAM_DOWNLOAD.EXE-C09F2766.pf
C:\Windows\Prefetch\WAJAMIM.EXE-DBAFAFE1.pf
C:\Windows\Prefetch\LYRICSMONKEY-1-BG.EXE-880FB8A7.pf
C:\Windows\Prefetch\LYRICSBUDDY-1-BG.EXE-859895F1.pf
C:\Windows\Prefetch\BITGUARD.EXE-73338CDF.pf
C:\Windows\Prefetch\MYPC BACKUP.EXE-D2D9F9B9.pf
C:\Windows\Prefetch\LYRICSBUDDY-1-CHROMEINSTALLER-25DC8E78.pf
C:\Windows\Prefetch\LYRICSBUDDY-1-CODEDOWNLOADER.-4B44E0B6.pf
C:\Windows\Prefetch\LYRICSBUDDY-1-ENABLER.EXE-C8873E39.pf
C:\Windows\Prefetch\LYRICSBUDDY-1-UPDATER.EXE-CB41DAAD.pf
C:\Windows\Prefetch\DELTA-HOMES.EXE-5A6E1858.pf
C:\Windows\Prefetch\LYRICSMONKEY-1-CHROMEINSTALLE-A8F6D17E.pf
C:\Windows\Prefetch\LYRICSMONKEY-1-CODEDOWNLOADER-56C58D2C.pf
C:\Windows\Prefetch\LYRICSMONKEY-1-ENABLER.EXE-17A826BF.pf
C:\Windows\Prefetch\LYRICSMONKEY-1-UPDATER.EXE-1A62C333.pf
C:\Windows\Prefetch\LOLLIPOP.EXE-EA4FC299.pf
C:\Windows\Prefetch\LYRICSBUDDY-1-ENABLER.EXE-8297EC07.pf
C:\Windows\Prefetch\LYRICSMONKEY-1-ENABLER.EXE-E31267D1.pf
C:\Windows\Prefetch\DELTA-HOMES.EXE-E5C16E40.pf
EmptyFlash
EmptyTemp



--> Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.

--> Clique sur le bouton "IMPORTER".

--> Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître.

--> Clique sur "GO" pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.

--> Accepte la désinstallation des programmes si proposé, mais refuse le redémarrage de ton PC si également proposé, car cela stopperait ZHPFix.

--> Une fois terminé, copie-colle le rapport dans ton prochain message.
Ajouter un commentaire
Réponse
+0
moins plus
Rapport de ZHPFix 2013.9.28.12 par Nicolas Coolman, Update du 28/09/2013
Fichier d'export Registre :
Run by Antoine H at 28/09/2013 19:36:15
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)

Corbeille vidée

========== Logiciels ==========
ABSENT Uninstall Process: c:\program files (x86)\videoplayer\uninstall.exe

========== Processus mémoire ==========
SUPPRIMÉ: Memory Process: C:\Windows\Prefetch\POPCAPGAME1.EXE-6A87FC49.pf
SUPPRIMÉ: Memory Process: C:\Windows\Prefetch\MYDELTATB.EXE-D675DEA7.pf
SUPPRIMÉ: Memory Process: C:\Windows\Prefetch\LOLLIPOP.EXE-EA4FC299.pf

========== Clés du Registre ==========
SUPPRIMÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VideoPlayer]
SUPPRIMÉ: CLSID BHO: {d99a4ec9-00bd-4fe4-85a5-4db018351265}
SUPPRIMÉ: [HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
SUPPRIMÉ: Service: Update SaltarSmart
SUPPRIMÉ: HKCU\Software\SaltarSmart

========== Valeurs du Registre ==========
SUPPRIMÉ: {871A15A9-8A63-4B22-8412-C338952B1768}

========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\Antoine H\AppData\Local\Google\Chrome\User Data\Default\Preferences
SUPPRIMÉ Chrome Site: http://www.searchgol.com
SUPPRIMÉ Chrome Site: http://www.searchgol.com
SUPPRIMÉ Chrome Site: http://www.searchgol.com
SUPPRIMÉ Chrome Site: http://www.searchgol.com

========== Dossiers ==========
SUPPRIMÉ Redémarrage:** C:\Program Files (x86)\SaltarSmart
SUPPRIMÉ: C:\Program Files (x86)\VideoPlayer
SUPPRIMÉ Redémarrage:** C:\ProgramData\boost_interprocess
SUPPRIMÉ: C:\Users\Antoine H\AppData\Local\Software
SUPPRIMÉ: c:\users\antoine h\appdata\local\google\chrome\user data\default\local extension settings\feignjcdbggijogkdpeljgllgehempia
SUPPRIMÉ: c:\users\antoine h\appdata\local\google\chrome\user data\default\local extension settings\chdboodilddefglllfoimeceomkpmkbi
SUPPRIMÉ: c:\users\antoine h\appdata\local\google\chrome\user data\default\local extension settings\fhcfmaahmpmacphcjdfmcjgdflhkgall
SUPPRIMÉ: c:\users\antoine h\appdata\local\google\chrome\user data\default\databases\chrome-extension_fhcfmaahmpmacphcjdfmcjgdflhkgall_0
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Fichiers ==========
SUPPRIMÉ: c:\users\antoine h\appdata\local\google\chrome\user data\default\preferences
SUPPRIMÉ Redémarrage: c:\program files (x86)\saltarsmart\saltarsmartbho.dll
SUPPRIMÉ: c:\users\public\desktop\videoplayer.lnk
SUPPRIMÉ: c:\program files (x86)\videoplayer\vafplayer.exe
SUPPRIMÉ: c:\users\antoine h\appdata\local\google\chrome\user data\default\local storage\chrome-extension_feignjcdbggijogkdpeljgllgehempia_0.localstorage
SUPPRIMÉ: c:\users\antoine h\appdata\local\google\chrome\user data\default\local storage\chrome-extension_feignjcdbggijogkdpeljgllgehempia_0.localstorage-journal
SUPPRIMÉ: c:\users\antoine h\downloads\setup.exe
SUPPRIMÉ: c:\users\antoine h\downloads\setup (1).exe
SUPPRIMÉ: c:\users\antoine h\appdata\local\google\chrome\user data\default\local storage\http_www.softonic.fr_0.localstorage
SUPPRIMÉ: c:\users\antoine h\appdata\local\google\chrome\user data\default\local storage\http_www.softonic.fr_0.localstorage-journal
SUPPRIMÉ:* c:\windows\prefetch\popcapgame1.exe-6a87fc49.pf
SUPPRIMÉ:* c:\windows\prefetch\mydeltatb.exe-d675dea7.pf
SUPPRIMÉ:* c:\windows\prefetch\lollipop.exe-ea4fc299.pf
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
3 : Processus mémoire
5 : Clés du Registre
1 : Valeurs du Registre
10 : Dossiers
15 : Fichiers
1 : Logiciels
5 : Préférences navigateur
1 : Restauration Système


End of clean in 01mn 36s

========== Chemin de fichier rapport ==========
C:\Users\Antoine H\AppData\Roaming\ZHP\ZHPFix[R1].txt - 28/09/2013 19:37:27 [3890]
Ajouter un commentaire
Réponse
+0
moins plus
Voilà le rapport (désolé j'ai mi plusieurs fois la même dsl :/ ) (merci pour ce que tu fais)
Ajouter un commentaire
Réponse
+0
moins plus
Plus de souci ?

Je voudrais un nouveau rapport ZHPDiag.
Ajouter un commentaire
Réponse
+0
moins plus
Bah écoute apparemment tout est revenu comme avant :) merci beaucoup Destrio5 ! Tu veux un nouveau rapport ZHPDiag? Tu veux que je fasse quoi alors?
Ajouter un commentaire
Réponse
+0
moins plus
Oui.
narcisse80- 28 sept. 2013 à 22:08
ça me marque que ce n'est pas une valeur entière valide arrivé à 61% :/
Répondre
Destrio5 83999Messages postés dimanche 11 juillet 2010Date d'inscription ModérateurStatut 3 mars 2015Dernière intervention - 28 sept. 2013 à 23:33
Redémarre ton PC puis réessaie.
Répondre
Ajouter un commentaire
Réponse
+0
moins plus
Après plusieurs tentatives ça a marché alors voici le rapport, mais je pense que j'ai encore qqes virus car des pub s'affichent en plein milieu de mon écran à n'importe quel moment même genre sur Facebook, etc :/

~ Rapport de ZHPDiag v2013.9.28.51 - Nicolas Coolman (28/09/2013)
~ Lancé par Antoine H (29/09/2013 22:14:07)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16688
GCIE: Google Chrome v29.0.1547.76 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
Norton Internet Security v20.4.0.40
Windows Defender W8

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3977 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 428 GB (63%) free of 677 GB

---\\ Mode de connexion au système
~ Computer Name: ANTOINE
~ User Name: Antoine H
~ All Users Names: HomeGroupUser$, Antoine H, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Antoine H\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Antoine H\AppData\Roaming\
~ %Desktop% : C:\Users\Antoine H\Desktop\
~ %Favorites% : C:\Users\Antoine H\Favorites\
~ %LocalAppData% : C:\Users\Antoine H\AppData\Local\
~ %StartMenu% : C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 428 Go of 677 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 29 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.6DBE239FF1C9650A794C974B8C7913D7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/08/2013 - 05:12:06.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2979
~ Mes musiques (My Musics) : 1/3211
~ Mes Videos (My Videos) : 2/226
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/15045
~ Mon Bureau (My Desktop) : 2/8
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 05s



---\\ Processus lancés
[MD5.1BF9D6476061B31CD7FC2BF848529A56] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368] [PID.2472]
[MD5.EBB6E052762BDC16A3A8927D1E6E91F5] - (.Samsung Electronics CO., LTD. - Settings.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2624048] [PID.3860]
[MD5.B38C9291160CD13077DABA12B8A197A9] - (.loss - arisai.) -- C:\Users\Antoine H\AppData\Local\Lollipop\Lollipop.exe [1970176] [PID.988] =>Adware.Lollipop
[MD5.AE29724E282EDBE7D0F49E9982642EFD] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392] [PID.4124]
[MD5.B8E421C0890356CD4A793D8A346D9096] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712] [PID.4228]
[MD5.290DFF71C80B837339B897A328C711B8] - (.Boxore OU - Boxore Client.) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe [961312] [PID.4932] =>Adware.Boxore
[MD5.E386800116A8DCE3AD797F34A6126081] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770648] [PID.4624]
[MD5.C28ACD3A1787DB85870C9EA5D3B783CE] - (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe [649056] [PID.5836]
[MD5.53B399A4785651C6B638541FD282E9AF] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8024576] [PID.4528]
~ Processes Running: Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.dll
O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} Clé orpheline
~ BHO: 4 Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: WinRAR.lnk . (.Alexander Roshal - WinRAR archiver.) -- C:\Program Files (x86)\WinRAR\WinRAR.exe
O4 - GS\Program [Public]: Adobe Photoshop Elements 11.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Elements 11.) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\Photoshop Elements 11.0.exe
O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Microsoft Office PowerPoint Viewer 2007.lnk . (...) -- C:\windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Microsoft Office.lnk . (...) -- C:\windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O4 - GS\Program [Public]: Movie Maker.lnk . (.Microsoft Corporation - Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
O4 - GS\Program [Public]: Photo Gallery.lnk . (.Microsoft Corporation - Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
O4 - GS\Program [Public]: Windows Store.lnk . (...) -- C:\windows\WinStore\WinStore.htm
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (...) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe (.not file.)
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture d'écran.) -- C:\windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Enregistreur d'actions.) -- C:\windows\system32\psr.exe
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [Antoine H]: Google Chrome.lnk . (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\QuickLaunch [Antoine H]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Antoine H]: File Explorer.lnk . (...) -- C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Libraries
O4 - GS\TaskBar [Antoine H]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
O4 - GS\TaskBar [Antoine H]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Antoine H]: Microsoft Office.lnk . (...) -- C:\windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O4 - GS\TaskBar [Antoine H]: Norton Internet Security.lnk . (.Symantec Corporation - Norton Protection Center UI Stub.) -- C:\Program Files (x86)\Norton Internet Security\Engine64\20.4.0.40\uistub.exe
O4 - GS\TaskBar [Antoine H]: User Guide.lnk . (.Samsung Electronics CO,. LTD. - Runmanual.) -- C:\Program Files (x86)\Samsung\User Guide\RunManual.exe
O4 - GS\Program [Antoine H]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Antoine H]: Lollipop.lnk . (.loss - arisai.) -- C:\Users\Antoine H\AppData\Local\Lollipop\Lollipop.exe =>Adware.Lollipop
O4 - GS\Program [Antoine H]: S Agent.lnk . (...) -- C:\Program Files (x86)\Samsung\S Agent\CommonAgent.exe (.not file.)
O4 - GS\Accessories [Antoine H]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Desktop [Antoine H]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Desktop [Antoine H]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop [Antoine H]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [Antoine H]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 39 Scanned in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Antoine H]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - HKLM\..\Run: [Bitcasa] . (.Bitcasa, Inc - Bitcasa for Windows.) -- C:\Program Files\Bitcasa\Bitcasa.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [lollipop] . (.loss - arisai.) -- c:\users\antoine h\appdata\local\lollipop\lollipop.exe =>Adware.Lollipop
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Wow6432Node\Run: [Boxore Client] . (.Boxore OU - Boxore Client.) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-778861357-4007362292-4267262675-1001\..\Run: [lollipop] . (.loss - arisai.) -- c:\users\antoine h\appdata\local\lollipop\lollipop.exe =>Adware.Lollipop
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{17D1B2B3-4092-4ECC-9719-96841FE8DE6A}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{17D1B2B3-4092-4ECC-9719-96841FE8DE6A}: DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.0.66.10 109.0.66.20
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\windows\system32\CbFsMntNtf3.dll
~ SSODL: 2 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\windows\SysWow64\CbFsMntNtf3.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 11.0 (component).) - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: (Easy Launcher) . (.Samsung Electronics CO., LTD. - EasyLauncher.) - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Service Software Update (Software_update (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
O23 - Service: SW Update Service (SWUpdateService) . (.Samsung Electronics CO., LTD. - SW Update Agent.) - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent (ZAtheros Bt and Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
~ Services: 16 Scanned in 00mn 06s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1086]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1090]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [936]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [940]
[MD5.BDBDF1121722D142980D547BE5DA9E75] [APT] [advRecovery] (.SEC.) -- C:\Program Files\Samsung\Recovery\WCScheduler.exe [3474480]
[MD5.C34968C46A99BBD6248D30F9F1B778C2] [APT] [BoxSoftwareUpdate] (...) -- C:\ProgramData\BoxUpdChk\updchk.exe [177152]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.F493BC001D91A63FA18AC1156706D880] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d] (.Intel Corporation.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824]
[MD5.F493BC001D91A63FA18AC1156706D880] [APT] [ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon] (.Intel Corporation.) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824]
[MD5.C66557728011B83C4FFAE7DD022F99DA] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [163944]
[MD5.EBB6E052762BDC16A3A8927D1E6E91F5] [APT] [Settings] (.Samsung Electronics CO., LTD..) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2624048]
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.7720251986778B402978761589434491] [APT] [Norton Error Analyzer] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [54096]
[MD5.7720251986778B402978761589434491] [APT] [Norton Error Processor] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [54096]
~ Scheduled Task: 18 Scanned in 00mn 07s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: (cbfs3) . (.EldoS Corporation - Callback File System Driver.) - C:\windows\system32\drivers\cbfs3.sys
O41 - Driver: (ccSet_NARA) . (.Symantec Corporation - Common Client Settings Driver.) - C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 38 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Photoshop Elements 11 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Photoshop Elements 11
O42 - Logiciel: Adobe Reader X (10.1.3) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
O42 - Logiciel: Bitcasa version 0.9.20.4135 - (.Bitcasa Inc..) [HKLM][64Bits] -- {EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {CA2B24FD-EE10-42B9-B049-AA80268E7E21} =>Adware.Boxore
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Easy File Share - (.Samsung Electronics CO.,LTD..) [HKLM][64Bits] -- {A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}
O42 - Logiciel: Fotogalerie - (.Microsoft Corporation.) [HKLM][64Bits] -- {B19E03EA-067C-412F-A81E-271720E601AB}
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {FE8DFDD0-A543-4A83-B7A9-C411138194D5}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Help Desk - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {22B32087-797D-4A1B-AFA7-072C87580ADC}
O42 - Logiciel: Intel AppUp(SM) center - (.Intel.) [HKLM][64Bits] -- Intel AppUp(SM) center 33070
O42 - Logiciel: Intel(R) Manageability Engine Firmware Recovery Agent - (.Intel Corporation.) [HKLM][64Bits] -- {A6C48A9F-694A-4234-B3AA-62590B668927}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {FA00A3CC-7440-4938-A271-F186F50DD40D}
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU][64Bits] -- lollipop =>Adware.Lollipop
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {F842F8B0-6942-4930-821F-543E976B2C66}
O42 - Logiciel: MyPC Backup - (.MyPC Backup.) [HKLM][64Bits] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}
O42 - Logiciel: Norton Online Backup ARA - (.Symantec Corporation.) [HKLM][64Bits] -- NARA
O42 - Logiciel: PSE11 STI Installer - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {98CE8819-87AA-4814-8167-ADDDD513485F}
O42 - Logiciel: Plants vs. Zombies - (.PopCap Games.) [HKLM][64Bits] -- Plants vs. Zombies =>Adware.PopCap
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros Communications.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801}
O42 - Logiciel: Qualcomm Atheros Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Raccolta foto - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CAC8DE-288A-410D-A4A4-0190060E69AE}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Recovery - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: S Agent - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {39648D75-C1D7-4590-8A83-0A160AF3FFA3}
O42 - Logiciel: SW Update - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {43C711D9-67C9-4793-80D4-E957D638D531}
O42 - Logiciel: SaltarSmart 3.0.0 - (.SaltarSmart.) [HKLM][64Bits] -- SaltarSmart
O42 - Logiciel: Settings - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {8CB5C357-12E5-41B1-A024-D57D4E6F32D9}
O42 - Logiciel: Software Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Support Center - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {5422229D-6131-404C-8107-9B3F87EF65BB}
O42 - Logiciel: Support Center FAQ - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {02F04AFA-243D-4E6A-9556-60F8D2539547}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: User Guide - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {AAD986C1-5AC0-4E83-AEA4-44E10B78FB4A}
O42 - Logiciel: WinRAR 5.00 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
~ Logic: 87 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Atheros]
[HKCU\Software\Bitcasa]
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Google]
[HKCU\Software\InstalledThirdPartyPrograms]
[HKCU\Software\Intel]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Norton]
[HKCU\Software\Policies]
[HKCU\Software\PopCap] =>Adware.PopCap
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Samsung]
[HKCU\Software\Software]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\mozilla]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Airplane]
[HKLM\Software\Atheros]
[HKLM\Software\Bitcasa]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\EldoS]
[HKLM\Software\InstalledOptions]
[HKLM\Software\InstalledThirdPartyPrograms]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Samsung]
[HKLM\Software\SonicFocus]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\VsMntNtf]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Dell]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PopCap] =>Adware.PopCap
[HKLM\Software\Wow6432Node\Qualcomm Atheros]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Samsung Electronics CO., LTD.]
[HKLM\Software\Wow6432Node\Samsung]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Sonic]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\VsMntNtf]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node]
~ Key Software: 138 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/04/2013 - 14:58:10 - [1566,834] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 22/04/2013 - 14:27:20 - [83,870] ----D C:\Program Files (x86)\Bluetooth Suite
O43 - CFD: 29/09/2013 - 13:19:54 - [1,791] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 26/09/2013 - 22:22:09 - [340,211] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 22/04/2013 - 14:34:29 - [177,272] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 25/09/2013 - 21:04:32 - [289,973] ----D C:\Program Files (x86)\Google
O43 - CFD: 28/09/2013 - 00:17:54 - [73,678] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 22/04/2013 - 14:44:33 - [298,684] ----D C:\Program Files (x86)\Intel
O43 - CFD: 29/09/2013 - 15:47:51 - [4,908] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 26/09/2013 - 22:31:51 - [32,959] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 22/04/2013 - 14:53:22 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 26/07/2012 - 09:12:59 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 26/09/2013 - 22:24:34 - [0] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 07/08/2012 - 13:22:54 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 26/09/2013 - 22:31:40 - [26,527] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 29/09/2013 - 16:15:18 - [27,194] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 22/04/2013 - 14:31:11 - [358,757] ----D C:\Program Files (x86)\Norton Internet Security
O43 - CFD: 22/04/2013 - 14:50:00 - [20,116] ----D C:\Program Files (x86)\Norton Online Backup ARA
O43 - CFD: 22/04/2013 - 14:49:53 - [51,408] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 22/04/2013 - 14:50:55 - [51,331] ----D C:\Program Files (x86)\PopCap Games =>Adware.PopCap
O43 - CFD: 22/04/2013 - 12:04:32 - [0,036] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 28/09/2013 - 00:45:31 - [2,739] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 07/08/2012 - 13:22:54 - [39,319] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 29/09/2013 - 16:13:36 - [0,013] ----D C:\Program Files (x86)\SaltarSmart
O43 - CFD: 22/04/2013 - 14:44:08 - [685,949] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 29/09/2013 - 13:09:23 - [5,214] ----D C:\Program Files (x86)\Software
O43 - CFD: 22/04/2013 - 14:50:09 - [8,374] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 22/04/2013 - 15:05:36 - [2,446] ----D C:\Program Files (x86)\SymSilent
O43 - CFD: 28/09/2013 - 00:18:05 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 24/09/2013 - 11:59:34 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 28/09/2013 - 00:05:02 - [6,523] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 29/09/2013 - 15:37:00 - [1,216] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 22/04/2013 - 14:53:21 - [97,600] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 22/04/2013 - 11:57:13 - [7,000] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 22/04/2013 - 12:29:47 - [3,719] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 09:12:59 - [7,635] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 29/09/2013 - 15:39:54 - [5,356] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 09:13:01 - [0,209] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 09:12:59 - [0] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 29/09/2013 - 13:11:50 - [4,593] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 29/09/2013 - 22:14:00 - [16,935] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 22/04/2013 - 15:01:39 - [281,337] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 22/04/2013 - 14:28:16 - [0,071] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 22/04/2013 - 12:01:07 - [1,943] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/09/2013 - 22:31:55 - [40,357] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 22/04/2013 - 11:59:49 - [0,187] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 22/04/2013 - 14:56:29 - [4,502] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 22/04/2013 - 14:30:30 - [0,650] ----D C:\Program Files (x86)\Common Files\QCA_Bluetooth
O43 - CFD: 26/07/2012 - 09:13:01 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 22/04/2013 - 14:56:29 - [0,301] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 26/09/2013 - 22:22:09 - [0,596] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 22/04/2013 - 11:57:13 - [10,264] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 22/04/2013 - 14:52:16 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 27/09/2013 - 21:31:22 - [1181,592] ----D C:\ProgramData\Adobe
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 24/09/2013 - 12:02:09 - [0] ----D C:\ProgramData\Atheros
O43 - CFD: 28/09/2013 - 01:17:06 - [0] ----D C:\ProgramData\AVAST Software
O43 - CFD: 29/09/2013 - 13:09:22 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 28/09/2013 - 00:47:06 - [0,040] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 29/09/2013 - 13:19:54 - [0,169] ----D C:\ProgramData\BoxUpdChk
O43 - CFD: 22/04/2013 - 12:36:08 - [0,782] ----D C:\ProgramData\ColorMode
O43 - CFD: 22/04/2013 - 14:36:26 - [0,003] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 22/04/2013 - 14:45:20 - [2,323] ----D C:\ProgramData\Intel
O43 - CFD: 27/09/2013 - 23:00:18 - [-1158,281] -S--D C:\ProgramData\Microsoft
O43 - CFD: 24/09/2013 - 12:00:32 - [449,801] ----D C:\ProgramData\Norton
O43 - CFD: 22/04/2013 - 14:31:02 - [18,065] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 24/09/2013 - 12:11:29 - [32,479] ----D C:\ProgramData\PopCap Games =>Adware.PopCap
O43 - CFD: 29/09/2013 - 21:58:14 - [1,620] ----D C:\ProgramData\PRICache
O43 - CFD: 22/04/2013 - 12:04:08 - [0,021] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 22/04/2013 - 11:23:24 - [0,001] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 19/06/2013 - 17:39:36 - [351,343] ----D C:\ProgramData\Samsung
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 22/04/2013 - 14:50:08 - [0,005] ----D C:\ProgramData\Symantec
O43 - CFD: 24/09/2013 - 11:59:34 - [0,002] ----D C:\ProgramData\Synaptics
O43 - CFD: 24/09/2013 - 21:51:49 - [0] ----D C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 08:22:08 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 29/09/2013 - 12:11:01 - [336,536] ----D C:\ProgramData\WinClon
O43 - CFD: 25/09/2013 - 21:11:48 - [0,075] ----D C:\Users\Antoine H\AppData\Roaming\Adobe
O43 - CFD: 24/09/2013 - 12:01:46 - [0] ----D C:\Users\Antoine H\AppData\Roaming\Atheros
O43 - CFD: 24/09/2013 - 12:57:46 - [0,001] ----D C:\Users\Antoine H\AppData\Roaming\Macromedia
O43 - CFD: 26/09/2013 - 16:51:51 - [0,807] -S--D C:\Users\Antoine H\AppData\Roaming\Microsoft
O43 - CFD: 24/09/2013 - 11:59:01 - [0] ----D C:\Users\Antoine H\AppData\Roaming\Synaptics
O43 - CFD: 29/09/2013 - 22:05:45 - [0] ----D C:\Users\Antoine H\AppData\Roaming\WinRAR
O43 - CFD: 29/09/2013 - 22:14:34 - [11,574] ----D C:\Users\Antoine H\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 25/09/2013 - 21:11:48 - [14,996] ----D C:\Users\Antoine H\AppData\Local\Adobe
O43 - CFD: 24/09/2013 - 11:58:21 - [0] -SH-D C:\Users\Antoine H\AppData\Local\Application Data
O43 - CFD: 25/09/2013 - 20:55:18 - [1,579] ----D C:\Users\Antoine H\AppData\Local\Apps
O43 - CFD: 26/09/2013 - 22:25:08 - [0,121] ----D C:\Users\Antoine H\AppData\Local\avgchrome
O43 - CFD: 29/09/2013 - 13:09:25 - [0,345] ----D C:\Users\Antoine H\AppData\Local\Babylon =>Toolbar.Babylon
O43 - CFD: 24/09/2013 - 20:49:15 - [0] ----D C:\Users\Antoine H\AppData\Local\bitcasa
O43 - CFD: 24/09/2013 - 12:02:13 - [0] ----D C:\Users\Antoine H\AppData\Local\BMExplorer
O43 - CFD: 28/09/2013 - 15:57:50 - [8,723] ----D C:\Users\Antoine H\AppData\Local\CrashDumps
O43 - CFD: 25/09/2013 - 20:56:00 - [0] ----D C:\Users\Antoine H\AppData\Local\Deployment
O43 - CFD: 24/09/2013 - 20:48:23 - [0,459] ----D C:\Users\Antoine H\AppData\Local\Diagnostics
O43 - CFD: 25/09/2013 - 21:04:46 - [120,214] ----D C:\Users\Antoine H\AppData\Local\Google
O43 - CFD: 24/09/2013 - 11:58:21 - [0] -SH-D C:\Users\Antoine H\AppData\Local\Historique
O43 - CFD: 29/09/2013 - 13:10:52 - [2,212] ----D C:\Users\Antoine H\AppData\Local\Lollipop =>Adware.Lollipop
O43 - CFD: 28/09/2013 - 14:05:23 - [252,847] ----D C:\Users\Antoine H\AppData\Local\Microsoft
O43 - CFD: 29/09/2013 - 21:58:20 - [135,585] ----D C:\Users\Antoine H\AppData\Local\Packages
O43 - CFD: 26/09/2013 - 23:09:34 - [0] ----D C:\Users\Antoine H\AppData\Local\Programs
O43 - CFD: 24/09/2013 - 12:00:58 - [0] ----D C:\Users\Antoine H\AppData\Local\Samsung
O43 - CFD: 29/09/2013 - 13:09:23 - [0] ----D C:\Users\Antoine H\AppData\Local\Software
O43 - CFD: 29/09/2013 - 22:14:01 - [39,396] ----D C:\Users\Antoine H\AppData\Local\Temp
O43 - CFD: 24/09/2013 - 11:58:21 - [0] -SH-D C:\Users\Antoine H\AppData\Local\Temporary Internet Files
O43 - CFD: 24/09/2013 - 11:58:57 - [0] ----D C:\Users\Antoine H\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 09:13:00 - [0,004] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 09:13:00 - [0,001] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 29/09/2013 - 21:58:44 - [0] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/07/2012 - 09:13:00 - [0] ----D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 29/09/2013 - 13:19:35 - [0,002] ----D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 28/09/2013 - 00:05:04 - [0,005] ----D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 29/09/2013 - 21:58:44 - [0,001] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 09:13:00 - [0,005] R---D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 29/09/2013 - 13:11:53 - [0,004] ----D C:\Users\Antoine H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 117 Scanned in 00mn 39s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.791DA98CC64D907EC7E58D670F2909A7] - 29/09/2013 - 22:11:51 ---A- . (...) -- C:\Windows\WindowsUpdate.log [2012938]
O44 - LFC:[MD5.5409059014793D6039270E760A552633] - 29/09/2013 - 21:57:10 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.1F72ED1BC9C97CE2914D8D7CC780B57E] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [3624158]
O44 - LFC:[MD5.40E53FDB9A18E00FFCED1EAC827DFBD6] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\SysNative\perfc007.dat [155360]
O44 - LFC:[MD5.6112AD483F3B8EB0BBF4180E72557E3F] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [132614]
O44 - LFC:[MD5.AAD97C2035BCB8847E808E6ED3A4FCEE] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [155650]
O44 - LFC:[MD5.C6D6698B5F5A99B8FBF89D838E46755A] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\SysNative\perfc010.dat [152608]
O44 - LFC:[MD5.7CAE23C58ED98F60D550FB2BE5D598F2] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\SysNative\perfh007.dat [741800]
O44 - LFC:[MD5.AC7F07AEA252F2954C1A01AB35758053] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [710244]
O44 - LFC:[MD5.663802563B7A0F044D034F1193E32EBE] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [800978]
O44 - LFC:[MD5.6D6AEF1D7422512B5ACB3D3BB2510878] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\SysNative\perfh010.dat [780976]
O44 - LFC:[MD5.1F72ED1BC9C97CE2914D8D7CC780B57E] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [3624158]
O44 - LFC:[MD5.40E53FDB9A18E00FFCED1EAC827DFBD6] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\System32\perfc007.dat [155360]
O44 - LFC:[MD5.6112AD483F3B8EB0BBF4180E72557E3F] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132614]
O44 - LFC:[MD5.AAD97C2035BCB8847E808E6ED3A4FCEE] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155650]
O44 - LFC:[MD5.C6D6698B5F5A99B8FBF89D838E46755A] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\System32\perfc010.dat [152608]
O44 - LFC:[MD5.7CAE23C58ED98F60D550FB2BE5D598F2] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\System32\perfh007.dat [741800]
O44 - LFC:[MD5.AC7F07AEA252F2954C1A01AB35758053] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710244]
O44 - LFC:[MD5.663802563B7A0F044D034F1193E32EBE] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [800978]
O44 - LFC:[MD5.6D6AEF1D7422512B5ACB3D3BB2510878] - 29/09/2013 - 16:22:11 ---A- . (...) -- C:\Windows\System32\perfh010.dat [780976]
O44 - LFC:[MD5.9B2F199473E6860F4B62B84FCC988818] - 29/09/2013 - 16:17:25 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [3293584]
O44 - LFC:[MD5.9B2F199473E6860F4B62B84FCC988818] - 29/09/2013 - 16:17:25 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [3293584]
O44 - LFC:[MD5.C2D2BB7C6199BD39E3261ABAE01F8B44] - 29/09/2013 - 16:13:36 ---A- . (...) -- C:\Windows\PFRO.log [22854]
O44 - LFC:[MD5.3DA43F1C05B62945A33EC3153327EE77] - 28/09/2013 - 20:10:56 ---A- . (...) -- C:\Windows\System32\Drivers\SYMEVENT64x86.CAT [7631]
O44 - LFC:[MD5.9D9C047446821A064AE1A5C4AED636FA] - 28/09/2013 - 20:10:56 ---A- . (...) -- C:\Windows\System32\Drivers\SYMEVENT64x86.INF [854]
O44 - LFC:[MD5.F19E5E37ED8134B9E5F6287F2D3A75D7] - 28/09/2013 - 20:10:56 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\System32\Drivers\SYMEVENT64x86.SYS [177312]
O44 - LFC:[MD5.061A977C920FBE4BF71FF47C966DDDCA] - 28/09/2013 - 13:47:00 ---A- . (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\SysNative\sppsvc.exe [4917760]
O44 - LFC:[MD5.061A977C920FBE4BF71FF47C966DDDCA] - 28/09/2013 - 13:47:00 ---A- . (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\System32\sppsvc.exe [4917760]
O44 - LFC:[MD5.9DEC60D4783377097014DFCCA31E69F8] - 28/09/2013 - 13:46:59 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\SysNative\wuaueng.dll [3275776]
O44 - LFC:[MD5.9DEC60D4783377097014DFCCA31E69F8] - 28/09/2013 - 13:46:59 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [3275776]
O44 - LFC:[MD5.4DD390AE1E1AD7EE02EFBB40FFBFE353] - 28/09/2013 - 13:46:58 ---A- . (.Microsoft Corporation - Mise en oeuvre de l'interface utilisateur de.) -- C:\Windows\SysNative\NotificationUI.exe [209200]
O44 - LFC:[MD5.4DD390AE1E1AD7EE02EFBB40FFBFE353] - 28/09/2013 - 13:46:58 ---A- . (.Microsoft Corporation - Mise en oeuvre de l'interface utilisateur de.) -- C:\Windows\System32\NotificationUI.exe [209200]
O44 - LFC:[MD5.D4D04839F3DFAF09D94BAB1016F7A297] - 28/09/2013 - 13:46:58 ---A- . (.Microsoft Corporation - Service du Windows Store.) -- C:\Windows\SysNative\WSService.dll [2371728]
O44 - LFC:[MD5.D4D04839F3DFAF09D94BAB1016F7A297] - 28/09/2013 - 13:46:58 ---A- . (.Microsoft Corporation - Service du Windows Store.) -- C:\Windows\System32\WSService.dll [2371728]
O44 - LFC:[MD5.C80BE09E09CBD2D85D95C96CD9EA839B] - 28/09/2013 - 13:46:57 ---A- . (.Microsoft Corporation - Software Protection Platform Plugins.) -- C:\Windows\SysNative\sppobjs.dll [1164288]
O44 - LFC:[MD5.C80BE09E09CBD2D85D95C96CD9EA839B] - 28/09/2013 - 13:46:57 ---A- . (.Microsoft Corporation - Software Protection Platform Plugins.) -- C:\Windows\System32\sppobjs.dll [1164288]
O44 - LFC:[MD5.8C5DEF64385DD9B15792CECF05A88D79] - 28/09/2013 - 13:46:56 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\SysNative\wuapi.dll [773120]
O44 - LFC:[MD5.8C5DEF64385DD9B15792CECF05A88D79] - 28/09/2013 - 13:46:56 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll [773120]
O44 - LFC:[MD5.C34DDB3F1082D40B9795AB7013C6E8B3] - 28/09/2013 - 13:46:56 ---A- . (.Microsoft Corporation - DLL WSShared.) -- C:\Windows\SysNative\WSShared.dll [688640]
O44 - LFC:[MD5.C34DDB3F1082D40B9795AB7013C6E8B3] - 28/09/2013 - 13:46:56 ---A- . (.Microsoft Corporation - DLL WSShared.) -- C:\Windows\System32\WSShared.dll [688640]
O44 - LFC:[MD5.0F33B2A36E50793A08C86A0DBFFD60D5] - 28/09/2013 - 13:46:56 ---A- . (.Microsoft Corporation - Windows Setup UI.) -- C:\Windows\SysNative\WinSetupUI.dll [105984]
O44 - LFC:[MD5.0F33B2A36E50793A08C86A0DBFFD60D5] - 28/09/2013 - 13:46:56 ---A- . (.Microsoft Corporation - Windows Setup UI.) -- C:\Windows\System32\WinSetupUI.dll [105984]
O44 - LFC:[MD5.C121D6818C4FD2B8572F3409D4FF556F] - 28/09/2013 - 13:46:55 ---A- . (.Microsoft Corporation - Dll de client de gestion de licences du log.) -- C:\Windows\SysNative\sppc.dll [120320]
O44 - LFC:[MD5.C121D6818C4FD2B8572F3409D4FF556F] - 28/09/2013 - 13:46:55 ---A- . (.Microsoft Corporation - Dll de client de gestion de licences du log.) -- C:\Windows\System32\sppc.dll [120320]
O44 - LFC:[MD5.20FAFBD28EC1128955308E7ABA5E765A] - 28/09/2013 - 13:46:55 ---A- . (.Microsoft Corporation - Software Protection Platform Windows Plugin.) -- C:\Windows\
Ajouter un commentaire
Réponse
+0
moins plus
Il y a plus de mauvais éléments dans ce rapport que dans le premier que tu m'as donné.

Repasse un coup d'AdwCleaner.

Puis fais un scan avec Malwarebytes' Anti-Malware, supprime tout ce qu'il trouve (Supprimer la sélection) et poste le rapport.

http://www.malekal.com/2010/11/12/tutorial-malwarebyte-anti-malware/
Ajouter un commentaire
Ce document intitulé «  Rempli de virus ! :/  » issu de CommentCaMarche (www.commentcamarche.net) est mis à disposition sous les termes de la licence Creative Commons. Vous pouvez copier, modifier des copies de cette page, dans les conditions fixées par la licence, tant que cette note apparaît clairement.

Vous n'êtes pas encore membre ?

inscrivez-vous, c'est gratuit et ça prend moins d'une minute !

Les membres obtiennent plus de réponses que les utilisateurs anonymes.

Le fait d'être membre vous permet d'avoir un suivi détaillé de vos demandes.

Le fait d'être membre vous permet d'avoir des options supplémentaires.