Aller au contenu

laya

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    502

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par laya

  1. laya
    Bonjour Pear, voici: http://cjoint.com/?DHClnzOuwOb
  2. laya
    Bonsoir, je reviens vers vous car je m'inquiète pour mon windows 7 qui me lance des messages "shockwave flash ne répond plus" et bloque mes pages Firefox, puis cette lenteur à s'éteindre, énorme!! Sans compter que je m'inquiète dès le démarrage puisque l'écran reste noir pendant longtemps, beaucoup trop longtemps. Alors avant d'étudier la partie matérielle du sujet (ce qui me fait peur d'avance!), j'aimerais savoir si je ne suis pas infectée tout simplement. A savoir,, je joue a clash of clans sur pc ( oui ça meuble un peu le temps), si vous avez eu écho de problèmes venant de cette application en particulier. Dans ce cas, j'éliminerais.. Voici le lien adwcleaner, Mbam n'a rien trouvé. http://cjoint.com/?DHBwj7EEZoz Merci de votre aide.
  3. laya

    Redémarrage en boucle

    laya a répondu à un(e) sujet de laya dans Windows Vista

    Bonjour Tonton, Pour pouvoir suivre tes conseils, je dois brancher mon disque dur à la place du mien dans ma tour, puisque la tour de ma soeur a un problème de carte graphique (elle est intégrée à la carte mère). Je profiterais d'une absence du chéri pour le faire, puisqu'il n'aime pas que je démonte la tour. Mais je n'ai pas oublié...
  4. laya
    Merci beaucoup pear, je mets le sujet en résolu.
  5. laya
    Re, petit souci pour javaupdate, un message d'erreur me disant qu'il ne s'agit pas d'une application win32 valide apparaît, il m'est donc impossible de mettre à jour. Voici pour SFTGC: http://cjoint.com/?DHvrPPdQgpo
  6. laya
    Bonjour Pear, voici: Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014 Fichier d'export Registre : Run by nico at 21/08/2014 11:20:14 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée (00mn 10s) Dossier Prefetcher vidé Réparation des raccourcis navigateur ========== Clés du Registre ========== SUPPRIMÉ: HKLM\Software\Wow6432Node\Better Surf Plus SUPPRIMÉ: HKLM\Software\Wow6432Node\Better-Surf SUPPRIMÉ: HKLM\Software\Wow6432Node\RichMediaViewV1 SUPPRIMÉ: HKLM\Software\Wow6432Node\VideoPlayerV3 SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\3EABBB7837BC6C44C81F727B5BEDCDC3] SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\3EABBB7837BC6C44C81F727B5BEDCDC3] SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASAPI32 SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASMANCS SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASAPI32 SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASMANCS SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASAPI32 SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASMANCS SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASAPI32 SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASMANCS SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASAPI32 SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASMANCS SUPPRIMÉ: HKLM\Software\Classes\AppID\npBoxorePlugin.dll SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4AB7537EEC562384B917A60C59CC9607 SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 SUPPRIMÉ:* Mozilla Plugin: @microsoft.com/VirtualEarth3D,version=4.0 SUPPRIMÉ Driver Key: gaupdqtc SUPPRIMÉ Driver Key: icpjstqc Branche de Base de Registres IFEO non infectée ! ========== Valeurs du Registre ========== SUPPRIMÉ: Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Aucune Valeur Standard Profile: FirewallRaz : Aucune Valeur Domain Profile: FirewallRaz : SUPPRIMÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope SUPPRIMÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-In-UDP SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP SUPPRIMÉ: FirewallRaz (Public) : NetPres-In-TCP SUPPRIMÉ: FirewallRaz (Public) : NetPres-Out-TCP SUPPRIMÉ: FirewallRaz (None) : {890D4831-4C8C-4804-9B22-C5E3E1FC378B} SUPPRIMÉ: FirewallRaz (None) : {610A39CB-3318-4677-9574-3629ECF88021} SUPPRIMÉ: FirewallRaz (None) : {7C73BEC0-BADD-43C9-9AA1-0E1DF420FC0B} SUPPRIMÉ: FirewallRaz (Domain) : {7C894268-5C52-439B-91C0-0CD501A3B7AE} SUPPRIMÉ: FirewallRaz (Domain) : {287C5988-0D6D-4743-8973-D2A1AF23A2E3} SUPPRIMÉ: FirewallRaz (Private) : {E00EDE5A-E273-4970-8CD9-384C061633A2} SUPPRIMÉ: FirewallRaz (Private) : {076D0F51-7FD8-4EC2-8460-39882788ADFF} SUPPRIMÉ: FirewallRaz (Public) : {456737AC-C287-4E81-83E8-C396FD067BA6} SUPPRIMÉ: FirewallRaz (Public) : {AC09E8F5-2942-4A26-9A8E-F99E9CCE30C4} SUPPRIMÉ: FirewallRaz (Public) : {CC4409FF-739E-4A22-903D-0E8B99C81387} SUPPRIMÉ: FirewallRaz (Public) : {01511028-3D49-4282-B351-810DE7BD8631} SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{FFFFCBED-32CE-4F75-946F-857DC598F503}C:\users\nico\appdata\roaming\nosibay\bubble dock\bubble dock.exe SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{74DF110D-B723-4CF2-BE91-57AC79AEAB29}C:\users\nico\appdata\roaming\nosibay\bubble dock\bubble dock.exe ProxyFix : Configuration proxy supprimée avec succès SUPPRIMÉ ProxyServer Value SUPPRIMÉ ProxyEnable Value SUPPRIMÉ EnableHttp1_1 Value SUPPRIMÉ ProxyHttp1.1 Value SUPPRIMÉ ProxyOverride Value ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide ========== Fichiers ========== SUPPRIMÉ: C:\Windows\Installer\11aaf5.msi SUPPRIMÉ: c:\users\nico\appdata\local\temp\nsnfe4d.tmp\linker.dll SUPPRIMÉS Flash Cookies (0) (0 octets) ========== Tache planifiée ========== SUPPRIMÉ: {45D4BF53-BF1D-449A-901F-7032A6A199FF} SUPPRIMÉ: {6D99B6D6-B65F-4F66-9E1C-4B9B772F8DC1} SUPPRIMÉ: {74F8B1F1-C538-4D2E-A856-DB2EEE603B72} SUPPRIMÉ: {E62EF0DF-735A-4CD9-9962-11EDD8F4D69A} SUPPRIMÉ: EasyPartitionManager SUPPRIMÉ: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core SUPPRIMÉ: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 24 : Clés du Registre 28 : Valeurs du Registre 1 : Dossiers 3 : Fichiers 7 : Tache planifiée 1 : Restauration Système End of clean in 00mn 40s ========== Chemin de fichier rapport ========== C:\Users\nico\AppData\Roaming\ZHP\ZHPFix[R1].txt - 21/08/2014 11:20:25 [5067]
  7. laya
    ~ Rapport de ZHPDiag v2014.8.9.116 - Nicolas Coolman (09/08/2014) ~ Lancé par nico (20/08/2014 23:40:59) ~ Adresse du Site Web http://nicolascoolman.fr ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by program ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17239 MFIE: Mozilla Firefox 31.0 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows Operating System - Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 2BT4J Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Malwarebytes Anti-Malware version 2.0.2.1012 Norton Internet Security v18.7.2.3 Windows Defender W7 (Activate) ---\\ Logiciels d'optimisation du système CCleaner v3.16 ---\\ Logiciels de partage PeerToPeer µTorrent v3.2.0 =>P2P.µTorrent ---\\ Surveillance de Logiciels Adobe Flash Player 14 Plugin Adobe Reader X ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 6090 MB (68% free) System Restore: Activé (Enable) System drive C: has 61 GB (16%) free of 364 GB ---\\ Mode de connexion au système ~ Computer Name: NICO-PC ~ User Name: nico ~ All Users Names: nico, HomeGroupUser$, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\nico\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\nico\AppData\Roaming\ ~ %Desktop% : C:\Users\nico\Desktop\ ~ %Favorites% : C:\Users\nico\Favorites\ ~ %LocalAppData% : C:\Users\nico\AppData\Local\ ~ %StartMenu% : C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 61 Go of 364 Go) D: Hard drive, Flash drive, Thumb drive (Free 519 Go of 544 Go) E: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 49 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.8E71A5CB5312B8392D4DA4CA37BB5868] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/07/2014 - 11:52:06.) -- C:\Windows\System32\wininet.dll [2266624] [MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/124 ~ Mes musiques (My Musics) : 50/142 ~ Mes Videos (My Videos) : 2/39 ~ Mes Favoris (My Favorites) : 1/5 ~ Mes Documents (My Documents) : 70/1975 ~ Mon Bureau (My Desktop) : 1/1154 ~ Menu demarrer (Programs) : 1/24 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008] [PID.1744] [MD5.52F65BDE7D7271AD9C16643CC302D2A0] - (.Samsung Electronics CO., LTD. - Launcher Starter Application.) -- C:\Program Files (x86)\Samsung\Play Touch\Touch Launcher\Launcher_Starter.exe [1674240] [PID.3896] [MD5.89D2706FCD45E33CECFBD46BCBAD7E16] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.4008] [MD5.7A639050E887DFCB9C4BAB90FF3521B2] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartRestarter.exe [2268752] [PID.3432] [MD5.208270C9AD3E82F6ABAC870F950E5F0D] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe [13246272] [PID.2404] [MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [PID.4088] [MD5.2A3FB4C98F139038E23330D2439DB8A4] - (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [PID.4112] [MD5.A025DF526B0FB3DAC3169AE4330FF7A4] - (.Symantec Corporation - SSDMonit Application.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106112] [PID.4380] [MD5.38CB3C6FE18959F36A9505DCB8CC5F64] - (.Hauppauge Computer Works, Inc. - WinTVTray.) -- C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe [82944] [PID.4832] [MD5.0EB65D922458406F18C420D131E7D22A] - (...) -- C:\Program Files (x86)\GigaTribe\gigatribe.exe [2993664] [PID.4848] [MD5.870DE535A5B25DCA10DDAD9D9C65E2B2] - (.Pas de propriétaire - ucmon Application.) -- C:\Windows\ucmon.exe [62464] [PID.4580] [MD5.E967BF019A4B324E0C5DFBC2995F9F55] - (.Samsung Electronics - Easy Speed Up Manager.) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [1641552] [PID.5060] [MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.4500] [MD5.F33D641F4F7B60CA9C58EF05CEC43DA7] - (.Samsung Electronics - OSD Display for AIO.) -- C:\Program Files (x86)\Samsung\Easy Settings\EasyButtonManager.exe [750672] [PID.4292] [MD5.33185B60A7D765E17F134244FD18D2D9] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [785488] [PID.4584] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.1204] [MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.4732] [MD5.A9E5F30D66D3A04446886FAE6410561F] - (.Broadcom Corporation. - Bluetooth Headset Skype Proxy.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [13600] [PID.4504] [MD5.D3A1D2987051118159D4DE38E3027CEA] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4403280] [PID.5788] [MD5.2461810EC376F3CCBDCE833436914074] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [3395664] [PID.5156] [MD5.044C57C0B61A20B982F40AD8E436EC0C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8090624] [PID.5076] [MD5.1A8386F5B802969878C6BADEE62899DA] - (.Samsung - SWMAgent.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2792528] [PID.3412] [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1532] [MD5.DE847265C24E69DF988BCB1399026FC7] - (.Hauppauge Computer Works - Hauppauge TV Server.) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [562176] [PID.1712] [MD5.68E6732D74A74B1FFD386761BC1EB764] - (.Symantec - StartMan Application.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [792608] [PID.1824] [MD5.F12A68ED55053940CADD59CA5E3468DD] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904] [PID.1940] [MD5.5CEF407E235885DB5421DF79C843F2DF] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5052224] [PID.2004] [MD5.F4A17DCAB576267C85663E64F3ACE5A4] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [326424] [PID.2944] [MD5.DB641944F7E4B14C13C3FEFC89843F69] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2656536] [PID.332] [MD5.74E25070B7D39D01D4C9C8A5760C73BE] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe [229696] [PID.4364] [MD5.3CA262114956EC95780A25850FF0E413] - (.TeamViewer GmbH - TeamViewer 9.) -- c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe [4623680] [PID.4676] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé) G2 - GCE: Preference [user Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé) G2 - GCE: Preference [user Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé) G2 - GCE: Preference [user Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé) ---\\ Liste des dossiers d'extension Google Chrome G2 - EXT: C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube] G2 - EXT: C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google] G2 - EXT: C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet] G2 - EXT: C:\Users\nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail] ~ Google Lines Browser: 18 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/VirtualEarth3D,version=4.0] - (...) -- (.not file.) P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\nico\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\nico\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\nico\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.0.1f1.) -- C:\Users\nico\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll ~ Firefox Browser: 7 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17239 (winblue_gdr.140724-2228)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 18 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Symantec NCO BHO [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.dll O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll ~ BHO: 4 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - GS\QuickLaunch [nico]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Global Startup: 2 Scanned in 00mn 01s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [Driver Manager] . (.PC Drivers Headquarters - DriverManager.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKCU\..\RunOnce: [Application Restart #2] . (.Samsung - SWMAgent.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [sSDMonitor] . (.Symantec Corporation - SSDMonit Application.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2392446708-3453139418-4219197010-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-2392446708-3453139418-4219197010-1000\..\Run: [Driver Manager] . (.PC Drivers Headquarters - DriverManager.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe O4 - HKUS\S-1-5-21-2392446708-3453139418-4219197010-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKUS\S-1-5-21-2392446708-3453139418-4219197010-1000\..\RunOnce: [Application Restart #2] . (.Samsung - SWMAgent.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll ~ Winsock: 9 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{F336281B-FDC5-45B8-9508-A8F0A385E44E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{F336281B-FDC5-45B8-9508-A8F0A385E44E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{F336281B-FDC5-45B8-9508-A8F0A385E44E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: HauppaugeTVServer (HauppaugeTVServer) . (.Hauppauge Computer Works - Hauppauge TV Server.) - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe O23 - Service: Intel® Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation O23 - Service: Norton Utilities 16 Start Manager Service (NU16StartManagerSvc) . (.Symantec - StartMan Application.) - C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: TeamViewer 9 (TeamViewer9) . (.TeamViewer GmbH - TeamViewer 9.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: Intel® Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe ~ Services: 11 Scanned in 00mn 03s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.A6B6AB9502B63F43A9A56AE6AFB22078] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [262320] [MD5.D3A1D2987051118159D4DE38E3027CEA] [APT] [advSRS5] (.SEC.) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4403280] [MD5.7B17B11739EABB54E96DA4F0645AC3EB] [APT] [Driver Manager-RTMRules] (.PC Drivers Headquarters.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296] [MD5.7B17B11739EABB54E96DA4F0645AC3EB] [APT] [Driver Manager-RTMScan] (.PC Drivers Headquarters.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296] [MD5.7B17B11739EABB54E96DA4F0645AC3EB] [APT] [Driver Manager-RTMScanRunOnce] (.PC Drivers Headquarters.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296] [MD5.7B17B11739EABB54E96DA4F0645AC3EB] [APT] [Driver Manager-RTMUpdater] (.PC Drivers Headquarters.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296] [MD5.F33D641F4F7B60CA9C58EF05CEC43DA7] [APT] [EasyButtonManager] (.Samsung Electronics.) -- C:\Program Files (x86)\Samsung\Easy Settings\EasyButtonManager.exe [750672] [MD5.00000000000000000000000000000000] [APT] [EasyPartitionManager] (...) -- C:\Windows\MSetup\BA46-12225A02\EPM.exe (.not file.) [0] [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core] (.Facebook Inc..) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA] (.Facebook Inc..) -- C:\Users\nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core] (.Google Inc..) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA] (.Google Inc..) -- C:\Users\nico\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [MD5.B00F98FF6FE8682FF941BEB2559BF191] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [MD5.33185B60A7D765E17F134244FD18D2D9] [APT] [MovieColorEnhancer] (.Samsung Electronics Co., Ltd..) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [785488] [MD5.991F64C0803B60804227E76FAF98E3F6] [APT] [NUAutoUpdate] (.Symantec.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [977456] [MD5.13EFD89CED40878DEB9C576E58ADF57E] [APT] [NUSchedule] (.Symantec.) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe [3985104] [MD5.B868B2F220759DCB815F3B22072CD38C] [APT] [{3B424889-9010-47FD-9771-163B50E69F73}] (...) -- C:\Users\nico\Downloads\avira_free_antivirus_fr.exe [86855160] [MD5.00000000000000000000000000000000] [APT] [{45D4BF53-BF1D-449A-901F-7032A6A199FF}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0] =>PUP.iMesh [MD5.00000000000000000000000000000000] [APT] [{6D99B6D6-B65F-4F66-9E1C-4B9B772F8DC1}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0] =>PUP.iMesh [MD5.00000000000000000000000000000000] [APT] [{74F8B1F1-C538-4D2E-A856-DB2EEE603B72}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0] =>PUP.iMesh [MD5.00000000000000000000000000000000] [APT] [{E62EF0DF-735A-4CD9-9962-11EDD8F4D69A}] (...) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe (.not file.) [0] =>PUP.iMesh [MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Analyzer 18.7.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [1295832] [MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Processor 18.7.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [1295832] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core.job [902] O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core [902] O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA.job [924] O39 - APT: FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA [924] O39 - APT: GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core.job [1022] O39 - APT: GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000Core [1022] O39 - APT: GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA.job [1074] O39 - APT: GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2392446708-3453139418-4219197010-1000UA [1074] O39 - APT: NUAutoUpdate - (.Symantec.) -- C:\Windows\Tasks\NUAutoUpdate.job [286] O39 - APT: NUAutoUpdate - (.Symantec.) -- C:\Windows\System32\Tasks\NUAutoUpdate [286] O39 - APT: NUSchedule - (.Symantec.) -- C:\Windows\Tasks\NUSchedule.job [278] O39 - APT: NUSchedule - (.Symantec.) -- C:\Windows\System32\Tasks\NUSchedule [278] ~ Scheduled Task: 30 Scanned in 00mn 03s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 10 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20140801.001\BHDrvx64.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys O41 - Driver: (gaupdqtc) . (. - .) - C:\Windows\system32\drivers\gaupdqtc.sys (.not file.) O41 - Driver: (icpjstqc) . (. - .) - C:\Windows\system32\drivers\icpjstqc.sys (.not file.) O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20140819.001\IDSvia64.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\windows\system32\Drivers\SABI.sys O41 - Driver: (SRTSP) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\Drivers\NISx64\1207020.003\SRTSP64.sys O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.sys O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.sys O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\NISx64\1207020.003\SYMNETS.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys O41 - Driver: (IDSVia64) . (. - .) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20140808.002\IDSvia64.sys (.not file.) ~ Drivers: 90 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 14 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.1.10) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WT085587 O42 - Logiciel: Asmedia ASM104x USB 3.0 Host Controller Driver - (.Asmedia Technology.) [HKLM][64Bits] -- {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D} O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT089286 O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM][64Bits] -- Broadcom 802.11 Network Adapter O42 - Logiciel: Build-a-lot - (.WildTangent.) [HKLM][64Bits] -- WT085597 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT085567 O42 - Logiciel: CyberLink Media Suite - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink Media Suite - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB} O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM][64Bits] -- {80E158EA-7181-40FE-A701-301CE6BE64AB} O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: CyberLink PowerCinema - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: CyberLink PowerCinema - (.CyberLink Corp..) [HKLM][64Bits] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761} O42 - Logiciel: CyberLink PowerCinema Movie - (.CyberLink Corp..) [HKLM][64Bits] -- {70CC0095-AA68-45BE-AE98-D8170182E9EB} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: CyberLink YouPaint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74} O42 - Logiciel: CyberLink YouPaint - (.CyberLink Corp..) [HKLM][64Bits] -- {72BF1DA0-2B00-4794-9173-159722019B74} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DVD Video Soft Toolbar - (...) [HKLM][64Bits] -- dvdvideosofttoolbar O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT085559 O42 - Logiciel: Easy File Share - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {95BB7324-77D3-4BF3-8CF6-29F0857AC175} O42 - Logiciel: Easy Migration - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {AD86049C-3D9C-43E1-BE73-643F57D83D50} O42 - Logiciel: Easy Settings - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {17283B95-21A8-4996-97DA-547A48DB266F} O42 - Logiciel: Easy Software Manager - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {DE256D8B-D971-456D-BC02-CB64DA24F115} O42 - Logiciel: Easy Support Center 1.0 - (.Samsung.) [HKLM][64Bits] -- {F687E657-F636-44DF-8125-9FEEA2C362F5} O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} O42 - Logiciel: Farm Frenzy - (.WildTangent.) [HKLM][64Bits] -- WT085618 O42 - Logiciel: Free Studio version 5.4.8 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free Studio_is1 O42 - Logiciel: GigaTribe 3.01.007 - (.GigaTribe SAS.) [HKLM][64Bits] -- ShalSoft.GigaTribe_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome O42 - Logiciel: Hauppauge WinTV 7 - (.Hauppauge Computer Works.) [HKLM][64Bits] -- Hauppauge WinTV 7 O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT085622 O42 - Logiciel: Intel PROSet Wireless - (...) [HKLM][64Bits] -- ProInst O42 - Logiciel: Intel® Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel® Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Interactive Guide - (...) [HKLM][64Bits] -- {CB383BE9-7518-4ABD-826E-8FC4695F7D52} O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WT085580 O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.2.1012 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Touch Pack for Windows 7 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FF90DB8-6DED-44A3-B182-244FEC09012F} O42 - Logiciel: Microsoft XNA Framework Redistributable 3.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {3898934B-05AE-41CD-96BE-70DA9BFBCE1F} O42 - Logiciel: Mozilla Firefox 31.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 31.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM][64Bits] -- NIS O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {C6173775-C676-4E2A-9232-66E17261E614} =>.Symantec Corporation O42 - Logiciel: Norton Utilities 16 - (.Symantec Corporation.) [HKLM][64Bits] -- Norton Utilities 16_is1 O42 - Logiciel: Peggle - (.WildTangent.) [HKLM][64Bits] -- WT085663 O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT085581 O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM][64Bits] -- WT085669 O42 - Logiciel: Play Touch Bing Map - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {A36ED6C1-A332-49EC-9C59-F8B895AB68B7} O42 - Logiciel: Play Touch Calendar - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {85F969B2-AA3B-4CED-A8E9-C48A7E5EB0D5} O42 - Logiciel: Play Touch Clock - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {59095C47-04DA-43C2-A9C6-4602A5698E62} O42 - Logiciel: Play Touch Launcher - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {0E6036C1-E3DC-4C6D-9B13-D52E678B9A61} O42 - Logiciel: Play Touch Music - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {7C5AB932-40D7-405F-88ED-BD0939D665F3} O42 - Logiciel: Play Touch Notes - (.Samsung Electronics CO., LTD.) [HKLM][64Bits] -- {E2B70FDD-1A57-4879-912F-0391D3F97158} O42 - Logiciel: Play Touch Photos - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {6ADF618A-62B9-454B-A806-A3DA2124B7C8} O42 - Logiciel: Play Touch Recipe - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {DA13F475-9DB2-4CCA-A625-D99655CFEC1E} O42 - Logiciel: Play Touch RssReader - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {4ADADD44-1B08-480A-BE9C-8E8E5B808EB4} O42 - Logiciel: Play Touch SocialDashboard - (.Samsung Electronics CO., LTD.) [HKLM][64Bits] -- {A925AE13-A1FC-4D06-B93D-EA9041E22158} O42 - Logiciel: Play Touch ToDo - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {ACA0C8D8-5D60-4948-8447-23FCE6F89180} O42 - Logiciel: Play Touch Twitter - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {E5679BCC-EA6F-42FD-88E7-431CDCC5A1C1} O42 - Logiciel: Play Touch Videos - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {2BD864E7-3FAB-4BFF-9B85-0A11B64917AA} O42 - Logiciel: Play Touch Weather - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {6274342F-1F2D-4823-857D-D98CCCFF81E3} O42 - Logiciel: Polar Golfer - (.WildTangent.) [HKLM][64Bits] -- WT085583 O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Samsung Recovery Solution 5 - (.Samsung.) [HKLM][64Bits] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2} O42 - Logiciel: Skype™ 6.11 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} O42 - Logiciel: TeamViewer 9 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 9 O42 - Logiciel: Touch Logon - (.Samsung Electronics CO., LTD..) [HKLM][64Bits] -- {AFF0220E-1F50-4B46-91BF-7812F71275F0} O42 - Logiciel: Tyco Electronics EloSawJr 1.2.0 - (.Tyco Electronics.) [HKLM][64Bits] -- Elo TouchSystems O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App O42 - Logiciel: User Guide - (...) [HKLM][64Bits] -- {BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA} O42 - Logiciel: Video Player - (.Video Player.) [HKLM][64Bits] -- Video Player O42 - Logiciel: Virtual Earth 3D (Beta) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6ACE7F46-FACE-4125-AE86-672F4F2A6A28} O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {436E0B79-2CFB-4E5F-9380-E17C1B25D0C5} O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT089285 O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent =>P2P.BitTorrent ~ Logic: 66 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Unity] [HKCU\Software\AppDataLow] [HKCU\Software\BitTorrent] =>P2P.BitTorrent [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\DVDVideoSoft] [HKCU\Software\Facebook] [HKCU\Software\Google] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\Licenses] [HKCU\Software\MCAFEE] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (HCW)] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Norton] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Samsung Electronics] [HKCU\Software\Samsung] [HKCU\Software\ShalSoft] [HKCU\Software\SkypeRS] [HKCU\Software\Skype] [HKCU\Software\Software] [HKCU\Software\Symantec] [HKCU\Software\TeamViewer] [HKCU\Software\Trolltech] [HKCU\Software\Unity] [HKCU\Software\Widcomm] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\dvdvideosofttoolbar] [HKLM\Software\ATI Technologies] [HKLM\Software\Broadcom] [HKLM\Software\CBSTEST] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DTS] [HKLM\Software\Dolby] [HKLM\Software\Hauppauge] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\Knowles] [HKLM\Software\Macromedia] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Samsung] [HKLM\Software\SonicFocus] [HKLM\Software\Sonic] [HKLM\Software\Symantec] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\Widcomm] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Atheros] [HKLM\Software\Wow6432Node\BcmSetup] [HKLM\Software\Wow6432Node\Better Surf Plus] [HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Client] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\DVDVideoSoft] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\Hauppauge] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\Licenses] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\MimarSinan] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\MusicNet] [HKLM\Software\Wow6432Node\Norton] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer [HKLM\Software\Wow6432Node\Samsung Electronics Co., Ltd.] [HKLM\Software\Wow6432Node\Samsung] [HKLM\Software\Wow6432Node\ShalSoft] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\Software] [HKLM\Software\Wow6432Node\SuppHelpDir] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\TeamViewer] [HKLM\Software\Wow6432Node\VideoPlayerV3] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\WildTangent] [HKLM\Software\Wow6432Node\mcafeeupdater] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node] [HKLM\Software\mcafeeupdater] ~ Key Software: 280 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 18/04/2012 - 13:09:29 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\ASM104xUSB3 O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\Atheros O43 - CFD: 08/10/2014 - 23:31:12 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 18/03/2012 - 00:05:33 - [] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 17/10/2013 - 19:31:08 - [] ----D C:\Program Files (x86)\Driver Manager O43 - CFD: 20/04/2012 - 20:24:21 - [] ----D C:\Program Files (x86)\DVDVideoSoft O43 - CFD: 19/03/2012 - 20:04:04 - [] ----D C:\Program Files (x86)\GigaTribe O43 - CFD: 18/03/2012 - 04:38:20 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 18/03/2012 - 00:05:39 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 16/08/2014 - 00:06:45 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 08/10/2014 - 22:55:32 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 08/10/2014 - 22:55:10 - [0] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 08/10/2014 - 23:46:28 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 18/03/2012 - 00:05:48 - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 25/07/2014 - 12:09:36 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 18/03/2012 - 00:05:49 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 18/03/2012 - 00:05:51 - [] ----D C:\Program Files (x86)\Microsoft Touch Pack for Windows 7 O43 - CFD: 18/03/2012 - 00:05:51 - [] ----D C:\Program Files (x86)\Microsoft XNA O43 - CFD: 18/03/2012 - 00:05:51 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 31/07/2014 - 06:17:30 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 01/08/2014 - 05:05:33 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 12/01/2013 - 18:18:37 - [0] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 18/03/2012 - 00:05:52 - [] ----D C:\Program Files (x86)\Norton Internet Security O43 - CFD: 23/07/2014 - 06:28:14 - [] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 18/03/2012 - 00:05:55 - [] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 18/03/2012 - 00:06:02 - [] ----D C:\Program Files (x86)\Samsung O43 - CFD: 05/03/2014 - 13:20:45 - [] R---D C:\Program Files (x86)\Skype O43 - CFD: 11/01/2013 - 14:00:23 - [] ----D C:\Program Files (x86)\Symantec O43 - CFD: 08/10/2014 - 22:50:50 - [] ----D C:\Program Files (x86)\TeamViewer O43 - CFD: 17/10/2011 - 12:43:20 - [0] --H-D C:\Program Files (x86)\Temp O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 18/08/2013 - 01:38:52 - [] ----D C:\Program Files (x86)\uTorrent =>P2P.µTorrent O43 - CFD: 18/03/2012 - 00:06:03 - [] ----D C:\Program Files (x86)\Virtual Earth 3D O43 - CFD: 01/04/2012 - 00:07:33 - [] ----D C:\Program Files (x86)\WildGames O43 - CFD: 01/04/2012 - 00:07:16 - [] ----D C:\Program Files (x86)\WildTangent Games O43 - CFD: 13/07/2013 - 03:27:33 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 18/03/2012 - 00:06:09 - [] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 26/03/2012 - 14:39:42 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 14/12/2013 - 04:20:48 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 26/03/2012 - 14:39:42 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 21/11/2010 - 05:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 26/03/2012 - 14:39:42 - [] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 18/03/2012 - 04:38:26 - [] ----D C:\Program Files (x86)\WinTV O43 - CFD: 09/10/2014 - 00:06:55 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 18/04/2012 - 13:09:40 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 20/04/2012 - 20:25:15 - [] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 18/03/2012 - 00:04:39 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 18/03/2012 - 00:04:40 - [] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 18/03/2012 - 00:04:40 - [] ----D C:\Program Files (x86)\Common Files\Samsung O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 05/03/2014 - 13:20:45 - [] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 18/03/2012 - 03:12:44 - [] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 26/03/2012 - 14:39:42 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 18/03/2012 - 00:04:40 - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 05/01/2013 - 14:16:24 - [] ----D C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 18/03/2012 - 00:06:10 - [] ----D C:\ProgramData\Applications O43 - CFD: 18/03/2012 - 00:06:10 - [] ----D C:\ProgramData\Atheros O43 - CFD: 22/02/2014 - 11:21:34 - [] ----D C:\ProgramData\Avira O43 - CFD: 20/08/2014 - 18:10:02 - [] ----D C:\ProgramData\boost_interprocess O43 - CFD: 18/03/2012 - 00:22:19 - [] -SH-D C:\ProgramData\Bureau O43 - CFD: 19/03/2012 - 13:48:38 - [] ----D C:\ProgramData\CyberLink O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 17/10/2013 - 19:31:59 - [] ----D C:\ProgramData\Driver Manager O43 - CFD: 18/03/2012 - 00:22:19 - [] -SH-D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 18/03/2012 - 00:06:10 - [] ----D C:\ProgramData\Intel O43 - CFD: 08/10/2014 - 22:55:25 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 20/03/2012 - 01:16:37 - [] ----D C:\ProgramData\McAfee O43 - CFD: 18/03/2012 - 00:22:19 - [] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 08/10/2014 - 23:46:28 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 18/03/2012 - 00:22:19 - [] -SH-D C:\ProgramData\Modèles O43 - CFD: 18/07/2013 - 15:20:02 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 21/07/2014 - 22:08:48 - [] ----D C:\ProgramData\Norton O43 - CFD: 18/03/2012 - 00:06:16 - [] ----D C:\ProgramData\NortonInstaller O43 - CFD: 18/03/2012 - 00:06:17 - [] ----D C:\ProgramData\Samsung O43 - CFD: 05/03/2014 - 13:20:43 - [] ----D C:\ProgramData\Skype O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 11/01/2013 - 14:00:23 - [] ----D C:\ProgramData\Symantec O43 - CFD: 20/08/2014 - 23:30:25 - [] ---AD C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 17/10/2013 - 19:33:41 - [] ----D C:\ProgramData\UAB O43 - CFD: 01/04/2012 - 00:11:32 - [] ----D C:\ProgramData\WildTangent O43 - CFD: 20/03/2012 - 03:23:43 - [] ----D C:\ProgramData\WinClon O43 - CFD: 18/04/2012 - 13:11:29 - [] ----D C:\Users\nico\AppData\Roaming\Adobe O43 - CFD: 19/03/2012 - 13:48:36 - [] ----D C:\Users\nico\AppData\Roaming\CyberLink O43 - CFD: 20/04/2012 - 20:37:04 - [] ----D C:\Users\nico\AppData\Roaming\DVDVideoSoft O43 - CFD: 19/03/2012 - 21:07:46 - [] ----D C:\Users\nico\AppData\Roaming\Identities O43 - CFD: 18/03/2012 - 01:30:47 - [] ----D C:\Users\nico\AppData\Roaming\Macromedia O43 - CFD: 08/10/2014 - 22:55:40 - [0] ----D C:\Users\nico\AppData\Roaming\Malwarebytes O43 - CFD: 21/11/2010 - 09:16:41 - [0] ----D C:\Users\nico\AppData\Roaming\Media Center Programs O43 - CFD: 27/05/2013 - 11:39:15 - [] -S--D C:\Users\nico\AppData\Roaming\Microsoft O43 - CFD: 19/03/2012 - 20:17:33 - [] ----D C:\Users\nico\AppData\Roaming\Mozilla O43 - CFD: 21/03/2012 - 01:50:14 - [] ----D C:\Users\nico\AppData\Roaming\MusicNet O43 - CFD: 12/01/2013 - 02:19:48 - [] ----D C:\Users\nico\AppData\Roaming\Norton Utilities 16 O43 - CFD: 19/03/2012 - 13:48:43 - [] ----D C:\Users\nico\AppData\Roaming\PowerCinema O43 - CFD: 11/01/2013 - 13:59:35 - [] ----D C:\Users\nico\AppData\Roaming\Product_NU16 O43 - CFD: 08/10/2014 - 23:48:23 - [0] ----D C:\Users\nico\AppData\Roaming\ShieldApps O43 - CFD: 22/08/2012 - 01:23:41 - [] ----D C:\Users\nico\AppData\Roaming\Skype O43 - CFD: 14/08/2014 - 07:31:23 - [] ----D C:\Users\nico\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 05/05/2012 - 01:02:33 - [0] ----D C:\Users\nico\AppData\Roaming\Windows Live Writer O43 - CFD: 20/08/2014 - 23:41:15 - [] ----D C:\Users\nico\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 18/08/2013 - 03:07:58 - [] ----D C:\Users\nico\AppData\Local\Adobe O43 - CFD: 18/03/2012 - 00:02:53 - [] -SH-D C:\Users\nico\AppData\Local\Application Data O43 - CFD: 22/02/2014 - 20:47:55 - [] ----D C:\Users\nico\AppData\Local\AviraResume O43 - CFD: 18/03/2012 - 00:11:28 - [] ----D C:\Users\nico\AppData\Local\Broadcom O43 - CFD: 20/08/2014 - 23:40:54 - [] ----D C:\Users\nico\AppData\Local\CrashDumps O43 - CFD: 11/01/2013 - 14:05:02 - [] ----D C:\Users\nico\AppData\Local\CRE O43 - CFD: 17/08/2013 - 18:47:16 - [] ----D C:\Users\nico\AppData\Local\Cyberlink O43 - CFD: 29/06/2014 - 11:26:47 - [0] ----D C:\Users\nico\AppData\Local\Diagnostics O43 - CFD: 27/05/2013 - 00:32:24 - [0] ----D C:\Users\nico\AppData\Local\ElevatedDiagnostics O43 - CFD: 17/05/2014 - 10:01:19 - [] -SH-D C:\Users\nico\AppData\Local\EmieSiteList O43 - CFD: 17/05/2014 - 10:01:19 - [] -SH-D C:\Users\nico\AppData\Local\EmieUserList O43 - CFD: 10/03/2014 - 00:30:42 - [] ----D C:\Users\nico\AppData\Local\Facebook O43 - CFD: 21/03/2012 - 14:23:09 - [] ----D C:\Users\nico\AppData\Local\Google O43 - CFD: 18/03/2012 - 00:02:53 - [] -SH-D C:\Users\nico\AppData\Local\Historique O43 - CFD: 05/01/2013 - 18:59:32 - [] ----D C:\Users\nico\AppData\Local\Macromedia O43 - CFD: 08/10/2014 - 23:46:28 - [] ----D C:\Users\nico\AppData\Local\Microsoft O43 - CFD: 05/10/2013 - 23:53:12 - [] ----D C:\Users\nico\AppData\Local\Mozilla O43 - CFD: 17/10/2013 - 19:33:26 - [] ----D C:\Users\nico\AppData\Local\PC_Drivers_Headquarters O43 - CFD: 18/03/2012 - 00:11:28 - [] ----D C:\Users\nico\AppData\Local\Power2Go O43 - CFD: 19/03/2012 - 13:48:36 - [] ----D C:\Users\nico\AppData\Local\PowerCinema O43 - CFD: 29/12/2012 - 14:15:04 - [] ----D C:\Users\nico\AppData\Local\Programs O43 - CFD: 26/05/2014 - 10:34:32 - [] ----D C:\Users\nico\AppData\Local\Samsung O43 - CFD: 19/03/2012 - 20:04:07 - [] ----D C:\Users\nico\AppData\Local\Shalsoft O43 - CFD: 20/08/2014 - 23:40:48 - [] ----D C:\Users\nico\AppData\Local\Temp O43 - CFD: 18/03/2012 - 00:02:54 - [] -SH-D C:\Users\nico\AppData\Local\Temporary Internet Files O43 - CFD: 05/01/2013 - 23:56:12 - [] ----D C:\Users\nico\AppData\Local\Unity O43 - CFD: 18/03/2012 - 23:47:25 - [] ----D C:\Users\nico\AppData\Local\VirtualStore O43 - CFD: 19/12/2013 - 13:27:03 - [] ----D C:\Users\nico\AppData\Local\Windows Live O43 - CFD: 19/10/2013 - 00:37:30 - [] ----D C:\Users\nico\AppData\Local\Windows Live Writer O43 - CFD: 14/07/2009 - 06:54:32 - [] R---D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 16/08/2014 - 00:10:56 - [] R---D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 12/01/2013 - 12:08:18 - [] ----D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 14/07/2009 - 06:49:38 - [] R---D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 16/08/2014 - 00:10:56 - [] R---D C:\Users\nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ~ Program Folder: 144 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.F14F1EBB47CCBD9C1AE2348E8FF7BF9E] - 06/08/2014 - 11:15:37 ---A- . (...) -- C:\awh4395.tmp [687] O44 - LFC:[MD5.349CF386805783D2E6810A767642F1B8] - 07/08/2014 - 03:01:34 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [424448] O44 - LFC:[MD5.9D455E3049B7F93483D7165422B7D0AF] - 07/08/2014 - 03:06:41 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [529920] O44 - LFC:[MD5.F14F1EBB47CCBD9C1AE2348E8FF7BF9E] - 07/08/2014 - 11:14:20 ---A- . (...) -- C:\awhDA47.tmp [687] O44 - LFC:[MD5.F14F1EBB47CCBD9C1AE2348E8FF7BF9E] - 09/08/2014 - 11:14:56 ---A- . (...) -- C:\awhE0D8.tmp [687] O44 - LFC:[MD5.F14F1EBB47CCBD9C1AE2348E8FF7BF9E] - 09/08/2014 - 22:13:35 ---A- . (...) -- C:\awh3B4A.tmp [687] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/08/2014 - 11:08:39 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.308E507CEF301969AEF14F22E6F100A2] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1669584] O44 - LFC:[MD5.3C35EF618CF9ADDCB3363117AC5E1D49] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122126] O44 - LFC:[MD5.A1EE4297BDC1D4DA15836A5B56940C5D] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150168] O44 - LFC:[MD5.5245E6CF15FC9A6F56B4BF7CB310351D] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654254] O44 - LFC:[MD5.1077F0D4270B49C378F59B0FEAC8A687] - 14/08/2014 - 11:20:47 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [747644] O44 - LFC:[MD5.F947D57534E01E3CA597BCF2AD8AE65B] - 15/08/2014 - 07:32:00 ---A- . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\Windows\System32\rpcrt4.dll [1216000] O44 - LFC:[MD5.C02C78DE9BB4E68F6C78B1588ADD6ADC] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [83968] O44 - LFC:[MD5.EDF22FBAE75ACB48BF51D099C6808B39] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [195584] O44 - LFC:[MD5.8E71A5CB5312B8392D4DA4CA37BB5868] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2266624] O44 - LFC:[MD5.1C660588CFFB3A17BCF0F6B4779BF985] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [940032] O44 - LFC:[MD5.ECA387DCD57F683C52171C766CF400F0] - 15/08/2014 - 07:33:16 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll [23645696] O44 - LFC:[MD5.1F02286D001AB5EA5719540C587224FE] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft ® HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1249280] O44 - LFC:[MD5.472C409F9B0FF67C1015F511C73E1889] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [5824512] O44 - LFC:[MD5.BAC44396088ECC1C9021ED3E3345337C] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [846336] O44 - LFC:[MD5.920F690FC7424DE71888AA2E46E917EA] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [758272] O44 - LFC:[MD5.6ED6DA2A04F8F0C9BDAD647284BAEFB6] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [548352] O44 - LFC:[MD5.2639E152D246F2A651F09764807CA153] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [85504] O44 - LFC:[MD5.1EEF9FE30DBE458A89B5F7A16FC68397] - 15/08/2014 - 07:33:17 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [139264] O44 - LFC:[MD5.FCC86367BB0FB6DEB6614885CBE74FD5] - 15/08/2014 - 07:33:18 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [51200] O44 - LFC:[MD5.72B7D166D1B0D353330A34FDED3F5AA6] - 15/08/2014 - 07:33:18 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [598016] O44 - LFC:[MD5.1B26610C1659EF54ED000233FB96F20C] - 15/08/2014 - 07:33:18 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [13547008] O44 - LFC:[MD5.DF485877CCE229776E6B8BB9116B67FE] - 15/08/2014 - 07:33:19 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [66048] O44 - LFC:[MD5.39A85C005BCDEEF4092646EBBC2526AA] - 15/08/2014 - 07:33:19 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2087936] O44 - LFC:[MD5.9C9FE69902CD45A7D9AB1F0C4EDE646C] - 15/08/2014 - 07:33:19 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [348856] O44 - LFC:[MD5.DB382D89D8004F40BD2C55BAE6A15B30] - 15/08/2014 - 07:33:19 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2774528] O44 - LFC:[MD5.FCF5C8BB9AFD8D15B324B702F9B186B7] - 15/08/2014 - 07:33:20 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [111616] O44 - LFC:[MD5.1FD1F16C35946BA28FDEB40F18B7729D] - 15/08/2014 - 07:33:20 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [631808] O44 - LFC:[MD5.FE7D99399F7761AA2695A7B1AD30DAAF] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1431040] O44 - LFC:[MD5.13A852B606F3644A7A35EDD99F74A685] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096] O44 - LFC:[MD5.52D2151908C2A6388B6561A373488F6F] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe [692736] O44 - LFC:[MD5.6598F2A876E13B6FFA5AE418D41CE7D6] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864] O44 - LFC:[MD5.5574B09C4676E8E2EBE125C18BDF9FBF] - 15/08/2014 - 07:33:21 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [33792] O44 - LFC:[MD5.08C5E6033786C1E41B63FD38CA22917A] - 15/08/2014 - 07:33:22 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640] O44 - LFC:[MD5.19FA60D3AE1804A559306DE931A5B415] - 15/08/2014 - 07:33:22 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [72704] O44 - LFC:[MD5.AE57F6C7AB3ED244B5F14151C4EA0057] - 15/08/2014 - 07:33:27 ---A- . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll [14175744] O44 - LFC:[MD5.9E19DEED6FEB140DA3764C32F2DC4849] - 15/08/2014 - 07:33:27 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [404480] O44 - LFC:[MD5.AF00649558BFB211A9091F4A6E7B4A0C] - 15/08/2014 - 07:33:28 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [3163648] O44 - LFC:[MD5.EBFEF789E32279C2ED7C81260B186AD7] - 15/08/2014 - 07:33:32 ---A- . (.Microsoft Corporation - Fichier DLL de ressources des fuseaux horai.) -- C:\Windows\System32\tzres.dll [2048] O44 - LFC:[MD5.B0F8CCA08DBC392442E27377B98DD0CD] - 15/08/2014 - 07:33:36 ---A- . (.Microsoft Corporation - Interface utilisateur de consentement pour.) -- C:\Windows\System32\consent.exe [112064] O44 - LFC:[MD5.5DFFC12BF7DB53BDB401804A3C3A475E] - 15/08/2014 - 07:33:36 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\System32\authui.dll [1941504] O44 - LFC:[MD5.3B39F9D51E4D8BAABDA6518955B58C13] - 15/08/2014 - 07:33:36 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\Windows\System32\msi.dll [3241984] O44 - LFC:[MD5.A6D0DC3B30F6BB1421DAA92537424822] - 15/08/2014 - 07:33:36 ---A- . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msihnd.dll [504320] O44 - LFC:[MD5.920B5C1CC0BAB6E574297BC3D945DA31] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Bashkir Keyboard Layout.) -- C:\Windows\System32\KBDBASH.DLL [7168] O44 - LFC:[MD5.87CE5C8965E101CCCED1F4675557E868] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [985536] O44 - LFC:[MD5.80EDA24B00478FA795F90DFA09C12E86] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Russia(Typewriter) Keyboard Layout.) -- C:\Windows\System32\KBDRU1.DLL [7168] O44 - LFC:[MD5.353C4A38042819CA83AEFC6F2E7051CD] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Russian Keyboard Layout.) -- C:\Windows\System32\KBDRU.DLL [6656] O44 - LFC:[MD5.EA21295A386C6DB2A2A90E657B37C5F4] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Sakha - Russia Keyboard Layout.) -- C:\Windows\System32\KBDYAK.DLL [7168] O44 - LFC:[MD5.BE67D99EDA34A68B827868371B5529AD] - 15/08/2014 - 07:33:39 ---A- . (.Microsoft Corporation - Tatar (Legacy) Keyboard Layout.) -- C:\Windows\System32\KBDTAT.DLL [7168] O44 - LFC:[MD5.06FC8A93A4FA1F42A3D1D06694F2B339] - 15/08/2014 - 07:33:40 ---A- . (...) -- C:\Windows\System32\locale.nls [419992] O44 - LFC:[MD5.E4312738B500577BABC232A49F67A67D] - 15/08/2014 - 16:11:39 ---A- . (.Microsoft Corporation - Windows Presentation Foundation Terminal Se.) -- C:\Windows\System32\TsWpfWrp.exe [35480] O44 - LFC:[MD5.8A08BB0D12BE40DC09632CD5D04A48A0] - 15/08/2014 - 16:11:51 ---A- . (.Microsoft Corporation - Windows CardSpace User Interface Agent.) -- C:\Windows\System32\icardagt.exe [1389208] O44 - LFC:[MD5.EE415EC9288182BCFB6E6896A376EA53] - 15/08/2014 - 16:11:51 ---A- . (.Microsoft Corporation - Windows CardSpace.) -- C:\Windows\System32\icardres.dll [8856] O44 - LFC:[MD5.9C44FB5B3A8A192FCE1103AC9BA4E576] - 15/08/2014 - 16:11:52 ---A- . (.Microsoft Corporation - Microsoft InfoCards.) -- C:\Windows\System32\infocardapi.dll [171160] O44 - LFC:[MD5.858CC713E4D6C931FFA232154BFD1208] - 15/08/2014 - 16:15:02 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [99218768] O44 - LFC:[MD5.7B9103037A1B7736D35A175BAEF51C82] - 20/08/2014 - 10:20:47 ---A- . (...) -- C:\Windows\MEMORY.DMP [399207974] O44 - LFC:[MD5.B853B666170DA00E48077936C591A0D3] - 20/08/2014 - 10:22:44 ---A- . (...) -- C:\Windows\ntbtlog.txt [156372] O44 - LFC:[MD5.2B153E5264D6348EAC66232E807D8196] - 20/08/2014 - 10:58:06 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [286400] O44 - LFC:[MD5.60A383EC2C3FD073D3E5CAFF1BB1414D] - 20/08/2014 - 17:07:29 ---A- . (...) -- C:\Windows\PFRO.log [7308] O44 - LFC:[MD5.4D88B0F027616A1BCDC498BC3E6AA8E4] - 20/08/2014 - 17:07:44 ---A- . (...) -- C:\Windows\setupact.log [24528] O44 - LFC:[MD5.02E3FC92918F901FC89D436A4E6D1753] - 20/08/2014 - 22:29:46 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.45D77AA7DA06B6FEFAD549043AC63C07] - 20/08/2014 - 22:29:54 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1240947] O44 - LFC:[MD5.8A50D5304E6AE48664CF5838EC32F647] - 20/08/2014 - 22:32:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [122584] ~ Files: 71 Scanned in 00mn 16s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Notification Packages . (.Samsung Electronics CO., LTD. - Touch Logon Credential Provider Config Filter.) -- C:\Windows\System32\ConfigFilter.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 10 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 18 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFolderOptions"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "HideClock"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktop"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFind"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRun"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoViewContextMenu"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"= O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 10 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440] O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904] O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128] O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856] O58 - SDL:02/06/2011 - 02:32:50 ---A- . (.ASMedia Technology Inc - ASMedia USB3 Hub Driver.) -- C:\Windows\System32\Drivers\asmthub3.sys [128488] O58 - SDL:02/06/2011 - 02:32:50 ---A- . (.ASMedia Technology Inc - ASMEDIA XHCI Host Controller Driver.) -- C:\Windows\System32\Drivers\asmtxhci.sys [401896] O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848] O58 - SDL:29/07/2010 - 01:23:08 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL664.SYS [3065408] O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432] O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704] O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720] O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104] O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:11/01/2011 - 00:15:08 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\System32\Drivers\btwampfl.sys [349736] O58 - SDL:25/01/2011 - 01:29:46 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\Drivers\btwaudio.sys [107560] O58 - SDL:14/09/2010 - 23:59:16 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\Drivers\btwavdt.sys [138280] O58 - SDL:16/02/2011 - 00:35:54 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\Drivers\btwl2cap.sys [39464] O58 - SDL:14/09/2010 - 23:59:10 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\Drivers\btwrchid.sys [21416] O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480] O58 - SDL:17/08/2011 - 08:19:38 ---A- . (.CyberLink Corporation - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\Drivers\clwvd.sys [31216] O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488] O58 - SDL:15/03/2011 - 21:43:30 ---A- . (.Tyco Electronics - EloSawJr Elo Touchmonitors.) -- C:\Windows\System32\Drivers\EloSawJr.sys [192080] O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016] O58 - SDL:27/01/2010 - 19:57:08 ---A- . (.Hauppauge Computer Works, Inc. - WinTV-Nova-T-Mini device driver.) -- C:\Windows\System32\Drivers\hcw17bda.sys [67456] O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:20/10/2010 - 17:34:26 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [56344] O58 - SDL:21/11/2010 - 04:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720] O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496] O58 - SDL:12/07/2011 - 03:47:20 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [12238112] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112] O58 - SDL:14/10/2010 - 17:28:16 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [317440] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776] O58 - SDL:12/05/2014 - 06:25:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O58 - SDL:12/05/2014 - 06:26:00 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [91352] O58 - SDL:20/08/2014 - 22:32:08 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [122584] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736] O58 - SDL:12/05/2014 - 06:26:10 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704] O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264] O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352] O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272] O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816] O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592] O58 - SDL:17/05/2011 - 07:55:28 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [533096] O58 - SDL:22/07/2011 - 10:24:42 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3024360] O58 - SDL:07/09/2011 - 10:46:04 ---A- . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) -- C:\Windows\System32\Drivers\SABI.sys [13824] O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:14/07/2009 - 01:00:40 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\serial.sys [94208] O58 - SDL:11/04/2011 - 11:55:24 ---A- . (.Phoenix Technologies Ltd. - SecureGuard Driver.) -- C:\Windows\System32\Drivers\SGDrv64.sys [7680] O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584] O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:19/03/2012 - 19:07:51 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\System32\Drivers\SYMEVENT64x86.SYS [174200] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872] O58 - SDL:23/05/2011 - 16:24:22 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [2750464] ~ Drivers: 66 Scanned in 00mn 41s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 08/10/2014 - 23:42:24 ---A- . (...) -- C:\Users\nico\AppData\Local\Temp\nsnFE4D.tmp\linker.dll [46080] O61 - LFC: 08/10/2014 - 23:42:26 ---A- . (...) -- C:\Users\nico\Downloads\AdwCleaner-3.304.exe [1366203] O61 - LFC: 08/10/2014 - 23:42:28 ---A- . (.Nicolas Coolman.) -- C:\Users\nico\Downloads\ZHPDiag2.exe [6860008] =>.Nicolas Coolman O61 - LFC: 08/10/2014 - 23:42:28 ---A- . (.TeamViewer GmbH.) -- C:\Users\nico\Downloads\TeamViewer_Setup_fr.exe [6307056] O61 - LFC: 16/08/2014 - 23:42:22 ---A- . (.Google Inc..) -- C:\Users\nico\AppData\Local\Google\Chrome\Application\36.0.1985.143\Installer\setup.exe [1104200] O61 - LFC: 20/08/2014 - 23:42:26 ---A- . (...) -- C:\Users\nico\Downloads\adwcleaner_3.307.exe [1361671] O61 - LFC: 20/08/2014 - 23:42:28 ---A- . (.Thisisu.) -- C:\Users\nico\Downloads\JRT.exe [1016261] ~ 1343 Fichiers temporaires (Temporary files) ~ 8 Fichiers cookies (Cookies files) ~ Files: 7 Scanned in 00mn 10s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 10/05/2014 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20140801.001\BHDrvx64.sys (BHDrvx64) .(.Symantec Corporation - BASH Driver.) - LEGACY_BHDRVX64 O64 - Services: CurCS - 12/06/2014 - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL O64 - Services: CurCS - 12/06/2014 - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - 24/03/2014 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20140819.001\IDSvia64.sys (IDSVia64) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIA64 O64 - Services: CurCS - 12/08/2014 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140820.002\ENG64.sys (NAVENG) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVENG O64 - Services: CurCS - 12/08/2014 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140820.002\EX64.sys (NAVEX15) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVEX15 O64 - Services: CurCS - 07/09/2011 - C:\windows\system32\Drivers\SABI.sys (SABI) .(.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - LEGACY_SABI O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 31/03/2011 - C:\Windows\system32\Drivers\NISx64\1207020.003\SRTSP64.sys (SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP O64 - Services: CurCS - 31/03/2011 - C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.sys (SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX O64 - Services: CurCS - 27/01/2011 - C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.sys (SymDS) .(.Symantec Corporation - Symantec Data Store.) - LEGACY_SYMDS O64 - Services: CurCS - 15/03/2011 - C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.sys (SymEFA) .(.Symantec Corporation - Symantec Extended File Attributes.) - LEGACY_SYMEFA O64 - Services: CurCS - 19/03/2012 - C:\windows\system32\Drivers\SYMEVENT64x86.sys (SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT O64 - Services: CurCS - 27/01/2011 - C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.sys (SymIRON) .(.Symantec Corporation - Iron Driver.) - LEGACY_SYMIRON O64 - Services: CurCS - 21/04/2011 - C:\Windows\system32\Drivers\NISx64\1207020.003\SYMNETS.sys (SymNetS) .(.Symantec Corporation - Network Security Driver.) - LEGACY_SYMNETS ~ Legacy: 89 Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\nico\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2477536] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] ~ Services: 32 Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{2DD4CD30-0925-4468-9FA7-50D02E8DA779}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{1D3B5FFF-3EFF-41F8-A9E4-1D9A3F02D0D9}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Firewall: 2 Scanned in 00mn 01s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "3EABBB7837BC6C44C81F727B5BEDCDC3" . (.Boxore Client.) -- C:\Windows\Installer\{87BBBAE3-CB73-44C6-8CF1-27B7B5DEDC3C}\boxore.ico =>Adware.Boxore ~ Update Products: 1 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.79E6443F01B4B1C3B957AA38DDD564FF] [WIS][17/07/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\11aaf5.msi [45056] =>Adware.Boxore ~ WIS: 1 Scanned in 00mn 24s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASAPI32 =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock Addons_RASMANCS =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASAPI32 =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock UpSetup_RASMANCS =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASAPI32 =>PUP.iMesh HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASMANCS =>PUP.iMesh HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASAPI32 =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Install_BubbleDock_RASMANCS =>PUP.BubbleDock HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASAPI32 =>Rogue.PCRegistryShield HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCRegistryShield_RASMANCS =>Rogue.PCRegistryShield ~ BTK: 193 Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 11/07/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 29/09/2012 1147424 | (DiskDoctorService) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe SS - | Demand 31/07/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 29/09/2012 1160224 | (SpeedDiskService) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe SR - | Auto 08/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 10/05/2011 956192 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe SR - | Auto 15/04/2011 562176 | (HauppaugeTVServer) . (.Hauppauge Computer Works.) - C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe SR - | Auto 05/05/2011 326424 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SR - | Auto 17/04/2011 130008 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe SR - | Auto 09/04/2014 4343664 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation SR - | Auto 29/09/2012 792608 | (NU16StartManagerSvc) . (.Symantec.) - C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe SR - | Auto 30/11/2009 244904 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe SR - | Auto 06/08/2014 5052224 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe SR - | Auto 05/05/2011 2656536 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 05s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by nico at 20/08/2014 23:43:46 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by nico at 20/08/2014 23:43:48 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13026 - (09/08/2014) Clés trouvées (Keys found) : 7 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 2 Fichiers trouvés (Files found) : 4 [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^ [HKLM\Software\Classes\AppID\npBoxorePlugin.dll] =>Adware.Boxore [HKLM\Software\Wow6432Node\Classes\AppID\npBoxorePlugin.dll] =>Adware.Boxore [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4AB7537EEC562384B917A60C59CC9607] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^ C:\Program Files (x86)\uTorrent =>P2P.µTorrent^ C:\Users\nico\AppData\Roaming\uTorrent =>P2P.µTorrent^ [HKCU\Software\BitTorrent] =>P2P.BitTorrent^ [HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf^ [HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer^ C:\Windows\Installer\11aaf5.msi =>Adware.Boxore^ ~ Additionnel Scan: 325259 Items scanned in 00mn 29s ---\\ Informations complémentaires sur les modules ~ ~ ~ ~ ~ ~ AMI: 5 Scanned in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station ~ MSI: 6 link(s) detected in 00mn 00s End of the scan (1298 lines in 03mn 19s)(0)
  8. laya
    Voici la suite: Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 20/08/2014 Heure de l'examen: 12:19:14 Fichier journal: Administrateur: Oui Version: 2.00.2.1012 Base de données Malveillants: v2014.08.20.03 Base de données Rootkits: v2014.08.16.01 Licence: Gratuite Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Self-protection: Désactivé(e) Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: nico Type d'examen: Examen "Personnalisé" Résultat: Terminé Objets analysés: 507707 Temps écoulé: 1 h, 32 min, 35 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Heuristics: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Clés du Registre: 0 (No malicious items detected) Valeurs du Registre: 0 (No malicious items detected) Données du Registre: 0 (No malicious items detected) Dossiers: 0 (No malicious items detected) Fichiers: 21 PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir, Mis en quarantaine, [14337255cdaedb5b49669b9469976898], Adware.Boxore, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Software\Update\1.2.199.0\SoftwareCrashHandler.exe.vir, Mis en quarantaine, [5ceb8c3b0279a591c56cfbd2e81822de], Adware.Boxore, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Software\Update\1.2.199.0\SoftwareUpdate.exe.vir, Mis en quarantaine, [7ccb6166c1bad1654be6a32af7099a66], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe.vir, Mis en quarantaine, [02455a6d08732511f00faf4d4db7ed13], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgArchive.dll.vir, Mis en quarantaine, [9ea91aadccaf02342ed15e9e5da7a45c], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll.vir, Mis en quarantaine, [fc4ba0277a01f541926d2cd0b54fea16], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll.vir, Mis en quarantaine, [f7503d8ad0ab1b1b8778b9431de7d828], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll.vir, Mis en quarantaine, [b790be095427b68055aaf00c1ce81fe1], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mglogger.dll.vir, Mis en quarantaine, [a2a52f980d6e1125837cee0e4fb507f9], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll.vir, Mis en quarantaine, [bc8b03c497e4df574ab536c63dc7827e], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll.vir, Mis en quarantaine, [d6716a5d1d5e86b0d827d626da2aa858], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll.vir, Mis en quarantaine, [d770fdca5b20a98d758a3ebeed17b14f], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll.vir, Mis en quarantaine, [96b1388f2b50f046659a5f9d84809070], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll.vir, Mis en quarantaine, [a89f2c9b6d0e86b05ea10cf0d3310df3], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll.vir, Mis en quarantaine, [3611dbece6951a1c56a957a510f402fe], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll.vir, Mis en quarantaine, [82c5fbcc95e65ed81ee14eae59ab21df], PUP.Optional.SweetIM, C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir, Mis en quarantaine, [d275c106cab12e0843bcde1e51b308f8], PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\nico\AppData\Local\Conduit\APISupport\APISupport.dll.vir, Mis en quarantaine, [b2951ea98af1a98d07006249ee136f91], PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\nico\AppData\Local\Conduit\APISupport\APISupport.old.vir, Mis en quarantaine, [6fd87750a2d991a5b4530ba06a979d63], PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Users\nico\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.152\MiniSP.dll.vir, Mis en quarantaine, [92b56562fd7e9f97589256394fb2a15f], PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\nico\AppData\Roaming\Mozilla\Firefox\Profiles\28kurama.default\Extensions\{9b6a5785-ac78-4858-a47b-3b499ec80d71}\Plugins\npFirefoxPlugin.dll.vir, Mis en quarantaine, [da6dbb0c99e21a1c5fa822898f720ff1], Secteurs physiques: 0 (No malicious items detected) (end)
  9. laya
    Pour JRT: http://cjoint.com/?DHumosEy9rC
  10. laya
    Pour AdwCleaner: http://cjoint.com/?DHumdyAeIga
  11. laya
    Bonjour Pear, Désolée du retard, mais je sors de l'hospitalisation de ma fille, dure semaine... Je me met au travail. Merci encore
  12. laya
    Bonsoir Voici un rapport zhp pour le pc d'un ami dans lequel MBAM a trouvé 4356 pup. Pouvez-vous me dire s'il y a quelque chose à faire sachant qu'il avait ressenti de très gros ralentissements depuis quelques mois? Merci beaucoup http://cjoint.com/?DHlaruC2lwS
  13. laya
    Tout est fait grand merci pear je met mon sujet en résolu
  14. laya
    Beaucoup plus réactive, et l'ouverture de programmes dans un délai acceptable J'ai remarqué dans les rapports qu'il y avait yontoo, qu'est ce que c'est?
  15. laya
    Pour SFTGC http://cjoint.com/?DGEotIk3exU
  16. laya
    Pour zhpFix: Rapport de ZHPFix 2014.7.27.5 par Nicolas Coolman, Update du 27/07/2014 Fichier d'export Registre : Run by seb at 30/07/2014 13:11:08 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée (12mn 54s) Dossier Prefetcher vidé Réparation des raccourcis navigateur ========== Logiciels ========== SUPPRIMÉ O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix ========== Clés du Registre ========== SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-1994_RASAPI32 SUPPRIMÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-1994_RASMANCS SUPPRIMÉ: HKCU\Software\Usbfix Branche de Base de Registres IFEO non infectée ! ========== Valeurs du Registre ========== Aucune Valeur Standard Profile: FirewallRaz : Aucune Valeur Domain Profile: FirewallRaz : SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{546A0F6F-50F3-478F-B37B-C7E82285314D}C:\users\seb\appdata\roaming\dropbox\bin\dropbox.exe SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{253A727E-A94F-4336-99F7-13CCE7B6EFE2}C:\users\seb\appdata\roaming\dropbox\bin\dropbox.exe ProxyFix : Configuration proxy supprimée avec succès SUPPRIMÉ ProxyServer Value SUPPRIMÉ ProxyEnable Value SUPPRIMÉ EnableHttp1_1 Value SUPPRIMÉ ProxyHttp1.1 Value SUPPRIMÉ ProxyOverride Value ========== Dossiers ========== Aucun dossiers CLSID Local utilisateur vide SUPPRIMÉS Temporaires Windows (108) ========== Fichiers ========== SUPPRIMÉ: c:\users\seb\appdata\local\google\chrome\user data\default\preferences SUPPRIMÉ: c:\users\seb\appdata\local\temp\vlc-2.1.5-win32.exe SUPPRIMÉS Flash Cookies (0) (0 octets) SUPPRIMÉS Temporaires Windows (221) (1 054 553 074 octets) ========== Fichier HOSTS ========== Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus. ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 4 : Clés du Registre 10 : Valeurs du Registre 2 : Dossiers 4 : Fichiers 1 : Logiciels 1 : Fichier HOSTS 1 : Restauration Système End of clean in 15mn 04s ========== Chemin de fichier rapport ========== C:\Users\seb\AppData\Roaming\ZHP\ZHPFix[R1].txt - 30/07/2014 13:24:04 [2233]
  17. laya
    Merci Pear voilà: http://cjoint.com/?DGEmtnlhjUu
  18. laya
    Bonjour, je transfère puisqu'il semble que j'ai tout de même un souci de virus. "Bonsoir, Je commence à m'impatienter devant mon windows 7 qui allait très bien mais qui commence à faire des siennes quand il doit ouvrir des programmes, navigue sur internet ou même lire un cd ou dvd. Le curseur rond apparait et tourne pendant parfois 3 ou 4 minutes. J'ai passé Mbam, Adwcleaner, rien n'y change Mr fait des siennes. Pour ouvrir une page internet, je galère, et j'ai souvent le droit à "ne répond pas". Voici mes rapports: http://cjoint.com/?DGElQNdzrhc http://cjoint.com/?DGElSn7OH1D Il ne semble pourtant pas s'agir de virus? edit: en fait Wullfk m'a dit que je n'en savais rien, c'est pas moi la pro, c'est vrai, mais j'ai juste posé la question sans rien affirmer. Merci de votre aide si vous avez un moment pour vous pencher sur mon problème?" Bonne journée
  19. laya
    Bonsoir, Je commence à m'impatienter devant mon windows 7 qui allait très bien mais qui commence à faire des siennes quand il doit ouvrir des programmes, navigue sur internet ou même lire un cd ou dvd. Le curseur rond apparait et tourne pendant parfois 3 ou 4 minutes. J'ai passé Mbam, Adwcleaner, rien n'y change Mr fait des siennes. Pour ouvrir une page internet, je galère, et j'ai souvent le droit à "ne répond pas". Il ne semble pourtant pas s'agir de virus? Merci de votre aide.
  20. laya

    Redémarrage en boucle

    laya a répondu à un(e) sujet de laya dans Windows Vista

    Bonsoir tonton, Merci de ta réponse, que je n'avais pas vue. (J'avais abandonné ) J'ai toujours le disque dur de ma soeur, j'essaierai donc demain. En attendant c'est moi qui rencontre quelques soucis, je vais donc ouvrir mon sujet. Merci et à demain.
  21. laya

    Redémarrage en boucle

    laya a répondu à un(e) sujet de laya dans Windows Vista

    Oui je crois aussi. C'est peine perdue alors?
  22. laya

    Redémarrage en boucle

    laya a répondu à un(e) sujet de laya dans Windows Vista

    Et bien voila, c'eût été trop facile... lorsque je lance l installation, j'ai le message d erreur suivant: windows ne peut pas installer les fichiers requis vérifier que tous les fichiers necessaires a l'installation sont disponibles et redemarrer... '
  23. laya

    Redémarrage en boucle

    laya a répondu à un(e) sujet de laya dans Windows Vista

    C'est chose enfin faite. J'ai trouvé le fameux adaptateur
  24. laya

    Redémarrage en boucle

    laya a répondu à un(e) sujet de laya dans Windows Vista

    Bonjour Pear, J ai bien un DVD de vista, c est d ailleurs avec lui que j'ai tenté la reparation. V que ça n'a pas marché, je suppose que je peux réinstaller vista?
  25. laya

    Redémarrage en boucle

    laya a répondu à un(e) sujet de laya dans Windows Vista

    Merci Pear J ai donc bien tenté la réparation, et plusieurs tentatives comme on me l'avait préconisé, mais rien ne marche. Cela me dit qu'il n'a pas été trouvé de problème. Mais ça ne démarre toujours pas
×
×
  • Créer...