GAUDIN DANIEL
Membres-
Compteur de contenus
8 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par GAUDIN DANIEL
-
Connexion réseau entrante suspecte bloquée (2)
GAUDIN DANIEL a répondu à un(e) sujet de GAUDIN DANIEL dans Analyses et éradication malwares
Bonjour Apollo, Faute de réponse de ta part, je joins deux nouveaux rapports ZHPDiag ET ZHPCleaner. C'est ce dernier qui demandait de "nettoyer" Internet Explorer, ce que cette fois j'ai accepté. http://cjoint.com/?DLqsy22iMnG http://cjoint.com/?DLqsABQ5VtZ Pourrais-tu me dire ce que je peux faire, car j'ai toujours ces connexions entrantes bloquées. Merci pour ton aide, dis-moi si je commence à abuser de ta gentillesse. Bien cordialement. -
Connexion réseau entrante suspecte bloquée (2)
GAUDIN DANIEL a répondu à un(e) sujet de GAUDIN DANIEL dans Analyses et éradication malwares
Bonjour APOLLO, Les connexions entrantes suspectes continuent même après ZHPDiag de ce jour, et ce exclusivement dès l'ouverture d'Internet Explorer. Un des programmes de nettoyage que tu m'as dit de faire tourner (je ne sais plus lequel) m'a demandé si j'étais d'accord sur mon adresse IP, j'ai répondu ok, et si je voulais nettoyer Internet Explorer. Là j'ai répondu non. Voici le lien pour le rapport ZHPDiag de ce jour 13h33 http://cjoint.com/?0LpoiRmgQ6q Bien cordialement. -
Connexion réseau entrante suspecte bloquée (2)
GAUDIN DANIEL a répondu à un(e) sujet de GAUDIN DANIEL dans Analyses et éradication malwares
Bonsoir Apollo, Voici les liens pour les rapports SFTGC et MBAM http://cjoint.com/?DLoxnLOfhAf http://cjoint.com/?0LoxppbXsuS Merci pour la suite, bien cordialement. -
Connexion réseau entrante suspecte bloquée (2)
GAUDIN DANIEL a répondu à un(e) sujet de GAUDIN DANIEL dans Analyses et éradication malwares
Bonjour Apollo, Voici les liens des rapports JRT, ADWCLEANER et ZHPCLEANER http://cjoint.com/?0Lnr4GOAFSr http://cjoint.com/?0LnsaAPzMnJ http://cjoint.com/?0Lnsci8C78c Merci pour les explications, je ne connaissais pas ce moyen de faire partager des documents. Bien cordialement. -
Connexion réseau entrante suspecte bloquée (2)
GAUDIN DANIEL a répondu à un(e) sujet de GAUDIN DANIEL dans Analyses et éradication malwares
Re bonsoir Apollo, Depuis tout à l'heure j'ai fait des progrès, voici le lien du rapport ZHPCleaner. Merci pour tout, bien cordialement. https://onedrive.live.com/redir?resid=547B606290DE911B!1804&authkey=!AC3hWJn-GKrgY30&ithint=file%2ctxt -
Connexion réseau entrante suspecte bloquée (2)
GAUDIN DANIEL a répondu à un(e) sujet de GAUDIN DANIEL dans Analyses et éradication malwares
Bonjour Apollo, voici ce que j'ai pu faire, j'espère que ça marchera. En tout cas merci pour ta patience. Bien cordialement. ~ Rapport de ZHPDiag v2014.12.10.172 - Nicolas Coolman (10/12/2014) ~ Lancé par Daniel (11/12/2014 20:05:49) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17498 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8.1, 64-bit (Build 9600) Windows Server License Manager Script : OK ~ Windows® Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : QC9F3 Windows License : OK ~ Windows Remaining Initializations Number : 1000 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Windows Defender W8 (Deactivate) ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Reader XI ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 6025 MB (64% free) System Restore: Activé (Enable) System drive C: has 636 GB (92%) free of 689 GB ---\\ Mode de connexion au système ~ Computer Name: DANIEL ~ User Name: Daniel ~ All Users Names: HomeGroupUser$, Daniel, D. GAUDIN, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Daniel\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Daniel\AppData\Roaming\ ~ %Desktop% : C:\Users\Daniel\Desktop\ ~ %Favorites% : C:\Users\Daniel\Favorites\ ~ %LocalAppData% : C:\Users\Daniel\AppData\Local\ ~ %StartMenu% : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 636 Go of 689 Go) D: CD-ROM drive (Not Inserted) F: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 41 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] - (.Microsoft Corporation - Explorateur Windows.) (.23/08/2014 - 08:48:28.) -- C:\Windows\Explorer.exe [2374784] [MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384] [MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/11/2014 - 02:28:21.) -- C:\Windows\System32\wininet.dll [2358272] [MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/02/2014 - 10:45:48.) -- C:\Windows\System32\Winlogon.exe [562176] [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488] [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 04:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200] [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464] [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576] [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352] [MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 10:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144] [MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 12:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800] [MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520] [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.22/04/2014 - 08:44:54.) -- C:\Windows\system32\Drivers\IpNat.sys [142848] [MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30/04/2014 - 07:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432] [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624] [MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/07/2014 - 16:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [2009920] [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208] [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832] [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.22/08/2013 - 23:27:33.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584] [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520] [MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 03:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/2319 ~ Mes musiques (My Musics) : 4/961 ~ Mes Videos (My Videos) : 1/17 ~ Mes Favoris (My Favorites) : 1/18 ~ Mes Documents (My Documents) : 2/1187 ~ Mon Bureau (My Desktop) : 1/11 ~ Menu demarrer (Programs) : 1/23 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.5F1B1148C830C0F149A476A58CE0D09D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [815248] [PID.1984] [MD5.EABAB863E4451B22CA44A4919E59D2B8] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144] [PID.6288] [MD5.175B3D01AD19B310238B5C29846D2891] - (.Microsoft Corporation - Microsoft Office Document Cache Sync Client.) -- C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.exe [81640] [PID.3116] [MD5.381EE8A817F8397BB51044D5EA725D7F] - (.Dell Inc. - Dell Update.) -- C:\Program Files (x86)\Dell Update\DellUpTray.exe [682360] [PID.4664] [MD5.36995A650174CC354F6E4C417C6D5625] - (.Microsoft Corporation - Microsoft Word.) -- C:\Program Files\Microsoft Office 15\root\office15\WINWORD.exe [1923224] [PID.6480] [MD5.1C6C28041F1CF705FF7886A1CF362A08] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8139264] [PID.7844] ~ Processes Running: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ~ Firefox Browser: 2 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) -- C:\Windows\SysWOW64\ieframe.dll ~ IE Browser: 16 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: webget [64Bits] - {dc264a72-fa75-4948-b881-ea8eff8e5dd2} . (...) -- C:\Program Files (x86)\webget\webgetbho.dll (.not file.) =>PUP.WebGet O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline ~ BHO: 3 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe O4 - HKLM\..\Run: [RtHDVBg_PushButton] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [iAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe O4 - HKCU\..\Run: [EPSON Stylus DX8400] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.exe =>.Epson Seiko Corporation O4 - HKCU\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.) O4 - HKCU\..\Run: [DellSystemDetect] . (.Dell - Dell System Detect.) -- C:\Users\Daniel\AppData\Local\Apps\2.0\OQTE5RNA.9EN\HVXHZPJE.QEX\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe O4 - HKLM\..\Wow6432Node\Run: [iMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [bingDesktop] . (.Microsoft Corp. - Bing Desktop Application.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe O4 - HKLM\..\policies\Explorer\Run: [btvStack] . (.Qualcomm®Atheros® - Extension Core.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe O4 - HKUS\S-1-5-21-3151989207-4221442305-1946730833-1001\..\Run: [EPSON Stylus DX8400] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.exe =>.Epson Seiko Corporation O4 - HKUS\S-1-5-21-3151989207-4221442305-1946730833-1001\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.) O4 - HKUS\S-1-5-21-3151989207-4221442305-1946730833-1001\..\Run: [DellSystemDetect] . (.Dell - Dell System Detect.) -- C:\Users\Daniel\AppData\Local\Apps\2.0\OQTE5RNA.9EN\HVXHZPJE.QEX\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.) O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll ~ Winsock: 7 Scanned in 00mn 00s ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com ~ IE Zone Confiance: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{BE43694C-9294-4675-BFF8-CC52D45BAD4E}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{A6037852-1645-4F96-93DC-FFD07882C844}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{BE43694C-9294-4675-BFF8-CC52D45BAD4E}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{A6037852-1645-4F96-93DC-FFD07882C844}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (...) -- igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: McAfee Application Installer Cleanup (0250331416427915) (0250331416427915mcinstcleanup) . (...) - C:\Windows\TEMP\025033~1.exe (.not file.) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: AtherosSvc (AtherosSvc) . (.Windows ® Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe O23 - Service: Dell Update Service (DellUpdate) . (.Dell Inc. - Dell Update Windows Service.) - C:\Program Files (x86)\Dell Update\DellUpService.exe O23 - Service: McAfee Home Network (HomeNetSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe O23 - Service: Intel® Capability Licensing Service Interface (Intel® Capability Licensing Service Interface) . (.Intel® Corporation - Intel® Capability Licensing Service Inter.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel® Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel® Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel® Local Management Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee AP Service (McAPExe) . (.McAfee, Inc. - McAfee Access Protection.) - C:\Program Files\McAfee\MSC\McAPexe.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Platform Services (mcpltsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Windows\system32\mfevtps.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.CyberLink - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe ~ Services: 22 Scanned in 00mn 06s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.EABAB863E4451B22CA44A4919E59D2B8] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144] [MD5.B545F8575AF154A5690B5EACECEE1B5E] [APT] [CLVDLauncher] (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440] [MD5.1BB277A7DF790A38B5252D0DFEA3D30B] [APT] [PCDEventLauncherTask] (.PC-Doctor, Inc..) -- C:\Program Files\My Dell\sessionchecker.exe [436728] [MD5.5197F982AD047548D8DFB257D4018D63] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\My Dell\uaclauncher.exe [1212408] [MD5.E38B453152C9D62B0EF6F11FD0629F4A] [APT] [synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400] ~ Scheduled Task: 5 Scanned in 00mn 03s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll ~ Active Setup: 9 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: (CLVirtualDrive) . (.CyberLink - It is a virtual device driver which could c.) - C:\Windows\system32\DRIVERS\CLVirtualDrive.sys O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys ~ Drivers: 34 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Acrobat Reader Packages - (...) [HKCU][64Bits] -- Acrobat Reader Packages O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Bing Bureau - (.Microsoft Corporation.) [HKLM][64Bits] -- {7D095455-D971-4D4C-9EFD-9AF6A6584F3A} O42 - Logiciel: CyberLink LabelPrint 2.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink Media Suite Essentials - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7} O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2} O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A} O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DSC/AA Factory Installer - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {F7A70D00-F283-45C8-B163-49EC365D7E27} O42 - Logiciel: Dell Backup and Recovery - (.Dell Inc..) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04} O42 - Logiciel: Dell Backup and Recovery - Support Software - (.Dell Inc..) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49} O42 - Logiciel: Dell System Detect - (.Dell.) [HKCU][64Bits] -- 73f463568823ebbe O42 - Logiciel: Dell Touchpad - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: Dell Update - (.Dell Inc..) [HKLM][64Bits] -- {E3CECF25-A529-415E-8F9A-D53C40E5E94C} O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON Printer and Utilities O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B} O42 - Logiciel: Intel® Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel® Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {96714280-14E6-4DF7-BACD-F797C0F17C3D} O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79} O42 - Logiciel: Kobo - (.Rakuten Kobo Inc..) [HKLM][64Bits] -- Kobo O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: McAfee LiveSafe – Internet Security - (.McAfee, Inc..) [HKLM][64Bits] -- MSC O42 - Logiciel: McAfee Virtual Technician - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Virtual Technician O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: My Dell - (.PC-Doctor, Inc..) [HKLM][64Bits] -- PC-Doctor for Windows O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE} O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE} O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE} O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU][64Bits] -- PhotoFiltre 7 O42 - Logiciel: Quickset64 - (.Dell Inc..) [HKLM][64Bits] -- {87CF757E-C1F1-4D22-865C-00C6950B5258} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN ~ Logic: 42 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Adobe] [HKCU\Software\AppDataLow] [HKCU\Software\Atheros] [HKCU\Software\Citrix] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\EPSON] [HKCU\Software\Google] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\Kobo] [HKCU\Software\Licenses] [HKCU\Software\Macromedia] [HKCU\Software\McAfee] [HKCU\Software\Mine] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PC-Doctor] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\RegisteredApplications] [HKCU\Software\Synaptics] [HKCU\Software\Wow6432Node] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\speedial] =>Adware.SearchYa [HKLM\Software\Atheros] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\DTS] [HKLM\Software\Dell Computer Corporation] [HKLM\Software\Dolby] [HKLM\Software\EPSON] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\McAfee.com] [HKLM\Software\McAfee] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\PC-Doctor] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Synaptics] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node\ATHEROS] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Citrix] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\CyberLink] [HKLM\Software\Wow6432Node\Dell Inc.] [HKLM\Software\Wow6432Node\DellBackupandRecovery] [HKLM\Software\Wow6432Node\Dell] [HKLM\Software\Wow6432Node\Dell_Wlan] [HKLM\Software\Wow6432Node\EPSON] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Lake] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\McAfee.com] [HKLM\Software\Wow6432Node\McAfee] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\Nuance] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\PC-Doctor] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\SoftThinks] [HKLM\Software\Wow6432Node\SuppHelpDir] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node] ~ Key Software: 172 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 22/05/2014 - 16:43:22 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 21/04/2014 - 23:41:09 - [] ----D C:\Program Files (x86)\Amazon O43 - CFD: 22/05/2014 - 16:31:16 - [] ----D C:\Program Files (x86)\Citrix O43 - CFD: 22/05/2014 - 16:43:22 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 21/04/2014 - 23:40:36 - [] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 10/12/2014 - 17:26:25 - [] ----D C:\Program Files (x86)\Dell Backup and Recovery O43 - CFD: 10/12/2014 - 16:50:16 - [] ----D C:\Program Files (x86)\Dell Update O43 - CFD: 21/04/2014 - 23:33:37 - [] ----D C:\Program Files (x86)\Dell Wireless O43 - CFD: 24/05/2014 - 15:38:03 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 21/05/2014 - 20:28:14 - [0] ----D C:\Program Files (x86)\GUMCA45.tmp O43 - CFD: 21/04/2014 - 23:46:24 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 21/04/2014 - 23:27:43 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 10/12/2014 - 17:22:07 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 11/11/2014 - 23:22:30 - [] ----D C:\Program Files (x86)\Kobo O43 - CFD: 10/12/2014 - 09:51:24 - [] ----D C:\Program Files (x86)\McAfee O43 - CFD: 21/04/2014 - 23:44:15 - [] ----D C:\Program Files (x86)\mcafee.com O43 - CFD: 27/06/2014 - 18:11:34 - [] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 21/04/2014 - 23:43:07 - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 22/08/2014 - 18:25:54 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 21/05/2014 - 18:46:25 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 21/04/2014 - 23:42:24 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 21/05/2014 - 18:45:39 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 21/04/2014 - 23:10:07 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 15/08/2014 - 17:59:49 - [] ----D C:\Program Files (x86)\PhotoFiltre 7 O43 - CFD: 21/04/2014 - 23:10:07 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 30/06/2014 - 09:20:48 - [] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 10/12/2014 - 17:22:15 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 27/06/2014 - 17:22:01 - [] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 22/08/2013 - 23:25:40 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 25/05/2014 - 22:22:23 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 25/05/2014 - 22:22:24 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 22/08/2013 - 23:25:40 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 25/05/2014 - 22:22:23 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 22/08/2013 - 16:36:30 - [] -SH-D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 11/12/2014 - 20:04:27 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 22/05/2014 - 16:43:29 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 21/04/2014 - 23:31:10 - [] ----D C:\Program Files (x86)\Common Files\Atheros O43 - CFD: 21/04/2014 - 23:36:34 - [] ----D C:\Program Files (x86)\Common Files\CyberLink O43 - CFD: 21/05/2014 - 18:45:39 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 21/04/2014 - 23:25:26 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 21/04/2014 - 23:28:49 - [] ----D C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 21/04/2014 - 23:45:19 - [] ----D C:\Program Files (x86)\Common Files\mcafee O43 - CFD: 22/05/2014 - 17:24:42 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 17/06/2014 - 18:16:28 - [] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 22/08/2013 - 23:25:40 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 21/04/2014 - 23:41:16 - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 22/05/2014 - 17:23:53 - [] ----D C:\ProgramData\Adobe O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 22/05/2014 - 17:28:52 - [] ----D C:\ProgramData\Atheros O43 - CFD: 21/05/2014 - 18:22:27 - [] -SH-D C:\ProgramData\Bureau O43 - CFD: 22/05/2014 - 16:31:33 - [] ----D C:\ProgramData\Citrix O43 - CFD: 21/04/2014 - 23:35:07 - [] ----D C:\ProgramData\CLSK O43 - CFD: 18/08/2014 - 16:40:00 - [] ----D C:\ProgramData\CyberLink O43 - CFD: 21/04/2014 - 23:53:36 - [] ----D C:\ProgramData\Dell O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 24/05/2014 - 15:35:57 - [] ----D C:\ProgramData\EPSON O43 - CFD: 22/05/2014 - 16:44:54 - [] ----D C:\ProgramData\Google O43 - CFD: 21/04/2014 - 23:40:06 - [] ----D C:\ProgramData\install_clap O43 - CFD: 21/05/2014 - 18:34:47 - [] ----D C:\ProgramData\Intel O43 - CFD: 30/06/2014 - 10:22:55 - [] ----D C:\ProgramData\McAfee O43 - CFD: 21/05/2014 - 18:22:27 - [] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 10/12/2014 - 17:22:11 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 21/05/2014 - 18:46:16 - [] ----D C:\ProgramData\Microsoft OneDrive O43 - CFD: 21/05/2014 - 18:22:28 - [] -SH-D C:\ProgramData\Modèles O43 - CFD: 09/10/2014 - 17:59:28 - [] ----D C:\ProgramData\Package Cache O43 - CFD: 21/04/2014 - 23:40:59 - [] ----D C:\ProgramData\PC-Doctor for Windows O43 - CFD: 10/12/2014 - 09:51:35 - [] ----D C:\ProgramData\PCDr O43 - CFD: 20/11/2014 - 19:24:54 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 08/12/2014 - 10:49:50 - [] ----D C:\ProgramData\softthinks O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 21/04/2014 - 23:40:36 - [] ----D C:\ProgramData\Temp O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 22/08/2013 - 16:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 22/08/2013 - 23:27:43 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 25/05/2014 - 22:23:07 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 27/06/2014 - 18:11:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Bureau O43 - CFD: 21/04/2014 - 23:31:11 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program O43 - CFD: 21/04/2014 - 23:40:40 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite O43 - CFD: 10/12/2014 - 16:50:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 24/05/2014 - 15:35:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON O43 - CFD: 04/08/2014 - 18:55:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 25/05/2014 - 17:05:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 11/12/2014 - 20:02:03 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee O43 - CFD: 21/05/2014 - 18:44:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 O43 - CFD: 22/08/2014 - 18:13:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 15/08/2014 - 17:59:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 O43 - CFD: 22/08/2013 - 16:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 25/05/2014 - 22:23:07 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 22/08/2013 - 23:27:43 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 30/06/2014 - 09:21:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 26/06/2014 - 19:10:29 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 11/12/2014 - 20:04:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 22/05/2014 - 16:45:27 - [] ----D C:\Users\Daniel\AppData\Roaming\Adobe O43 - CFD: 21/05/2014 - 18:34:46 - [] ----D C:\Users\Daniel\AppData\Roaming\Atheros O43 - CFD: 18/08/2014 - 16:40:03 - [] ----D C:\Users\Daniel\AppData\Roaming\CyberLink O43 - CFD: 21/05/2014 - 20:34:59 - [] ----D C:\Users\Daniel\AppData\Roaming\Google O43 - CFD: 21/05/2014 - 21:03:42 - [] ----D C:\Users\Daniel\AppData\Roaming\Identities O43 - CFD: 21/05/2014 - 18:35:52 - [] ----D C:\Users\Daniel\AppData\Roaming\Intel Corporation O43 - CFD: 21/05/2014 - 20:14:04 - [] ----D C:\Users\Daniel\AppData\Roaming\Macromedia O43 - CFD: 10/11/2014 - 10:16:53 - [] -S--D C:\Users\Daniel\AppData\Roaming\Microsoft O43 - CFD: 21/07/2014 - 14:15:59 - [] ----D C:\Users\Daniel\AppData\Roaming\PCDr O43 - CFD: 10/12/2014 - 10:07:26 - [] ----D C:\Users\Daniel\AppData\Roaming\PhotoFiltre 7 O43 - CFD: 10/12/2014 - 10:07:26 - [] ----D C:\Users\Daniel\AppData\Roaming\vlc O43 - CFD: 21/05/2014 - 21:14:52 - [] ----D C:\Users\Daniel\AppData\Roaming\Windows Live Writer O43 - CFD: 11/12/2014 - 20:06:04 - [] ----D C:\Users\Daniel\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 22/05/2014 - 16:45:27 - [] ----D C:\Users\Daniel\AppData\Local\Adobe O43 - CFD: 21/05/2014 - 18:32:44 - [] -SH-D C:\Users\Daniel\AppData\Local\Application Data O43 - CFD: 11/11/2014 - 19:14:20 - [] ----D C:\Users\Daniel\AppData\Local\Apps O43 - CFD: 21/05/2014 - 18:35:15 - [] ----D C:\Users\Daniel\AppData\Local\BMExplorer O43 - CFD: 22/05/2014 - 16:31:11 - [] ----D C:\Users\Daniel\AppData\Local\Citrix O43 - CFD: 15/11/2014 - 18:32:01 - [] ----D C:\Users\Daniel\AppData\Local\CrashDumps O43 - CFD: 18/08/2014 - 16:39:58 - [] ----D C:\Users\Daniel\AppData\Local\CyberLink O43 - CFD: 11/11/2014 - 19:14:50 - [0] ----D C:\Users\Daniel\AppData\Local\Deployment O43 - CFD: 10/12/2014 - 09:45:45 - [] ----D C:\Users\Daniel\AppData\Local\Diagnostics O43 - CFD: 24/11/2014 - 16:31:55 - [] ----D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics O43 - CFD: 18/11/2014 - 18:22:05 - [] -SH-D C:\Users\Daniel\AppData\Local\EmieBrowserModeList O43 - CFD: 26/05/2014 - 09:11:34 - [] -SH-D C:\Users\Daniel\AppData\Local\EmieSiteList O43 - CFD: 26/05/2014 - 09:11:34 - [] -SH-D C:\Users\Daniel\AppData\Local\EmieUserList O43 - CFD: 22/05/2014 - 16:44:54 - [] ----D C:\Users\Daniel\AppData\Local\Google O43 - CFD: 21/05/2014 - 18:32:44 - [] -SH-D C:\Users\Daniel\AppData\Local\Historique O43 - CFD: 10/11/2014 - 10:15:58 - [] ----D C:\Users\Daniel\AppData\Local\Kobo O43 - CFD: 16/09/2014 - 18:06:09 - [] ----D C:\Users\Daniel\AppData\Local\Microsoft O43 - CFD: 31/05/2014 - 18:03:42 - [] ----D C:\Users\Daniel\AppData\Local\Microsoft Help O43 - CFD: 11/12/2014 - 19:12:23 - [] ----D C:\Users\Daniel\AppData\Local\Packages O43 - CFD: 21/05/2014 - 18:35:24 - [] ----D C:\Users\Daniel\AppData\Local\Power2Go8 O43 - CFD: 22/05/2014 - 15:54:21 - [] ----D C:\Users\Daniel\AppData\Local\Programs O43 - CFD: 22/05/2014 - 16:51:19 - [0] ----D C:\Users\Daniel\AppData\Local\softthinks O43 - CFD: 11/12/2014 - 20:04:49 - [] ----D C:\Users\Daniel\AppData\Local\Temp O43 - CFD: 21/05/2014 - 18:32:44 - [] -SH-D C:\Users\Daniel\AppData\Local\Temporary Internet Files O43 - CFD: 21/05/2014 - 18:33:22 - [0] ----D C:\Users\Daniel\AppData\Local\VirtualStore O43 - CFD: 26/06/2014 - 19:11:44 - [] ----D C:\Users\Daniel\AppData\Local\Windows Live O43 - CFD: 27/05/2014 - 15:58:44 - [] ----D C:\Users\Daniel\AppData\Local\Windows Live Writer O43 - CFD: 22/08/2013 - 16:36:32 - [] R---D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 22/08/2013 - 16:36:32 - [] R---D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 17/11/2014 - 19:23:02 - [] R---D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 11/12/2014 - 18:11:08 - [] R---D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices O43 - CFD: 11/11/2014 - 19:14:48 - [] ----D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 22/08/2013 - 16:36:32 - [] ----D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 15/08/2014 - 17:59:49 - [0] ----D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 O43 - CFD: 17/11/2014 - 19:23:02 - [] R---D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 22/08/2013 - 16:36:32 - [] R---D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools ~ Program Folder: 146 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.EE5ED8E6998D7E686F614BA8D876829B] - 03/12/2014 - 00:09:08 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [192000] O44 - LFC:[MD5.222F243A138149E51FEA4769A475A144] - 03/12/2014 - 00:09:08 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1083392] O44 - LFC:[MD5.C4859B1344645E6109DE77F5577CD37F] - 03/12/2014 - 00:09:09 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [396288] O44 - LFC:[MD5.FB7F1B20A2C86D55F731E53EB04C9360] - 03/12/2014 - 00:09:10 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\invagent.dll [740864] O44 - LFC:[MD5.2DD8EC6F8DE5F8556ABC5F223D49EA07] - 03/12/2014 - 00:09:13 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [412672] O44 - LFC:[MD5.8283D7B0DCB540AB58A864E4BF2451FD] - 04/12/2014 - 00:09:06 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [830464] O44 - LFC:[MD5.C4A550C337ADB0EB4C4D4F388C27B815] - 04/12/2014 - 00:37:36 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\aepdu.dll [227328] O44 - LFC:[MD5.52D29B1C4E0A353BFCD26B7BABF0F14B] - 08/12/2014 - 10:33:13 ---A- . (...) -- C:\Windows\setupact.log [24107] O44 - LFC:[MD5.189A10892093E1054614192504CC3110] - 08/12/2014 - 23:06:07 ---A- . (...) -- C:\Windows\PFRO.log [42176] O44 - LFC:[MD5.A770340FC02B999EF0DE6C2A6BC8437C] - 10/12/2014 - 17:12:31 ---A- . (.Microsoft Corporation - Intel Power Engine Plugin.) -- C:\Windows\System32\Drivers\intelpep.sys [39744] O44 - LFC:[MD5.7B7C482CF48E6EE33664340D1A78E6FE] - 10/12/2014 - 17:12:31 ---A- . (.Microsoft Corporation - Pilote du bus numérique sécurisé (SD).) -- C:\Windows\System32\Drivers\sdbus.sys [238912] O44 - LFC:[MD5.24A8DFC07E4BAF29AEA26E383D4CC886] - 10/12/2014 - 17:12:31 ---A- . (.Microsoft Corporation - Power Dependency Coordinator Driver.) -- C:\Windows\System32\Drivers\pdc.sys [86336] O44 - LFC:[MD5.B02118A776C368F7EE1A8CC81378D265] - 10/12/2014 - 17:12:31 ---A- . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\Windows\System32\Drivers\dumpsd.sys [153920] O44 - LFC:[MD5.418B5117F187DFFD96C52325CA0DF153] - 10/12/2014 - 17:12:38 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [1762840] O44 - LFC:[MD5.F5BA843DE3475B8D7FD5AFC21857A7C1] - 10/12/2014 - 17:12:39 ---A- . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll [1970432] O44 - LFC:[MD5.668417ED63F9FBE7DD8D7A54B04279DA] - 10/12/2014 - 17:12:40 ---A- . (.Microsoft Corporation - File Risk Estimation.) -- C:\Windows\System32\winshfhc.dll [14336] O44 - LFC:[MD5.4AD874CDC812EC156265E451B6B09DAB] - 10/12/2014 - 17:12:41 ---A- . (.Microsoft Corporation - Microsoft Network Realtime Inspection Drive.) -- C:\Windows\System32\Drivers\WdNisDrv.sys [114496] O44 - LFC:[MD5.0359607177E5E9F6041136CC0A5CB0B6] - 10/12/2014 - 17:12:41 ---A- . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\Drivers\WdBoot.sys [35320] O44 - LFC:[MD5.DE8D12B4C3F55FA2C5E9774314F6C58A] - 10/12/2014 - 17:12:41 ---A- . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\Drivers\WdFilter.sys [258368] O44 - LFC:[MD5.F0A117D19873FCDF801F082F33BFBB6C] - 10/12/2014 - 17:12:42 ---A- . (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\user32.dll [1519488] O44 - LFC:[MD5.DB7815ACB2D8F7CB03807059969F13B6] - 10/12/2014 - 17:12:46 ---A- . (.Microsoft Corporation - Microsoft Windows MRM.) -- C:\Windows\System32\MrmCoreR.dll [1091072] O44 - LFC:[MD5.83AEDC4636606B145851723AE7385781] - 10/12/2014 - 17:12:47 ---A- . (.Microsoft Corporation - Dll du fournisseur d’état de l’installation.) -- C:\Windows\System32\DeviceSetupStatusProvider.dll [34304] O44 - LFC:[MD5.D248949FCF2B72C1FD4EC15DA92065C0] - 10/12/2014 - 17:12:53 ---A- . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll [262144] O44 - LFC:[MD5.17A157A4225CF562202AC71DB8103177] - 10/12/2014 - 17:12:53 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [88064] O44 - LFC:[MD5.A41AC7E8D142FD0ECF6EF7F1BB63D478] - 10/12/2014 - 17:12:53 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll [812544] O44 - LFC:[MD5.507DC5EE1363EEB7D986B1026DF4E39D] - 10/12/2014 - 17:12:53 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [1032704] O44 - LFC:[MD5.DB10D681314714E0D4623E4C0CF6654A] - 10/12/2014 - 17:12:53 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [92160] O44 - LFC:[MD5.284070B045F8B11B4A1FB32F72023038] - 10/12/2014 - 17:12:54 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [417280] O44 - LFC:[MD5.14BA910E7731FC84EB85328BD0F1EE81] - 10/12/2014 - 17:12:54 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [800768] O44 - LFC:[MD5.1D294810D3A8A8F722E86AA001F54DCC] - 10/12/2014 - 17:12:54 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [580096] O44 - LFC:[MD5.62CFEE2A516C68540486EBF26F18ED4C] - 10/12/2014 - 17:12:54 ---A- . (.Microsoft Corporation - Objets homologues Internet Explorer.) -- C:\Windows\System32\iepeers.dll [145408] O44 - LFC:[MD5.DDE455CF1B9F43775A53A4E577DFDC54] - 10/12/2014 - 17:12:54 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [373760] O44 - LFC:[MD5.39B512C643812FC2D4843C0D4206C759] - 10/12/2014 - 17:12:54 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [718848] O44 - LFC:[MD5.EFBA893429814EA3244C87C2D1256618] - 10/12/2014 - 17:12:55 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [800768] O44 - LFC:[MD5.3FE71E2A5BD3EC652E64FC8BCEFEDD2C] - 10/12/2014 - 17:12:55 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2125312] O44 - LFC:[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - 10/12/2014 - 17:12:57 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2358272] O44 - LFC:[MD5.E7A2061ADF0F4D430FECDA1E8D6B7BA6] - 10/12/2014 - 17:12:57 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1548288] O44 - LFC:[MD5.8D64466AD12CA5677CD0099C43C58569] - 10/12/2014 - 17:12:57 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [6039552] O44 - LFC:[MD5.982B871A25B5078093FAD82D0AB0E3FC] - 10/12/2014 - 17:12:57 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2885120] O44 - LFC:[MD5.556D271F4243B273EDA353512BF3608A] - 10/12/2014 - 17:12:59 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [14412800] O44 - LFC:[MD5.D478A4CF07FB8ADF72FB16B88E8030B8] - 10/12/2014 - 17:13:04 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll [25059840] O44 - LFC:[MD5.E87F8EC00FEEF700E61F6989D88A8BC2] - 10/12/2014 - 17:13:53 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [991232] O44 - LFC:[MD5.788C7D910267DDCD675DF4AB01961265] - 10/12/2014 - 17:13:53 ---A- . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll [259584] O44 - LFC:[MD5.A6D61CD951FB0057933FD2D2D8CDBC0B] - 10/12/2014 - 17:14:35 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [112710672] O44 - LFC:[MD5.4C17E27D425FE5516822C279C57B0B37] - 10/12/2014 - 18:32:27 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1827432] O44 - LFC:[MD5.AB5C61D6D3E1A3910AC63E1630B4F4C9] - 10/12/2014 - 18:32:27 ---A- . (...) -- C:\Windows\System32\perfc009.dat [136128] O44 - LFC:[MD5.98EF1FAA35F6E11B9D5CA0EF66D38A16] - 10/12/2014 - 18:32:27 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [159948] O44 - LFC:[MD5.139423167830F229C39B8FFB710F0454] - 10/12/2014 - 18:32:27 ---A- . (...) -- C:\Windows\System32\perfh009.dat [723514] O44 - LFC:[MD5.46A0E343017004FCCA96E937218B273B] - 10/12/2014 - 18:32:27 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [813388] O44 - LFC:[MD5.72E8F6AA03A032AB78D4B2F2D53F8218] - 11/12/2014 - 18:10:25 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.A9720E029825046782B2E6DB7423583C] - 11/12/2014 - 19:46:56 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1663678] ~ Files: 52 Scanned in 01mn 55s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.6361B6E40054786CE48BCE001F3EC2BB] - 08/11/2014 - 21:16:16 ---A- - C:\Windows\Prefetch\SIGNUP WIZARD.EXE-F8807476.pf =>PUP.JDIBackup O45 - LFCP:[MD5.33C5CB03EFB0CA022CF138DF8B03AF88] - 08/11/2014 - 19:20:32 ---A- - C:\Windows\Prefetch\UPMBOT_FR_237.EXE-A485FFFC.pf =>PUP.CrossRider ~ Prefetcher: 2 Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll ~ LSA: 3 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\System32\Drivers\mfefirek.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\Drivers\mfehidk.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 19 Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ~ MWPS: 20 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoFolderOptions"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoControlPanel"=0 ~ MWPE Keys: 6 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424] O58 - SDL:22/08/2013 - 13:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016] O58 - SDL:18/10/2013 - 04:46:02 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athwbx.sys [3858944] O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows ® Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624] O58 - SDL:29/10/2013 - 21:50:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [338120] O58 - SDL:29/10/2013 - 21:50:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\Drivers\btath_avdt.sys [116424] O58 - SDL:29/10/2013 - 21:50:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [34384] O58 - SDL:29/10/2013 - 21:50:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [89800] O58 - SDL:29/10/2013 - 21:50:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [179432] O58 - SDL:29/10/2013 - 21:50:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [77464] O58 - SDL:29/10/2013 - 21:50:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [137928] O58 - SDL:29/10/2013 - 21:50:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [596168] O58 - SDL:22/08/2013 - 13:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296] O58 - SDL:20/06/2014 - 09:38:22 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\Windows\System32\Drivers\cfwids.sys [72128] O58 - SDL:05/03/2013 - 11:01:42 ---A- . (.CyberLink - It is a virtual device driver which could create multiple virtu.) -- C:\Windows\System32\Drivers\CLVirtualDrive.sys [91712] O58 - SDL:25/01/2013 - 03:12:08 ---A- . (.OSR Open Systems Resources, Inc. - Airplane Mode Switch Driver.) -- C:\Windows\System32\Drivers\DellRbtn.sys [10752] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024] O58 - SDL:23/09/2013 - 12:49:22 ---A- . (.McAfee, Inc. - McAfee HIP IPS Driver.) -- C:\Windows\System32\Drivers\HipShieldK.sys [197704] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352] O58 - SDL:30/07/2013 - 19:47:35 ---A- . (.Intel Corporation - Intel® Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568] O58 - SDL:25/07/2013 - 20:05:39 ---A- . (.Intel Corporation - Intel® Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320] O58 - SDL:02/08/2013 - 18:40:04 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [644968] O58 - SDL:10/08/2013 - 01:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000] O58 - SDL:20/05/2014 - 23:33:36 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [3791872] O58 - SDL:01/10/2013 - 19:25:24 ---A- . (.Intel® Corporation - Intel® Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [449528] O58 - SDL:06/05/2014 - 23:39:17 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [38296] O58 - SDL:06/05/2014 - 23:39:17 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [27032] O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536] O58 - SDL:22/08/2013 - 13:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672] O58 - SDL:22/08/2013 - 13:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840] O58 - SDL:20/06/2014 - 09:20:54 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\System32\Drivers\mfeapfk.sys [181704] O58 - SDL:20/06/2014 - 09:21:48 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\System32\Drivers\mfeavfk.sys [313544] O58 - SDL:20/08/2014 - 08:07:00 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\System32\Drivers\mfeclnrk.sys [11336] O58 - SDL:20/06/2014 - 09:09:34 ---A- . (.McAfee, Inc. - McAfee ELAM Driver.) -- C:\Windows\System32\Drivers\mfeelamk.sys [70600] O58 - SDL:20/06/2014 - 09:23:40 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\Windows\System32\Drivers\mfefirek.sys [523792] O58 - SDL:20/06/2014 - 09:26:02 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\Drivers\mfehidk.sys [786296] O58 - SDL:20/08/2014 - 08:05:28 ---A- . (.McAfee, Inc. - Event Driver.) -- C:\Windows\System32\Drivers\mfencbdc.sys [445512] O58 - SDL:20/08/2014 - 08:06:14 ---A- . (.McAfee, Inc. - Detection driver.) -- C:\Windows\System32\Drivers\mfencrk.sys [96592] O58 - SDL:20/06/2014 - 09:31:06 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\System32\Drivers\mfewfpk.sys [348552] O58 - SDL:22/08/2013 - 13:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840] O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368] O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288] O58 - SDL:22/06/2013 - 02:35:14 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt630x64.sys [816344] O58 - SDL:21/08/2013 - 21:50:02 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3591000] O58 - SDL:02/11/2013 - 01:40:22 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\RtsUVStor.sys [330456] O58 - SDL:22/08/2013 - 16:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:22/08/2013 - 13:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896] O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760] O58 - SDL:06/09/2013 - 09:17:34 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [30448] O58 - SDL:06/09/2013 - 09:17:36 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [34544] O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072] O58 - SDL:06/09/2013 - 09:17:36 ---A- . (.Synaptics Incorporated - Synaptics Touchpad 64-bit Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [531184] O58 - SDL:11/12/2013 - 08:27:54 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriverx64.sys [100312] O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808] O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800] O58 - SDL:22/08/2013 - 13:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504] O58 - SDL:17/10/2013 - 01:46:02 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athwbx.sys [3858944] ~ Drivers: 65 Scanned in 00mn 03s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 11/12/2014 - 20:08:21 ---A- . (...) -- C:\Users\Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\CQ3E0SO4\urlblockindex[1].bin [16] O61 - LFC: 11/12/2014 - 20:08:22 ---A- . (.Nicolas Coolman.) -- C:\Users\Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\YXWLU9LD\ZHPDiag2.exe [6866628] =>.Nicolas Coolman ~ 282 Fichiers temporaires (Temporary files) ~ Files: 2 Scanned in 00mn 22s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S ~ FASS Keys: 10 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [208896] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [324096] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1261056] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1063424] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [914432] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [110080] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [150528] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [107008] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1212928] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [70656] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [220160] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [324096] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [81408] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [339456] O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520] O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1576960] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [50688] O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [201728] O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [164352] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [101376] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [534528] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [223744] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [71680] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [433664] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [306688] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [3557376] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [1017856] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [629760] ~ Services: 34 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.70F851F7A524071E13F17DC401A21906] [sPRF][22/05/2014] (...) -- C:\Users\Daniel\Desktop\adwcleaner_3.210.exe [1326389] ~ Files: 1 Scanned in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE} O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B} O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA} O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C} O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0} O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641} ~ MNS: 6 Scanned in 00mn 00s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet ~ BTK: 53 Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 10/07/1658 0 | (0250331416427915mcinstcleanup) . (...) - C:\Windows\TEMP\025033~1.exe SS - | Demand 20/05/2014 278344 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Demand 27/08/2013 828376 | (Intel® Capability Licensing Service TCP IP Interface) . (.Intel® Corporation.) - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe SS - | Demand 24/07/2013 334608 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe SS - | Demand 04/09/2014 603424 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe SS - | Disabled 30/07/2013 328928 | (McOobeSv2) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 03/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe SR - | Auto 29/10/2013 317568 | (AtherosSvc) . (.Windows ® Win 7 DDK provider.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe SR - | Auto 13/11/2014 190840 | (DellUpdate) . (.Dell Inc..) - C:\Program Files (x86)\Dell Update\DellUpService.exe SR - | Auto 30/07/2013 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 30/08/2013 15720 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 20/05/2014 314696 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe SR - | Auto 27/08/2013 747520 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Auto 11/12/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe SR - | Auto 11/12/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SR - | Auto 25/04/2014 178528 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe SR - | Auto 30/07/2013 328928 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Auto 30/07/2013 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe SR - | Auto 30/07/2013 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe SR - | Auto 30/07/2013 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe SR - | Auto 20/08/2014 1041192 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe SR - | Auto 20/06/2014 219752 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe SR - | Auto 20/06/2014 189912 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe SR - | Auto 30/07/2013 328928 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe SR - | Demand 10/01/2014 25584 | (PCDSRVC{D3412D80-CF3B4A27-06020200}_0) . (.PC-Doctor, Inc..) - c:\program files\my dell\pcdsrvc_x64.pkms SR - | Auto 30/07/2013 253776 | (RichVideo) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe SR - | Auto 19/06/2013 246488 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe SR - | Auto 21/11/2013 1915920 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe SR - | Auto 22/08/2013 37768 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 07s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by Daniel at 11/12/2014 20:11:29 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Daniel at 11/12/2014 20:11:31 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13026 - (10/12/2014) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DC264A72-FA75-4948-B881-EA8EFF8E5DD2}] =>PUP.WebGet^ [HKCU\Software\speedial] =>Adware.SearchYa^ ~ Additionnel Scan: 218991 Items scanned in 00mn 20s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ AMI: 4 Scanned in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/pup-webget =>PUP.WebGet http://nicolascoolman.fr/adware-searchya =>Adware.SearchYa http://www.nicolascoolman.fr/blog/ =>PUP.JDIBackup http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider ~ MSI: 4 link(s) detected in 00mn 00s End of the scan (1062 lines in 06mn 05s)(0) -
Connexion réseau entrante suspecte bloquée (2)
GAUDIN DANIEL a répondu à un(e) sujet de GAUDIN DANIEL dans Analyses et éradication malwares
Bonjour Edith ou Apollo, Tout d'abord je suis très agréablement surpris par la rapidité de ta réponse ce dont je te remercie vivement. J'ai téléchargé ZHPDiag et obtenu un fichier text après l'avoir exécuté. Je n'arrive pas à joindre cette pièce à cette réponse, Merci de bien vouloir continuer à m'aider. Bien cordialement. -
Connexion réseau entrante suspecte bloquée (2)
GAUDIN DANIEL a posté un sujet dans Analyses et éradication malwares
Bonjour, J'ai besoin d'aide. Je ne suis pas un expert en nettoyage de logiciels malveillants et je subis le même désagrément : McAfee me donne depuis quelques jours des journaux de connexion réseau entrante suspecte telle que décrit. Pourrais-je avoir le descriptif de la procédure de nettoyage, où trouver les logiciels de nettoyage ou de journaux à télécharger. MERCI d'avance. Edit de Notpa : post séparé du sujet http://forum.zebulon.fr/connexion-reseau-entrante-suspecte-bloquee-t208936.html pour en faire un sujet à part. Daniel, Merci de ne pas te raccrocher sur un sujet existant. Un même symptôme peut avoir des causes différentes. De plus, les conseils et analyses de l'équipe de helpeurs sécurité s'appliquent à un environnement précis.