Virus de publicité

~ ZHPCleaner v2015.7.27.308 by Nicolas Coolman (2015/07/27)
~ Run by clement (Administrator) (28/07/2015 20:45:57)
~ Site : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\clement\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\clement\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)


---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Navigateur internet. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\ Tâche planifiée. (12)
SUPPRIMÉ tâche: [AGEEcpnwgppDheLrl2JYY9qakP] [C:\Users\clement\AppData\Roaming\AGEEcpnwgppDheLrl2JYY9qakP.exe (Not File) ] =>Heuristic.Pirrit
SUPPRIMÉ tâche: [c69f8e6e-10f4-478c-a72b-8189aacf3a6f-1-6] [C:\Program Files (x86)\Cinema_Plus-1.2V28.07\c69f8e6e-10f4-478c-a72b-8189aacf3a6f-1-6.exe (Not File) ] =>PUP.Optional.CrossRider
SUPPRIMÉ tâche: [c69f8e6e-10f4-478c-a72b-8189aacf3a6f-1-7] [C:\Program Files (x86)\Cinema_Plus-1.2V28.07\c69f8e6e-10f4-478c-a72b-8189aacf3a6f-1-7.exe (Not File) ] =>PUP.Optional.CrossRider
SUPPRIMÉ tâche: [c69f8e6e-10f4-478c-a72b-8189aacf3a6f-10_user] [C:\Program Files (x86)\Cinema_Plus-1.2V28.07\c69f8e6e-10f4-478c-a72b-8189aacf3a6f-10.exe (Not File) ] =>PUP.Optional.CrossRider
SUPPRIMÉ tâche: [c69f8e6e-10f4-478c-a72b-8189aacf3a6f-11] [C:\Program Files (x86)\Cinema_Plus-1.2V28.07\c69f8e6e-10f4-478c-a72b-8189aacf3a6f-11.exe (Not File) ] =>PUP.Optional.CrossRider
SUPPRIMÉ tâche: [c69f8e6e-10f4-478c-a72b-8189aacf3a6f-3] [C:\Program Files (x86)\Cinema_Plus-1.2V28.07\c69f8e6e-10f4-478c-a72b-8189aacf3a6f-3.exe (Not File) ] =>PUP.Optional.CrossRider
SUPPRIMÉ tâche: [c69f8e6e-10f4-478c-a72b-8189aacf3a6f-5] [C:\Program Files (x86)\Cinema_Plus-1.2V28.07\c69f8e6e-10f4-478c-a72b-8189aacf3a6f-5.exe (Not File) ] =>PUP.Optional.CrossRider
SUPPRIMÉ tâche: [c69f8e6e-10f4-478c-a72b-8189aacf3a6f-5_user] [C:\Program Files (x86)\Cinema_Plus-1.2V28.07\c69f8e6e-10f4-478c-a72b-8189aacf3a6f-5.exe (Not File) ] =>PUP.Optional.CrossRider
SUPPRIMÉ tâche: [c69f8e6e-10f4-478c-a72b-8189aacf3a6f-6] [C:\Program Files (x86)\Cinema_Plus-1.2V28.07\c69f8e6e-10f4-478c-a72b-8189aacf3a6f-6.exe (Not File) ] =>PUP.Optional.CrossRider
SUPPRIMÉ tâche: [c69f8e6e-10f4-478c-a72b-8189aacf3a6f-7] [C:\Program Files (x86)\Cinema_Plus-1.2V28.07\c69f8e6e-10f4-478c-a72b-8189aacf3a6f-7.exe (Not File) ] =>PUP.Optional.CrossRider
SUPPRIMÉ tâche: [WordShark Auto Updater 1.10.0.19 Core] [C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe (Not File) ] =>PUP.Optional.WordShark
SUPPRIMÉ tâche: [WordShark Auto Updater 1.10.0.19 Pending Update] [C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe (Not File) ] =>PUP.Optional.WordShark


---\\ Explorateur ( Dossiers, Fichiers ). (8)
DEPLACÉ fichier: C:\Windows\Tasks\AGEEcpnwgppDheLrl2JYY9qakP.job =>Heuristic.Pirrit
DEPLACÉ fichier: C:\WINDOWS\System32\Tasks\AGEEcpnwgppDheLrl2JYY9qakP =>Heuristic.Pirrit
DEPLACÉ fichier^: C:\ProgramData\wQUngFOlTo\dat\ikKezuA.exe [Time Lapse Solutions - ZombieNews] =>PUP.Optional.TimeLapseSolutions
DEPLACÉ fichier^: C:\ProgramData\wQUngFOlTo\dat\MjrLaTwqbrJ.exe [Time Lapse Solutions - ZombieNews] =>PUP.Optional.TimeLapseSolutions
DEPLACÉ dossier^: C:\Program Files (x86)\gmsd_fr_005010044 =>PUP.Optional.CrossRider
DEPLACÉ dossier^: C:\Users\clement\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse
DEPLACÉ dossier^: C:\Users\clement\AppData\Local\gmsd_fr_005010044 =>PUP.Optional.CrossRider
DEPLACÉ dossier: C:\Users\clement\AppData\Local\ZombieNews =>PUP.Optional.ZombieNews


---\\ Base de Registres ( Clés, Valeurs, Données ). (5)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\5ab30dc7-a25a-4ad8-8eaf-c4ed8f8af401 [] =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Cinema_Plus-1.2V28.07-nv [] =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Cinema_Plus-1.2V28.07-nv-ie [] =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: HKCU\Software\Tutorials [] =>PUP.Optional.AgenceExclusive
SUPPRIMÉ valeur: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upgmsd_fr_005010044.exe [C:\Users\clement\AppData\Local\gmsd_fr_005010044\upgmsd_fr_005010044.exe -runonce] =>PUP.Optional.CrossRider


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Le système a été redémarré.


---\\ Statistiques
~ Items scannés : 598
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 25


End of clean in 0 minutes
===================
ZHPCleaner-[R]-28072015-20_40_15.txt
ZHPCleaner-[R]-28072015-20_46_11.txt
ZHPCleaner-[S]-28072015-20_33_56.txt
ZHPCleaner-[S]-28072015-20_45_51.txt

http://upload.sosvirus.net/download/dxgaewisr12ixeyj3ejogtx9ut30sq688i7crwc6

Voilà vous avez tout les renseignements que vous avez besoin ? Le virus a t il disparu grâce au logiciel que vous m'avez fait utilisé ?

merci

pas sur il y aura surement autre chose à faire ...;)

# AdwCleaner v4.208 - Rapport créé le 28/07/2015 à 22:09:54
# Mis à jour le 09/07/2015 par Xplode
# Base de données : 2015-07-26.2 [Serveur]
# Système d'exploitation : Windows 8.1 (x64)
# Nom d'utilisateur : clement - CREATOR
# Exécuté depuis : C:\Users\clement\Downloads\adwcleaner_4.208.exe
# Option : Nettoyer

• • • • • [ Services ] *****

[#] Service Supprimé : IHProtect Service
[#] Service Supprimé : WindowsMangerProtect
[#] Service Supprimé : Util Product Deals
[#] Service Supprimé : Update Product Deals

• • • • • [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\IHProtectUpDate
Dossier Supprimé : C:\ProgramData\pokki
Dossier Supprimé : C:\ProgramData\{54e92bd8-04a2-9f97-54e9-92bd804aaf60}
Dossier Supprimé : C:\ProgramData\{7d00f13d-3ace-9e8b-7d00-0f13d3acc4f4}
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Dossier Supprimé : C:\Program Files (x86)\app_setup
Dossier Supprimé : C:\Program Files (x86)\miuitab
Dossier Supprimé : C:\Program Files (x86)\PricELess
Dossier Supprimé : C:\Program Files (x86)\youtubeadblocker
Dossier Supprimé : C:\Program Files (x86)\gmsd_fr_005010044
Dossier Supprimé : C:\Users\clement\SupTab
Dossier Supprimé : C:\Users\clement\AppData\Local\Crossbrowse
Dossier Supprimé : C:\Users\clement\AppData\Local\pokki
Dossier Supprimé : C:\Users\clement\AppData\Local\gmsd_fr_005010044
Dossier Supprimé : C:\Users\clement\AppData\Roaming\mystartsearch
Dossier Supprimé : C:\Users\clement\AppData\Roaming\cpuminer
Dossier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkhopfdenimipdamjmfpijifmmpnakpc
Dossier Supprimé : C:\ProgramData\bbgfpdkbknogkodommefhomknkbglgka
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ehhlaekjfiiojlddgndcnefflngfmhen_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_adpeheiliennogfclcgmchdfdmafjegc_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jkhopfdenimipdamjmfpijifmmpnakpc_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jkhopfdenimipdamjmfpijifmmpnakpc_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jkhopfdenimipdamjmfpijifmmpnakpc
Fichier Supprimé : C:\Users\clement\AppData\Roaming\AGEEcpnwgppDheLrl2JYY9qakP
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_homepage-web.com_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_homepage-web.com_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_st.chatango.com_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

• • • • • [ Tâches planifiées ] *****

Tâche Supprimée : amiupdaterExd
Tâche Supprimée : amiupdaterExi

• • • • • [ Raccourcis ] *****

Raccourci Désinfecté : C:\Users\Public\Desktop\Google Chrome.lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Raccourci Désinfecté : C:\Users\clement\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\clement\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Raccourci Désinfecté : C:\Users\clement\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Raccourci Désinfecté : C:\Users\clement\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

• • • • • [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ehhlaekjfiiojlddgndcnefflngfmhen
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\adpeheiliennogfclcgmchdfdmafjegc
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Clé Supprimée : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Clé Supprimée : HKCU\Software\Classes\Directory\shell\pokki
Clé Supprimée : HKCU\Software\Classes\Drive\shell\pokki
Clé Supprimée : HKCU\Software\Classes\lnkfile\shell\pokki
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_fr_005010044]
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Clé Supprimée : HKCU\Software\APN PIP
Clé Supprimée : HKCU\Software\AskPartnerNetwork
Clé Supprimée : HKCU\Software\HomeTab
Clé Supprimée : HKCU\Software\Pokki
Clé Supprimée : HKCU\Software\simplytech
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\WajIEnhance
Clé Supprimée : HKCU\Software\TNT2
Clé Supprimée : HKCU\Software\WajIntEnhance
Clé Supprimée : HKCU\Software\SearchProtectWS
Clé Supprimée : HKCU\Software\Linkey
Clé Supprimée : HKCU\Software\Kromtech
Clé Supprimée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clé Supprimée : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Clé Supprimée : HKLM\SOFTWARE\AskPartnerNetwork
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\Iminent
Clé Supprimée : HKLM\SOFTWARE\SearchProtect
Clé Supprimée : HKLM\SOFTWARE\SupDp
Clé Supprimée : HKLM\SOFTWARE\SupTab
Clé Supprimée : HKLM\SOFTWARE\supWindowsMangerProtect
Clé Supprimée : HKLM\SOFTWARE\Tutorials
Clé Supprimée : HKLM\SOFTWARE\mystartsearchSoftware
Clé Supprimée : HKLM\SOFTWARE\GAMESDESKTOP
Clé Supprimée : HKLM\SOFTWARE\IHProtect
Clé Supprimée : HKLM\SOFTWARE\WajIntEnhance
Clé Supprimée : HKLM\SOFTWARE\SpeedBit
Clé Supprimée : HKLM\SOFTWARE\AIM Toolbar
Clé Supprimée : HKLM\SOFTWARE\searchult
Clé Supprimée : HKU\.DEFAULT\Software\Boxore
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_005010044_is1
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mystartsearch.com
Donnée Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

• • • • • [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17840

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v44.0.2403.107

[C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Homepage] : hxxp://www.mystartsearch.com/?type=hp&ts=1438111129&z=ade4de11125a0ce124373aag1z5cbbcg1g6gbefm3w&from=cmi&uid=WDCXWD10JPCX-24UE4T0_WD-WXN1E942T41U2T41U
[C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Supprimée [Startup_URLs] : CAC5A450BA4041F13C4E3EEF73C4AD00667554BD549722C7011278658524ECD8"},"software_reporter":{"prompt_reason":"0482C959B81D5C1A76ABCE852DB004BC894ABF0F3BE12CC213EDA4FAB1F6A938","prompt_seed":"1D2054F719F285E4AC447E1E9E063A81A9E6B27198B1AFDE5BE409F8085701A9","prompt_version":"9054138059EB7B906F876E367EA8CF4E5B0987424AC6119FC23064DAAA5CA704"},"sync":{"remaining_rollback_tries":"9F6A93654A1E5721C0025BB7F25639EAAF04FCBB14B0E29858AF2DEFBD9C13D8"}},"super_mac":"A6FEC5F81640D543FEE716FA125007142D3F575291E2D9E42998F6DEAA21A653"},"safebrowsing":{"incidents_sent":{"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"domain_request_incident":"42","script_request_incident":"42"}}},"session":{"restore_on_startup":4,"startup_urls":["hxxp://www.mystartsearch.com/?type=hp&ts=1438111129&z=ade4de11125a0ce124373aag1z5cbbcg1g6gbefm3w&from=cmi&uid=WDCXWD10JPCX-24UE4T0_WD-WXN1E942T41U2T41U

-\\ Opera v0.0.0.0

AdwCleaner[R0].txt - [19509 octets] - [28/07/2015 22:08:37]
AdwCleaner[S0].txt - [16605 octets] - [28/07/2015 22:09:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16666 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 8.1 x64
Ran by clement on 28/07/2015 at 22:17:01,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] comyninu [Reboot required]
Successfully deleted: [Service] lovizupu [Reboot required]



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Product Deals
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Product Deals



~~~ Files

Successfully deleted: [File] C:\Users\clement\Appdata\Local\google\chrome\user data\default\local storage\hxxp_searches.globososo.com_0.localstorage
Successfully deleted: [File] C:\Users\clement\Appdata\Local\google\chrome\user data\default\local storage\hxxp_searches.globososo.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\clement\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
Successfully deleted: [File] C:\Users\clement\Appdata\Local\google\chrome\user data\default\local storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
Successfully disinfected: [Shortcut] C:\$Recycle.Bin\S-1-5-21-685189003-2825769601-818284278-1002\$RB442LB.lnk



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\10145464113778306435
Successfully deleted: [Folder] C:\Users\clement\Appdata\Local\13120



~~~ Chrome


[C:\Users\clement\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\clement\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\clement\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\clement\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/07/2015 at 22:22:41,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~ ZHPDiag v2015.7.27.104 Par Nicolas Coolman (2015/07/27)
~ Démarré par clement (Administrator) (2015/07/28 22:25:11)
~ Site: https://nicolascoolman.eu
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\clement\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\clement\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)

---\\ Navigateurs Internet (2) - 0s
GCIE: Google Chrome v44.0.2403.107
MSIE: Internet Explorer v11.0.9600.17905

---\\ Informations sur les produits Windows (9) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : 4M32D
Windows License : OK
~ Windows Remaining Initializations Number : 998
Windows Automatic Updates : OK (Demand)
Windows Activation Technologies : OK

---\\ Logiciels de protection (1) - 1s
McAfee LiveSafe - Internet Security v14.0.1076

---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 6181.144 MB (68% free)
~ System Restore: Activé (Enable)
~ System drive C: has 808 GB free of 911 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: CREATOR
~ User Name: clement
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 808 GB free of 911 GB (System)
~ Drive D: has 23 GB free of 25 GB

---\\ Etat du Centre de Sécurité Windows (13) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.57660FDE55E1C1AB1EBC1FF93D632F7F] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\WINDOWS\Explorer.exe [2502928]
[MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [54784]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\WINDOWS\System32\Wininit.exe [145920]
[MD5.98C6A46E9E2822BF83196C2EAE43DBD4] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\WINDOWS\System32\wininet.dll [2427392]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d'ouverture de session Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\WINDOWS\System32\sppcomapi.dll [447488]
[MD5.E37F897ED7B5AFF79B1398258DB96BD9] - (.Microsoft Corporation - DLL client de l'API uilisateur de Windows m.) () -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [19456]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [76800]
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [108544]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [142848]
[MD5.6FBDF2B1B025A8E6E069234362FFFFB7] - (.Microsoft Corporation - Minirdr SMB Windows NT.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [401408]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\WINDOWS\System32\drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [310080]

---\\ Processus lancés (4) - 0s
[MD5.0FD99BAF91AD54ED70E64DE5BBA03559] - (...) -- C:\Program Files (x86)\DA629EEF-1438097571-11E4-A961-68F728877FA6\hnssBDDD.tmp [161792] [PID.1792] =>PUP.Optional.CrossRider
[MD5.B831587B190C06AD4017F6817250E595] - (...) -- C:\Program Files (x86)\DA629EEF-1438097571-11E4-A961-68F728877FA6\knsf4822.tmp [304640] [PID.1400] =>PUP.Optional.CrossRider
[MD5.DAE6C3099D291EED8922A65C29ABCF52] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520] [PID.2916]
[MD5.BACA44A5B53037D66C094C3ACEDD10F6] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976088] [PID.6916]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (3) - 0s
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (.McAfee Total Protection MIME Plugin.) -- c:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll
P2 - FPN: [HKLM] [@nitropdf.com/NitroPDF] - (.Nitro PDF.) -- C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (19) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = https://www.lenovo.com/fr/fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Applications lancées au démarrage du sytème (O4) (19) - 0s
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [RtsFT] . (.Realtek semiconductor - RTFTrack.) -- C:\WINDOWS\RTFTrack.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
O4 - HKLM\..\Run: [ForteConfig] . (.Copyright (C) 2010 - FMAPP Application.) -- C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe
O4 - HKLM\..\Run: [OnekeyStudio] . (.Lenovo - Lenovo Onekey Theater Application.) -- C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
O4 - HKLM\..\Run: [Energy Manager] . (.Lenovo(beijing) Limited - Lenovo Energy Manager.) -- C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
O4 - HKLM\..\Run: [Lenovo Utility] . (.Lenovo(beijing) Limited - Lenovo Utility.) -- C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Hercules DJ Series TrayAgent] . (.Hercules® - Hercules® DJ Series Tray Bar.) -- C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
O4 - HKCU\..\RunOnce: [Application Restart #5] C:\Users\clement\AppData\Local\Pokki\Engine\HostAppService.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer_For_P2G8] . (.CyberLink - CyberLink MediaLibrary Service.) -- C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (.not file.)
O4 - HKUS\S-1-5-21-685189003-2825769601-818284278-1002\..\RunOnce: [Application Restart #5] C:\Users\clement\AppData\Local\Pokki\Engine\HostAppService.exe (.not file.)

---\\ Modification Domaine/Adresses DNS (O17) (10) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 150.204.1.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = 150.204.1.3
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 150.204.1.3
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = 150.204.1.3

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) (1) - 0s
O20 - AppInit_DLLs: . (.Auteurs - .) - C:\WINDOWS\System32\

---\\ Liste des services NT non Microsoft et non désactivés (O23) (33) - 1s
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @oem63.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Man (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: CCSDK (CCSDK) . (...) - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\WINDOWS\system32\CxAudMsg64.exe
O23 - Service: FLwXXsTdP (FLwXXsTdP) . (...) - C:\ProgramData\wQUngFOlTo\FLwXXsTdP.exe (.not file.)
O23 - Service: Service Google Update (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.)
O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) . (.Hercules® - Hercules® Install Service.) - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
O23 - Service: McAfee Home Network (HomeNetSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Lenovo System Agent Service (Lenovo System Agent Service) . (.LENOVO INCORPORATED. - Lenovo System Agent Service.) - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) . (.Lenovo(beijing) Limited - Lenovo WiFiHotspot.) - C:\Windows\System32\LenovoWiFiHotspotSvr.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) . (.Maxthon - .) - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: McAfee AP Service (McAPExe) . (.McAfee, Inc. - McAfee Access Protection.) - C:\Program Files\mcafee\msc\McAPExe.exe
O23 - Service: McAfee CSP Service (mccspsvc) . (.McAfee, Inc. - McAfee CSP Service Host.) - C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Platform Services (mcpltsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Service Controller (mfemms) . (.McAfee, Inc. - McAfee Management Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) . (.Nitro PDF Software - Nitro PDF Spool Service.) - C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 332.3.) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Conexant SmartAudio service (SAService) . (...) - C:\Windows\System32\SASrv.exe (.not file.)
O23 - Service: VeriFaceSrv (VeriFaceSrv) . (...) - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe

---\\ Tâches planifiées en automatique (O39) (23) - 4s
[MD5.00000000000000000000000000000000] [APT] [FindYourFlavor] (...) -- c:\programdata\{54e92bd8-04a2-9f97-54e9-92bd804aaf60}\nspf585.tmp.exe (.not file.) [0]
[MD5.6891A00D46E01B0E947B0A4EF68C653D] [APT] [Hsidaouvalnar] (.Copyright © 2015.) -- C:\ProgramData\Hsidaouvalnar\1.0.4.1\ewamiamo.exe [158208]
[MD5.0855F59DD1171C18B30A3C8338D85E18] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [256824]
[MD5.00000000000000000000000000000000] [APT] [Optscan] (...) -- c:\programdata\{7d00f13d-3ace-9e8b-7d00-0f13d3acc4f4}\hqghumeaylnlf.exe (.not file.) [0]
[MD5.C049C40CAEE8900130BD5F80B594CC7B] [APT] [PDVDServ Task] (.CyberLink Corp..) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192]
[MD5.00000000000000000000000000000000] [APT] [Pokki] (...) -- C:\Users\clement\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe (.not file.) [0]
[MD5.B8A6A8CD80546AD470C731132708331F] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2781936]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.48B4A3D1010B614DE3AD84373D00821C] [APT] [Lenovo\Dependency Package Auto Update] (.Copyright © 2013.) -- C:\Program Files\Lenovo\iMController\AutoUpdate.exe [74168]
[MD5.5FD8CD6A9E437AFD78A44792086B3F09] [APT] [Lenovo\Experience Improvement] (.Lenovo.) -- C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [291072]
O39 - APT: FindYourFlavor - (...) -- C:\WINDOWS\Tasks\FindYourFlavor.job [356]
O39 - APT: Optscan - (...) -- C:\WINDOWS\Tasks\Optscan.job [360]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0 Fallback-MicrosoftAccount-clement.sablon@outlook.fr [3540]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-clement.sablon@outlook.fr [3504]
O39 - APT: FindYourFlavor - (...) -- C:\WINDOWS\System32\Tasks\FindYourFlavor [3246]
O39 - APT: Hsidaouvalnar - (...) -- C:\WINDOWS\System32\Tasks\Hsidaouvalnar [3446]
O39 - APT: Maxthon Update - (...) -- C:\WINDOWS\System32\Tasks\Maxthon Update [3630]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for CREATOR-clement CREATOR [5076]
O39 - APT: Optscan - (...) -- C:\WINDOWS\System32\Tasks\Optscan [3250]
O39 - APT: PDVDServ Task - (...) -- C:\WINDOWS\System32\Tasks\PDVDServ Task [3056]
O39 - APT: Pokki - (...) -- C:\WINDOWS\System32\Tasks\Pokki [3240]
O39 - APT: Synaptics TouchPad Enhancements - (...) -- C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements [2990]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{D03EB47C-9732-4CB9-95BA-25F54CCE8DAE} [3154]

---\\ Logiciels installés (O42) (84) - 4s
O42 - Logiciel: Package de pilotes Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.77 - (.Lenovo.) [HKLM][64Bits] -- 35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E
O42 - Logiciel: Package de pilotes Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30. - (.Lenovo.) [HKLM][64Bits] -- 6BCA401E9CBEED970D75F55FA5320F60D11984E9
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: Lenovo Dependency Package - (.Lenovo Group Limited.) [HKLM][64Bits] -- Lenovo Dependency Package_is1
O42 - Logiciel: Lenovo VeriFace - (.Lenovo.) [HKLM][64Bits] -- Lenovo VeriFace
O42 - Logiciel: Lenovo Experience Improvement - (.Lenovo.) [HKLM][64Bits] -- LenovoExperienceImprovement
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Dependency Package Update - (.Lenovo Inc..) [HKLM][64Bits] -- {0788641D-D31A-478D-BB34-C41564AE9F93}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {4046F74A-28F8-48C6-A5D3-2AFC472574C1}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- {46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Dependency Package Update - (.Lenovo Inc..) [HKLM][64Bits] -- {5252431C-288E-409D-ADCF-24407E0E6F70}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5D61F006-168C-4B8B-B7FD-F113C10AE0E4}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Nitro Pro 9 - (.Nitro.) [HKLM][64Bits] -- {7D914F94-B2BC-44EA-9260-D7EE9F20C0A8}
O42 - Logiciel: Dolby Digital Plus Home Theater - (.Dolby Laboratories Inc.) [HKLM][64Bits] -- {7E3D8FA1-6092-469A-955B-68FC4A2C67CA}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {B255D495-4734-4E9B-B4F5-96702FD4A7B9}
O42 - Logiciel: NVIDIA Pilote graphique 332.33 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA GeForce Experience 1.7 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.13.0927 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: Mises à jour NVIDIA 9.3.16 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7}
O42 - Logiciel: Lenovo Bluetooth with Enhanced Data Rate Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {DB4DA836-82EC-4A96-A6A1-52B39AD19C14}
O42 - Logiciel: Dependency Package Update - (.Lenovo Inc..) [HKLM][64Bits] -- {FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: CyberLink MediaStory - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}
O42 - Logiciel: Energy Manager - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
O42 - Logiciel: Lenovo Photo Master - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}
O42 - Logiciel: Lenovo PowerDVD10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Lenovo Mobile Phone Wireless Import - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}
O42 - Logiciel: User Manuals - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
O42 - Logiciel: Lenovo FusionEngine - (.Lenovo, Inc..) [HKLM][64Bits] -- Lenovo FusionEngine
O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM][64Bits] -- Maxthon3
O42 - Logiciel: McAfee LiveSafe - Internet Security - (.McAfee, Inc..) [HKLM][64Bits] -- MSC
O42 - Logiciel: Pioneer CDJ Driver - (.Pioneer Corporation..) [HKLM][64Bits] -- Pioneer CDJ
O42 - Logiciel: SHAREit - (.Lenovo Group Limited.) [HKLM][64Bits] -- SHAREit_is1
O42 - Logiciel: Virtual DJ Pro Full - Atomix Productions - (...) [HKLM][64Bits] -- Virtual DJ Pro Full - Atomix Productions
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}
O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {3117B53D-A409-4D99-A0DE-11A1A40696FA}
O42 - Logiciel: Hercules DJ Products Series drivers - (.Hercules.) [HKLM][64Bits] -- {33999F1F-EA46-4E55-A239-1BA803235396}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {4430150F-61B3-4142-BE04-EAC68C8DDA18}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {503B47A9-E34A-4841-ADD7-417191D5DB5E}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {546FF45D-2467-4950-AAFB-0A06ACBB6B2C}
O42 - Logiciel: CyberLink MediaStory - (.CyberLink Corp..) [HKLM][64Bits] -- {55762F9A-FCE3-45d5-817B-051218658423}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {5B2190E9-199D-450A-94B3-4D6826C770C2}
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {5BEFE1E1-F597-4B79-913B-15FFDB25B744}
O42 - Logiciel: Lenovo_Wireless_Driver - (.Lenovo.) [HKLM][64Bits] -- {5D642A72-8194-4A22-80DA-11FE610CCA8E}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {63DE35C9-B080-4D03-B110-99E14FD35BCE}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {65316098-0220-4D5C-B37A-6136083A0897}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {7FE25256-B7C1-480D-B736-10A67A833AEA}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Ciel Gestion commerciale 21.5 - (.Ciel.) [HKLM][64Bits] -- {8E1C8C6A-5C07-475B-B39D-7375FBB305E2}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: Onekey Theater - (.Lenovo.) [HKLM][64Bits] -- {91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: Energy Manager - (.Lenovo.) [HKLM][64Bits] -- {AC768037-7079-4658-AC24-2897650E0ABE}
O42 - Logiciel: CCSDK - (.Lenovo.) [HKLM][64Bits] -- {AE75190B-11B4-4F90-8254-DAB275CF2557}_is1
O42 - Logiciel: Lenovo Photo Master - (.CyberLink Corp..) [HKLM][64Bits] -- {BC94C56A-3649-420C-8756-2ADEBE399D33}
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}
O42 - Logiciel: Lenovo PowerDVD10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Lenovo Mobile Phone Wireless Import - (.Lenovo.) [HKLM][64Bits] -- {DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}
O42 - Logiciel: Lenovo EasyCamera - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}
O42 - Logiciel: Dependency Package Update - (.Lenovo Group Limited.) [HKLM][64Bits] -- {E966DBE4-5075-465E-BA81-BC9A3A3204B3}
O42 - Logiciel: UESDK - (.Lenovo.) [HKLM][64Bits] -- {EB3F6640-58AE-4886-B8BA-466B6939A933}_is1
O42 - Logiciel: Manuels d'utilisateur - (.Lenovo.) [HKLM][64Bits] -- {F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {F0AE9B24-416F-4CAA-8519-75CABCDAC61A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}

---\\ HKCU & HKLM Software Keys (72) - 4s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ASIO
HKLM\SOFTWARE\Wow6432Node\Cinema_Plus-1.2V28.07-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Conexant
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\FusionEngine
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Hercules
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lake
HKLM\SOFTWARE\Wow6432Node\Lenovo
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Maxthon3
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nalpeiron
HKLM\SOFTWARE\Wow6432Node\Network Associates
HKLM\SOFTWARE\Wow6432Node\Nitro
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Pioneer
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Sage
HKLM\SOFTWARE\Wow6432Node\Software
HKLM\SOFTWARE\Wow6432Node\VirtualDJ
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AOL
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Conexant
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Guillemot
HKCU\SOFTWARE\Guillemot Corporation
HKCU\SOFTWARE\Hercules Technologies
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Lenovo
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\McAfee
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nitro
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Pioneer CDJ ASIO
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\VirtualDJ
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Widcomm
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) (166) - 3s
O43 - CFD: 2015/07/07 23:08:03 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/07/28 17:36:32 - [] D -- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 2015/07/08 22:33:45 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2015/07/08 22:33:26 - [] D -- C:\Program Files (x86)\Bonjour
O43 - CFD: 2015/07/28 18:17:55 - [] D -- C:\Program Files (x86)\Ciel
O43 - CFD: 2015/07/28 18:18:02 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/02/23 23:31:24 - [] D -- C:\Program Files (x86)\CyberLink
O43 - CFD: 2015/07/28 20:25:13 - [] D -- C:\Program Files (x86)\DA629EEF-1438097571-11E4-A961-68F728877FA6 =>PUP.Optional.CrossRider
O43 - CFD: 2015/07/28 17:46:28 - [] D -- C:\Program Files (x86)\DA629EEF-1438098388-11E4-A961-68F728877FA6 =>PUP.Optional.CrossRider
O43 - CFD: 2015/07/06 21:19:59 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/07/09 09:18:23 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/02/23 22:46:31 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/07/21 22:03:04 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/07/08 22:35:08 - [] D -- C:\Program Files (x86)\iTunes
O43 - CFD: 2015/07/03 22:00:31 - [] D -- C:\Program Files (x86)\Lenovo
O43 - CFD: 2015/02/23 23:32:40 - [] D -- C:\Program Files (x86)\Maxthon
O43 - CFD: 2015/07/28 18:24:35 - [] D -- C:\Program Files (x86)\McAfee
O43 - CFD: 2015/02/23 23:34:35 - [] D -- C:\Program Files (x86)\mcafee.com
O43 - CFD: 2015/02/23 23:31:38 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/07/06 20:49:07 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2014/04/03 20:24:50 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/02/23 23:38:38 - [0] D -- C:\Program Files (x86)\New Folder
O43 - CFD: 2015/02/23 23:29:42 - [] D -- C:\Program Files (x86)\Nitro
O43 - CFD: 2015/02/23 22:40:20 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2015/07/28 19:01:29 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2015/07/11 19:28:18 - [] D -- C:\Program Files (x86)\Pioneer
O43 - CFD: 2015/02/23 22:57:02 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2014/04/03 20:24:50 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/07/11 21:25:01 - [] D -- C:\Program Files (x86)\VirtualDJ
O43 - CFD: 2015/07/04 20:14:08 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/02/23 22:30:58 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/02/23 22:30:58 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2015/02/23 22:30:58 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 17:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/02/23 22:30:58 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2015/02/23 22:30:58 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 17:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 17:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2015/07/08 22:06:32 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2015/07/28 21:56:13 - [] D -- C:\Program Files (x86)\You are Awesome
O43 - CFD: 2015/02/23 22:31:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/07/11 15:54:47 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/02/23 22:31:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/28 18:18:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ciel
O43 - CFD: 2015/02/23 23:31:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
O43 - CFD: 2015/02/23 23:36:29 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
O43 - CFD: 2015/02/23 22:56:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
O43 - CFD: 2015/07/28 22:10:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/02/23 22:46:48 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2015/07/08 22:36:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2015/07/03 22:00:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
O43 - CFD: 2015/02/23 23:43:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master
O43 - CFD: 2013/08/22 17:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/02/23 23:32:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 2015/07/28 22:19:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
O43 - CFD: 2015/07/06 20:46:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/02/23 22:40:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2015/07/11 19:28:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer
O43 - CFD: 2015/02/23 22:49:15 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/02/23 22:31:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2014/03/18 11:38:10 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/07 23:03:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ
O43 - CFD: 2015/07/08 22:06:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/08 09:28:47 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/07/08 22:33:41 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/07/08 22:35:03 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/07/26 21:46:38 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2015/07/04 04:39:19 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2015/07/28 18:17:59 - [] D -- C:\ProgramData\Ciel
O43 - CFD: 2015/02/23 22:54:38 - [] D -- C:\ProgramData\Conexant
O43 - CFD: 2015/07/11 21:45:07 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/02/23 23:44:19 - [] D -- C:\ProgramData\Downloaded Installations
O43 - CFD: 2015/07/28 20:38:02 - [] D -- C:\ProgramData\DWinManProD
O43 - CFD: 2015/02/23 23:44:45 - [] D -- C:\ProgramData\Energy Manager
O43 - CFD: 2015/07/28 18:18:43 - [] D -- C:\ProgramData\Hsidaouvalnar
O43 - CFD: 2015/02/23 23:41:50 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2015/02/23 22:46:31 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/07/28 17:43:36 - [] D -- C:\ProgramData\iWinManProi
O43 - CFD: 2015/07/06 20:17:59 - [] D -- C:\ProgramData\Lenovo
O43 - CFD: 2015/07/21 22:56:55 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/07/04 04:39:19 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2015/07/11 15:54:39 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/07/06 20:50:34 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2015/07/04 04:39:19 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2015/07/28 17:30:57 - [] D -- C:\ProgramData\MWinManProM
O43 - CFD: 2015/02/23 23:29:42 - [] D -- C:\ProgramData\Nitro
O43 - CFD: 2015/02/23 22:40:12 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2015/02/23 22:39:37 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2015/07/06 20:50:41 - [0] D -- C:\ProgramData\Office2013
O43 - CFD: 2015/02/23 23:44:05 - [] D -- C:\ProgramData\OneKey Recovery
O43 - CFD: 2015/02/23 23:30:52 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/07/07 23:08:47 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/07/21 22:31:04 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/02/23 23:43:50 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/07/28 21:20:25 - [] D -- C:\ProgramData\vWinManProv
O43 - CFD: 2015/07/28 20:38:03 - [] D -- C:\ProgramData\wQUngFOlTo
O43 - CFD: 2015/07/07 23:07:37 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/07/07 23:02:43 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2015/07/08 22:33:32 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2015/07/28 18:17:59 - [] D -- C:\Program Files (x86)\Common Files\Ciel
O43 - CFD: 2015/02/23 23:36:28 - [] D -- C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 2015/07/21 22:31:04 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/02/23 22:36:38 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/02/23 22:47:58 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 2015/02/23 23:32:28 - [] D -- C:\Program Files (x86)\Common Files\LENOVO
O43 - CFD: 2015/02/23 23:35:08 - [] D -- C:\Program Files (x86)\Common Files\McAfee
O43 - CFD: 2015/07/07 20:30:40 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2015/07/28 18:18:02 - [] D -- C:\Program Files (x86)\Common Files\MSSoap
O43 - CFD: 2015/02/23 23:43:04 - [] D -- C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 2015/02/23 23:29:42 - [] D -- C:\Program Files (x86)\Common Files\Nitro
O43 - CFD: 2015/02/23 22:45:12 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2013/08/22 17:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/02/23 22:30:53 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/07/07 23:13:33 - [] D -- C:\Users\clement\AppData\Roaming\Adobe
O43 - CFD: 2015/07/08 23:44:41 - [] D -- C:\Users\clement\AppData\Roaming\Apple Computer
O43 - CFD: 2015/07/11 21:45:19 - [] D -- C:\Users\clement\AppData\Roaming\CyberLink
O43 - CFD: 2015/07/28 18:26:18 - [] D -- C:\Users\clement\AppData\Roaming\Identities
O43 - CFD: 2015/07/09 09:18:12 - [] D -- C:\Users\clement\AppData\Roaming\InstallShield
O43 - CFD: 2015/07/03 21:57:47 - [] D -- C:\Users\clement\AppData\Roaming\Intel Corporation
O43 - CFD: 2015/07/03 21:54:31 - [] D -- C:\Users\clement\AppData\Roaming\Macromedia
O43 - CFD: 2015/07/27 17:10:14 - [] SD -- C:\Users\clement\AppData\Roaming\Microsoft
O43 - CFD: 2015/07/25 10:57:40 - [] D -- C:\Users\clement\AppData\Roaming\Nitro
O43 - CFD: 2015/07/28 17:34:48 - [] D -- C:\Users\clement\AppData\Roaming\NVIDIA
O43 - CFD: 2015/07/28 17:34:27 - [] D -- C:\Users\clement\AppData\Roaming\Opera Software
O43 - CFD: 2015/07/08 22:06:41 - [] D -- C:\Users\clement\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/28 22:25:14 - [] D -- C:\Users\clement\AppData\Roaming\ZHP
O43 - CFD: 2015/07/14 08:15:20 - [] D -- C:\Users\clement\AppData\Local\Adobe
O43 - CFD: 2015/07/08 22:33:46 - [] D -- C:\Users\clement\AppData\Local\Apple
O43 - CFD: 2015/07/08 22:36:06 - [] D -- C:\Users\clement\AppData\Local\Apple Computer
O43 - CFD: 2015/07/03 21:50:19 - [0] SHD -- C:\Users\clement\AppData\Local\Application Data
O43 - CFD: 2015/07/06 21:16:26 - [] D -- C:\Users\clement\AppData\Local\Apps
O43 - CFD: 2015/07/03 21:56:39 - [] D -- C:\Users\clement\AppData\Local\Broadcom
O43 - CFD: 2015/07/11 21:45:08 - [] D -- C:\Users\clement\AppData\Local\CyberLink
O43 - CFD: 2015/07/06 21:17:34 - [0] D -- C:\Users\clement\AppData\Local\Deployment
O43 - CFD: 2015/07/11 21:39:32 - [] D -- C:\Users\clement\AppData\Local\Diagnostics
O43 - CFD: 2015/07/11 21:29:48 - [] D -- C:\Users\clement\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/07/06 20:27:31 - [0] SHD -- C:\Users\clement\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/07/06 20:27:31 - [0] SHD -- C:\Users\clement\AppData\Local\EmieSiteList
O43 - CFD: 2015/07/06 20:27:31 - [0] SHD -- C:\Users\clement\AppData\Local\EmieUserList
O43 - CFD: 2015/07/07 07:25:35 - [] D -- C:\Users\clement\AppData\Local\Google
O43 - CFD: 2015/07/03 22:01:30 - [] D -- C:\Users\clement\AppData\Local\GWX
O43 - CFD: 2015/07/03 21:50:19 - [0] SHD -- C:\Users\clement\AppData\Local\Historique
O43 - CFD: 2015/07/06 20:18:00 - [] D -- C:\Users\clement\AppData\Local\Lenovo
O43 - CFD: 2015/07/11 21:45:18 - [0] D -- C:\Users\clement\AppData\Local\MediaStory
O43 - CFD: 2015/07/28 18:26:17 - [] D -- C:\Users\clement\AppData\Local\Microsoft
O43 - CFD: 2015/07/27 18:25:00 - [] D -- C:\Users\clement\AppData\Local\Microsoft Help
O43 - CFD: 2015/07/28 17:34:27 - [] D -- C:\Users\clement\AppData\Local\Opera Software
O43 - CFD: 2015/07/28 18:37:16 - [] D -- C:\Users\clement\AppData\Local\Packages
O43 - CFD: 2015/07/03 21:56:38 - [] D -- C:\Users\clement\AppData\Local\Power2Go8
O43 - CFD: 2015/07/28 17:27:10 - [] D -- C:\Users\clement\AppData\Local\Programs
O43 - CFD: 2015/07/28 22:25:13 - [] D -- C:\Users\clement\AppData\Local\Temp
O43 - CFD: 2015/07/03 21:50:19 - [0] SHD -- C:\Users\clement\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/07/06 20:43:58 - [] D -- C:\Users\clement\AppData\Local\VirtualStore
O43 - CFD: 2015/02/23 22:31:26 - [] RD -- C:\Users\clement\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/02/23 22:31:26 - [] RD -- C:\Users\clement\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/28 22:14:06 - [] RD -- C:\Users\clement\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/08/22 17:36:32 - [] D -- C:\Users\clement\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/28 22:14:06 - [] RD -- C:\Users\clement\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/02/23 22:31:26 - [] RD -- C:\Users\clement\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/07 23:03:45 - [0] D -- C:\Users\clement\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ
O43 - CFD: 2015/07/08 22:06:33 - [] D -- C:\Users\clement\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (4) - 7s
O45 - LFCP:[MD5.29D98AC264317612769888B23B2D93B9] 2015/07/28 21:19:28 A -- C:\WINDOWS\Prefetch\GMSD_FR_005010044.EXE-3772910E.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.ADDA4952E75972285D44EFED642C61BD] 2015/07/28 21:22:28 A -- C:\WINDOWS\Prefetch\UPGMSD_FR_005010044.EXE-935A05A1.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.FB7A044C1B85C33094EA4DB352512E94] 2015/07/28 17:35:17 A -- C:\WINDOWS\Prefetch\UPMBOT_FR_014010044.EXE-F323DA47.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.384C6AA91D2BD7A95272FF3F0D398165] 2015/07/28 21:19:24 A -- C:\WINDOWS\Prefetch\WPM_V20.0.0.2292.EXE-5BC9A07E.pf =>PUP.Optional.WpManager

---\\ Liste des pilotes du système (SDL) (O58) (69) - 8s
O58 - SDL:2013/08/22 14:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [108896]
O58 - SDL:2015/02/23 23:44:23 A . (.Lenovo Corporation - ACPI Virtual Power Controller Driver.) -- C:\WINDOWS\System32\drivers\AcpiVpc.sys [35600]
O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [782176]
O58 - SDL:2013/08/22 14:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [79200]
O58 - SDL:2013/08/22 14:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424]
O58 - SDL:2013/08/22 14:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [25952]
O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [114016]
O58 - SDL:2013/11/15 11:59:42 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\WINDOWS\System32\drivers\bcbtums.sys [170712]
O58 - SDL:2013/08/13 01:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [17624]
O58 - SDL:2013/11/19 18:47:28 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\WINDOWS\System32\drivers\BCMWL63a.SYS [7504560]
O58 - SDL:2014/02/05 01:28:46 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\WINDOWS\System32\drivers\btwampfl.sys [166616]
O58 - SDL:2014/03/09 04:30:58 A . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\WINDOWS\System32\drivers\btwaudio.sys [190168]
O58 - SDL:2014/03/09 04:30:54 A . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\WINDOWS\System32\drivers\btwavdt.sys [229080]
O58 - SDL:2012/07/28 08:48:26 A . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\WINDOWS\System32\drivers\btwl2cap.sys [40248]
O58 - SDL:2014/03/09 04:30:50 A . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\WINDOWS\System32\drivers\btwrchid.sys [38616]
O58 - SDL:2013/08/22 14:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296]
O58 - SDL:2015/07/02 15:33:00 A . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\WINDOWS\System32\drivers\cfwids.sys [77536]
O58 - SDL:2014/01/27 10:23:56 A . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Drive.) -- C:\WINDOWS\System32\drivers\CHDRT64.sys [1474240]
O58 - SDL:2013/11/12 15:25:22 A . (.CyberLink - It is a virtual device driver which could c.) -- C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [91912]
O58 - SDL:2013/06/18 16:45:26 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\WINDOWS\System32\drivers\e1i63x64.sys [460288]
O58 - SDL:2013/08/22 14:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3357024]
O58 - SDL:2015/04/27 08:02:58 A . (.McAfee, Inc. - McAfee HIP IPS Driver.) -- C:\WINDOWS\System32\drivers\HipShieldK.sys [198448]
O58 - SDL:2013/08/22 14:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352]
O58 - SDL:2013/07/30 20:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:2013/07/25 21:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:2014/02/26 10:11:04 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [645992]
O58 - SDL:2013/08/10 02:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [651248]
O58 - SDL:2013/08/22 14:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000]
O58 - SDL:2014/08/20 21:15:16 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3824272]
O58 - SDL:2014/08/20 21:15:08 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [453872]
O58 - SDL:2014/08/01 22:18:33 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [38296]
O58 - SDL:2014/08/01 22:18:33 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [27032]
O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [109408]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2.sys [93536]
O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3.sys [81760]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [56672]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840]
O58 - SDL:2015/07/02 15:33:00 A . (.McAfee, Inc. - McAfee Arbitrary Access Control Driver.) -- C:\WINDOWS\System32\drivers\mfeaack.sys [412440]
O58 - SDL:2015/07/02 15:33:00 A . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys [347800]
O58 - SDL:2015/03/26 12:46:36 A . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\WINDOWS\System32\drivers\mfeclnrk.sys [11720]
O58 - SDL:2015/04/08 07:44:52 A . (.McAfee, Inc. - McAfee Disk Filter Driver.) -- C:\WINDOWS\System32\drivers\mfedisk.sys [101872]
O58 - SDL:2015/07/02 15:33:00 A . (.McAfee, Inc. - McAfee ELAM Driver.) -- C:\WINDOWS\System32\drivers\mfeelamk.sys [80920]
O58 - SDL:2015/07/02 15:33:00 A . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\WINDOWS\System32\drivers\mfefirek.sys [496888]
O58 - SDL:2015/07/02 15:33:00 A . (.McAfee, Inc. - McAfee Link Driver.) -- C:\WINDOWS\System32\drivers\mfehidk.sys [875928]
O58 - SDL:2015/03/26 12:45:54 A . (.McAfee, Inc. - Event Driver.) -- C:\WINDOWS\System32\drivers\mfencbdc.sys [483240]
O58 - SDL:2015/03/26 12:46:00 A . (.McAfee, Inc. - Detection driver.) -- C:\WINDOWS\System32\drivers\mfencrk.sys [100720]
O58 - SDL:2015/07/02 15:33:00 A . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\WINDOWS\System32\drivers\mfewfpk.sys [344704]
O58 - SDL:2013/08/22 14:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840]
O58 - SDL:2015/01/16 17:22:32 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\WINDOWS\System32\drivers\netaapl64.sys [23040]
O58 - SDL:2013/06/18 16:45:43 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\NETwew02.sys [4649440]
O58 - SDL:2014/01/06 10:15:38 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys [12651296]
O58 - SDL:2013/08/22 14:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368]
O58 - SDL:2013/08/22 14:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [168288]
O58 - SDL:2013/08/15 08:28:42 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\WINDOWS\System32\drivers\Rt630x64.sys [830680]
O58 - SDL:2013/10/17 21:36:54 A . (.Realtek Semiconductor Corp. - Realtek UVC Driver for XP/Vista/Win7/Win8.) -- C:\WINDOWS\System32\drivers\rtsuvc.sys [8876248]
O58 - SDL:2013/08/08 10:27:54 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\WINDOWS\System32\drivers\RtsUVStor.sys [329944]
O58 - SDL:2013/08/22 17:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [23040]
O58 - SDL:2013/08/22 14:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896]
O58 - SDL:2013/08/22 14:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760]
O58 - SDL:2013/12/24 03:14:44 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [34544]
O58 - SDL:2013/08/22 14:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072]
O58 - SDL:2013/12/24 03:14:50 A . (.Synaptics Incorporated - Synaptics Touchpad 64-bit Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [532720]
O58 - SDL:2013/09/16 21:20:12 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverx64.sys [99288]
O58 - SDL:2015/06/10 23:08:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784]
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\System32\drivers\viaide.sys [19808]
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [168800]
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504]
O58 - SDL:2012/06/13 18:10:32 A . (."CyberLink - Cyberlink Virtual Disk Driver.) -- C:\WINDOWS\System32\drivers\wsvd.sys [102376]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (21) - 29s
O61 - LFC: 2015/07/28 18:16:25 A . (..) -- C:\Users\clement\Downloads\WGS2150.exe [52808608]
O61 - LFC: 2015/07/28 15:20:06 A . (.Dummy, Ltd..) -- C:\Users\clement\Downloads\ciel+gestion+commerciale+crack_10924_i37955543_il345.exe\ciel gestion commerciale crack_10924_i37955543_il345.exe\ciel gestion commerciale crack_10924_i37955543_il345.exe [1544720]
O61 - LFC: 2015/07/28 12:55:21 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin [269992]
O61 - LFC: 2015/07/28 21:18:48 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\VIH35DSJ\4e4454ea6d4e491278aca3372a1c2062[1].exe [375463]
O61 - LFC: 2015/07/28 17:27:41 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\VIH35DSJ\7485b9dc-137c-405a-a65b-c68277d57d63[1].exe [9698]
O61 - LFC: 2015/07/28 21:18:42 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\VIH35DSJ\SearchUpdater[1].exe [121216]
O61 - LFC: 2015/07/28 21:19:04 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\VIH35DSJ\setup_gmsd_fr[1].exe [5791824]
O61 - LFC: 2015/07/28 18:55:38 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\G0580XFK\15b365fe97056e31353ba58793643ff5[1].exe [91848]
O61 - LFC: 2015/07/28 21:18:40 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\G0580XFK\cmmdWriter[1].exe [41440]
O61 - LFC: 2015/07/28 19:02:11 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\G0580XFK\urlblockindex[1].bin [16]
O61 - LFC: 2015/07/28 21:19:31 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\G0580XFK\VuuPC_VO2_8907[1].exe [229115] =>PUP.Optional.VuuPC
O61 - LFC: 2015/07/28 21:18:47 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\EP327D0P\cb369ad7b027b8588a356348424ef3c4[1].exe [82261]
O61 - LFC: 2015/07/28 21:18:53 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\EP327D0P\Download[1].exe [320000]
O61 - LFC: 2015/07/28 21:19:29 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\EP327D0P\policyname[1].exe [57665]
O61 - LFC: 2015/07/28 18:55:36 A . (.shopperz.) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\EP327D0P\sprz[1].exe [2962720] =>PUP.Optional.Shopperz
O61 - LFC: 2015/07/28 21:18:44 A . (.HTabp.com.) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\0AIJVYQQ\cmi_mystartsearch[2].exe [670176] =>PUP.Optional.StartSearch
O61 - LFC: 2015/07/28 21:18:40 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\0AIJVYQQ\eewk1k[1].exe [205140]
O61 - LFC: 2015/07/28 18:08:55 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\0AIJVYQQ\FriendlyError_s4[1].exe [114884]
O61 - LFC: 2015/07/28 18:55:38 A . (..) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\0AIJVYQQ\tiwr[1].exe [76165]
O61 - LFC: 2015/07/28 21:18:39 A . (.Copyright 2013.) -- C:\Users\clement\AppData\Local\Microsoft\Windows\INetCache\IE\0AIJVYQQ\Validate[1].exe [61981]
O61 - LFC: 2015/07/28 22:23:10 A . (..) -- C:\Users\clement\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]

---\\ Associations Shell Spawning (O67) (1) - 0s
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe

---\\ Menu de démarrage Internet (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[

que dois je faire à présent ?

Bonjour

Le rapport n'est pas complet !!
tu n'as pas lu le tutoriel jusqu'au bout !

Il est pas complet !!!
Merci

pouvez vous me dire quel rapport voulez vous que je vous fournisse ? merci

le rapport de ZHPDiag , mais complet !

donc hébergé comme dit dans le tuoriel !

# AdwCleaner v4.208 - Rapport créé le 29/07/2015 à 15:12:53
# Mis à jour le 09/07/2015 par Xplode
# Base de données : 2015-07-26.2 [Serveur]
# Système d'exploitation : Windows 8.1 (x64)
# Nom d'utilisateur : clement - CREATOR
# Exécuté depuis : C:\Users\clement\Downloads\adwcleaner_4.208.exe
# Option : Nettoyer

• • • • • [ Services ] *****
        • [ Fichiers / Dossiers ] *****

Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
Fichier Supprimé : C:\Users\clement\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

• • • • • [ Tâches planifiées ] *****
        • [ Raccourcis ] *****

Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

• • • • • [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\Kromtech
Clé Supprimée : HKLM\SOFTWARE\SpeedBit
Clé Supprimée : HKLM\SOFTWARE\AIM Toolbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}

• • • • • [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v44.0.2403.107


-\\ Opera v0.0.0.0

AdwCleaner[R0].txt - [19509 octets] - [28/07/2015 22:08:37]
AdwCleaner[R1].txt - [3297 octets] - [29/07/2015 15:09:55]
AdwCleaner[S0].txt - [16808 octets] - [28/07/2015 22:09:54]
AdwCleaner[S1].txt - [3168 octets] - [29/07/2015 15:12:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3228 octets] ##########

voilà c'est ce qu'il vous fallait ? quelle est la suite des événements ?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 8.1 x64
Ran by clement on 03/08/2015 at 15:39:13,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully deleted: [Service] 0323861438274970mcinstcleanup [Reboot required]



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\clement\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\clement\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\clement\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\clement\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/08/2015 at 15:44:26,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

le script (Fix) et le nouveau ZHPDiag ???

Rapport de ZHPFix 2015.7.7.6 par Nicolas Coolman, Update du 07/07/2015
Fichier d'export Registre :
Run by clement at 03/08/2015 15:54:32
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Corbeille vidée (00mn 14s)
Dossier Prefetcher vidé
Réparation des raccourcis navigateur

========== Valeurs du Registre ==========
SUPPRIMÉ RunValue: Application Restart #5
ProxyFix : Configuration proxy supprimée avec succès
SUPPRIMÉ ProxyServer Value
SUPPRIMÉ ProxyEnable Value
SUPPRIMÉ EnableHttp1_1 Value
SUPPRIMÉ ProxyHttp1.1 Value
SUPPRIMÉ ProxyOverride Value
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D}
SUPPRIMÉ: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-In-TCP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-Out-TCP
SUPPRIMÉ: FirewallRaz (None) : MCX-Prov-Out-TCP
SUPPRIMÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP
SUPPRIMÉ: FirewallRaz (None) : {D3322B22-39CC-4A83-80C6-2092D66CC100}
SUPPRIMÉ: FirewallRaz (None) : {826670AE-3572-4B3D-BE15-F27F88E7718E}

========== Dossiers ==========
SUPPRIMÉ: C:\Program Files (x86)\DA629EEF-1438097571-11E4-A961-68F728877FA6
SUPPRIMÉ: C:\Program Files (x86)\DA629EEF-1438098388-11E4-A961-68F728877FA6
SUPPRIMÉS Flash Cookies (0)
SUPPRIMÉS Temporaires Windows (0)

========== Fichiers ==========
SUPPRIMÉ: c:\windows\prefetch\upgmsd_fr_005010044.exe-935a05a1.pf
SUPPRIMÉ: c:\windows\prefetch\upmbot_fr_014010044.exe-f323da47.pf
SUPPRIMÉ: c:\users\clement\appdata\local\microsoft\windows\inetcache\ie\vih35dsj\cmi_mystartsearch[1].exe
SUPPRIMÉ: c:\users\clement\appdata\local\microsoft\windows\inetcache\ie\ep327d0p\sprz[1].exe
SUPPRIMÉS Flash Cookies (0) (0 octets)
SUPPRIMÉS Temporaires Windows (0) (0 octets)

========== Tache planifiée ==========
SUPPRIMÉ: Pokki

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
21 : Valeurs du Registre
4 : Dossiers
6 : Fichiers
1 : Tache planifiée
1 : Restauration Système


End of clean in 00mn 38s

========== Chemin de fichier rapport ==========
C:\Users\clement\AppData\Roaming\ZHP\ZHPFix[R1].txt - 03/08/2015 15:54:47 [2498]

ou est le ZHPDiag ??