> Tous les forums > Forum Windows 7
 Nettoyage de fondSujet résolu
Ajouter un message à la discussion
Pages : [1] 2 3 4 ... Fin
Page 1 sur 4 [Fin]
lemelomane
  Posté le 28/10/2014 @ 19:21 
Aller en bas de la page 
Petit astucien

Bonsoir !

Depuis quelques temps je vois Windows Installer tenter d'installer "Media Gallery".

Parfois il semble réussir et disparaît mais régulièrement il recommence et là il attend un chemin que je ne peux lui donner.

Il s'en suit que probablement l'installation n'est pas terminée.

Je ne me sers pas de Media Gallery mais ne peux le désinstaller car il m'est dit que l'installation n'est pas terminée.

On se mord la queue.

En outre je ne peux plus faire les mises à jour de Java ni Adobe Reader car il m'est dit qu'une installation est en cours.

Voilà donc mon souci et je suis sûr que nos maîtres sauront le résoudre.

Merci de votre attention.

Publicité
eliot3
 Posté le 29/10/2014 à 10:31 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien
lemelomane
 Posté le 29/10/2014 à 19:41 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Merci ELiot3 !

je vais essayer et te tiens au courant.

lemelomane
 Posté le 30/10/2014 à 15:18 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour me revoilà !

Je ne suis pas sûr que le résultat soit très bon.

Je ne comprends pas toujours l'anglais technique.

Je suis allé dans le volet "Repair" et j'ai choisi la ligne concernant MSI Windows Installer.

J'ai décoché les autres.

La réparation faite j'ai redémarré et aussitôt Skype m'a proposé sa mise à jour qui a fonctionné alors qu'avant il m'était dit qu'une autre installation était en cours etc...

Par contre la mise à jour de "Media Gallery" elle ne va toujours pas.

J'attends la mise à jour de Java et d'Adobe Reader qui ne se faisaient pas non plus.

Voici 2 captures d'écran concernant L'échec de la mise à jour de "Media Gallery" .

Windows Installer -Media Gallery 1

Windows Installer -Media Gallery 2

Merci de votre attention.

lemelomane
 Posté le 01/11/2014 à 10:30 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour !

Bon le problème ne semble pas réglé.

J'ai pu installé Skype mais ce matin pour Adobe Reader il m'est encore dit qu'une autre installation est en cours. (???)

Je n'ai pas vu réapparaître Windows Installer pour Media Gallery.

Qu'est-ce qui bloque Media Gallery ouAdobe Reader ?

Je n'ai plus de nouvelles d'Eliot3 depuis 2 jours.

J'espère.....

eliot3
 Posté le 03/11/2014 à 14:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour,

Le soft proposé était pour réparer Windows mais quel message d'erreur ?

Est ce ça dont tu parles ???

lemelomane
 Posté le 03/11/2014 à 18:44 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonsoir !

Apparemment Media Gallery ne pose plus de problème.

Par contre la mise à jour d'Adobe Reader ne peut s'installer car il m'est dit "qu'une autre installation est en cours etc...".

Je suppose que ce doit être une installation d'Adobe Reader qui perturbe.

Que faire ?

Merci de ton attention.

eliot3
 Posté le 03/11/2014 à 19:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Re

Supprimes Adobe Reader et télécharges la dernière version.

N'oublies pas de décocher McAfee.

lemelomane
 Posté le 03/11/2014 à 19:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonsoir !

Merci du conseil.

En effet j'ai déjà été tenté de le faire. (pour MCAfee c'est ce que je fait toujours).

A plus !

Publicité
lemelomane
 Posté le 03/11/2014 à 20:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Désolé l'installation ne veut pas se faire.

Windows Installer

On se mord la queue....

J'espère !

eliot3
 Posté le 03/11/2014 à 20:22 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Vides tes caches de ton navigateur, passes ccleaner, relances le pc et essaies l'install

@ demain

lemelomane
 Posté le 03/11/2014 à 20:26 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Ok !

J'ai aussi refait un essai avec Tweaking.com - Windows Repair (All in One).

Je lance Ccleaner et je reviens si je peux...

lemelomane
 Posté le 03/11/2014 à 20:48 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Heu ! j'ai oublié comment on vide les caches.

Désolé.



Modifié par lemelomane le 03/11/2014 20:50
eliot3
 Posté le 04/11/2014 à 08:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Bonjour,

Sous firefox supprimer l'historisque

Sous IE Options supprimer l'historique

Et ccleaner Nettoyage te supprimera les caches.

lemelomane
 Posté le 04/11/2014 à 10:34 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour !

Excuse-moi, je ne suis pas un lève-tôt.

Bon, tout est à reprendre car ce matin ceci est réapparu.

Windows Installer 1

Je vais donc dès que possible utiliser le lien que tu m'as fourni pour essayer de réinstaller Media Gallery.

Merci de ton attention et de ta patience.

lemelomane
 Posté le 04/11/2014 à 11:55 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bon la galère continue.

J'ai téléchargé Media Gallery et lancé l'installation mais "le processus s'est arrêté" pendant la suppression des versions précédentes.

J'ai réessayé sans plus de succès.

Il semble donc bien y avoir un souci avec Média Gallery.

La balle est dans ton camp.

eliot3
 Posté le 04/11/2014 à 12:06 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

1- Panneau de configuration

Programmes et Fonctionalités

Cliques droit sur MédiaGallery et choisis Désinstaller

2- Passes un coup de ccleaner

3- Redémarres le PC et relances l'installation par clic droit" Exécuter en tant qu'Administrateur" Media gallery doit être enregistré sur ton bureau ou dans un dossier ne l'ouvres pas par internet Faire " Enregistrer Sous ...."



Modifié par eliot3 le 04/11/2014 12:12
Publicité
lemelomane
 Posté le 04/11/2014 à 13:54 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

J'ai suivi tes instructions bien que cela ait déjà été fait.

Media Gallery refuse de se désinstaller et bien sûr l'installation a échoué.

C'est désespérant.

eliot3
 Posté le 04/11/2014 à 15:11 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

On va creuser un peu plus. Cliques dans ma signature sur "Aide au diagnostic d'1 pc infecté" et postes ces 3 rapports.

lemelomane
 Posté le 04/11/2014 à 17:15 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Je suis tes instructions à la lettre mais il semble qu'il y a des différences avec les outils actuels.

Pour Malwarebytes je pense avoir résolu le problème et peux déjà te mettre le rapport mais je ne trouve pas de bouton "Insérer un rapport" donc je le colle ici :

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 04/11/2014
Heure de l'examen: 16:28:21
Fichier journal:
Administrateur: Oui

Version: 2.00.3.1025
Base de données Malveillants: v2014.11.04.03
Base de données Rootkits: v2014.11.01.02
Licence: Gratuit
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Auto-protection: Désactivé(e)

Système d'exploitation: Windows 7
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Mic

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 343039
Temps écoulé: 15 min, 40 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Avertir
PUM: Activé(e)

Processus: 0
(Aucun élément malicieux detecté)

Modules: 0
(Aucun élément malicieux detecté)

Clés du Registre: 14
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [dae9dd5a4b31082e9993c324ee142fd1],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [dae9dd5a4b31082e9993c324ee142fd1],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64, , [249fae89e19b1a1cf4adac8e0102ee12],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [794a5cdb621a0a2c2e5cf8a65ca8f808],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, , [e2e101367ffd6ec8fa8f227ca65e956b],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\ClearThink, , [0db665d28af23501565a6835758f857b],
PUP.Optional.PlusVid.A, HKLM\SOFTWARE\WOW6432NODE\PlusVid, , [457eac8bec90c4728aaea5a6c241f60a],
PUP.Optional.FBPhotoZoom.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mpieaakhacmfleokhjcjnpcnmnmpfkid, , [3a89d265522ab77f57e92d6b57ad0cf4],
PUP.Optional.AppsHat.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Apps Hat, , [546f88aff587191d7f3dbe9d649ffd03],
PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven 1.7, , [d0f3bf78e9934ee8603057088c7739c7],
PUP.Optional.PlusVid.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PlusVid, , [12b184b323594ceadb5f91baec1740c0],
PUP.Optional.PlusVid.A, HKU\S-1-5-21-1369196964-2596515348-3145759331-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PlusVid, , [6c57e4537ffdb97d201a084309fa867a],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1369196964-2596515348-3145759331-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [18ab97a0d0acca6cd74862020df67c84],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1369196964-2596515348-3145759331-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [fbc8b681f389a69018451763ee1603fd],

Valeurs du Registre: 3
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_fr_35, , [ebd89d9a403cfd3959a7dd7456ad8080],
PUP.Optional.FBPhotoZoom.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|fbphotozoom@installdaddy.com, C:\Program Files (x86)\fbphotozoom\fbphotozoom13.xpi, , [b013d562027a6bcbc7783068b252b54b]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1369196964-2596515348-3145759331-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0Z1B1L2Z1S, , [fbc8b681f389a69018451763ee1603fd]

Données du Registre: 2
PUP.Optional.NationZoom.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://www.nationzoom.com/web/?type=ds&ts=1388185326&from=tugs&uid=SAMSUNGXHM500JI_S29MJ90Z906249&q={searchTerms}, Bon: (www.google.com/), Mauvais: (http://www.nationzoom.com/web/?type=ds&ts=1388185326&from=tugs&uid=SAMSUNGXHM500JI_S29MJ90Z906249&q={searchTerms}),,[cef50b2cacd08bab85fb1917bb4aa15f]
PUP.Optional.NationZoom.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://www.nationzoom.com/web/?type=ds&ts=1388185326&from=tugs&uid=SAMSUNGXHM500JI_S29MJ90Z906249&q={searchTerms}, Bon: (www.google.com/), Mauvais: (http://www.nationzoom.com/web/?type=ds&ts=1388185326&from=tugs&uid=SAMSUNGXHM500JI_S29MJ90Z906249&q={searchTerms}),,[0bb8a592413b48eee0a1e0504bba8d73]

Dossiers: 0
(Aucun élément malicieux detecté)

Fichiers: 16
PUP.Optional.Sambreel.A, C:\Program Files (x86)\AppEnable\AppEnable.FirstRun.exe, , [af141324a4d8b97d1867ee7e68990bf5],
PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink(21).exe, , [0db6300769134aec5fdf27903dc460a0],
PUP.Optional.InstallCore, C:\Users\Mic\AppData\Local\Temp\ICReinstall_EP0000262450.exe, , [16adbb7c5428092d60eaab107b8649b7],
PUP.ChromePasswordTool, C:\Users\Mic\AppData\Local\Temp\Rar$DR00.667\HACKV PASSE\ChromePass.exe, , [952e251290ec3bfb66320049f4112dd3],
PUP.PSW.Passview, C:\Users\Mic\AppData\Local\Temp\Rar$DR00.667\HACKV PASSE\iepv.exe, , [d2f1ad8a631938fe1851f553d33232ce],
PUP.MailPassView, C:\Users\Mic\AppData\Local\Temp\Rar$DR00.667\HACKV PASSE\mailpv.exe, , [18ab3ef9b9c3d75f611399afaa5b2cd4],
PUP.PSW.MessenPass, C:\Users\Mic\AppData\Local\Temp\Rar$DR00.667\HACKV PASSE\mspass.exe, , [863d1027c5b71b1be6842d1b8b7a35cb],
PUP.NetworkPasswordTool, C:\Users\Mic\AppData\Local\Temp\Rar$DR00.667\HACKV PASSE\netpass.exe, , [368de45384f821156d928aeac33d58a8],
PUP.PSW.PassFox, C:\Users\Mic\AppData\Local\Temp\Rar$DR00.667\HACKV PASSE\PasswordFox.exe, , [596aab8c6b11ff3783e5fc4c2ed7f50b],
PUP.Passview, C:\Users\Mic\AppData\Local\Temp\Rar$DR00.667\HACKV PASSE\pspv.exe, , [5c67c572cfad82b4a2689bef9967f30d],
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, , [edd6cd6adf9d56e0c076792b01001ce4],
PUP.Optional.ClearThink.A, C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\0vjwstx9.default\extensions\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}.xpi, , [3390ce69720a270f70aa86afea1916ea],
PUP.Optional.ClearThink.A, C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\3oxzk3id.default\extensions\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}.xpi, , [1da69a9dec903ef861b943f2a2614eb2],
PUP.Optional.ClearThink.A, C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\7amn9kh5.default\extensions\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}.xpi, , [b013bb7c413bf73f0218ca6b966d2ed2],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64.sys, , [249fae89e19b1a1cf4adac8e0102ee12],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, , [01c2c86ffe7e053106872876aa5a9070],

Secteurs physiques: 0
(Aucun élément malicieux detecté)


(end)

J'ai indiqué en vert ce que je connais pour être mon outil de recherche de mot de passe HCKV passe. (Je crois qu'on appelle cela un "Faux-positif". Non ?)

Je ne supprime rien en attendant tes instructions.

Je passe maintenant à Adwcleaner bien que je l'ai utilisé très récemment.

eliot3
 Posté le 04/11/2014 à 17:24 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

Re

C'est ce que je présumais, continue à envoyer les rapports ensuite il faudra que tu demandes à transférer ton sujet sur le forum " Sécurité"

lemelomane
 Posté le 04/11/2014 à 17:24 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Me revoilà déjà !

En relisant tes consignes je me suis dit que le rapport d'hier te serait plus utile qu'un nouveau car j'ai bien sûr "nettoyé".

Le voici donc :

# AdwCleaner v3.311 - Rapport créé le 03/11/2014 à 21:54:04
# Mis à jour le 30/09/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium (64 bits)
# Nom d'utilisateur : Mic - MICHEL-VAIO
# Exécuté depuis : C:\Users\Mic\Desktop\Maintenance\adwcleaner_3.311.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Program Files (x86)\SearchProtect
Dossier Supprimé : C:\Program Files (x86)\Video Converter
Dossier Supprimé : C:\Users\Mic\AppData\Local\SearchProtect

***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\updateKozaka_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\updateKozaka_RASMANCS

***** [ Navigateurs ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v33.0.2 (x86 fr)

[ Fichier : C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\0vjwstx9.default\prefs.js ]


[ Fichier : C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\cp85mlwx.default-1393177029873\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [3596 octets] - [10/09/2013 13:21:29]
AdwCleaner[R1].txt - [6298 octets] - [03/11/2013 21:27:29]
AdwCleaner[R2].txt - [28288 octets] - [27/12/2013 21:17:28]
AdwCleaner[R3].txt - [7714 octets] - [28/12/2013 00:31:51]
AdwCleaner[R4].txt - [11415 octets] - [28/03/2014 14:28:20]
AdwCleaner[R5].txt - [20135 octets] - [29/06/2014 11:00:21]
AdwCleaner[R6].txt - [2022 octets] - [03/11/2014 21:51:39]
AdwCleaner[S0].txt - [3590 octets] - [10/09/2013 13:24:36]
AdwCleaner[S1].txt - [4708 octets] - [03/11/2013 21:29:06]
AdwCleaner[S2].txt - [25028 octets] - [27/12/2013 21:22:25]
AdwCleaner[S3].txt - [5881 octets] - [28/12/2013 00:33:39]
AdwCleaner[S4].txt - [11408 octets] - [28/03/2014 14:30:34]
AdwCleaner[S5].txt - [19671 octets] - [29/06/2014 11:01:55]
AdwCleaner[S6].txt - [1948 octets] - [03/11/2014 21:54:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2008 octets] ##########

J'ai cru comprendre qu'il fallait attendre d'avoir supprimé ce qui doit l'être avant d'utiliser ZHPDiag.

J'attends donc.

eliot3
 Posté le 04/11/2014 à 17:27 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

zhp

lemelomane
 Posté le 04/11/2014 à 17:50 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Et bien voici le rapport du ZHPDiag :

~ Rapport de ZHPDiag v2014.11.3.157 - Nicolas Coolman (03/11/2014)
~ Lancé par Mic (04/11/2014 17:37:00)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 33.0.2 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2021
Malwarebytes Anti-Malware version 2.0.3.1025
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v4.19

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3950 MB (40% free)
System Restore: Activé (Enable)
System drive C: has 239 GB (52%) free of 452 GB

---\\ Mode de connexion au système
~ Computer Name: MICHEL-VAIO
~ User Name: Mic
~ All Users Names: Mic, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Mic\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Mic\AppData\Roaming\
~ %Desktop% : C:\Users\Mic\Desktop\
~ %Favorites% : C:\Users\Mic\Favorites\
~ %LocalAppData% : C:\Users\Mic\AppData\Local\
~ %StartMenu% : C:\Users\Mic\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 239 Go of 452 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.6A977E22D6D9077F2C9E617D89236297] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/04/2011 - 21:18:28.) -- C:\Windows\System32\wininet.dll [1197056]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 - 07:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/09/2012 - 18:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
Mes images (My Pictures) : 2/2 (Modified)
~ Mes musiques (My Musics) : 1/1792
~ Mes Videos (My Videos) : 2/285
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 3/4952
~ Mon Bureau (My Desktop) : 1/14359
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 24s



---\\ Processus lancés
[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.376]
[MD5.96A8933D2F6D731E6BA2AC4914513A2B] - (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696] [PID.5296]
[MD5.8D719B9FA96856E8E550EEAEAF23EEBE] - (.Pas de propriétaire - Orange Wifi Application.) -- C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\OrangeWifi.exe [1852880] [PID.5544]
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastui.exe [4085896] [PID.5580]
[MD5.308F2EE28005510DE616409148CF077B] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896] [PID.5628]
[MD5.59FED6AC9F4A80D566BE13A89B275E7D] - (...) -- C:\Program Files (x86)\AppEnable\bin\AppEnable.BrowserAdapter.exe [98544] [PID.4396]
[MD5.FCB358973491095D026BB289EA5CC75A] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [115712] [PID.6512]
[MD5.F89773DFA9B8C95A3AC2AF1E7D99E483] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.7132]
[MD5.BA7E0BAD9AFF2E62F10F74DFB4783986] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.6960]
[MD5.C5FD920FFCCC051D0EAF35D380999AD5] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [145520] [PID.2428]
[MD5.1944758C8663046A62CF8375533D9E31] - (.Adobe Systems, Inc. - Adobe Flash Player 15.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe [1880752] [PID.2964]
[MD5.9ED34A82F8FBF6001F127420834DD793] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8118784] [PID.6340]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1208]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [PID.1600]
[MD5.0AC13B63ABE5FC110138172A83BD96A3] - (.B.H.A Corporation - B's Recorder GOLD Service Library.) -- C:\Windows\SysWOW64\bgsvcgen.exe [118784] [PID.1636]
[MD5.1F79342D9EB530A48742F651E570983A] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176] [PID.1692]
[MD5.E4938E0A376CF0B9D989EE5C0A146891] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520] [PID.1740]
[MD5.3D23191672D83E90D1CF63927EE98136] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.1864]
[MD5.63F6D08C54D5B3C1B12A6172032055C7] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960] [PID.2056]
[MD5.A60605FC66552B421EE1F3D4EBB9A4E0] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [217968] [PID.2092]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.2684]
[MD5.1D702FFC1B8CDCF76FBCA7740CE510D8] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe [120176] [PID.3152]
[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.1912]
[MD5.9D1CCE440552500DED3A62F9D779CDB4] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [503080] [PID.5800]
[MD5.11A559E0F10CC5E788984023DF400A6F] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.2040]
[MD5.069E6302AA51595D63D397A277D86778] - (...) -- C:\Program Files (x86)\AppEnable\updateAppEnable.exe [523504] [PID.5664]
[MD5.069E6302AA51595D63D397A277D86778] - (...) -- C:\Program Files (x86)\AppEnable\bin\utilAppEnable.exe [523504] [PID.5804]
[MD5.D49BEABCCEF7BB12C209237AB744CA0B] - (...) -- C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe [123632] [PID.6184]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\0vjwstx9.default\prefs.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\0vjwstx9.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\3oxzk3id.default\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\3oxzk3id.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\7amn9kh5.default\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\7amn9kh5.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\7y31benu.default\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\7y31benu.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\cp85mlwx.default\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\cp85mlwx.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\cp85mlwx.default-1393177029873\prefs.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\cp85mlwx.default-1393177029873\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\zjx2ftv2.default-1410002873787\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\zjx2ftv2.default-1410002873787\user.js
M0 - MFSP: prefs.js [Mic - cp85mlwx.default-1393177029873] http://forum.pcastuces.com
M2 - MFEP: prefs.js [Mic - 0vjwstx9.default\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}] [] BitComet 视频下载器 v1.25 (..) =>P2P.BitComet
M2 - MFEP: Extension [Mic - 0vjwstx9.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - 0vjwstx9.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - 0vjwstx9.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - 0vjwstx9.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - 3oxzk3id.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - 3oxzk3id.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - 3oxzk3id.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - 3oxzk3id.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - 7amn9kh5.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - 7amn9kh5.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - 7amn9kh5.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - 7amn9kh5.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - 7y31benu.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - 7y31benu.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - 7y31benu.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - 7y31benu.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - cp85mlwx.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - cp85mlwx.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - cp85mlwx.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - cp85mlwx.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - cp85mlwx.default-1393177029873] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - cp85mlwx.default-1393177029873] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - cp85mlwx.default-1393177029873] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - cp85mlwx.default-1393177029873] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - zjx2ftv2.default-1410002873787] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - zjx2ftv2.default-1410002873787] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - zjx2ftv2.default-1410002873787] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - zjx2ftv2.default-1410002873787] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.23 for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 133 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15327)
~ Hosts File: Scanned in 00mn 09s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AppEnable [64Bits] - {23d4646c-263a-4e2d-a08c-6c704557973d} . (.AppEnable - AppEnable.) -- C:\Program Files (x86)\AppEnable\AppEnablebho.dll
O2 - BHO: BitComet ClickCapture [64Bits] - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} . (.BitComet - BitCometBHO.) -- C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll =>P2P.BitComet
~ BHO: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: BitComet.lnk . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
~ Global Startup: 1 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe (.not file.)
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [BitComet] . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Mic\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [SHTtray.exe] . (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Start_OrangeWifi_{9d78a505-6248-4d1b-81b6-df69655beccf}] . (.Pas de propriétaire - Orange Wifi Application.) -- C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\OrangeWifi.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_Update_{9d78a505-6248-4d1b-81b6-df69655beccf}] . (.Pas de propriétaire - Orange Updater.) -- C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\UpdteApp.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_35] Clé orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [BitComet] . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Mic\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: MaintainerSvc4.00.5030318 (MaintainerSvc4.00.5030318) . (...) - C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe
O23 - Service: Update AppEnable (Update AppEnable) . (...) - C:\Program Files (x86)\AppEnable\updateAppEnable.exe
O23 - Service: Util AppEnable (Util AppEnable) . (...) - C:\Program Files (x86)\AppEnable\bin\utilAppEnable.exe
~ Services: 22 Legitimates Filtered in 00mn 05s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{26A5A306-A592-4E60-A6AB-8F01DD50760F}] (...) -- C:\Users\Mic\AppData\Local\MediaGet2\mediaget.exe (.not file.) [0] =>PUP.MediaGet
[MD5.00000000000000000000000000000000] [APT] [{3A2BCF2D-35FD-476A-A256-EF3A54AAB34B}] (...) -- D:\autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{413966EC-093B-4369-8472-338B637B79AF}] (...) -- C:\Program Files (x86)\PlusVid\Uninstall.exe (.not file.) [0] =>PUP.PlusVid
[MD5.00000000000000000000000000000000] [APT] [{6F69E4AD-4A40-4485-A3C6-F4A294AE7495}] (...) -- C:\Windows\SysWOW64\DivXControlPanelApplet.cpl (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AC00ED74-2ACB-49ED-92C4-C266CFF5ADF4}] (...) -- C:\Users\Mic\Desktop\T‚l‚chargements Net\Ad-Aware96Install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F7552AE7-9B93-43C8-AA14-46A0DB11EB16}] (...) -- C:\Users\Mic\AppData\Local\MediaGet2\mediaget.exe (.not file.) [0] =>PUP.MediaGet
O39 - APT: Ad-Aware Update (Weekly) - (...) -- C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) [410]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
~ Scheduled Task: 38 Legitimates Filtered in 00mn 08s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: ({c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64.sys =>PUP.LinkiDoo
~ Drivers: 74 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AppEnable - (.AppEnable.) [HKLM][64Bits] -- AppEnable
O42 - Logiciel: BitComet 1.35 - (.CometNetwork.) [HKLM][64Bits] -- BitComet =>P2P.BitComet
~ Logic: 26 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppEnable]
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Mail Notifier]
[HKCU\Software\RegClean]
[HKCU\Software\Vlad]
[HKLM\Software\Wow6432Node\AppEnable]
[HKLM\Software\Wow6432Node\ClearThink] =>PUP.ClearThink
[HKLM\Software\Wow6432Node\PlusVid] =>PUP.PlusVid
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp
~ Key Software: 398 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/11/2014 - 12:20:50 - [] ----D C:\Program Files (x86)\AppEnable
O43 - CFD: 09/05/2011 - 14:45:24 - [] ----D C:\Program Files (x86)\BitComet =>P2P.BitComet
O43 - CFD: 06/09/2014 - 18:55:30 - [] ----D C:\Program Files (x86)\ClearThink =>PUP.ClearThink
O43 - CFD: 06/01/2012 - 23:30:41 - [] ----D C:\Program Files (x86)\MSWorks
O43 - CFD: 12/01/2011 - 13:54:48 - [] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 04/11/2014 - 13:29:40 - [] ----D C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009
O43 - CFD: 04/11/2014 - 16:25:45 - [] ----D C:\Users\Mic\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 04/11/2014 - 11:16:04 - [0] ----D C:\Users\Mic\AppData\Local\GGEmpire
O43 - CFD: 14/04/2014 - 09:41:01 - [] ----D C:\Users\Mic\AppData\Local\Mail Notifier
O43 - CFD: 23/09/2013 - 09:10:25 - [] ----D C:\Users\Mic\AppData\Local\SelfExtractible
~ 1130 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 1432 Legitimates Filtered in 00mn 14s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4A545393FEAC80EDEDA8F4A511689D73] - 03/11/2014 - 17:28:54 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64.sys [48776] =>PUP.LinkiDoo
O44 - LFC:[MD5.CFA4BB694ABF9CAEEECC80958CAEB91D] - 04/11/2014 - 12:28:34 ---A- . (...) -- C:\Windows\win.ini [612]
O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 30/10/2014 - 13:40:18 ---A- . (...) -- C:\Windows\tweaking.com-regbackup-MICHEL-VAIO-Microsoft-Windows 7-Édition-Familiale-Premium-(64-bit).dat [207]
~ Files: 15 Legitimates Filtered in 00mn 07s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.8C2D662C26AC7CEF35AF1F7EAAC6B7CC] - 04/11/2014 - 13:51:16 ---A- - C:\Windows\Prefetch\BITCOMET.EXE-BF4A93EC.pf =>P2P.BitComet
~ Prefetcher: 1 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 12 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:04/07/2014 - 23:51:32 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:04/07/2014 - 23:51:32 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:04/07/2014 - 23:51:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:18/07/2012 - 14:17:00 ---A- . (.Windows (R) Win 7 DDK provider - Dokan Filesystem Driver.) -- C:\Windows\System32\Drivers\dokan.sys [112296]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:13/12/2012 - 13:54:36 ---A- . (.GFI Software - GFI Boot Time Operations Driver.) -- C:\Windows\System32\Drivers\gfibto.sys [14456]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:29/04/2009 - 15:28:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [30208]
O58 - SDL:23/06/2010 - 21:02:59 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimssne64.sys [94208]
O58 - SDL:23/06/2010 - 21:03:07 ---A- . (.REDC - RICOH PCIe SD/MMC Driver.) -- C:\Windows\System32\Drivers\risdsne64.sys [78848]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:30/04/2013 - 09:51:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40616]
O58 - SDL:03/11/2014 - 17:28:54 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64.sys [48776] =>PUP.LinkiDoo
~ Drivers: 86 Legitimates Filtered in 00mn 03s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 03/11/2014 - 17:38:49 ---A- . (...) -- C:\Users\Mic\Desktop\Maintenance\adwcleaner_3.311.exe [1375089]
O61 - LFC: 04/11/2014 - 17:38:49 ---A- . (...) -- C:\Users\Mic\Desktop\Téléchargements Net\EP0000262450.exe [768400]
O61 - LFC: 30/10/2014 - 17:38:53 ---A- . (...) -- C:\Users\Mic\Downloads\outils de Téléchargements\Maintenance\tweaking.com_windows_repair_aio_setup.exe [9811720]
~ 82 Fichiers temporaires (Temporary files)
~ 4 Fichiers cookies (Cookies files)
~ Files: 15 Legitimates Filtered in 00mn 19s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 04/07/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 13/12/2012 - C:\Windows\System32\drivers\gfibto.sys (gfibto) .(.GFI Software - GFI Boot Time Operations Driver.) - LEGACY_GFIBTO
O64 - Services: CurCS - 03/11/2014 - C:\Windows\System32\drivers\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64.sys ({c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64) .(.StdLib - StdLib.) - LEGACY_{C09B0D5F-CACD-4100-8ADB-F6C4AE8613E3}GW64 =>PUP.LinkiDoo
~ Legacy: 97 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Mic - 0vjwstx9.default] user_pref("avg.install.newtab", true);
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {2D8F2D6F-1A35-4D15-BFF0-335242906448} - (Shopping.com) - http://fr.shopping.com
O69 - SBI: SearchScopes [HKCU] {53BFC305-D695-48BC-AFFD-CDD4A2717611} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {7756ECB5-964C-4D66-96FB-05942258AB94} - (Zinio) - http://services.zinio.com
O69 - SBI: SearchScopes [HKCU] {B2A549E0-7090-4A6F-8875-0AAD8EBD0EE4} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
O69 - SBI: SearchScopes [HKCU] {F4148D59-F336-4E9A-9F83-71C4B32335D1} - (Live Search) - http://search.live.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:\Users\Mic\Documents\Espagnol\Berlitz\keygen.rar =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\Conversion\Snagit\Snagit 8\keygen.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEnc 4.0 XPress\CRACK\Cracked\TMPGEnc4XP.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEnc 4.0 XPress\CRACK\Cracked\TMPGEnc4XPBatch.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEncXpress4-DVDAuthor3+divxauthoring(retail)-OO\TMPGEnc 4.0 XPress\CRACK\Cracked\TMPGEnc4XP.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEncXpress4-DVDAuthor3+divxauthoring(retail)-OO\TMPGEnc 4.0 XPress\CRACK\Cracked\TMPGEnc4XPBatch.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEncXpress4-DVDAuthor3+divxauthoring(retail)-OO\TMPGEnc DVD Author 3 with DivX Authoring\CRACK\Cracked\TMPGEncDVDAuthor3.exe =>.Crack,Keygen
~ Files: Scanned in 00mn 33s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.7A8C8C537A2D2D97E775E6ED1B01FD17] [SPRF][10/01/2011] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF][09/12/2011] (...) -- C:\Users\Mic\AppData\Roaming\inst.exe [99384]
[MD5.AB29AD19FC4BCC0F34864B7AB03CDEEB] [SPRF][04/11/2014] (...) -- C:\Users\Mic\AppData\Roaming\wklnhst.dat [3910]
[MD5.E6A780D53DB0BAB46BFB1DA09E2CCC41] [SPRF][07/01/1999] (.vince - Pas de description.) -- C:\Users\Mic\Desktop\LOUVRE1.exe [544768]
~ Files: 8 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{481FCF30-0E68-4F49-AEAF-C89F396FA3F1}" | In - Private - P6 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
O87 - FAEL: "{BA2816A3-E32D-452D-875E-05DDE7B543F2}" | In - Private - P17 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
O87 - FAEL: "TCP Query User{891FA4F9-74C5-4A4E-B0BB-B8ED6509FBFE}C:\program files (x86)\bitcomet\bitcomet.exe" | In - Public - P6 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet.exe =>P2P.BitComet
O87 - FAEL: "UDP Query User{EE46C225-6A8B-47FE-B69D-CD125F43A87A}C:\program files (x86)\bitcomet\bitcomet.exe" | In - Public - P17 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet.exe =>P2P.BitComet
O87 - FAEL: "TCP Query User{70319F80-A60D-4B9A-A73A-137055401538}C:\program files (x86)\bitcomet\bitcomet_x64.exe" | In - Private - P6 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet_x64.exe =>P2P.BitComet
O87 - FAEL: "UDP Query User{ECA79767-3612-4DC3-99C9-1E6D38939D2B}C:\program files (x86)\bitcomet\bitcomet_x64.exe" | In - Private - P17 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet_x64.exe =>P2P.BitComet
O87 - FAEL: "TCP Query User{D668A80C-4C80-4BDF-B87F-8F949F2CD0E3}C:\program files (x86)\bitcomet\bitcomet_x64.exe" | In - Public - P6 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet_x64.exe =>P2P.BitComet
O87 - FAEL: "UDP Query User{D0FBE584-8CF4-4BE8-AA63-7B59A155CC39}C:\program files (x86)\bitcomet\bitcomet_x64.exe" | In - Public - P17 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet_x64.exe =>P2P.BitComet
~ Firewall: 8 Legitimates Filtered in 00mn 01s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BitComet_x64_RASAPI32 =>P2P.BitComet
HKLM\SOFTWARE\Microsoft\Tracing\BitComet_x64_RASMANCS =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\1ClickDownloader_RASAPI32 =>PUP.1ClickDownloader
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\1ClickDownloader_RASMANCS =>PUP.1ClickDownloader
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\amt_ar_qvo6_RASAPI32 =>Hijacker.Qvo6
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\amt_ar_qvo6_RASMANCS =>Hijacker.Qvo6
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Apps Hat-codedownloader_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Apps Hat-codedownloader_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AVG-Secure-Search-Update_0814tb_RASAPI32 =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AVG-Secure-Search-Update_0814tb_RASMANCS =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitComet_RASAPI32 =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitComet_RASMANCS =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitComet_stats_RASAPI32 =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitComet_stats_RASMANCS =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bizzybolt_2511-5ea0573c_RASAPI32 =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bizzybolt_2511-5ea0573c_RASMANCS =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bizzybolt_Setup_RASAPI32 =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bizzybolt_Setup_RASMANCS =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThinkSetup_RASAPI32 =>PUP.ClearThink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThinkSetup_RASMANCS =>PUP.ClearThink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThink_Setup_RASAPI32 =>PUP.ClearThink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThink_Setup_RASMANCS =>PUP.ClearThink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASAPI32 =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASMANCS =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup-NewVer_22april_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup-NewVer_22april_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentUninstall_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentUninstall_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\JumpFlipSetup_RASAPI32 =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\JumpFlipSetup_RASMANCS =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\JumpFlip_Setup_RASAPI32 =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\JumpFlip_Setup_RASMANCS =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Kozaka_Setup_RASAPI32 =>PUP.Kozaka
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Kozaka_Setup_RASMANCS =>PUP.Kozaka
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_14633_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_14633_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_14657_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_14657_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_amonetize_14633_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_amonetize_14633_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_UN_RASAPI32 =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_UN_RASMANCS =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-4_RASAPI32 =>Adware.PlusHD
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-4_RASMANCS =>Adware.PlusHD
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PlusVid-codedownloader_RASAPI32 =>PUP.PlusVid
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PlusVid-codedownloader_RASMANCS =>PUP.PlusVid
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\predm_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\predm_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QUAD Registry Cleaner_RASAPI32 =>Rogue.QUADRegistryCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QUAD Registry Cleaner_RASMANCS =>Rogue.QUADRegistryCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SaltarSmart_Setup_RASAPI32 =>PUP.SaltarSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SaltarSmart_Setup_RASMANCS =>PUP.SaltarSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SaltarSmart_tg_RASAPI32 =>PUP.SaltarSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SaltarSmart_tg_RASMANCS =>PUP.SaltarSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer1_RASAPI32 =>PUP.Linkular
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer1_RASMANCS =>PUP.Linkular
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Toolbar Cleaner uninstall_RASAPI32 =>PUP.ToolbarCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Toolbar Cleaner uninstall_RASMANCS =>PUP.ToolbarCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBizzybolt_RASAPI32 =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBizzybolt_RASMANCS =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upfst_fr_35_RASAPI32 =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upfst_fr_35_RASMANCS =>Adware.FreeSoftToday
~ BTK: 980 Legitimates Filtered in 00mn 01s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 22/10/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 28/12/2010 1296728 | (BITCOMET_HELPER_SERVICE) . (.www.BitComet.com.) - C:\Program Files (x86)\BitComet\tools\BitCometService.exe =>P2P.BitComet
SS - | Demand 03/08/2010 867080 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 18/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/11/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 20/06/2010 108400 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Auto 18/06/2010 423280 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Auto 20/06/2010 67952 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 20/01/2011 887000 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SS - | Auto 19/05/2011 549616 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 09/06/2010 384880 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 18/02/2011 99104 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SR - | Auto 04/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 08/10/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 04/07/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 07/03/2012 118784 | (bgsvcgen) . (.B.H.A Corporation.) - C:\Windows\SysWOW64\bgsvcgen.exe
SR - | Auto 08/06/2010 952096 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 28/05/2010 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/11/2014 123632 | (MaintainerSvc4.00.5030318) . (...) - C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe
SR - | Auto 04/05/2010 503080 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Demand 20/01/2011 286936 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 18/09/2008 104960 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SR - | Auto 28/05/2010 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 04/11/2014 523504 | (Update AppEnable) . (...) - C:\Program Files (x86)\AppEnable\updateAppEnable.exe
SR - | Auto 04/11/2014 523504 | (Util AppEnable) . (...) - C:\Program Files (x86)\AppEnable\bin\utilAppEnable.exe
SR - | Auto 31/05/2010 217968 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
SR - | Auto 21/06/2010 575856 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SR - | Auto 08/06/2010 836608 | (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SR - | Demand 28/02/2014 1642544 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\vuagent.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 08s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Mic at 04/11/2014 17:39:51
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Mic at 04/11/2014 17:39:53
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (03/11/2014)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 4

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] =>P2P.BitComet^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitComet] =>P2P.BitComet^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}] =>Adware.GamePlayLabs
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BitComet =>P2P.BitComet^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_35 =>Adware.FreeSoftToday^
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\0vjwstx9.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} =>P2P.BitComet^
C:\Program Files (x86)\BitComet =>P2P.BitComet^
C:\Program Files (x86)\ClearThink =>PUP.ClearThink^
C:\Users\Mic\AppData\Roaming\BitComet =>P2P.BitComet^
[HKCU\Software\BitComet] =>P2P.BitComet^
[HKLM\Software\Wow6432Node\ClearThink] =>PUP.ClearThink^
[HKLM\Software\Wow6432Node\PlusVid] =>PUP.PlusVid^
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp^
~ Additionnel Scan: 337779 Items scanned in 00mn 25s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.fr/pup-mediaget =>PUP.MediaGet
http://nicolascoolman.fr/pup-plusvid =>PUP.PlusVid
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.ClearThink
http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp
http://nicolascoolman.fr/pup-1clickdownloader =>PUP.1ClickDownloader
http://nicolascoolman.fr/hijacker-qvo6 =>Hijacker.Qvo6
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-bizzybolt =>PUP.Bizzybolt
http://nicolascoolman.fr/hijacker-22find =>Hijacker.22Find
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/pup-jumpflip =>PUP.JumpFlip
http://nicolascoolman.fr/pup-kozaka =>PUP.Kozaka
http://nicolascoolman.fr/adware-lollipop =>Adware.Lollipop
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/adware-plushd =>Adware.PlusHD
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://nicolascoolman.fr/rogue-quadregistrycleaner =>Rogue.QUADRegistryCleaner
http://nicolascoolman.fr/pup-saltarsmart =>PUP.SaltarSmart
http://www.nicolascoolman.fr/blog/ =>PUP.Linkular
http://nicolascoolman.fr/pup-toolbarcleaner =>PUP.ToolbarCleaner
http://nicolascoolman.fr/pup-specialsavings =>Adware.GamePlayLabs
http://nicolascoolman.fr/pup-esafesecurity =>PUP.eSafeSecurity
~ MSI: 26 link(s) detected in 00mn 00s



~ 2299 Legitimates filtered by white list
End of the scan (727 lines in 03mn 20s)(7)

Je n'ai pas tout examiné mais je pense que sur le démarrage il y aurait à corriger.

Je repasse ce soir. (ma bourgeoise est rentrée, alors...)

eliot3
 Posté le 04/11/2014 à 17:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Grand Maître astucien

C:\Users\Mic\Documents\Espagnol\Berlitz\keygen.rar =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\Conversion\Snagit\Snagit 8\keygen.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEnc 4.0 XPress\CRACK\Cracked\TMPGEnc4XP.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEnc 4.0 XPress\CRACK\Cracked\TMPGEnc4XPBatch.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEncXpress4-DVDAuthor3+divxauthoring(retail)-OO\TMPGEnc 4.0 XPress\CRACK\Cracked\TMPGEnc4XP.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEncXpress4-DVDAuthor3+divxauthoring(retail)-OO\TMPGEnc 4.0 XPress\CRACK\Cracked\TMPGEnc4XPBatch.exe =>.Crack,Keygen
C:\Users\Mic\Downloads\outils de Téléchargements\DVD\TMPGEncXpress4-DVDAuthor3+divxauthoring(retail)-OO\TMPGEnc DVD Author 3 with DivX Authoring\CRACK\Cracked\TMPGEncDVDAuthor3.exe =>.Crack,Keygen
~ Files: Scanned in 00mn 33s

Pas bien, si tu veux être désinfecté par un helper, il faudra supprimer tes cracks et keygens. Ensuite refaire un rapport ZHP. Ces infections expliquent en partie pourquoi tu as des soucis d'installation.

Je demande le déplacement de ton sujet.



Modifié par eliot3 le 04/11/2014 18:07
lemelomane
 Posté le 04/11/2014 à 19:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Voilà c'est fait !

Mais j'utilise ces outils depuis de nombreuses années et bien avant que mon problème apparaisse.

Bien sûr Berlitz et Snagit ne me sont plus nécessaire.

voici le nouveau rapport de ZHPdiag :

~ Rapport de ZHPDiag v2014.11.3.157 - Nicolas Coolman (03/11/2014)
~ Lancé par Mic (04/11/2014 19:43:49)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 33.0.2 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2021
Malwarebytes Anti-Malware version 2.0.3.1025
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v4.19

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3950 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 238 GB (52%) free of 452 GB

---\\ Mode de connexion au système
~ Computer Name: MICHEL-VAIO
~ User Name: Mic
~ All Users Names: Mic, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Mic\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Mic\AppData\Roaming\
~ %Desktop% : C:\Users\Mic\Desktop\
~ %Favorites% : C:\Users\Mic\Favorites\
~ %LocalAppData% : C:\Users\Mic\AppData\Local\
~ %StartMenu% : C:\Users\Mic\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 238 Go of 452 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.6A977E22D6D9077F2C9E617D89236297] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/04/2011 - 21:18:28.) -- C:\Windows\System32\wininet.dll [1197056]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 - 07:24:40.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/09/2012 - 18:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
Mes images (My Pictures) : 2/2 (Modified)
~ Mes musiques (My Musics) : 1/1792
~ Mes Videos (My Videos) : 2/285
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 3/4948
~ Mon Bureau (My Desktop) : 1/14361
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 04s



---\\ Processus lancés
[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.376]
[MD5.96A8933D2F6D731E6BA2AC4914513A2B] - (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696] [PID.5296]
[MD5.8D719B9FA96856E8E550EEAEAF23EEBE] - (.Pas de propriétaire - Orange Wifi Application.) -- C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\OrangeWifi.exe [1852880] [PID.5544]
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastui.exe [4085896] [PID.5580]
[MD5.308F2EE28005510DE616409148CF077B] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896] [PID.5628]
[MD5.59FED6AC9F4A80D566BE13A89B275E7D] - (...) -- C:\Program Files (x86)\AppEnable\bin\AppEnable.BrowserAdapter.exe [98544] [PID.4396]
[MD5.FCB358973491095D026BB289EA5CC75A] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [115712] [PID.6512]
[MD5.F89773DFA9B8C95A3AC2AF1E7D99E483] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.7132]
[MD5.9ED34A82F8FBF6001F127420834DD793] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8118784] [PID.2008]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1208]
[MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [PID.1600]
[MD5.0AC13B63ABE5FC110138172A83BD96A3] - (.B.H.A Corporation - B's Recorder GOLD Service Library.) -- C:\Windows\SysWOW64\bgsvcgen.exe [118784] [PID.1636]
[MD5.1F79342D9EB530A48742F651E570983A] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176] [PID.1692]
[MD5.E4938E0A376CF0B9D989EE5C0A146891] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520] [PID.1740]
[MD5.3D23191672D83E90D1CF63927EE98136] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.1864]
[MD5.63F6D08C54D5B3C1B12A6172032055C7] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960] [PID.2056]
[MD5.A60605FC66552B421EE1F3D4EBB9A4E0] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [217968] [PID.2092]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.2684]
[MD5.1D702FFC1B8CDCF76FBCA7740CE510D8] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe [120176] [PID.3152]
[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.1912]
[MD5.9D1CCE440552500DED3A62F9D779CDB4] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [503080] [PID.5800]
[MD5.11A559E0F10CC5E788984023DF400A6F] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.2040]
[MD5.069E6302AA51595D63D397A277D86778] - (...) -- C:\Program Files (x86)\AppEnable\updateAppEnable.exe [523504] [PID.5664]
[MD5.069E6302AA51595D63D397A277D86778] - (...) -- C:\Program Files (x86)\AppEnable\bin\utilAppEnable.exe [523504] [PID.5804]
[MD5.1C93C5EA57F38F41E86BC674AC9D0E7A] - (...) -- C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe [123632] [PID.2984]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\0vjwstx9.default\prefs.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\0vjwstx9.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\3oxzk3id.default\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\3oxzk3id.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\7amn9kh5.default\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\7amn9kh5.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\7y31benu.default\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\7y31benu.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\cp85mlwx.default\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\cp85mlwx.default\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\cp85mlwx.default-1393177029873\prefs.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\cp85mlwx.default-1393177029873\user.js
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\zjx2ftv2.default-1410002873787\prefs.js (.not file.)
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\zjx2ftv2.default-1410002873787\user.js
M0 - MFSP: prefs.js [Mic - cp85mlwx.default-1393177029873] http://forum.pcastuces.com
M2 - MFEP: prefs.js [Mic - 0vjwstx9.default\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}] [] BitComet 视频下载器 v1.25 (..) =>P2P.BitComet
M2 - MFEP: Extension [Mic - 0vjwstx9.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - 0vjwstx9.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - 0vjwstx9.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - 0vjwstx9.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - 3oxzk3id.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - 3oxzk3id.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - 3oxzk3id.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - 3oxzk3id.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - 7amn9kh5.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - 7amn9kh5.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - 7amn9kh5.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - 7amn9kh5.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - 7y31benu.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - 7y31benu.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - 7y31benu.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - 7y31benu.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - cp85mlwx.default] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - cp85mlwx.default] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - cp85mlwx.default] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - cp85mlwx.default] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - cp85mlwx.default-1393177029873] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - cp85mlwx.default-1393177029873] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - cp85mlwx.default-1393177029873] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - cp85mlwx.default-1393177029873] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
M2 - MFEP: Extension [Mic - zjx2ftv2.default-1410002873787] {c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}
M2 - MFEP: Extension [Mic - zjx2ftv2.default-1410002873787] {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}
M2 - MFEP: Extension [Mic - zjx2ftv2.default-1410002873787] {aff87fa2-a58e-4edd-b852-0a20203c1e17}
M2 - MFEP: Extension [Mic - zjx2ftv2.default-1410002873787] {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.23 for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 133 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15327)
~ Hosts File: Scanned in 00mn 09s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AppEnable [64Bits] - {23d4646c-263a-4e2d-a08c-6c704557973d} . (.AppEnable - AppEnable.) -- C:\Program Files (x86)\AppEnable\AppEnablebho.dll
O2 - BHO: BitComet ClickCapture [64Bits] - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} . (.BitComet - BitCometBHO.) -- C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll =>P2P.BitComet
~ BHO: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: BitComet.lnk . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
~ Global Startup: 1 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe (.not file.)
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [BitComet] . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Mic\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [SHTtray.exe] . (.Sony Corporation - SHTtray.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Start_OrangeWifi_{9d78a505-6248-4d1b-81b6-df69655beccf}] . (.Pas de propriétaire - Orange Wifi Application.) -- C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\OrangeWifi.exe
O4 - HKLM\..\Wow6432Node\Run: [Start_Update_{9d78a505-6248-4d1b-81b6-df69655beccf}] . (.Pas de propriétaire - Orange Updater.) -- C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\UpdteApp.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_35] Clé orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [BitComet] . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Mic\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1369196964-2596515348-3145759331-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: MaintainerSvc4.00.5030318 (MaintainerSvc4.00.5030318) . (...) - C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe
O23 - Service: Update AppEnable (Update AppEnable) . (...) - C:\Program Files (x86)\AppEnable\updateAppEnable.exe
O23 - Service: Util AppEnable (Util AppEnable) . (...) - C:\Program Files (x86)\AppEnable\bin\utilAppEnable.exe
~ Services: 22 Legitimates Filtered in 00mn 05s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{26A5A306-A592-4E60-A6AB-8F01DD50760F}] (...) -- C:\Users\Mic\AppData\Local\MediaGet2\mediaget.exe (.not file.) [0] =>PUP.MediaGet
[MD5.00000000000000000000000000000000] [APT] [{3A2BCF2D-35FD-476A-A256-EF3A54AAB34B}] (...) -- D:\autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{413966EC-093B-4369-8472-338B637B79AF}] (...) -- C:\Program Files (x86)\PlusVid\Uninstall.exe (.not file.) [0] =>PUP.PlusVid
[MD5.00000000000000000000000000000000] [APT] [{6F69E4AD-4A40-4485-A3C6-F4A294AE7495}] (...) -- C:\Windows\SysWOW64\DivXControlPanelApplet.cpl (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AC00ED74-2ACB-49ED-92C4-C266CFF5ADF4}] (...) -- C:\Users\Mic\Desktop\T‚l‚chargements Net\Ad-Aware96Install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F7552AE7-9B93-43C8-AA14-46A0DB11EB16}] (...) -- C:\Users\Mic\AppData\Local\MediaGet2\mediaget.exe (.not file.) [0] =>PUP.MediaGet
O39 - APT: Ad-Aware Update (Weekly) - (...) -- C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) [410]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
~ Scheduled Task: 38 Legitimates Filtered in 00mn 04s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: ({c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64.sys =>PUP.LinkiDoo
~ Drivers: 74 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AppEnable - (.AppEnable.) [HKLM][64Bits] -- AppEnable
O42 - Logiciel: BitComet 1.35 - (.CometNetwork.) [HKLM][64Bits] -- BitComet =>P2P.BitComet
~ Logic: 26 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppEnable]
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Mail Notifier]
[HKCU\Software\RegClean]
[HKCU\Software\Vlad]
[HKLM\Software\Wow6432Node\AppEnable]
[HKLM\Software\Wow6432Node\ClearThink] =>PUP.ClearThink
[HKLM\Software\Wow6432Node\PlusVid] =>PUP.PlusVid
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp
~ Key Software: 398 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/11/2014 - 12:20:50 - [] ----D C:\Program Files (x86)\AppEnable
O43 - CFD: 09/05/2011 - 14:45:24 - [] ----D C:\Program Files (x86)\BitComet =>P2P.BitComet
O43 - CFD: 06/09/2014 - 18:55:30 - [] ----D C:\Program Files (x86)\ClearThink =>PUP.ClearThink
O43 - CFD: 06/01/2012 - 23:30:41 - [] ----D C:\Program Files (x86)\MSWorks
O43 - CFD: 12/01/2011 - 13:54:48 - [] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 04/11/2014 - 19:00:53 - [] ----D C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009
O43 - CFD: 04/11/2014 - 19:43:08 - [] ----D C:\Users\Mic\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 04/11/2014 - 11:16:04 - [0] ----D C:\Users\Mic\AppData\Local\GGEmpire
O43 - CFD: 14/04/2014 - 09:41:01 - [] ----D C:\Users\Mic\AppData\Local\Mail Notifier
O43 - CFD: 23/09/2013 - 09:10:25 - [] ----D C:\Users\Mic\AppData\Local\SelfExtractible
~ 1130 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 1432 Legitimates Filtered in 00mn 14s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4A545393FEAC80EDEDA8F4A511689D73] - 03/11/2014 - 17:28:54 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64.sys [48776] =>PUP.LinkiDoo
O44 - LFC:[MD5.CFA4BB694ABF9CAEEECC80958CAEB91D] - 04/11/2014 - 12:28:34 ---A- . (...) -- C:\Windows\win.ini [612]
O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 30/10/2014 - 13:40:18 ---A- . (...) -- C:\Windows\tweaking.com-regbackup-MICHEL-VAIO-Microsoft-Windows 7-Édition-Familiale-Premium-(64-bit).dat [207]
~ Files: 16 Legitimates Filtered in 00mn 07s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 12 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:04/07/2014 - 23:51:32 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:04/07/2014 - 23:51:32 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:04/07/2014 - 23:51:33 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:18/07/2012 - 14:17:00 ---A- . (.Windows (R) Win 7 DDK provider - Dokan Filesystem Driver.) -- C:\Windows\System32\Drivers\dokan.sys [112296]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:13/12/2012 - 13:54:36 ---A- . (.GFI Software - GFI Boot Time Operations Driver.) -- C:\Windows\System32\Drivers\gfibto.sys [14456]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:29/04/2009 - 15:28:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [30208]
O58 - SDL:23/06/2010 - 21:02:59 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimssne64.sys [94208]
O58 - SDL:23/06/2010 - 21:03:07 ---A- . (.REDC - RICOH PCIe SD/MMC Driver.) -- C:\Windows\System32\Drivers\risdsne64.sys [78848]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:30/04/2013 - 09:51:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40616]
O58 - SDL:03/11/2014 - 17:28:54 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64.sys [48776] =>PUP.LinkiDoo
~ Drivers: 86 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 03/11/2014 - 19:44:52 ---A- . (...) -- C:\Users\Mic\Desktop\Maintenance\adwcleaner_3.311.exe [1375089]
O61 - LFC: 04/11/2014 - 19:44:52 ---A- . (...) -- C:\Users\Mic\Desktop\Téléchargements Net\EP0000262450.exe [768400]
O61 - LFC: 30/10/2014 - 19:44:52 ---A- . (...) -- C:\Users\Mic\Downloads\outils de Téléchargements\Maintenance\tweaking.com_windows_repair_aio_setup.exe [9811720]
~ 87 Fichiers temporaires (Temporary files)
~ 4 Fichiers cookies (Cookies files)
~ Files: 15 Legitimates Filtered in 00mn 03s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 04/07/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 13/12/2012 - C:\Windows\System32\drivers\gfibto.sys (gfibto) .(.GFI Software - GFI Boot Time Operations Driver.) - LEGACY_GFIBTO
O64 - Services: CurCS - 03/11/2014 - C:\Windows\System32\drivers\{c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64.sys ({c09b0d5f-cacd-4100-8adb-f6c4ae8613e3}Gw64) .(.StdLib - StdLib.) - LEGACY_{C09B0D5F-CACD-4100-8ADB-F6C4AE8613E3}GW64 =>PUP.LinkiDoo
~ Legacy: 97 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Mic - 0vjwstx9.default] user_pref("avg.install.newtab", true);
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {2D8F2D6F-1A35-4D15-BFF0-335242906448} - (Shopping.com) - http://fr.shopping.com
O69 - SBI: SearchScopes [HKCU] {53BFC305-D695-48BC-AFFD-CDD4A2717611} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {7756ECB5-964C-4D66-96FB-05942258AB94} - (Zinio) - http://services.zinio.com
O69 - SBI: SearchScopes [HKCU] {B2A549E0-7090-4A6F-8875-0AAD8EBD0EE4} - (eBay) - http://rover.ebay.com =>Toolbar.eBay
O69 - SBI: SearchScopes [HKCU] {F4148D59-F336-4E9A-9F83-71C4B32335D1} - (Live Search) - http://search.live.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.7A8C8C537A2D2D97E775E6ED1B01FD17] [SPRF][10/01/2011] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF][09/12/2011] (...) -- C:\Users\Mic\AppData\Roaming\inst.exe [99384]
[MD5.AB29AD19FC4BCC0F34864B7AB03CDEEB] [SPRF][04/11/2014] (...) -- C:\Users\Mic\AppData\Roaming\wklnhst.dat [3910]
[MD5.E6A780D53DB0BAB46BFB1DA09E2CCC41] [SPRF][07/01/1999] (.vince - Pas de description.) -- C:\Users\Mic\Desktop\LOUVRE1.exe [544768]
~ Files: 8 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{481FCF30-0E68-4F49-AEAF-C89F396FA3F1}" | In - Private - P6 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
O87 - FAEL: "{BA2816A3-E32D-452D-875E-05DDE7B543F2}" | In - Private - P17 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe =>P2P.BitComet
O87 - FAEL: "TCP Query User{891FA4F9-74C5-4A4E-B0BB-B8ED6509FBFE}C:\program files (x86)\bitcomet\bitcomet.exe" | In - Public - P6 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet.exe =>P2P.BitComet
O87 - FAEL: "UDP Query User{EE46C225-6A8B-47FE-B69D-CD125F43A87A}C:\program files (x86)\bitcomet\bitcomet.exe" | In - Public - P17 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet.exe =>P2P.BitComet
O87 - FAEL: "TCP Query User{70319F80-A60D-4B9A-A73A-137055401538}C:\program files (x86)\bitcomet\bitcomet_x64.exe" | In - Private - P6 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet_x64.exe =>P2P.BitComet
O87 - FAEL: "UDP Query User{ECA79767-3612-4DC3-99C9-1E6D38939D2B}C:\program files (x86)\bitcomet\bitcomet_x64.exe" | In - Private - P17 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet_x64.exe =>P2P.BitComet
O87 - FAEL: "TCP Query User{D668A80C-4C80-4BDF-B87F-8F949F2CD0E3}C:\program files (x86)\bitcomet\bitcomet_x64.exe" | In - Public - P6 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet_x64.exe =>P2P.BitComet
O87 - FAEL: "UDP Query User{D0FBE584-8CF4-4BE8-AA63-7B59A155CC39}C:\program files (x86)\bitcomet\bitcomet_x64.exe" | In - Public - P17 - TRUE | .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet_x64.exe =>P2P.BitComet
~ Firewall: 8 Legitimates Filtered in 00mn 01s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BitComet_x64_RASAPI32 =>P2P.BitComet
HKLM\SOFTWARE\Microsoft\Tracing\BitComet_x64_RASMANCS =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\1ClickDownloader_RASAPI32 =>PUP.1ClickDownloader
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\1ClickDownloader_RASMANCS =>PUP.1ClickDownloader
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\amt_ar_qvo6_RASAPI32 =>Hijacker.Qvo6
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\amt_ar_qvo6_RASMANCS =>Hijacker.Qvo6
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Apps Hat-codedownloader_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Apps Hat-codedownloader_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AVG-Secure-Search-Update_0814tb_RASAPI32 =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AVG-Secure-Search-Update_0814tb_RASMANCS =>Toolbar.AVGSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitComet_RASAPI32 =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitComet_RASMANCS =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitComet_stats_RASAPI32 =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitComet_stats_RASMANCS =>P2P.BitComet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bizzybolt_2511-5ea0573c_RASAPI32 =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bizzybolt_2511-5ea0573c_RASMANCS =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bizzybolt_Setup_RASAPI32 =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bizzybolt_Setup_RASMANCS =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThinkSetup_RASAPI32 =>PUP.ClearThink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThinkSetup_RASMANCS =>PUP.ClearThink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThink_Setup_RASAPI32 =>PUP.ClearThink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ClearThink_Setup_RASMANCS =>PUP.ClearThink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASAPI32 =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASMANCS =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\dlLogic_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven 1_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup-NewVer_22april_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup-NewVer_22april_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentUninstall_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentUninstall_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\JumpFlipSetup_RASAPI32 =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\JumpFlipSetup_RASMANCS =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\JumpFlip_Setup_RASAPI32 =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\JumpFlip_Setup_RASMANCS =>PUP.JumpFlip
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Kozaka_Setup_RASAPI32 =>PUP.Kozaka
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Kozaka_Setup_RASMANCS =>PUP.Kozaka
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_14633_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_14633_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_14657_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_14657_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_amonetize_14633_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_amonetize_14633_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_UN_RASAPI32 =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_UN_RASMANCS =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-4_RASAPI32 =>Adware.PlusHD
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-4_RASMANCS =>Adware.PlusHD
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PlusVid-codedownloader_RASAPI32 =>PUP.PlusVid
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PlusVid-codedownloader_RASMANCS =>PUP.PlusVid
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\predm_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\predm_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QUAD Registry Cleaner_RASAPI32 =>Rogue.QUADRegistryCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QUAD Registry Cleaner_RASMANCS =>Rogue.QUADRegistryCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SaltarSmart_Setup_RASAPI32 =>PUP.SaltarSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SaltarSmart_Setup_RASMANCS =>PUP.SaltarSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SaltarSmart_tg_RASAPI32 =>PUP.SaltarSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SaltarSmart_tg_RASMANCS =>PUP.SaltarSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer1_RASAPI32 =>PUP.Linkular
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SecondOffer1_RASMANCS =>PUP.Linkular
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Toolbar Cleaner uninstall_RASAPI32 =>PUP.ToolbarCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Toolbar Cleaner uninstall_RASMANCS =>PUP.ToolbarCleaner
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBizzybolt_RASAPI32 =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBizzybolt_RASMANCS =>PUP.Bizzybolt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upfst_fr_35_RASAPI32 =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upfst_fr_35_RASMANCS =>Adware.FreeSoftToday
~ BTK: 980 Legitimates Filtered in 00mn 01s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 22/10/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 28/12/2010 1296728 | (BITCOMET_HELPER_SERVICE) . (.www.BitComet.com.) - C:\Program Files (x86)\BitComet\tools\BitCometService.exe =>P2P.BitComet
SS - | Demand 03/08/2010 867080 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 18/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/11/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 20/06/2010 108400 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Auto 18/06/2010 423280 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Auto 20/06/2010 67952 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 20/01/2011 887000 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SS - | Auto 19/05/2011 549616 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 09/06/2010 384880 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 18/02/2011 99104 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SR - | Auto 04/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 08/10/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 04/07/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 07/03/2012 118784 | (bgsvcgen) . (.B.H.A Corporation.) - C:\Windows\SysWOW64\bgsvcgen.exe
SR - | Auto 08/06/2010 952096 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 28/05/2010 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/11/2014 123632 | (MaintainerSvc4.00.5030318) . (...) - C:\ProgramData\e25f457c-9287-4f2d-b5a8-8cd714c55009\maintainer.exe
SR - | Auto 04/05/2010 503080 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Demand 20/01/2011 286936 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 18/09/2008 104960 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SR - | Auto 28/05/2010 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 04/11/2014 523504 | (Update AppEnable) . (...) - C:\Program Files (x86)\AppEnable\updateAppEnable.exe
SR - | Auto 04/11/2014 523504 | (Util AppEnable) . (...) - C:\Program Files (x86)\AppEnable\bin\utilAppEnable.exe
SR - | Auto 31/05/2010 217968 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
SR - | Auto 21/06/2010 575856 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SR - | Auto 08/06/2010 836608 | (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SR - | Demand 28/02/2014 1642544 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\vuagent.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Mic at 04/11/2014 19:45:15
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Mic at 04/11/2014 19:45:17
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (03/11/2014)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 4

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] =>P2P.BitComet^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitComet] =>P2P.BitComet^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}] =>Adware.GamePlayLabs
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BitComet =>P2P.BitComet^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_35 =>Adware.FreeSoftToday^
C:\Users\Mic\AppData\Roaming\Mozilla\Firefox\Profiles\0vjwstx9.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} =>P2P.BitComet^
C:\Program Files (x86)\BitComet =>P2P.BitComet^
C:\Program Files (x86)\ClearThink =>PUP.ClearThink^
C:\Users\Mic\AppData\Roaming\BitComet =>P2P.BitComet^
[HKCU\Software\BitComet] =>P2P.BitComet^
[HKLM\Software\Wow6432Node\ClearThink] =>PUP.ClearThink^
[HKLM\Software\Wow6432Node\PlusVid] =>PUP.PlusVid^
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp^
~ Additionnel Scan: 337941 Items scanned in 00mn 26s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.fr/pup-mediaget =>PUP.MediaGet
http://nicolascoolman.fr/pup-plusvid =>PUP.PlusVid
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.ClearThink
http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp
http://nicolascoolman.fr/pup-1clickdownloader =>PUP.1ClickDownloader
http://nicolascoolman.fr/hijacker-qvo6 =>Hijacker.Qvo6
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-bizzybolt =>PUP.Bizzybolt
http://nicolascoolman.fr/hijacker-22find =>Hijacker.22Find
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/pup-jumpflip =>PUP.JumpFlip
http://nicolascoolman.fr/pup-kozaka =>PUP.Kozaka
http://nicolascoolman.fr/adware-lollipop =>Adware.Lollipop
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/adware-plushd =>Adware.PlusHD
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://nicolascoolman.fr/rogue-quadregistrycleaner =>Rogue.QUADRegistryCleaner
http://nicolascoolman.fr/pup-saltarsmart =>PUP.SaltarSmart
http://www.nicolascoolman.fr/blog/ =>PUP.Linkular
http://nicolascoolman.fr/pup-toolbarcleaner =>PUP.ToolbarCleaner
http://nicolascoolman.fr/pup-specialsavings =>Adware.GamePlayLabs
http://nicolascoolman.fr/pup-esafesecurity =>PUP.eSafeSecurity
~ MSI: 26 link(s) detected in 00mn 00s



~ 2299 Legitimates filtered by white list
End of the scan (706 lines in 01mn 54s)(0)

J'attends tes consignes.

Publicité
Pages : [1] 2 3 4 ... Fin
Page 1 sur 4 [Fin]

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
Nettoyage de mon PC de fond en comble
changement fond ecran window 7 starter
Nettoyage avant clonage sur SSD
Diaporama fond d'écran Windows 7
fond d'ecran
Malgré un bon nettoyage jrt.exe ne fonctionne pas
Fond d'écran
Nettoyage fichiers systéme
Nettoyage lecteur C
Comment obtenir un fond d'écran blanc?
Plus de sujets relatifs à Nettoyage de fond
 > Tous les forums > Forum Windows 7