Rapport Zhpdiag

Bonjour, mon ordinateur s'éteint tout seul quand je lance l'analyse complète de Kaspersky Pure. En mode sans échec ça marche. Voici le rapport de Zhpdiag :
pou


Rapport de ZHPDiag v1.28.32 par Nicolas Coolman, Update du 05/02/2012
Run by catou at 04/03/2012 14:23:52
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 10.0.2 v10.0.2 (Defaut)
GCIE: Google Chrome v17.0.963.56
OPIE: Opera v11.50

---\\ Windows Product Information
~ Langage: Français
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4093 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 205 GB (44%) free of 459 GB

---\\ Logged in mode
~ Computer Name: CATOU-PC
~ User Name: catou
~ All Users Names: catou, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\catou\AppData\Roaming\
~ %Desktop% : C:\Users\catou\Desktop\
~ %Favorites% : C:\Users\catou\Favorites\
~ %LocalAppData% : C:\Users\catou\AppData\Local\
~ %StartMenu% : C:\Users\catou\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 205 Go of 459 Go)
E:\ CD-ROM drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.C16DD3B8C643F5297C0F1E8869B5949F] - (.Microsoft Corporation - Explorateur Windows.) (.01/01/2012 - 16:19:35.) -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.B1AC85B6ADC005CF3F9EB4E28DFDCCE6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/12/2011 - 08:04:30.) -- C:\Windows\system32\wininet.dll [1390080]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]
[MD5.3715E6BB29DBAB0A53A960DCF4378AD2] - (.Microsoft Corporation - DLL client de l'API uilisateur de Windows multi-utilisateurs.) (.05/11/2011 - 17:48:56.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 549/5328
~ Mes musiques (My Musics) : 105/21010
~ Mes Videos (My Videos) : 2/71
~ Mes Favoris (My Favorites) : Non accessible (Not found)
~ Mes Documents (My Documents) : 142/3272
~ Mon Bureau (My Desktop) : 1/2230
~ Menu demarrer (Programs) : 7/68
~ Scan Hidden Files in 00mn 30s



---\\ Processus lancés
[MD5.2DC64A3446C8C6E020E781456B46573D] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.2192]
[MD5.B26D379FAAF1DBDC40D060D67F321CD2] - (.MooSoft Development LLC - TCActive! GUI.) -- C:\Program Files (x86)\The Cleaner\tcap.exe [4768848] [PID.2296]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.]
[MD5.595CC1C6BD24675E99E289187B65F965] - (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe [366024] [PID.3596]
[MD5.E98EA7471918E1987075815DC4C61001] - (.Yahoo! Inc. - Yahoo! Widgets.) -- C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe [4742184] [PID.4004]
[MD5.7B52A122D3E9EE55DBE476E56BF20EDF] - (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe [108136] [PID.4764]
[MD5.849F2F814E612F6F34BFF95864C12D5E] - (.Stardock Corporation - CursorFX.) -- C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [654848] [PID.4780]
[MD5.1F24DFBCA4EA63DF3ED5DA7B15E4A39E] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3478936] [PID.3912]
[MD5.C98EF7E083579C0D588D0E909F48A90A] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728] [PID.5768]
[MD5.762AE55797CC326E7C92FFD5F8476E08] - (.Logiciels13 - Agenda Informatique.) -- C:\Program Files\Pense-bete\pb79f.exe [2175488] [PID.6052]
[MD5.D5D5EA09EE061AFE1857B8EE2BD451DC] - (.Nokia - Nokia M Platform.) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe [1540096] [PID.5900]
[MD5.BD3997D6DDC33820189D8803244A19B5] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe [70792] [PID.5916]
[MD5.9691BEFB8DFDDA0A0F238B5A80DA1FDD] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe [744072] [PID.5216]
[MD5.6BD8E97CA7DB46E795D3772866A40CEC] - (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [801792] [PID.5316]
[MD5.3B97D60483711F491E12799CECD424FC] - (.Blabbers Communications LTD - Browser Companion Helper.) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe [187696] [PID.5496]
[MD5.60D0647A2DC2D397B84D0AFB0808F85D] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [460872] [PID.5464]
[MD5.A2B790F9A751F24F17967F9A5574186D] - (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe [348760] [PID.]
[MD5.AA68E06EC4549625BD7AAC4CA4464F3E] - (.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe [263624] [PID.5720]
[MD5.4309B75F125067EF805F3125B01FCC30] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [2210816] [PID.3632]
[MD5.7A6DFCE4B8033CCD303918FACCCA9588] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [307824] [PID.3132]
[MD5.491FB9E6C0BD1383884D64EA5B886AD8] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [821080] [PID.]
[MD5.6E5B42219F1FE4A3D087D9D501E343D5] - (.Infowatch - InfoWatch CryptoStorage Protected objects c.) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [743992] [PID.]
[MD5.5A639B2B630B572FFE9B72448A8A514D] - (.DATA BECKER GmbH & Co KG - DBService für DATA BECKER Update Service.) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776] [PID.]
[MD5.3F3D6E8BD31B3C017D0AB24CD5EC0D05] - (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [124832] [PID.]
[MD5.18234EC42C951403BF889A9754FF1835] - (.Logitech Inc. - LVPrS64H Module..) -- C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe [114008] [PID.]
[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664] [PID.]
[MD5.056B19651BD7B7CE5F89A3AC46DBDC08] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [652360] [PID.]
~ Scan Processes Running in 00mn 01s



---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
B0 - SPO: operaprefs.ini [catou] Home URL=https://www.google.be/webhp?nord=1
B1 - OSP: search.ini [catou] URL=http://www.bing.com/search?q=%s&form=OPRTSD&pc=OPER
B1 - OSP: search.ini [catou] URL=https://fr.ask.com/?o=0&l=dir&ad=dirN
B1 - OSP: search.ini [catou] URL=http://mystart.incredimail.com//?loc=OperaSB&search=%s&a=NUYjMmrJAV
P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Opera\Program\Plugins\NPOFF12.DLL
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin2.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin3.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin4.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin5.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin6.dll
P1 - OPN:Opera Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Opera\Program\Plugins\npqtplugin7.dll
P1 - OPN:Opera Plugin Navigator . (.Siber Systems Inc. - rf-np-plugin.) -- C:\Program Files (x86)\Opera\Program\Plugins\rf-np-plugin.dll
~ Scan Opera Browser in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\catou\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.be/webhp?nord=1
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\catou\AppData\Roaming\Mozilla\Firefox\Profiles\ot8hko5v.default\prefs.js
C:\Users\catou\AppData\Roaming\Mozilla\Firefox\Profiles\ot8hko5v.default\user.js
M3 - MFPP: Plugins - [catou] -- C:\Users\catou\AppData\Roaming\Mozilla\Firefox\Profiles\ot8hko5v.default\searchplugins\s-amazon-byskipity-int.xml
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla FireFox\extensions\belgiumeid@eid.belgium.be.xpi
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla FireFox\extensions\iobit@mybrowserbar.com
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla FireFox\extensions\wtxpcom@mybrowserbar.com
M0 - MFSP: prefs.js [catou - ot8hko5v.default] https://www.google.be/webhp?nord=1
M2 - MFEP: prefs.js [catou - ot8hko5v.default\aatuner@hotmint.com] [] Anti-Aliasing Tuner v11.12.01.01 (.MATSUI Nag..)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\DeviceDetection@logitech.com] [] Ð'Ð¸Ñ Ð²Ð»ÐµÐ½Ð½Ñ Ð¿Ñ€Ð¸Ñ Ñ'роÑ--в Logitech v1.23.0.5 (.Logitech, Inc..)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\firefoxtweak@pribic.am] [] FireFox Tweak v3.0 (.Priyank Doshi.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\flashkiller@joli.clic] [] Flash Killer v1.3 (.Nicolas Martin.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\FoxdieGraphite@tanjihay.com] [foxdie] Foxdie (Graphite) v10.3 (.John Locke.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack] [] Translate This! v1.8 (.BoringCode.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\personas@christopher.beard] [personas] Personas v1.6.2 (.Chris Beard.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\plugin@yontoo.com] [] Yontoo Layers v1.20.00 (.Yontoo LLC.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\tito@utf8] [] UTF8 Friendly v002.003.004 (.Roberto Bouzout (tito).)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\{00352F14-3F76-4e4d-ACFF-9976D7E4B3B9}] [] MacOSX Theme v0.6.8 (.GOLF-AT.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\{1018e4d6-728f-4b20-ad56-37578a4de76b}] [] Flagfox v4.1.12 (.Dave Garrett.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\{2e61e246-e640-4c56-b1ed-f146dbed48cd}] [] Stop Autoplay v4.1.12 (.SUN Chun-Yen.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20110512W (.Google Inc..)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\{33e0daa6-3af3-d8b5-6752-10e949c61516}] [] ComplitlyEngine - Speed up your search with your personal search suggestions tool v1.1 (.SimplyGen Ltd..)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\{6cbc25b0-0a52-11df-8a39-0800200c9a66}] [] ShopToWin4 v1.0.31 (.SimplyGen Ltd..)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20111107 (.WOT Services Oy.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.8 (.Michel Gutierrez.)
M2 - MFEP: prefs.js [catou - ot8hko5v.default\{FC5BAC7D-D696-4ba6-B913-CF8F000C33DF}] [] New Tab King v5.1.3 (.Eddie Weber.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Foxit Software Company - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npFoxitReaderPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npPDFXCviewNPPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npyaxmpb.dll
P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKLM] [@microsoft.com/VirtualEarth3D,version=4.0] - (...) -- (.not file.)
P2 - FPN: [HKLM] [@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKCU] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKCU] [@protectdisc.com/NPPDLicenseHelper] - (.Pas de propriétaire - Protect Disc License Acquisition Plugin.) -- C:\Users\catou\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\catou\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\catou\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/webhp?nord=1
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: Ashampoo FR Toolbar [64Bits] - {ba679afc-8ba0-48f4-b8bf-c144e8699fbc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files (x86)\Ashampoo_FR\prxtbAsha.dll
R3 - URLSearchHook: IncrediMail MediaBar Francais 2 Toolbar [64Bits] - {249d74a3-bd19-4657-b6ce-e62f480a20de} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files (x86)\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll
R3 - URLSearchHook: (no name) [64Bits] - {a65e491f-a436-4952-b49a-b24ed99a0f67} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: Ashampoo FR Toolbar [64Bits] - {ba679afc-8ba0-48f4-b8bf-c144e8699fbc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files (x86)\Ashampoo_FR\prxtbAsha.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 0



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - BHO: IEVkbdBHO [64Bits] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab - IE Virtual Keyboard.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll
O2 - BHO: RoboForm BHO [64Bits] - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Complitly [64Bits] - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} . (.SimplyGen - Complitly - Helps you search the web.) -- C:\Users\catou\AppData\Roaming\Complitly\64\Complitly64.dll
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab - WebToolBar component.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: RoboForm BHO [64Bits] - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &RoboForm Toolbar [64Bits] - {724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [OODefragTray] . (.O&O Software GmbH - O&O Defrag TrayIcon (x64).) -- C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [IncrediMail Application] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O4 - HKCU\..\Run: [Yahoo! Widgets] . (.Yahoo! Inc. - Yahoo! Widgets.) -- C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
O4 - HKCU\..\Run: [RoboForm TaskBar Icon] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
O4 - HKCU\..\Run: [RoboForm TaskBar Icon197] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
O4 - HKCU\..\Run: [CursorFX] . (.Stardock Corporation - CursorFX.) -- C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
O4 - HKCU\..\Run: [CursorFX937] . (.Stardock Corporation - CursorFX.) -- C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
O4 - HKCU\..\Run: [GBMPro8Agentx64] . (.Genie-soft - Genie Backup Agent.) -- C:\Program Files\Genie-Soft\GBMPro8x64\GBMAgent.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\catou\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [tcactive] . (.MooSoft Development LLC - TCActive! GUI.) -- C:\Program Files (x86)\The Cleaner\tcap.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [O&O Defrag Agent (x64)] . (.O&O Software GmbH - O&O Defrag Agent (x64).) -- C:\Program Files\OO Software\Defrag\oodag.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
O4 - HKLM\..\Wow6432Node\Run: [NokiaMServer] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [EaseUs Watch] . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
O4 - HKLM\..\Wow6432Node\Run: [EaseUs Tray] . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
O4 - HKLM\..\Wow6432Node\Run: [PlusService] . (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Wow6432Node\Run: [Browser companion helper] . (.Blabbers Communications LTD - Browser Companion Helper.) -- C:\Program Files (x86)\BrowserCompanion\BCHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\Wow6432Node\Run: [MessengerPlusForSkypeService] . (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O4 - HKLM\..\Wow6432Node\Run: [A+PopUpBlocker] . (.Amplusnet - PopUpBlocker.) -- C:\Program Files (x86)\A+ Pop Up Blocker\PopUpBlocker.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [IncrediMail Application] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [Yahoo! Widgets] . (.Yahoo! Inc. - Yahoo! Widgets.) -- C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [RoboForm TaskBar Icon] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [RoboForm TaskBar Icon197] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [CursorFX] . (.Stardock Corporation - CursorFX.) -- C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [CursorFX937] . (.Stardock Corporation - CursorFX.) -- C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [GBMPro8Agentx64] . (.Genie-soft - Genie Backup Agent.) -- C:\Program Files\Genie-Soft\GBMPro8x64\GBMAgent.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\catou\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [tcactive] . (.MooSoft Development LLC - TCActive! GUI.) -- C:\Program Files (x86)\The Cleaner\tcap.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [O&O Defrag Agent (x64)] . (.O&O Software GmbH - O&O Defrag Agent (x64).) -- C:\Program Files\OO Software\Defrag\oodag.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-2100239799-350687373-171274645-1001\..\Run: [RoboForm] . (.Siber Systems - RoboForm TaskBar Icon.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Translator.lnk . (.Opera Software.) -- C:\Users\catou\AppData\Local\Google Translator\Google Translator.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\catou\Desktop\Clean disk with 1 click.lnk . (.WiseCleaner.com.) -- C:\Program Files (x86)\Wise Disk Cleaner\WiseDiskCleaner.exe
O4 - Global Startup: C:\Users\catou\Desktop\CyberLink PowerDirector.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
O4 - Global Startup: C:\Users\catou\Desktop\eBayCenter.lnk . (.Ordigramme.) -- C:\Program Files (x86)\eBayCenter\ebaycenter.exe
O4 - Global Startup: C:\Users\catou\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\catou\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\catou\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\catou\Desktop\MusicBee.lnk . (.Steven Mayall.) -- C:\Program Files (x86)\MusicBee\MusicBee.exe
O4 - Global Startup: C:\Users\catou\Desktop\My 7 CustoBox.lnk . (.Http://www.My7Apps.fr.) -- C:\Program Files (x86)\My 7 CustoBox\My7CustoBox.exe
O4 - Global Startup: C:\Users\catou\Desktop\PC Wizard 2010.lnk . (.CPUID.) -- C:\Program Files (x86)\CPUID\PC Wizard 2010\PC Wizard.exe
O4 - Global Startup: C:\Users\catou\Desktop\PhotoFiltre Studio X.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe
O4 - Global Startup: C:\Users\catou\Desktop\PhotoZoom Pro 4.lnk . (...) -- C:\Program Files\PhotoZoom Pro 4\PhotoZoom Pro 4.exe
O4 - Global Startup: C:\Users\catou\Desktop\Restart Windows 7.lnk . (...) -- C:\Program Files (x86)\Tweak-7\commands.exe (.not file.)
O4 - Global Startup: C:\Users\catou\Desktop\Shutdown Windows 7.lnk . (...) -- C:\Program Files (x86)\Tweak-7\commands.exe (.not file.)
O4 - Global Startup: C:\Users\catou\Desktop\Suspend Windows 7.lnk . (...) -- C:\Program Files (x86)\Tweak-7\Commands.exe (.not file.)
O4 - Global Startup: C:\Users\catou\Desktop\Toolbar Cleaner.lnk . (.Visicom Media Inc..) -- C:\Program Files (x86)\Toolbar Cleaner\ToolbarCleaner.exe
O4 - Global Startup: C:\Users\catou\Desktop\Tweak-7 - Raccourci.lnk . (...) -- C:\Users\catou\Downloads\Tweak-7 v1.0 build 1106_x64\LOADER\Tweak-7.exe
O4 - Global Startup: C:\Users\catou\Desktop\Vistumbler.lnk . (...) -- C:\Program Files (x86)\Vistumbler\Vistumbler.exe
O4 - Global Startup: C:\Users\catou\Desktop\WinDirStat.lnk . (.Seifert.) -- C:\Program Files (x86)\WinDirStat\windirstat.exe
O4 - Global Startup: C:\Users\catou\Desktop\Wise Disk Cleaner Free.lnk . (.WiseCleaner.com.) -- C:\Program Files (x86)\Wise Disk Cleaner\WiseDiskCleaner.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files (x86)\BitTorrent\bittorrent.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Data Lifeguard Diagnostic for Windows.lnk . (.Western Digital.) -- C:\Program Files (x86)\Western Digital Corporation\Data Lifeguard Diagnostic for Windows\WinD
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Easy Audio Cutter.lnk . (.Koyote Soft.) -- C:\Program Files (x86)\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay Turbo Lister 2.lnk . (.eBay Inc..) -- C:\Program Files (x86)\eBay\Turbo Lister2\Tl.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk - Clé orpheline
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk . (.Foxit Corporation.) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free CD Ripper.lnk . (.Koyote Soft.) -- C:\Program Files (x86)\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk . (.Koyote Soft.) -- C:\Program Files (x86)\Free Audio Pack\FreeConverter\FreeConverter.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk . (.IObit.) -- C:\Program Files (x86)\IObit\Game Booster\GameBooster.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities\Integrator.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GoodSync.lnk . (...) -- C:\Program Files\Siber Systems\GoodSync\GoodSync.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Users\catou\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk . (.IncrediMail, Ltd..) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk . (.inkscape.org.) -- C:\Program Files (x86)\Inkscape\inkscape.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inpaint.lnk . (...) -- C:\Program Files (x86)\Inpaint\Inpaint.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Opera.lnk . (.Opera Software.) -- C:\Program Files (x86)\Opera\opera.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk . (...) -- C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe (.not file.)
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC Wizard 2010.lnk . (.CPUID.) -- C:\Program Files (x86)\CPUID\PC Wizard 2010\PC Wizard.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PowerSuite.lnk . (.Uniblue Systems Limited.) -- C:\Program Files (x86)\Uniblue\PowerSuite\Launcher.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk . (.VS Revo Group.) -- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SystemTweaker.lnk . (.Uniblue Systems Limited.) -- C:\Program Files (x86)\Uniblue\SystemTweaker\Launcher.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Wise Disk Cleaner.lnk . (.WiseCleaner.com.) -- C:\Program Files (x86)\Wise Disk Cleaner\WiseDiskCleaner.exe
O4 - Global Startup: C:\Users\catou\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Xilisoft Créateur Sonnerie iPhone.lnk . (...) -- C:\Program Files (x86)\Xilisoft\iPhone Ringtone Maker\iphoneringtone.exe
~ Scan Global Startup in 00mn 03s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Ajouter à l'Anti-bannière . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
O8 - Extra context menu item: Barre RoboForm . (...) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire . (...) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Personnaliser le menu . (...) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire . (...) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Télécharger avec IDM . (...) -- C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM . (...) -- C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Éditeur RoboForm . (...) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Remplir le formulaire [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Enregistrer le formulaire [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Personnaliser le menu [64Bits] - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Personnaliser le menu [64Bits] - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\kbrd.ico
O9 - Extra button: Éditeur RoboForm [64Bits] - {45DB34C3-955C-11D3-ABEF-444553540001} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Barre RoboForm [64Bits] - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems Inc. - RoboForm Main Module.) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\logo.ico
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\System32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{97A626C0-8A24-468F-A883-4ABF81FA86F7}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{97A626C0-8A24-468F-A883-4ABF81FA86F7}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{97A626C0-8A24-468F-A883-4ABF81FA86F7}: DhcpNameServer = 192.168.0.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: base64 [64Bits] - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd - Blabbers data protacol for IE w/c.) -- C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: chrome [64Bits] - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd - Blabbers data protacol for IE w/c.) -- C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
O18 - Handler: prox [64Bits] - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} . (.Blabbers Communications Ltd - Blabbers data protacol for IE w/c.) -- C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: klogon . (.Kaspersky Lab - Logon Visualizer.) -- C:\Windows\system32\klogon.dll
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
O20 - Winlogon Notify: WB . (...) -- C:\Program Files\Stardock\OBJECT~1\WINDOW~1\fast64.dll (.not file.)
~ Scan Winlogon in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\KASPER~1\KASPER~1\x64\sbhook64.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {1984DD45-52CF-49cd-AB77-18F378FEA264} . (.Stardock - Stardock Fences Shell Extension.) -- C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
O22 - SharedTaskScheduler: (no name) [64Bits] - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} . (.Stardock Corporation - Deskscapes.) -- C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes\deskscapes.dll
O22 - SharedTaskScheduler: (no name) [64Bits] - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} . (.Stardock - This file is responsible for enhancing the.) -- C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll
O22 - SharedTaskScheduler: (no name) [64Bits] - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} . (.Stardock - This file is responsible for applying .DREA.) -- C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes\DreamControl.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky PURE (AVP) . (.Kaspersky Lab - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Service de gestion du système CryproStor (CSObjectsSrv) . (.Infowatch - InfoWatch CryptoStorage Protected objects c.) - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: DATA BECKER Update Service (DBService) . (.DATA BECKER GmbH & Co KG - DBService für DATA BECKER Update Service.) - C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
O23 - Service: EaseUS Agent (EaseUS Agent) . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) . (.IObit - IObit Malware Fighter Service.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Process Monitor (LVPrcS64) . (.Logitech Inc. - LVPrcSrv Module..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) . (.Yuna Software - Service - Messenger Plus! for Skype.) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) . (.Nitro PDF Software - Solid Spool Service.) - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
O23 - Service: O&O Defrag (OODefragAgent) . (.O&O Software GmbH - O&O Defrag Agent (x64).) - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: Tweak7SystemService (Tweak7SystemService) . (.Totalidea Software - Tweak-7 System Service.) - C:\Windows\system32\Tweak7SystemService.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) . (.Stardock Corporation - WindowBlinds Service. Part of Stardock Win.) - C:\Program Files (x86)\Stardock\Object Desktop\WindowBlinds\VistaSrv.exe
O23 - Service: Power Control [2010/05/23 16:45:12] ({60DB6561-0A84-4c94-AF33-288405CFD56D}) . (.CyberLink Corp. - Pas de description.) - C:\Program Files (x86)\CyberLink\PowerCinema Movie\000.fcl
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) (.O&O Software GmbH - O&O BootTimeDefrag (x64).) -- C:\Windows\system32\OODBS.exe
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2100239799-350687373-171274645-1001Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2100239799-350687373-171274645-1001UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCCT - MAGIX AG.job
[MD5.47C1DE0A890613FFCFF1D67648EEDF90] [APT] [Adobe Reader and Acrobat Manager] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-catou-PC-catou] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.00000000000000000000000000000000] [APT] [ASC4_AutoCare] (...) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\AutoCare.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [ASC4_AutoSweep] (...) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\AutoSweep.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [ASC4_AutoUpdate] (...) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\AutoUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [ASC4_PerformanceMonitor] (...) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe (.not file.)
[MD5.C4587F33EF0EB6398968E191DDCCE58E] [APT] [catou Local Autobackup 5 4] (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe
[MD5.923E02CA12F54B2F086DDB9C683E46E5] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities\initialize.exe
[MD5.8F0DE4FEF8201E306F9938B090