Help me probleme virus Win32 sous avast PC infecté

Bonjour,

Mon pc sous Windows 7 est infecté par un virus !!
j'ai scanner via avast : 1 menace Virus Win32:Dropper-gen[DRP]
j'ai installer et lancer le logiciel ZHP diag;
Voici le rapport d'erreur :


Que dois je faire ?
~ Rapport de ZHPDiag v2014.4.14.26 - Nicolas Coolman (14/04/2014)
~ Lancé par bourdeau (15/04/2014 13:27:02)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17041
GCIE: Google Chrome v34.0.1847.116 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2016
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2815 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 402 GB (88%) free of 454 GB

---\\ Mode de connexion au système
~ Computer Name: BOURDEAU-PC
~ User Name: bourdeau
~ All Users Names: HomeGroupUser$, bourdeau, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\bourdeau\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\bourdeau\AppData\Roaming\
~ %Desktop% : C:\Users\bourdeau\Desktop\
~ %Favorites% : C:\Users\bourdeau\Favorites\
~ %LocalAppData% : C:\Users\bourdeau\AppData\Local\
~ %StartMenu% : C:\Users\bourdeau\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 402 Go of 454 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 12 Go)
E: CD-ROM drive (Free 0 Go of 2 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)




---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn 00s




---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 07:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s




---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/228
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/1147
~ Mon Bureau (My Desktop) : 1/16
~ Menu demarrer (Programs) : 1/2
~ Hidden Files: Scanned in 00mn 02s




---\\ Processus lancés
[MD5.A5F78606A9BA8F0C4C8FF9DED6ED5107] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048] [PID.2292]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.1452]
[MD5.47DCE3A2FE0B34DD9F01EB4037303A3E] - (.Hewlett-Packard - HP Remote Solution.) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896] [PID.2816]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe [54576] [PID.3008]
[MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.2828]
[MD5.0667ED9F8E905E1F73DB60ACCEDCBCA7] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [811728] [PID.4256]
[MD5.7E27BA11C41A05436DF334C604724E5D] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe [12877632] [PID.5312]
[MD5.775DDB699B40C42E1BD799CC0EBF3528] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8215552] [PID.6008]
[MD5.BEA8D0FA8805CC2E6BB49728166699C7] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1252]
[MD5.E91C669DB45EC0F1D18185A9B7006E44] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginService\PluginService.exe [705136] [PID.1544] =>Trojan.SProtector
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1832]
[MD5.2238B91AC1A12CC6CC4C4FED41258B2A] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.1956]
[MD5.4DC67A9167176CF7AA5F2B4DBE444DC9] - (...) -- C:\Program Files (x86)\ScanTack\updateScanTack.exe [350496] [PID.2296]
[MD5.CC907C2FB839D3F92690A25FF8E463BE] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4972864] [PID.3552]
[MD5.904B78DD60B85A6A5145FAB3876FF285] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe [238400] [PID.3404]
[MD5.952DB5C0640FD7BA5DD12FAFF5B84DC4] - (.TeamViewer GmbH - TeamViewer 9.) -- c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe [4529472] [PID.1168]
~ Processes Running: Scanned in 00mn 00s




---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\bourdeau\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://istart.webssearches.com =>Hijacker.WebsSearches
G0 - GCSP: Preference [User Data\Default][HomePage] http://istart.webssearches.com =>Hijacker.WebsSearches
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Documents Google v.0.5 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2016.82, (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\bourdeau\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Documents Google]
G2 - EXT: C:\Users\bourdeau\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive]
G2 - EXT: C:\Users\bourdeau\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Users\bourdeau\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 - EXT: C:\Users\bourdeau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\bourdeau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail]

~ Google Lines Browser: 24 Scanned in 00mn 01s




---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17041 (winblue_gdr.140305-1710)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 19 Scanned in 00mn 00s




---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s




---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s




---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21




---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0054246 [64Bits] - {11111111-1111-1111-1111-110511421146} . (.Freeven - MediaPlayerplus BHO.) -- C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll =>PUP.CrossRider
O2 - BHO: CrossriderApp0054253 [64Bits] - {11111111-1111-1111-1111-110511421153} . (.Freeven - Freeven pro 1.2 BHO.) -- C:\Program Files (x86)\Freeven pro 1.2\Freeven pro 1.2-bho.dll =>PUP.CrossRider
O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll =>PUP.SupTab
O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ScanTack [64Bits] - {d332cff8-358e-4c9e-8af3-a08872ef22c1} . (.ScanTack - ScanTack.) -- C:\Program Files (x86)\ScanTack\ScanTackbho.dll
O2 - BHO: Windows Live Toolbar Helper [64Bits] - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
~ BHO: 12 Scanned in 00mn 00s




---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
~ Toolbar: Scanned in 00mn 00s




---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Adventure Chronicles - A la Recherche des Trésors Perdus.lnk . (.Adobe Systems, Inc. - Adobe Projector.) -- C:\Program Files (x86)\1 Jeu par jour\Adventure Chronicles - A la Recherche des Trésors Perdus\AdventureChronicles.exe
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
O4 - GS\Desktop [Public]: Coyote's Tale.lnk . (.GoGames LLC & Merscom LLC - Coyote's Tale - Fire and Water.) -- C:\Program Files (x86)\1 Jeu par jour\Coyote's Tale\Coyote's Tale - Fire and Water.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Jouer à PKR.lnk . (.PKR Ltd - PKR 3D Poker.) -- C:\Program Files (x86)\PKR\pkr.exe
O4 - GS\Desktop [Public]: Le Secret du Pharaon.lnk . (...) -- C:\Program Files (x86)\1 Jeu par jour\Le Secret du Pharaon\Cleopatre.exe
O4 - GS\Desktop [Public]: Millionaire Manor - The Hidden Object Show.lnk . (.Adobe Systems, Inc. - Adobe Projector.) -- C:\Program Files (x86)\1 Jeu par jour\Millionaire Manor - The Hidden Object Show\THOS3.exe
O4 - GS\Desktop [Public]: The Hidden Object Show - Season 2.lnk . (.Macromedia, Inc. - Macromedia Projector.) -- C:\Program Files (x86)\1 Jeu par jour\The Hidden Object Show - Season 2\THOS II.exe
O4 - GS\Desktop [Public]: The Hidden Object Show.lnk . (.Adobe Systems, Inc. - Adobe Projector.) -- C:\Program Files (x86)\1 Jeu par jour\The Hidden Object Show\THOS.exe
O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Program [Public]: CyberLink DVD Suite Deluxe.lnk . (.CyberLink Corp. - CyberLink PowerStarter Main Program.) -- C:\Program Files (x86)\Cyberlink\CyberLink DVD Suite Deluxe\PS.exe
O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: TeamViewer 9.lnk . (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [bourdeau]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [bourdeau]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [bourdeau]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [bourdeau]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SendTo [bourdeau]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
O4 - GS\Desktop [bourdeau]: 20 000 LIEUES SOUS LES MERS.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\20 000 LIEUES SOUS LES MERS\Nemo.exe
O4 - GS\Desktop [bourdeau]: Football Manager.lnk - Clé orpheline
O4 - GS\Desktop [bourdeau]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [bourdeau]: Le Crime de l'Orient Express.lnk . (...) -- C:\Program Files (x86)\The Adventure Company\Le Crime de l'Orient Express\motoe.exe
O4 - GS\Desktop [bourdeau]: Nostradamus Series Partie1.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Nostradamus Series Partie1\Nostradamus PC Part1.exe
O4 - GS\Desktop [bourdeau]: Nostradamus Series Partie2.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Nostradamus Series Partie2\Nostradamus PC Part2.exe
O4 - GS\Desktop [bourdeau]: Nostradamus Series Partie3.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Nostradamus Series Partie3\Nostradamus PC Part3.exe
O4 - GS\Desktop [bourdeau]: Solitaire.lnk - Clé orpheline
O4 - GS\Desktop [bourdeau]: TeamViewer 9.lnk . (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
O4 - GS\Desktop [bourdeau]: Versailles 2 - Part 1.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Versailles 2 - Part 1\Part1\Versailles 2 Part 1.exe
O4 - GS\Desktop [bourdeau]: Versailles 2 - Part 2.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Versailles 2 - Part 2\Versailles 2 - Part 2.exe
O4 - GS\Desktop [bourdeau]: Versailles 2 - Part 3.lnk . (...) -- C:\Program Files (x86)\Anuman Interactive\Versailles 2 - Part 3\Versailles 2 - Part 3.exe
O4 - GS\Desktop [bourdeau]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [bourdeau]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 60 Scanned in 00mn 01s




---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [PC-Doctor for Windows localizer] . (.PC-Doctor, Inc. - Hardware Diagnostic Tools Localizer.) -- C:\Program Files\PC-Doctor for Windows\localizer.exe
O4 - HKLM\..\RunOnce: [PCDrProfiler] . (.PC-Doctor, Inc. - Hardware Diagnostic Tools Profiler.) -- C:\Program Files\PC-Doctor for Windows\RunProfiler.exe
O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [HP Remote Solution] . (.Hewlett-Packard - HP Remote Solution.) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe =>.EasyBits Software AS
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_134] Clé orpheline =>PUA.FSTfr9
O4 - HKLM\..\Wow6432Node\Run: [stv_fr_4] Clé orpheline
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2012595891-1622765999-738107076-1001\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
~ Application: Scanned in 00mn 00s




---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s




---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s




---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s




---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B7DF1FC-BAAA-4421-8714-D120C2EAF65C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{9B7DF1FC-BAAA-4421-8714-D120C2EAF65C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{9B7DF1FC-BAAA-4421-8714-D120C2EAF65C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s




---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s




---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Skytech Co., Ltd. - Skytech.) - C:\Program Files (x86)\SupTab\SearchProtect64.dll =>PUP.SupTab
~ AppInit DLL: Scanned in 00mn 00s




---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s




---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: IePlugin Service (IePluginService) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NewPlayer Updater Service (NewPlayerUpdaterService) . (.Pas de propriétaire - NewPlayerUpdaterService.) - C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe =>Adware.IncrediBar
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.3.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: TeamViewer 9 (TeamViewer9) . (.TeamViewer GmbH - TeamViewer 9.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Update ScanTack (Update ScanTack) . (...) - C:\Program Files (x86)\ScanTack\updateScanTack.exe
~ Services: 10 Scanned in 00mn 06s




---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s




---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s




---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-1.job [1456]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5.job [1542]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\5f8261d5-5589-42ca-b905-285ec40413eb-1.job [1408]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\5f8261d5-5589-42ca-b905-285ec40413eb-5.job [1494]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Digital Sites.job [304]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1068]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1072]
[MD5.A75D13001006510209AEF5219A745B4B] [APT] [3d8c097a-d75d-43d1-aa88-eb4ad99df514-1] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [482152] =>PUP.CrossRider
[MD5.B543066AC1D51FC519EBAD1A635FF933] [APT] [3d8c097a-d75d-43d1-aa88-eb4ad99df514-5] (.Freeven.) -- C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5.exe [325992] =>PUP.CrossRider
[MD5.7D516841F3839E69A04BEA72D7D9BAF3] [APT] [5f8261d5-5589-42ca-b905-285ec40413eb-1] (.Freeven.) -- C:\Program Files (x86)\Freeven pro 1.2\Freeven pro 1.2-codedownloader.exe [482152]
[MD5.903FE0644E39E79BE33DA85E3BFADA01] [APT] [5f8261d5-5589-42ca-b905-285ec40413eb-5] (.Freeven.) -- C:\Program Files (x86)\Freeven pro 1.2\5f8261d5-5589-42ca-b905-285ec40413eb-5.exe [325992]
[MD5.9D96B0D5855FD1B98023B3EEC9F06786] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257928]
[MD5.E5F00579E4DEDB11A322AB7D041C8F54] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [804840]
[MD5.D42D782A757E7F7D7A56FDD5296FBA75] [APT] [Digital Sites] (...) -- C:\Users\bourdeau\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe [111104]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.EB875919D5AD5E40A0854F1264A0F2FA] [APT] [PC Health Analysis] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1367816]
[MD5.EB875919D5AD5E40A0854F1264A0F2FA] [APT] [PC Tuneup] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1367816]
~ Scheduled Task: 25 Scanned in 00mn 04s




---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s




---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 66 Scanned in 00mn 00s




---\\ Logiciels installés (O42)
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Drivers
O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM][64Bits] -- PC-Doctor for Windows
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM][64Bits] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
O42 - Logiciel: TeamViewer 9 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 9
O42 - Logiciel: avast! Free Antivirus v9.0.2016 - (.Avast Software.) [HKLM][64Bits] -- Avast
~ Logic: 28 Scanned in 00mn 00s




---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Freeven pro 1.2]
[HKCU\Software\AppDataLow\Software\MediaPlayerplus] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avanquest]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DSiteproducts] =>Hijacker.DSite
[HKCU\Software\GOG]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Micro Application]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\PerformerSoft LLC]
[HKCU\Software\Policies]
[HKCU\Software\ScanTack]
[HKCU\Software\TeamViewer]
[HKCU\Software\TutoTag] =>AgenceExclusive
[HKCU\Software\Valve]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\ATI Technologies]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\WildTangent]
[HKLM\Software\Wow6432Node\1 Jeu par jour]
[HKLM\Software\Wow6432Node\AGENCE-EXCLUSIVE] =>PUP.AgenceExcusive
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\EasyBits]
[HKLM\Software\Wow6432Node\Freeven pro 1.2]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IePlugin]
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LightScribe]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MediaPlayerplus] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Micro Application]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NewPlayer]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\PC-Doctor]
[HKLM\Software\Wow6432Node\PKR]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\ScanTack]
[HKLM\Software\Wow6432Node\Sports Interactive Ltd]
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\TeamViewer]
[HKLM\Software\Wow6432Node\The Adventure Company]
[HKLM\Software\Wow6432Node\Tutorials] =>AgenceExclusive
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wilson WindowWare]
[HKLM\Software\Wow6432Node\Wpm] =>PUP.WpManager
[HKLM\Software\Wow6432Node\free_soft_to_day] =>Adware.FreeSoftToday
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\webssearchesSoftware] =>Hijacker.WebsSearches
[HKLM\Software\Wow6432Node]
~ Key Software: 140 Scanned in 00mn 00s




---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/01/2014 - 18:43:04 - [855,671] ----D C:\Program Files (x86)\1 Jeu par jour
O43 - CFD: 22/01/2014 - 18:12:26 - [120,944] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 24/01/2014 - 18:41:19 - [-883,431] ----D C:\Program Files (x86)\Anuman Interactive
O43 - CFD: 14/04/2014 - 16:28:01 - [20,759] ----D C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 22/01/2014 - 18:12:26 - [117,826] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 06/01/2010 - 04:43:27 - [889,815] ----D C:\Program Files (x86)\Cyberlink
O43 - CFD: 06/01/2010 - 04:59:11 - [90,004] ----D C:\Program Files (x86)\EasyBits For Kids
O43 - CFD: 14/04/2014 - 16:26:36 - [2,519] ----D C:\Program Files (x86)\Freeven pro 1.2
O43 - CFD: 14/04/2014 - 21:29:05 - [324,773] ----D C:\Program Files (x86)\Google
O43 - CFD: 06/01/2010 - 05:05:09 - [227,522] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 06/01/2010 - 04:45:15 - [2,973] ----D C:\Program Files (x86)\hp
O43 - CFD: 06/01/2010 - 04:58:26 - [212,726] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 24/01/2014 - 18:43:04 - [71,655] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 14/04/2014 - 20:07:12 - [9,795] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 14/04/2014 - 16:27:09 - [4,573] ----D C:\Program Files (x86)\MediaPlayerplus =>PUP.CrossRider
O43 - CFD: 26/01/2014 - 00:33:55 - [0,463] ----D C:\Program Files (x86)\Micro Application
O43 - CFD: 06/01/2010 - 05:01:00 - [0,815] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 18/01/2014 - 13:45:38 - [0,563] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 06/01/2010 - 05:01:42 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 06/01/2010 - 05:02:20 - [2,087] ----D C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 18/01/2014 - 15:17:20 - [109,083] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 19/01/2014 - 18:01:41 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 02/03/2014 - 15:26:10 - [0] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 14/04/2014 - 16:27:39 - [30,526] ----D C:\Program Files (x86)\NewPlayer
O43 - CFD: 18/01/2014 - 15:17:41 - [1,290] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 01/03/2014 - 23:39:31 - [632,576] ----D C:\Program Files (x86)\PKR
O43 - CFD: 14/04/2014 - 19:56:01 - [0] ----D C:\Program Files (x86)\predm
O43 - CFD: 06/01/2010 - 04:36:53 - [46,192] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 14/04/2014 - 19:58:59 - [1,089] ----D C:\Program Files (x86)\ScanTack
O43 - CFD: 20/01/2014 - 17:19:12 - [1952,260] ----D C:\Program Files (x86)\Sports Interactive
O43 - CFD: 14/04/2014 - 16:27:43 - [5,030] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 18/01/2014 - 15:41:53 - [37,844] ----D C:\Program Files (x86)\TeamViewer
O43 - CFD: 06/01/2010 - 04:37:05 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 24/01/2014 - 20:58:40 - [1285,018] ----D C:\Program Files (x86)\The Adventure Company
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 14/04/2014 - 16:28:19 - [0,046] ----D C:\Program Files (x86)\Uninstaller
O43 - CFD: 20/01/2014 - 15:45:49 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 06/01/2010 - 05:02:39 - [281,748] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 06/01/2010 - 05:00:45 - [0,234] ----D C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 19/01/2014 - 13:20:00 - [5,895] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 20/01/2014 - 15:45:53 - [4,791] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 19/01/2014 - 13:20:00 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 19/01/2014 - 13:20:00 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 19/01/2014 - 13:20:00 - [6,059] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 18/01/2014 - 15:06:09 - [0,003] --H-D C:\Program Files (x86)\Zero G Registry
O43 - CFD: 15/04/2014 - 13:26:26 - [17,152] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 22/01/2014 - 18:12:38 - [6,301] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 06/01/2010 - 04:36:50 - [5,315] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 06/01/2010 - 04:44:37 - [36,086] ---AD C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 06/01/2010 - 04:43:41 - [0,054] ---AD C:\Program Files (x86)\Common Files\LS Getting Started
O43 - CFD: 06/01/2010 - 05:00:50 - [21,102] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 19/01/2014 - 13:20:00 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 06/01/2010 - 04:59:41 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 22/01/2014 - 18:17:37 - [147,951] ----D C:\ProgramData\Adobe
O43 - CFD: 24/01/2014 - 18:44:40 - [0,006] ----D C:\ProgramData\AdventureChronicles1
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 18/01/2014 - 15:04:49 - [43,073] ----D C:\ProgramData\AVAST Software
O43 - CFD: 02/03/2014 - 15:26:01 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 18/01/2014 - 13:41:22 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 06/01/2010 - 04:39:24 - [0,033] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 18/01/2014 - 13:41:22 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 14/03/2014 - 19:37:36 - [0,120] ----D C:\ProgramData\Gogii
O43 - CFD: 18/01/2014 - 15:17:28 - [45,230] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 14/04/2014 - 16:31:30 - [0,672] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 18/01/2014 - 13:41:22 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 26/01/2014 - 00:33:55 - [0] ----D C:\ProgramData\Micro Application
O43 - CFD: 24/02/2014 - 20:17:56 - [239,096] -S--D C:\ProgramData\Microsoft
O43 - CFD: 18/01/2014 - 13:41:22 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 20/01/2014 - 16:27:00 - [0] ----D C:\ProgramData\Norton
O43 - CFD: 06/01/2010 - 05:03:18 - [9,988] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 18/01/2014 - 17:08:35 - [0,263] ----D C:\ProgramData\NVIDIA
O43 - CFD: 06/01/2010 - 04:45:57 - [3,097] ----D C:\ProgramData\PC-Doctor for Windows
O43 - CFD: 18/01/2014 - 15:11:57 - [18,263] ----D C:\ProgramData\Recovery
O43 - CFD: 18/01/2014 - 15:11:53 - [0,018] ----D C:\ProgramData\Sports Interactive
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 06/01/2010 - 05:05:00 - [0,207] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 18/01/2014 - 15:17:28 - [1361,767] ----D C:\ProgramData\WildTangent
O43 - CFD: 14/04/2014 - 19:55:18 - [0,002] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 06/01/2010 - 04:47:41 - [20,406] ----D C:\ProgramData\{44AFD825-9603-4521-9447-A6E1C5CA2F3D}
O43 - CFD: 06/01/2010 - 04:35:32 - [5,468] --H-D C:\ProgramData\{B12D13C3-76FD-479D-AD99-8C6F18156BC9}
O43 - CFD: 22/01/2014 - 18:16:47 - [0,226] ----D C:\Users\bourdeau\AppData\Roaming\Adobe
O43 - CFD: 18/01/2014 - 15:09:44 - [6,185] ----D C:\Users\bourdeau\AppData\Roaming\AVAST Software
O43 - CFD: 25/01/2014 - 20:26:53 - [0,081] ----D C:\Users\bourdeau\AppData\Roaming\Coyotes Tale
O43 - CFD: 27/02/2014 - 20:19:24 - [0,106] ----D C:\Users\bourdeau\AppData\Roaming\DigitalSites =>Hijacker.DSite
O43 - CFD: 13/02/2014 - 18:33:04 - [0,012] ----D C:\Users\bourdeau\AppData\Roaming\HdO Adventure
O43 - CFD: 23/01/2014 - 11:08:30 - [0,064] ----D C:\Users\bourdeau\AppData\Roaming\Hewlett-Packard
O43 - CFD: 18/01/2014 - 15:25:21 - [0] ----D C:\Users\bourdeau\AppData\Roaming\HpUpdate
O43 - CFD: 18/01/2014 - 15:19:34 - [0] ----D C:\Users\bourdeau\AppData\Roaming\Identities
O43 - CFD: 18/01/2014 - 13:46:53 - [0,015] ----D C:\Users\bourdeau\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\bourdeau\AppData\Roaming\Media Center Programs
O43 - CFD: 24/01/2014 - 18:29:43 - [3,754] -S--D C:\Users\bourdeau\AppData\Roaming\Microsoft
O43 - CFD: 27/02/2014 - 20:20:45 - [0,073] ----D C:\Users\bourdeau\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 03/03/2014 - 18:22:25 - [0] ----D C:\Users\bourdeau\AppData\Roaming\PerformerSoft
O43 - CFD: 18/01/2014 - 15:11:01 - [12,892] ----D C:\Users\bourdeau\AppData\Roaming\Sports Interactive
O43 - CFD: 15/04/2014 - 12:26:59 - [0,918] ----D C:\Users\bourdeau\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 14/04/2014 - 19:55:09 - [0] ----D C:\Users\bourdeau\AppData\Roaming\webssearches
O43 - CFD: 15/04/2014 - 13:27:30 - [0,017] ----D C:\Users\bourdeau\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 22/01/2014 - 18:16:47 - [18,239] ----D C:\Users\bourdeau\AppData