Mon Google Chrome plante, et problème de favoris.
Fermé
Eva.Problèmes
Messages postés
5
Date d'inscription
mercredi 8 mai 2013
Statut
Membre
Dernière intervention
27 août 2013
-
10 mai 2013 à 20:33
Eva.Problèmes Messages postés 5 Date d'inscription mercredi 8 mai 2013 Statut Membre Dernière intervention 27 août 2013 - 25 mai 2013 à 17:39
Eva.Problèmes Messages postés 5 Date d'inscription mercredi 8 mai 2013 Statut Membre Dernière intervention 27 août 2013 - 25 mai 2013 à 17:39
A voir également:
- Mon Google Chrome plante, et problème de favoris.
- Google maps satellite - Guide
- Dns google - Guide
- Exporter favoris google chrome - Guide
- Google earth - Télécharger - 3D
- Mise a jour google chrome - Accueil - Applications & Logiciels
4 réponses
Utilisateur anonyme
10 mai 2013 à 20:37
10 mai 2013 à 20:37
Bonsoir
Pour de plus amples informations, fait ceci stp
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé,
Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »
Clique sur la loupe avec le signe + pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien:
http://pjjoint.malekal.com/
Si problème utilise un des suivants
https://forums-fec.be/upload
https://www.cjoint.com/
Regarde sur le bureau
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
@+
Pour de plus amples informations, fait ceci stp
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé,
Double-clique sur l'icône pour lancer le programme. Sous Vista ; Seven ou Windows 8 clic droit « exécuter en tant que administrateur »
Clique sur la loupe avec le signe + pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien:
http://pjjoint.malekal.com/
Si problème utilise un des suivants
https://forums-fec.be/upload
https://www.cjoint.com/
Regarde sur le bureau
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
@+
Eva.Problèmes
Messages postés
5
Date d'inscription
mercredi 8 mai 2013
Statut
Membre
Dernière intervention
27 août 2013
21 mai 2013 à 02:18
21 mai 2013 à 02:18
Heu... merci de ta réponse. Mais je n'ai pas très bien compris la fin. ^.^'
J'ai fais l'analyse, et voici ce qu'il me mette :
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ System Information
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1949 MB (28% free)
System Restore: Activé (Enable)
System drive C: has 47 GB (31%) free of 149 GB
---\\ Logged in mode
~ Computer Name: WIN-V6NU33BRBRA
~ User Name: Admin Parents
~ All Users Names: Collégien, Administrateur, Admin Parents,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Admin Parents\AppData\Roaming\
~ %Desktop% : C:\Users\Admin Parents\Contacts\Desktop\
~ %Favorites% : C:\Users\Admin Parents\Favorites\
~ %LocalAppData% : C:\Users\Admin Parents\AppData\Local\
~ %StartMenu% : C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 47 Go of 149 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 148 Go of 148 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 31 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.2C96B3921B4CDE10DBAED5AAD760DB67] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.04/04/2013 - 23:02:17.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 22:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 22:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 22:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 22:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 06:40:54.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3769
~ Mes musiques (My Musics) : 1/258
~ Mes Videos (My Videos) : 1/22
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 1/34
~ Mon Bureau (My Desktop) : 1/2
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 38s
---\\ Processus lancés
[MD5.C341871CA99AD83431F816FAB7BC030E] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [142680] [PID.3288]
[MD5.204BA7516E9C5B651718513E162884DA] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [175960] [PID.3296]
[MD5.74EF7E8A7E71F542AF3F4FA5E0AEB28A] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [177496] [PID.3304]
[MD5.3092B1B5C56AFD5AE3BA28F5950C4B15] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [266584] [PID.3336]
[MD5.1FAA54E9FFEA6FD3E0CEAD951CDDFEF6] - (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34160] [PID.3416]
[MD5.C4038305F2A5FE718447963A3BB5F7EE] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [521640] [PID.3436]
[MD5.0D65FA5F68BC590B65E4035ABBF47470] - (.TOSHIBA Corporation - TOSHIBA Flash Cards Main Module.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [844152] [PID.3472]
[MD5.ADC10BE320A29259270B4A93A24A78D3] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576] [PID.3556]
[MD5.F0B4D4E6A359CB0466CCA2282FC344FF] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1530472] [PID.3584]
[MD5.09CCC4EEBF28D763AD1E4F9824DA9FEC] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2184488] [PID.3592]
[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.3656]
[MD5.D3AC38E80E928CC61A22650E04423BB8] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [979328] [PID.3772]
[MD5.721F0968FE8281EF36001FE92E747313] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [107816] [PID.3784]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files\RocketDock\RocketDock.exe [495616] [PID.3912]
[MD5.B4B60197F696B9B239478A97CCC6CD48] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHBE.exe [212480] [PID.4076]
[MD5.AAB979089E192ACC0FE1E3C018F8B591] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Admin Parents\AppData\Local\Akamai\netsession_win.exe [4480768] [PID.2276]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18642024] [PID.1412]
[MD5.5F15FCD952704531C075F1D3AA294AB5] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [186712] [PID.2176]
[MD5.9C7AC522ED2698133137A8521DBD2723] - (.TMRG, Inc. - Relevant-Knowledge.) -- C:\Program Files\RelevantKnowledge\rlvknlg.exe [3396888] [PID.2292] =>Adware.RelevantKnowledge
[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [920472] [PID.4984]
[MD5.8EB3AA65A8D576A7C0D18859E26F05F6] - (.TOSHIBA Corporation - TosSENotify.exe.mui.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1021344] [PID.2224]
[MD5.7D04F8CF659D852BC8D7275BD92DC000] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [507624] [PID.4244]
[MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.4528]
[MD5.23AA0FDCBDD87D0B78092798C68312D8] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe [1855880] [PID.2300]
[MD5.B0FD3872F6958AA93D6A7103AC01852C] - (...) -- C:\Program Files\VideoLAN\VLC\vlc.exe [108032] [PID.2368]
[MD5.5915F5435337A5B4A68724925A27CB0F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Admin Parents\Downloads\ZHPDiag\ZHPDiag.exe [7386624] [PID.5908]
~ Processes Running: Scanned in 00mn 06s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Admin Parents\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [bdlfdaajmclngiomogmleihllaejcnni] FB Refresh v.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [beobeededemalmllhkmnkinmfembdimh] TV v.1.0.12 (Activé)
G2 - GCE: Preference [User Data\Default] [boeajhmfdjldchidhphikilcgdacljfm] Facebook v.1.0.3 (Activé)
G2 - GCE: Preference [User Data\Default] [dffhljlmcohcioeilbnpmbchdcbhifdh] WiseConvert 1.5 v.10.13.1.89 (Désactivé) =>Toolbar.Conduit
G2 - GCE: Preference [User Data\Default] [dhkplhfnhceodhffomolpfigojocbpcb] Babylon Toolbar v.1.6 (Désactivé) =>Toolbar.Babylon
G2 - GCE: Preference [User Data\Default] [gaiilaahiahdejapggenmdmafpmbipje] DealPly v.3.0.7.2 (Désactivé) =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [iblenkmcolcdonmlfknbpbgjebabcoae] We Heart It v.3.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [ifjamchknccokmaecnbknhbfhaicfafd] FileConverter 1.5 v.2.3.15.10 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ifkgichhpmabepjkbkmfeclembjdbpml] One Direction App v.3.2 (Activé)
G2 - GCE: Preference [User Data\Default] [igdhbblpcellaljokkpfhcjlagemhgjl] Iminent v.5.14.1.0 (Désactivé) =>Adware.IMBooster
G2 - GCE: Preference [User Data\Default] [inkcgocbdfgfhgijdafhgkbijdmhcbmk] Vulpix Theme v.1.0.4 (Activé)
G2 - GCE: Preference [User Data\Default] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.24 (Désactivé) =>Toolbar.Wajam
G2 - GCE: Preference [User Data\Default] [mkndcbhcgphcfkkddanakjiepeknbgle] RelevantKnowledge v.1.3.332.1 (Désactivé) =>Adware.RelevantKnowledge
G2 - GCE: Preference [User Data\Default] [npfkoakaabdallkcdbpkkhfilkkngakh] Deezer v.1.3.2 (Activé)
~ Google Browser: 26 Legitimates Filtered in 00mn 42s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Admin Parents\AppData\Roaming\Mozilla\Firefox\Profiles\3r5yadp5.default\prefs.js
C:\Users\Admin Parents\AppData\Roaming\Mozilla\Firefox\Profiles\3r5yadp5.default\user.js
M3 - MFPP: Plugins - [Admin Parents] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M2 - MFEP: prefs.js [Admin Parents - 3r5yadp5.default\{33e0daa6-3af3-d8b5-6752-10e949c61516}] [] Complitly - Speed up your search with your personal search suggestions tool v1.1 (..) =>Adware.PredictAd
M2 - MFEP: prefs.js [Admin Parents - 3r5yadp5.default\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] [] PriceGong v2.6.10 (..) =>Adware.PriceGong
M2 - MFEP: prefs.js [Admin Parents - 3r5yadp5.default\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}] [] DealPly v2.0 (..) =>PUP.DealPly
P2 - FPN: [HKLM] [@Skype.com/Skype Web Plugin] - (.Skype - Skype Web Plugin.) -- C:\Program Files\SkypeWebPlugin\npSkypeWebPlugin.dll
~ Firefox Browser: 26 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = file:///c:/program files/oise/graphique/ordi60/bienvenue.html
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: BHO - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} . (.Pas de propriétaire - TODO: <File description>.) -- C:\Program Files\Browser Helper Object\Internet Explorer\IEAddon.dll
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files\Wajam\IE\priam_bho.dll =>Toolbar.Wajam
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} . (.SimplyGen - Complitly - Helps you search the web.) -- C:\Users\Admin Parents\AppData\Roaming\Complitly\Complitly.dll =>Adware.PredictAd
~ BHO: 7 Legitimates Filtered in 00mn 02s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
O4 - HKLM\..\Run: [HWSetup] . (.TOSHIBA Electronics, Inc. - HWSetup.) -- C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
O4 - HKLM\..\Run: [KeNotify] . (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
O4 - HKLM\..\Run: [TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards Main Module.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [LAUNCHER_FILTER] . (...) -- C:\Program Files\Profil Parental Filter\LaunchAppEpcp2.exe
O4 - HKLM\..\Run: [LOGGING_FILTER] . (...) -- C:\Program Files\Profil Parental Filter\LoggingEpcp2.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Admin Parents\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Admin Parents\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Epson Stylus SX440(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHBE.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Admin Parents\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Admin Parents\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Admin Parents\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Epson Stylus SX440(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHBE.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Admin Parents\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
~ Application: Scanned in 00mn 02s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer (3).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer (4).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Mozilla Firefox (2).lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: Windows Explorer (2).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer (3).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer (4).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer (5).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Wakfu.lnk . (...) -- C:\Users\Admin Parents\Contacts\Desktop\Wakfu\UpLauncher.exe (.not file.)
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe
O4 - GS\SendTo: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe
O4 - GS\SendTo: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe
O4 - GS\Desktop: Assistance.lnk . (...) -- C:\Program Files\Oise\Ordi60\Documentation\Assistance
O4 - GS\Desktop: Documentation.lnk . (...) -- C:\Program Files\Oise\Ordi60\Documentation
O4 - GS\Desktop: Options d'ergonomie.lnk - Clé orpheline
O4 - GS\Desktop: Piano Virtuel Midi.lnk . (.Home - Pas de description.) -- C:\Program Files\Pvm\Piano virtuel midi.exe
O4 - GS\Desktop: Sauvegarder et restaurer.lnk - Clé orpheline
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Admin Parents\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Songr.lnk . (.Xamasoft - Songr.) -- C:\Users\Admin Parents\AppData\Local\Songr\Songr.exe
O4 - GS\TaskBar: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - GS\Programs: Songr.lnk . (.Xamasoft - Songr.) -- C:\Users\Admin Parents\AppData\Local\Songr\Songr.exe
O4 - GS\QuickLaunch: Free MP3 WMA OGG Converter.lnk . (...) -- C:\Program Files\Free MP3 WMA OGG Converter\FreeMP3WMAConverter.exe
O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - GS\SendTo: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
O4 - GS\SendTo: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) -- C:\Program Files\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe
O4 - GS\SendTo: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) -- C:\Program Files\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
~ Global Startup: Scanned in 00mn 05s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpNameServer = 192.168.1.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpDomain = drbl.name
O17 - HKLM\System\CCS\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpNameServer = 192.168.1.1 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpDomain = drbl.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpNameServer = 192.168.1.1 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpDomain = drbl.name
O17 - HKLM\System\CS2\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: RelevantKnowledge (RelevantKnowledge) . (.TMRG, Inc. - Relevant-Knowledge.) - C:\Program Files\RelevantKnowledge\rlservice.exe =>Adware.RelevantKnowledge
O23 - Service: Profil Parental Filter (ServiceFilterEpcp2) . (...) - C:\Program Files\Profil Parental Filter\ServiceEpcp2.exe
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam
~ Services: 13 Legitimates Filtered in 00mn 22s
---\\ Tâches planifiées en automatique (O39)
[MD5.A6D24077E8D9D58FA63389A34ED1DEC7] [APT] [DealPly] (...) -- C:\Users\Admin Parents\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe [93752] =>PUP.DealPly
[MD5.1F51E3ABEE4D0A89FC6ED450ECE7877A] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files\DealPly\DealPlyUpdate.exe [77848] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [{1431DC7D-1DAB-4331-B9F3-014C8FAD70C8}] (...) -- C:\Program Files\Le Robert\Le Petit Robert 2011\Robert.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1E93E0E1-5F21-43C8-817B-F3AFD449A040}] (...) -- H:\Ordi60 - Saison 4\Logiciels\00 - Flash Player\Install Flash Player 9 AX.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{23C4451B-6E3D-489C-BC83-22B7EE270576}] (...) -- H:\Ordi60 - Saison 4\Logiciels\00 - Flash Player\Install Flash Player 9 AX.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6AA445E9-01C4-4160-A71A-BF55A5A42601}] (...) -- C:\Program Files\Le Robert\Le Petit Robert 2011\Robert.exe (.not file.) [0]
[MD5.B4E0554B6B7AA6210FE93925A7299729] [APT] [{9405573F-AF4A-4C7D-AE1C-80DDC7E3396B}] (.eTeks.) -- C:\Program Files\Sweet Home 3D\SweetHome3D.exe [29696]
[MD5.00000000000000000000000000000000] [APT] [{CF2135DD-4FCF-4E0B-A592-19F57ED6C946}] (...) -- H:\Ordi60 - Saison 3\02 - Robert 2011\PR1_2011_Oise\setup\Robert.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FB3D4016-EBAB-46D6-9433-623A017117F6}] (...) -- C:\Program Files\Le Robert\Le Petit Robert 2011\Robert.exe (.not file.) [0]
~ Scheduled Task: 27 Legitimates Filtered in 00mn 25s
---\\ Logiciels installés (O42)
O42 - Logiciel: "La respiration" version 1.2a - (...) [HKLM] -- La respiration_is1
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU] -- Akamai
O42 - Logiciel: BabylonObjectInstaller - (.Babylon Ltd.) [HKLM] -- {83AA2913-C123-4146-85BD-AD8F93971D39} =>Toolbar.Babylon
O42 - Logiciel: Browser Helper Object - (.APC Soft.) [HKLM] -- Browser Helper Object1.4
O42 - Logiciel: Cartoon Maker - (...) [HKLM] -- Cartoon Maker1.7
O42 - Logiciel: Chroma v.2.5 - (.© Serge LAGIER.) [HKLM] -- Chroma_is1
O42 - Logiciel: Complitly - (...) [HKLM] -- Complitly_is1 =>Adware.PredictAd
O42 - Logiciel: DealPly - (...) [HKCU] -- DealPly =>PUP.DealPly
O42 - Logiciel: Destination métiers 3.0 - (.Onisep.) [HKLM] -- Destination métiers
O42 - Logiciel: Mon journal intime - (.OriaSoft.) [HKLM] -- {13AB20A1-6D8B-42EE-A65D-A64462B8D7F0}
O42 - Logiciel: OUIDIRE LookHere 1.1.3 - (...) [HKLM] -- OUIDIRE LookHere_is1
O42 - Logiciel: OUIDIRE Ohrenauf 1.1.3 - (...) [HKLM] -- OUIDIRE Ohrenauf_is1
O42 - Logiciel: Optikos v.1.1 - (.© Serge LAGIER.) [HKLM] -- Optikos_is1
O42 - Logiciel: Oscillo v.3.6 - (.© Serge LAGIER.) [HKLM] -- Oscillo_is1
O42 - Logiciel: RelevantKnowledge - (.TMRG, Inc..) [HKLM] -- {d08d9f98-1c78-4704-87e6-368b0023d831} =>Adware.RelevantKnowledge
O42 - Logiciel: Video Journal Version 2.04 - (.GirlTech.) [HKLM] -- Video Journal_is1
O42 - Logiciel: Wajam - (.Wajam.) [HKLM] -- Wajam =>Toolbar.Wajam
O42 - Logiciel: cbgeo - (...) [HKLM] -- cbgeo
O42 - Logiciel: cbgeofr - (...) [HKLM] -- cbgeofr
O42 - Logiciel: collatinus 8.1 - (.Collatinus.) [HKLM] -- {64E36A83-4937-4A73-95F5-DF59DC59B835}_is1
O42 - Logiciel: smartision ScreenCopy 2.3 - (.Steffen Schramm.) [HKLM] -- smartision ScreenCopy_is1
~ Logic: 183 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\SmartBar] =>Hijacker.SmartBar
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\Complitly] =>Adware.PredictAd
[HKCU\Software\DicoVerb]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\Softonic]
[HKCU\Software\Techlogg.com ToneShop]
[HKCU\Software\Wajam] =>Toolbar.Wajam
[HKLM\Software\Babylon] =>Toolbar.Babylon
[HKLM\Software\DealPly] =>PUP.DealPly
[HKLM\Software\EPCP2]
[HKLM\Software\Editions Profil - Profil Technology]
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\ONISEPCD1]
[HKLM\Software\ONISEPCD2]
[HKLM\Software\Phoenix Interactive]
~ Key Software: 268 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/04/2012 - 14:21:39 - [394,096] ----D C:\Program Files\Autopsie Accident
O43 - CFD: 14/09/2011 - 16:26:31 - [2,844] ----D C:\Program Files\AviStep
O43 - CFD: 11/10/2011 - 14:15:51 - [20,029] ----D C:\Program Files\Bridge Construction Set Demo
O43 - CFD: 28/05/2012 - 11:32:42 - [2,322] ----D C:\Program Files\Browser Helper Object
O43 - CFD: 28/05/2012 - 11:32:46 - [2,416] ----D C:\Program Files\Cartoon Maker
O43 - CFD: 07/10/2011 - 19:01:01 - [1,630] ----D C:\Program Files\cbgeo
O43 - CFD: 29/08/2011 - 11:33:48 - [2,948] ----D C:\Program Files\cbgeofr
O43 - CFD: 29/08/2011 - 11:37:03 - [0,850] ----D C:\Program Files\cbgeoit
O43 - CFD: 21/09/2011 - 18:03:30 - [19,628] ----D C:\Program Files\collatinus
O43 - CFD: 16/02/2012 - 23:23:01 - [0,753] ----D C:\Program Files\Complitly =>Adware.PredictAd
O43 - CFD: 21/09/2011 - 10:39:47 - [167,366] ----D C:\Program Files\Cyclo experience ELEVE
O43 - CFD: 20/05/2013 - 22:23:08 - [0,269] ----D C:\Program Files\DealPly =>PUP.DealPly
O43 - CFD: 21/09/2011 - 10:54:54 - [1074,205] ----D C:\Program Files\Destination métiers
O43 - CFD: 25/08/2011 - 22:46:39 - [0,389] ----D C:\Program Files\DicoVerb
O43 - CFD: 03/05/2012 - 21:21:59 - [71,033] ----D C:\Program Files\GirlTech
O43 - CFD: 21/09/2011 - 10:42:52 - [144,771] ----D C:\Program Files\Hector Collège
O43 - CFD: 22/09/2011 - 12:27:42 - [13,046] ----D C:\Program Files\Images Actives
O43 - CFD: 19/09/2011 - 15:21:05 - [263,833] ----D C:\Program Files\MathenPoche
O43 - CFD: 14/09/2011 - 17:04:48 - [43,545] ----D C:\Program Files\Mesurim_eztwain_13_12_2010
O43 - CFD: 21/09/2011 - 10:40:51 - [18,045] ----D C:\Program Files\Moduloroute
O43 - CFD: 08/10/2011 - 15:22:12 - [229,408] ----D C:\Program Files\Oise
O43 - CFD: 21/09/2011 - 10:57:22 - [1189,804] ----D C:\Program Files\onisep
O43 - CFD: 13/01/2013 - 17:16:29 - [48,571] ----D C:\Program Files\OriaSoft
O43 - CFD: 11/10/2011 - 10:36:40 - [35,998] ----D C:\Program Files\OUIDIRE LookHere
O43 - CFD: 11/10/2011 - 10:36:48 - [30,090] ----D C:\Program Files\OUIDIRE Ohrenauf
O43 - CFD: 28/08/2011 - 16:47:33 - [1,827] ----D C:\Program Files\plante4
O43 - CFD: 24/01/2013 - 18:15:20 - [0,049] ----D C:\Program Files\PriceGong =>Adware.PriceGong
O43 - CFD: 28/08/2011 - 16:49:03 - [2,266] ----D C:\Program Files\Pulmo
O43 - CFD: 22/09/2011 - 19:56:49 - [1,041] ----D C:\Program Files\Rasmol
O43 - CFD: 21/05/2013 - 00:53:45 - [6,634] ----D C:\Program Files\RelevantKnowledge =>Adware.RelevantKnowledge
O43 - CFD: 22/09/2011 - 17:09:22 - [24,274] ----D C:\Program Files\Serge_LAGIER
O43 - CFD: 29/08/2011 - 15:51:31 - [1,304] ----D C:\Program Files\smartision
O43 - CFD: 08/08/2012 - 17:45:43 - [10,932] ----D C:\Program Files\Techlogg.com ToneShop
O43 - CFD: 08/10/2011 - 14:27:43 - [142,677] ----D C:\Program Files\Tectoglob_08
O43 - CFD: 11/01/2013 - 23:14:09 - [0,562] ----D C:\Program Files\Wajam =>Toolbar.Wajam
O43 - CFD: 08/08/2012 - 20:08:26 - [0,004] ----D C:\ProgramData\1A13
O43 - CFD: 28/05/2012 - 11:32:48 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 22/09/2011 - 17:09:23 - [0,000] ----D C:\ProgramData\Serge_LAGIER
O43 - CFD: 11/01/2013 - 23:48:01 - [0] ----D C:\ProgramData\Tracing
O43 - CFD: 28/05/2012 - 11:32:48 - [0,010] ----D C:\Users\Admin Parents\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 16/02/2012 - 23:23:00 - [0,467] ----D C:\Users\Admin Parents\AppData\Roaming\Complitly =>Adware.PredictAd
O43 - CFD: 18/02/2013 - 03:59:11 - [0,090] ----D C:\Users\Admin Parents\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 14/02/2012 - 18:22:57 - [0,004] ----D C:\Users\Admin Parents\AppData\Roaming\ONISEP
O43 - CFD: 14/09/2011 - 17:34:49 - [0,000] ----D C:\Users\Admin Parents\AppData\Roaming\RasWin
O43 - CFD: 18/03/2013 - 17:10:14 - [42,863] ----D C:\Users\Admin Parents\AppData\Local\Akamai
O43 - CFD: 21/03/2013 - 19:43:25 - [0,570] ----D C:\Users\Admin Parents\AppData\Local\Babylon =>Toolbar.Babylon
O43 - CFD: 11/01/2013 - 23:13:44 - [0,054] ----D C:\Users\Admin Parents\AppData\Local\Wajam =>Toolbar.Wajam
O43 - CFD: 28/05/2012 - 11:32:46 - [0,004] ----D C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cartoon Maker
O43 - CFD: 08/08/2012 - 17:45:45 - [0] ----D C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Techlogg.com ToneShop
O43 - CFD: 11/01/2013 - 23:13:58 - [0,001] ----D C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam =>Toolbar.Wajam
~ 556 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 891 Legitimates Filtered in 03mn 22s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2FB6D122E77B183DB8525749C9B97023] - 21/05/2013 - 00:07:33 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [28080]
O44 - LFC:[MD5.2FB6D122E77B183DB8525749C9B97023] - 21/05/2013 - 00:07:33 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [28080]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/05/2013 - 20:01:34 ---A- . (...) -- C:\END [0]
~ Files: 42 Legitimates Filtered in 01mn 31s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.0E628BC116090C4E1984A7003D9F8D6B] - 14/05/2013 - 06:34:25 ---A- - C:\Windows\Prefetch\RTHDVBG.EXE-DFF40266.pf
O45 - LFCP:[MD5.85F8D96C91C7C4B2DEB8EFA9630D899F] - 20/05/2013 - 23:50:35 ---A- - C:\Windows\Prefetch\RLVKNLG.EXE-E04CF673.pf
~ Prefetcher: 82 Legitimates Filtered in 00mn 04s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "ClearRecentProgForNewUserInStartMenu"=1
~ MWPE Keys: 2 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 19/05/2013 - 23:08:38 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\ZHP.chm [706099]
O61 - LFC: 19/05/2013 - 23:09:40 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\ZHPScan.txt [89]
O61 - LFC: 20/05/2013 - 11:59:11 ---A- C:\Users\Admin Parents\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268398]
O61 - LFC: 20/05/2013 - 14:48:22 ---A- C:\Users\Admin Parents\AppData\Local\Google\Chrome\User Data\Local State [32656]
O61 - LFC: 20/05/2013 - 14:48:42 ---A- C:\Users\Admin Parents\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [6]
O61 - LFC: 20/05/2013 - 22:54:14 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\ZHPDiag.exe [7386624]
O61 - LFC: 20/05/2013 - 23:58:51 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag2(1).exe [5660352]
O61 - LFC: 20/05/2013 - 23:59:11 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\unins000.exe [694736]
O61 - LFC: 21/05/2013 - 00:01:36 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\unins000.dat [9134]
~ 35 Fichiers temporaires (Temporary files)
~ Files: 214 Legitimates Filtered in 08mn 46s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Admin Parents\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com =>Toolbar.Babylon
O69 - SBI: SearchScopes [HKCU] {286A4D0E-276B-4234-8BC9-563C1517BA17} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.98E8E46A72919905D6A686605AB38E64] [SPRF][28/02/2012] (.Adobe Systems Inc. - Adobe AIR Installer.) -- C:\Users\Admin Parents\AppData\Local\Temp\AdobeAIRInstaller.exe [15160720]
[MD5.AD503ADB60349AD245CA07948141E9A4] [SPRF][08/08/2012] (.Musiclab, LLC - BearShare.) -- C:\Users\Admin Parents\AppData\Local\Temp\BearShare_setup.exe [2395272] =>PUP.BearShare
[MD5.132E1C3A27E824EB6B120226AC368593] [SPRF][17/03/2012] (.Conduit - Pas de description.) -- C:\Users\Admin Parents\AppData\Local\Temp\conduitinstaller.exe [211032] =>Toolbar.Conduit
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][10/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD118.exe [47796216]
[MD5.5BAF84812F4E60CB6714D77882FB6763] [SPRF][29/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1286.exe [20348928]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][07/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD138F.exe [47796216]
[MD5.D20CB3C32A51199E4B70670A12F19844] [SPRF][18/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD15D0.exe [23222272]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][11/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD16DA.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][04/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1747.exe [47796216]
[MD5.B7846BE1C8D73F606EBD01D1108BB2F1] [SPRF][24/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD17C4.exe [15958016]
[MD5.BEA06FA94CF556A2F4252A511F6C5A7D] [SPRF][22/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD17F2.exe [3719168]
[MD5.5363D2A4014EA29F59129F90379C77E3] [SPRF][28/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD193A.exe [10168320]
[MD5.8A540A86306812D7374878BF1F0B23BA] [SPRF][02/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1C36.exe [614400]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][06/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1C84.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][27/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1CA4.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][20/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1DBC.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][21/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1E87.exe [47796216]
[MD5.8A2ABF7371FC52990CDF89D2228C31CB] [SPRF][27/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1E88.exe [5910528]
[MD5.9A8C40EDA68AF017B448F21CA0C1C347] [SPRF][06/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1EF4.exe [7694336]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][24/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1F3.exe [47796216]
[MD5.EC3AD4E5190C5D210D20866573FB8AEE] [SPRF][19/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1F52.exe [41132032]
[MD5.26AA954D135E74A0E2416B2984F9D1D7] [SPRF][19/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD20E8.exe [458752]
[MD5.5C87E5E8DE180A4DDD6689212638C36E] [SPRF][03/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2145.exe [12392448]
[MD5.B7B4112C0F974DD37960C1FD83BC7179] [SPRF][13/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2174.exe [1712128]
[MD5.503DECAA548748EDAD5FE5E2A2B4EB99] [SPRF][29/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2338.exe [45924352]
[MD5.F32F707A2C8E26B0A60CCDBEA73E0B06] [SPRF][09/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD24BE.exe [29536256]
[MD5.58E82D9C68E9D05AF48ADE5FA273264C] [SPRF][25/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD252C.exe [25106432]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][09/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD253B.exe [47796216]
[MD5.DBA2EB70651F07601FA7E540E86D70F9] [SPRF][23/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2644.exe [20531200]
[MD5.E4837A996D9D61E88F8871616823DBD5] [SPRF][21/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD26C1.exe [9553920]
[MD5.1C9930E0F7ADCA6820156EB28672419D] [SPRF][09/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2B34.exe [16678912]
[MD5.DDFC403B35A288ECA2EC0160B77E9629] [SPRF][10/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2C7C.exe [44455936]
[MD5.D02006CB20DE9F490D2EFA75039B2003] [SPRF][14/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2E.exe [35753984]
[MD5.B6456D68AD1D87A8B68FBAB08F86A753] [SPRF][29/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2F97.exe [679936]
[MD5.A958B8F50BAA7F4B325A37AABC5EFE71] [SPRF][11/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2FA7.exe [37902336]
[MD5.AF3A45E6FCF3DED64B330C769FA75FF8] [SPRF][15/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2FC.exe [17942528]
[MD5.DEB44FEFDDBF2DFF62855B55D804E5D7] [SPRF][12/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2FF5.exe [7854080]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][21/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2FF6.exe [47796216]
[MD5.3DD4EF11C811B81971E76ABAB3AF581D] [SPRF][15/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3014.exe [4698112]
[MD5.C444E2350D5FF198934E00F2DEF7B872] [SPRF][08/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD341A.exe [41199616]
[MD5.8A8897446D7C0D241DE13F39C3C103CF] [SPRF][14/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3764.exe [32428032]
[MD5.34266AC0F13522D0086A016D7FCDD2BC] [SPRF][24/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3909.exe [282624]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][09/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3B4A.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][18/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3EE3.exe [47796216]
[MD5.911B225272BB560A6FE3956640002C0E] [SPRF][26/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3F60.exe [9984000]
[MD5.0BA208A3923F47E77B0F32D72319E246] [SPRF][22/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD4134.exe [26830848]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][29/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD429A.exe [47796216]
[MD5.8A60262B5C4B41AE403A7146E6B02394] [SPRF][05/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD452A.exe [13099008]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][14/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD45E5.exe [47796216]
[MD5.83F716CBD6FDFC467EA931BC8F866300] [SPRF][25/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD4642.exe [45699072]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][14/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD472.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][07/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD473C.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][14/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD49CB.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][13/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD4B80.exe [47796216]
[MD5.35F4C71E7437049E75DC854C1664232F] [SPRF][11/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD4F57.exe [40337408]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][08/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD50DD.exe [47796216]
[MD5.0AD77682901165AAECDBBAD244418E22] [SPRF][27/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5408.exe [18726912]
[MD5.2899C93D849A173CDA606975DD86937B] [SPRF][31/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5447.exe [4507648]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][30/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD55C.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][13/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD562A.exe [47796216]
[MD5.D32FA9F9441354E1EE3590FB1DC0A91C] [SPRF][05/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5994.exe [47089664]
[MD5.0F2370C32470FC2102FF9846493B058C] [SPRF][05/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5A4F.exe [21846016]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][27/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5C23.exe [47796216]
[MD5.C4AF497BB31A3C8B2A17B27AB79CAFDD] [SPRF][16/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5D2C.exe [28635136]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][07/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5DC8.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][09/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6048.exe [47796216]
[MD5.A4630A2C1867CF34F7E50CCC8AA3ED43] [SPRF][13/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD61CE.exe [32417792]
[MD5.2F984C31CC880D7E6E9AEABD4533BCDF] [SPRF][07/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD627.exe [14368768]
[MD5.47B006C641BBA15A8604AB225EED45D9] [SPRF][21/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD637.exe [38428672]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][28/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD63E0.exe [47796216]
[MD5.798D0301796D8AA317BD6579A87512E2] [SPRF][26/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6650.exe [2203648]
[MD5.9B7AECBEFF514C14E677E5D8228B0266] [SPRF][06/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD68DF.exe [45185024]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][05/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6A46.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][29/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6BFB.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][15/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6C78.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][30/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD70DB.exe [47796216]
[MD5.1CF9C7DF95D774072890EE6B17535F11] [SPRF][04/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD721.exe [35835904]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][12/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD73F7.exe [47796216]
[MD5.55C0046E9DF56154C6005B852768A31D] [SPRF][17/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7445.exe [20664320]
[MD5.68545148D0CF369A9E3438D65F9EEA97] [SPRF][16/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7722.exe [4014080]
[MD5.8563D0C83AB038388539DFB74942FA59] [SPRF][06/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD79E.exe [23556096]
[MD5.0C8237BBEB8BAC2C242BB5C3BF08B59C] [SPRF][24/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD79FF.exe [28805120]
[MD5.0E5C8A489E45CCE4CE7FED6C7AAFADA3] [SPRF][10/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7A0F.exe [1316864]
[MD5.0AF060ABB73E121BCF66AE7956474CFA] [SPRF][05/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7AD9.exe [39809024]
[MD5.54A9EC7966B44D94437753C6657862A4] [SPRF][16/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7CC.exe [8073216]
[MD5.661D052FEF592AC30A7071933BD599C7] [SPRF][29/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD83A.exe [47783936]
[MD5.4AA3875D146A0E55B5D87E3EFC2DEE00] [SPRF][28/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD8748.exe [41961472]
[MD5.68C4C728D1059932D1B0AFD3305F38AC] [SPRF][06/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD905C.exe [29462528]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][19/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD909B.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][03/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9127.exe [47796216]
[MD5.3ABB6F21B1CC66AE223436AE7FF96BDA] [SPRF][17/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9AA9.exe [13215744]
[MD5.BF13746BE7B19C06F062E39BA3906ED2] [SPRF][24/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9C.exe [133120]
[MD5.C67819FC745F8DF5821A22C21FF27DEF] [SPRF][02/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9CBB.exe [29779968]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][27/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9D09.exe [47796216]
[MD5.B0E00695AC37C276CEB45D2687DB1D4B] [SPRF][23/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9F4A.exe [6393856]
[MD5.7D92442E3228FF280F463068AEAEDBD7] [SPRF][12/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADA90A.exe [37617664]
[MD5.572D74647A7EBE735F7E3BAD49EAAB26] [SPRF][17/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADA9D5.exe [5648384]
[MD5.16F436F8FBD1E1E2DAFBBC82F03C70B4] [SPRF][17/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADAC9.exe [21161984]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][07/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADACF1.exe [47796216]
[MD5.4080C125598459D7DB4EC7610B47AA39] [SPRF][04/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADAE57.exe [3231744]
[MD5.B61F60A7F51D24FD8DC006C000E3100A] [SPRF][11/01/2013] (...) -- C:\Users\Admin Parents\AppData\Local\Temp\EADAF51.exe [4096]
[MD5.2897C377E82319E237E87E54887ACDD5] [SPRF][17/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADAFBE.exe [5564416]
[MD5.5792C3BA146D1749E265A1156676FB24] [SPRF][04/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB17.exe [25159680]
[MD5.AC5CAECD7E9E0FF8272C5B614757B33E] [SPRF][17/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB173.exe [42084352]
[MD5.BB4AA496DA8027863AE21BEBD97C92E9] [SPRF][20/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB1D1.exe [29986816]
[MD5.804FD7A1B8BFA1885B07F7D5BC3DDBC4] [SPRF][13/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB21F.exe [23373824]
[MD5.C745A2296B4B2C6B4AE9F7FA51917504] [SPRF][19/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB22E.exe [22302720]
[MD5.4ECADE91F4E348C17BF07113AF8B0111] [SPRF][29/08/2012] (.Electronic Arts, Inc. - Origin
J'ai fais l'analyse, et voici ce qu'il me mette :
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ System Information
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1949 MB (28% free)
System Restore: Activé (Enable)
System drive C: has 47 GB (31%) free of 149 GB
---\\ Logged in mode
~ Computer Name: WIN-V6NU33BRBRA
~ User Name: Admin Parents
~ All Users Names: Collégien, Administrateur, Admin Parents,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Admin Parents\AppData\Roaming\
~ %Desktop% : C:\Users\Admin Parents\Contacts\Desktop\
~ %Favorites% : C:\Users\Admin Parents\Favorites\
~ %LocalAppData% : C:\Users\Admin Parents\AppData\Local\
~ %StartMenu% : C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 47 Go of 149 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 148 Go of 148 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 31 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.2C96B3921B4CDE10DBAED5AAD760DB67] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.04/04/2013 - 23:02:17.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 22:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 22:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 22:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 22:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 06:40:54.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/3769
~ Mes musiques (My Musics) : 1/258
~ Mes Videos (My Videos) : 1/22
~ Mes Favoris (My Favorites) : 1/2
~ Mes Documents (My Documents) : 1/34
~ Mon Bureau (My Desktop) : 1/2
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 38s
---\\ Processus lancés
[MD5.C341871CA99AD83431F816FAB7BC030E] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [142680] [PID.3288]
[MD5.204BA7516E9C5B651718513E162884DA] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [175960] [PID.3296]
[MD5.74EF7E8A7E71F542AF3F4FA5E0AEB28A] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [177496] [PID.3304]
[MD5.3092B1B5C56AFD5AE3BA28F5950C4B15] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [266584] [PID.3336]
[MD5.1FAA54E9FFEA6FD3E0CEAD951CDDFEF6] - (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34160] [PID.3416]
[MD5.C4038305F2A5FE718447963A3BB5F7EE] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [521640] [PID.3436]
[MD5.0D65FA5F68BC590B65E4035ABBF47470] - (.TOSHIBA Corporation - TOSHIBA Flash Cards Main Module.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [844152] [PID.3472]
[MD5.ADC10BE320A29259270B4A93A24A78D3] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576] [PID.3556]
[MD5.F0B4D4E6A359CB0466CCA2282FC344FF] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1530472] [PID.3584]
[MD5.09CCC4EEBF28D763AD1E4F9824DA9FEC] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2184488] [PID.3592]
[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.3656]
[MD5.D3AC38E80E928CC61A22650E04423BB8] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [979328] [PID.3772]
[MD5.721F0968FE8281EF36001FE92E747313] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [107816] [PID.3784]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files\RocketDock\RocketDock.exe [495616] [PID.3912]
[MD5.B4B60197F696B9B239478A97CCC6CD48] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHBE.exe [212480] [PID.4076]
[MD5.AAB979089E192ACC0FE1E3C018F8B591] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Admin Parents\AppData\Local\Akamai\netsession_win.exe [4480768] [PID.2276]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18642024] [PID.1412]
[MD5.5F15FCD952704531C075F1D3AA294AB5] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [186712] [PID.2176]
[MD5.9C7AC522ED2698133137A8521DBD2723] - (.TMRG, Inc. - Relevant-Knowledge.) -- C:\Program Files\RelevantKnowledge\rlvknlg.exe [3396888] [PID.2292] =>Adware.RelevantKnowledge
[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [920472] [PID.4984]
[MD5.8EB3AA65A8D576A7C0D18859E26F05F6] - (.TOSHIBA Corporation - TosSENotify.exe.mui.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1021344] [PID.2224]
[MD5.7D04F8CF659D852BC8D7275BD92DC000] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [507624] [PID.4244]
[MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.4528]
[MD5.23AA0FDCBDD87D0B78092798C68312D8] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe [1855880] [PID.2300]
[MD5.B0FD3872F6958AA93D6A7103AC01852C] - (...) -- C:\Program Files\VideoLAN\VLC\vlc.exe [108032] [PID.2368]
[MD5.5915F5435337A5B4A68724925A27CB0F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Admin Parents\Downloads\ZHPDiag\ZHPDiag.exe [7386624] [PID.5908]
~ Processes Running: Scanned in 00mn 06s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Admin Parents\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [bdlfdaajmclngiomogmleihllaejcnni] FB Refresh v.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [beobeededemalmllhkmnkinmfembdimh] TV v.1.0.12 (Activé)
G2 - GCE: Preference [User Data\Default] [boeajhmfdjldchidhphikilcgdacljfm] Facebook v.1.0.3 (Activé)
G2 - GCE: Preference [User Data\Default] [dffhljlmcohcioeilbnpmbchdcbhifdh] WiseConvert 1.5 v.10.13.1.89 (Désactivé) =>Toolbar.Conduit
G2 - GCE: Preference [User Data\Default] [dhkplhfnhceodhffomolpfigojocbpcb] Babylon Toolbar v.1.6 (Désactivé) =>Toolbar.Babylon
G2 - GCE: Preference [User Data\Default] [gaiilaahiahdejapggenmdmafpmbipje] DealPly v.3.0.7.2 (Désactivé) =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [iblenkmcolcdonmlfknbpbgjebabcoae] We Heart It v.3.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [ifjamchknccokmaecnbknhbfhaicfafd] FileConverter 1.5 v.2.3.15.10 (Désactivé)
G2 - GCE: Preference [User Data\Default] [ifkgichhpmabepjkbkmfeclembjdbpml] One Direction App v.3.2 (Activé)
G2 - GCE: Preference [User Data\Default] [igdhbblpcellaljokkpfhcjlagemhgjl] Iminent v.5.14.1.0 (Désactivé) =>Adware.IMBooster
G2 - GCE: Preference [User Data\Default] [inkcgocbdfgfhgijdafhgkbijdmhcbmk] Vulpix Theme v.1.0.4 (Activé)
G2 - GCE: Preference [User Data\Default] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.24 (Désactivé) =>Toolbar.Wajam
G2 - GCE: Preference [User Data\Default] [mkndcbhcgphcfkkddanakjiepeknbgle] RelevantKnowledge v.1.3.332.1 (Désactivé) =>Adware.RelevantKnowledge
G2 - GCE: Preference [User Data\Default] [npfkoakaabdallkcdbpkkhfilkkngakh] Deezer v.1.3.2 (Activé)
~ Google Browser: 26 Legitimates Filtered in 00mn 42s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Admin Parents\AppData\Roaming\Mozilla\Firefox\Profiles\3r5yadp5.default\prefs.js
C:\Users\Admin Parents\AppData\Roaming\Mozilla\Firefox\Profiles\3r5yadp5.default\user.js
M3 - MFPP: Plugins - [Admin Parents] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M2 - MFEP: prefs.js [Admin Parents - 3r5yadp5.default\{33e0daa6-3af3-d8b5-6752-10e949c61516}] [] Complitly - Speed up your search with your personal search suggestions tool v1.1 (..) =>Adware.PredictAd
M2 - MFEP: prefs.js [Admin Parents - 3r5yadp5.default\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] [] PriceGong v2.6.10 (..) =>Adware.PriceGong
M2 - MFEP: prefs.js [Admin Parents - 3r5yadp5.default\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}] [] DealPly v2.0 (..) =>PUP.DealPly
P2 - FPN: [HKLM] [@Skype.com/Skype Web Plugin] - (.Skype - Skype Web Plugin.) -- C:\Program Files\SkypeWebPlugin\npSkypeWebPlugin.dll
~ Firefox Browser: 26 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = file:///c:/program files/oise/graphique/ordi60/bienvenue.html
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: BHO - {47B614AF-B4CC-485B-B331-BE26F02ED4CC} . (.Pas de propriétaire - TODO: <File description>.) -- C:\Program Files\Browser Helper Object\Internet Explorer\IEAddon.dll
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files\Wajam\IE\priam_bho.dll =>Toolbar.Wajam
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} . (.SimplyGen - Complitly - Helps you search the web.) -- C:\Users\Admin Parents\AppData\Roaming\Complitly\Complitly.dll =>Adware.PredictAd
~ BHO: 7 Legitimates Filtered in 00mn 02s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe
O4 - HKLM\..\Run: [HWSetup] . (.TOSHIBA Electronics, Inc. - HWSetup.) -- C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
O4 - HKLM\..\Run: [KeNotify] . (.TOSHIBA CORPORATION - KeNotify MFC Application.) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
O4 - HKLM\..\Run: [TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards Main Module.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [LAUNCHER_FILTER] . (...) -- C:\Program Files\Profil Parental Filter\LaunchAppEpcp2.exe
O4 - HKLM\..\Run: [LOGGING_FILTER] . (...) -- C:\Program Files\Profil Parental Filter\LoggingEpcp2.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Admin Parents\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Admin Parents\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Epson Stylus SX440(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHBE.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Admin Parents\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Admin Parents\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Admin Parents\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Epson Stylus SX440(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHBE.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Admin Parents\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-3511072534-1929738600-3174194998-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
~ Application: Scanned in 00mn 02s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer (3).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer (4).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Mozilla Firefox (2).lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: Windows Explorer (2).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer (3).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer (4).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer (5).lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Wakfu.lnk . (...) -- C:\Users\Admin Parents\Contacts\Desktop\Wakfu\UpLauncher.exe (.not file.)
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe
O4 - GS\SendTo: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe
O4 - GS\SendTo: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe
O4 - GS\Desktop: Assistance.lnk . (...) -- C:\Program Files\Oise\Ordi60\Documentation\Assistance
O4 - GS\Desktop: Documentation.lnk . (...) -- C:\Program Files\Oise\Ordi60\Documentation
O4 - GS\Desktop: Options d'ergonomie.lnk - Clé orpheline
O4 - GS\Desktop: Piano Virtuel Midi.lnk . (.Home - Pas de description.) -- C:\Program Files\Pvm\Piano virtuel midi.exe
O4 - GS\Desktop: Sauvegarder et restaurer.lnk - Clé orpheline
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Admin Parents\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Songr.lnk . (.Xamasoft - Songr.) -- C:\Users\Admin Parents\AppData\Local\Songr\Songr.exe
O4 - GS\TaskBar: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - GS\Programs: Songr.lnk . (.Xamasoft - Songr.) -- C:\Users\Admin Parents\AppData\Local\Songr\Songr.exe
O4 - GS\QuickLaunch: Free MP3 WMA OGG Converter.lnk . (...) -- C:\Program Files\Free MP3 WMA OGG Converter\FreeMP3WMAConverter.exe
O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>P2P.µTorrent
O4 - GS\SendTo: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
O4 - GS\SendTo: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) -- C:\Program Files\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe
O4 - GS\SendTo: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) -- C:\Program Files\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
~ Global Startup: Scanned in 00mn 05s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpNameServer = 192.168.1.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpDomain = drbl.name
O17 - HKLM\System\CCS\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpNameServer = 192.168.1.1 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpDomain = drbl.name
O17 - HKLM\System\CS1\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpNameServer = 192.168.1.1 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{6D509AAC-E43B-4534-819B-7C926BA8BA97}: DhcpDomain = drbl.name
O17 - HKLM\System\CS2\Services\Tcpip\..\{77DD3F5A-461A-446F-8554-7F9A6CB9D9C2}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: RelevantKnowledge (RelevantKnowledge) . (.TMRG, Inc. - Relevant-Knowledge.) - C:\Program Files\RelevantKnowledge\rlservice.exe =>Adware.RelevantKnowledge
O23 - Service: Profil Parental Filter (ServiceFilterEpcp2) . (...) - C:\Program Files\Profil Parental Filter\ServiceEpcp2.exe
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam
~ Services: 13 Legitimates Filtered in 00mn 22s
---\\ Tâches planifiées en automatique (O39)
[MD5.A6D24077E8D9D58FA63389A34ED1DEC7] [APT] [DealPly] (...) -- C:\Users\Admin Parents\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe [93752] =>PUP.DealPly
[MD5.1F51E3ABEE4D0A89FC6ED450ECE7877A] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files\DealPly\DealPlyUpdate.exe [77848] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [{1431DC7D-1DAB-4331-B9F3-014C8FAD70C8}] (...) -- C:\Program Files\Le Robert\Le Petit Robert 2011\Robert.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1E93E0E1-5F21-43C8-817B-F3AFD449A040}] (...) -- H:\Ordi60 - Saison 4\Logiciels\00 - Flash Player\Install Flash Player 9 AX.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{23C4451B-6E3D-489C-BC83-22B7EE270576}] (...) -- H:\Ordi60 - Saison 4\Logiciels\00 - Flash Player\Install Flash Player 9 AX.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6AA445E9-01C4-4160-A71A-BF55A5A42601}] (...) -- C:\Program Files\Le Robert\Le Petit Robert 2011\Robert.exe (.not file.) [0]
[MD5.B4E0554B6B7AA6210FE93925A7299729] [APT] [{9405573F-AF4A-4C7D-AE1C-80DDC7E3396B}] (.eTeks.) -- C:\Program Files\Sweet Home 3D\SweetHome3D.exe [29696]
[MD5.00000000000000000000000000000000] [APT] [{CF2135DD-4FCF-4E0B-A592-19F57ED6C946}] (...) -- H:\Ordi60 - Saison 3\02 - Robert 2011\PR1_2011_Oise\setup\Robert.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FB3D4016-EBAB-46D6-9433-623A017117F6}] (...) -- C:\Program Files\Le Robert\Le Petit Robert 2011\Robert.exe (.not file.) [0]
~ Scheduled Task: 27 Legitimates Filtered in 00mn 25s
---\\ Logiciels installés (O42)
O42 - Logiciel: "La respiration" version 1.2a - (...) [HKLM] -- La respiration_is1
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU] -- Akamai
O42 - Logiciel: BabylonObjectInstaller - (.Babylon Ltd.) [HKLM] -- {83AA2913-C123-4146-85BD-AD8F93971D39} =>Toolbar.Babylon
O42 - Logiciel: Browser Helper Object - (.APC Soft.) [HKLM] -- Browser Helper Object1.4
O42 - Logiciel: Cartoon Maker - (...) [HKLM] -- Cartoon Maker1.7
O42 - Logiciel: Chroma v.2.5 - (.© Serge LAGIER.) [HKLM] -- Chroma_is1
O42 - Logiciel: Complitly - (...) [HKLM] -- Complitly_is1 =>Adware.PredictAd
O42 - Logiciel: DealPly - (...) [HKCU] -- DealPly =>PUP.DealPly
O42 - Logiciel: Destination métiers 3.0 - (.Onisep.) [HKLM] -- Destination métiers
O42 - Logiciel: Mon journal intime - (.OriaSoft.) [HKLM] -- {13AB20A1-6D8B-42EE-A65D-A64462B8D7F0}
O42 - Logiciel: OUIDIRE LookHere 1.1.3 - (...) [HKLM] -- OUIDIRE LookHere_is1
O42 - Logiciel: OUIDIRE Ohrenauf 1.1.3 - (...) [HKLM] -- OUIDIRE Ohrenauf_is1
O42 - Logiciel: Optikos v.1.1 - (.© Serge LAGIER.) [HKLM] -- Optikos_is1
O42 - Logiciel: Oscillo v.3.6 - (.© Serge LAGIER.) [HKLM] -- Oscillo_is1
O42 - Logiciel: RelevantKnowledge - (.TMRG, Inc..) [HKLM] -- {d08d9f98-1c78-4704-87e6-368b0023d831} =>Adware.RelevantKnowledge
O42 - Logiciel: Video Journal Version 2.04 - (.GirlTech.) [HKLM] -- Video Journal_is1
O42 - Logiciel: Wajam - (.Wajam.) [HKLM] -- Wajam =>Toolbar.Wajam
O42 - Logiciel: cbgeo - (...) [HKLM] -- cbgeo
O42 - Logiciel: cbgeofr - (...) [HKLM] -- cbgeofr
O42 - Logiciel: collatinus 8.1 - (.Collatinus.) [HKLM] -- {64E36A83-4937-4A73-95F5-DF59DC59B835}_is1
O42 - Logiciel: smartision ScreenCopy 2.3 - (.Steffen Schramm.) [HKLM] -- smartision ScreenCopy_is1
~ Logic: 183 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\SmartBar] =>Hijacker.SmartBar
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\Complitly] =>Adware.PredictAd
[HKCU\Software\DicoVerb]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\Softonic]
[HKCU\Software\Techlogg.com ToneShop]
[HKCU\Software\Wajam] =>Toolbar.Wajam
[HKLM\Software\Babylon] =>Toolbar.Babylon
[HKLM\Software\DealPly] =>PUP.DealPly
[HKLM\Software\EPCP2]
[HKLM\Software\Editions Profil - Profil Technology]
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\ONISEPCD1]
[HKLM\Software\ONISEPCD2]
[HKLM\Software\Phoenix Interactive]
~ Key Software: 268 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/04/2012 - 14:21:39 - [394,096] ----D C:\Program Files\Autopsie Accident
O43 - CFD: 14/09/2011 - 16:26:31 - [2,844] ----D C:\Program Files\AviStep
O43 - CFD: 11/10/2011 - 14:15:51 - [20,029] ----D C:\Program Files\Bridge Construction Set Demo
O43 - CFD: 28/05/2012 - 11:32:42 - [2,322] ----D C:\Program Files\Browser Helper Object
O43 - CFD: 28/05/2012 - 11:32:46 - [2,416] ----D C:\Program Files\Cartoon Maker
O43 - CFD: 07/10/2011 - 19:01:01 - [1,630] ----D C:\Program Files\cbgeo
O43 - CFD: 29/08/2011 - 11:33:48 - [2,948] ----D C:\Program Files\cbgeofr
O43 - CFD: 29/08/2011 - 11:37:03 - [0,850] ----D C:\Program Files\cbgeoit
O43 - CFD: 21/09/2011 - 18:03:30 - [19,628] ----D C:\Program Files\collatinus
O43 - CFD: 16/02/2012 - 23:23:01 - [0,753] ----D C:\Program Files\Complitly =>Adware.PredictAd
O43 - CFD: 21/09/2011 - 10:39:47 - [167,366] ----D C:\Program Files\Cyclo experience ELEVE
O43 - CFD: 20/05/2013 - 22:23:08 - [0,269] ----D C:\Program Files\DealPly =>PUP.DealPly
O43 - CFD: 21/09/2011 - 10:54:54 - [1074,205] ----D C:\Program Files\Destination métiers
O43 - CFD: 25/08/2011 - 22:46:39 - [0,389] ----D C:\Program Files\DicoVerb
O43 - CFD: 03/05/2012 - 21:21:59 - [71,033] ----D C:\Program Files\GirlTech
O43 - CFD: 21/09/2011 - 10:42:52 - [144,771] ----D C:\Program Files\Hector Collège
O43 - CFD: 22/09/2011 - 12:27:42 - [13,046] ----D C:\Program Files\Images Actives
O43 - CFD: 19/09/2011 - 15:21:05 - [263,833] ----D C:\Program Files\MathenPoche
O43 - CFD: 14/09/2011 - 17:04:48 - [43,545] ----D C:\Program Files\Mesurim_eztwain_13_12_2010
O43 - CFD: 21/09/2011 - 10:40:51 - [18,045] ----D C:\Program Files\Moduloroute
O43 - CFD: 08/10/2011 - 15:22:12 - [229,408] ----D C:\Program Files\Oise
O43 - CFD: 21/09/2011 - 10:57:22 - [1189,804] ----D C:\Program Files\onisep
O43 - CFD: 13/01/2013 - 17:16:29 - [48,571] ----D C:\Program Files\OriaSoft
O43 - CFD: 11/10/2011 - 10:36:40 - [35,998] ----D C:\Program Files\OUIDIRE LookHere
O43 - CFD: 11/10/2011 - 10:36:48 - [30,090] ----D C:\Program Files\OUIDIRE Ohrenauf
O43 - CFD: 28/08/2011 - 16:47:33 - [1,827] ----D C:\Program Files\plante4
O43 - CFD: 24/01/2013 - 18:15:20 - [0,049] ----D C:\Program Files\PriceGong =>Adware.PriceGong
O43 - CFD: 28/08/2011 - 16:49:03 - [2,266] ----D C:\Program Files\Pulmo
O43 - CFD: 22/09/2011 - 19:56:49 - [1,041] ----D C:\Program Files\Rasmol
O43 - CFD: 21/05/2013 - 00:53:45 - [6,634] ----D C:\Program Files\RelevantKnowledge =>Adware.RelevantKnowledge
O43 - CFD: 22/09/2011 - 17:09:22 - [24,274] ----D C:\Program Files\Serge_LAGIER
O43 - CFD: 29/08/2011 - 15:51:31 - [1,304] ----D C:\Program Files\smartision
O43 - CFD: 08/08/2012 - 17:45:43 - [10,932] ----D C:\Program Files\Techlogg.com ToneShop
O43 - CFD: 08/10/2011 - 14:27:43 - [142,677] ----D C:\Program Files\Tectoglob_08
O43 - CFD: 11/01/2013 - 23:14:09 - [0,562] ----D C:\Program Files\Wajam =>Toolbar.Wajam
O43 - CFD: 08/08/2012 - 20:08:26 - [0,004] ----D C:\ProgramData\1A13
O43 - CFD: 28/05/2012 - 11:32:48 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 22/09/2011 - 17:09:23 - [0,000] ----D C:\ProgramData\Serge_LAGIER
O43 - CFD: 11/01/2013 - 23:48:01 - [0] ----D C:\ProgramData\Tracing
O43 - CFD: 28/05/2012 - 11:32:48 - [0,010] ----D C:\Users\Admin Parents\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 16/02/2012 - 23:23:00 - [0,467] ----D C:\Users\Admin Parents\AppData\Roaming\Complitly =>Adware.PredictAd
O43 - CFD: 18/02/2013 - 03:59:11 - [0,090] ----D C:\Users\Admin Parents\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 14/02/2012 - 18:22:57 - [0,004] ----D C:\Users\Admin Parents\AppData\Roaming\ONISEP
O43 - CFD: 14/09/2011 - 17:34:49 - [0,000] ----D C:\Users\Admin Parents\AppData\Roaming\RasWin
O43 - CFD: 18/03/2013 - 17:10:14 - [42,863] ----D C:\Users\Admin Parents\AppData\Local\Akamai
O43 - CFD: 21/03/2013 - 19:43:25 - [0,570] ----D C:\Users\Admin Parents\AppData\Local\Babylon =>Toolbar.Babylon
O43 - CFD: 11/01/2013 - 23:13:44 - [0,054] ----D C:\Users\Admin Parents\AppData\Local\Wajam =>Toolbar.Wajam
O43 - CFD: 28/05/2012 - 11:32:46 - [0,004] ----D C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cartoon Maker
O43 - CFD: 08/08/2012 - 17:45:45 - [0] ----D C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Techlogg.com ToneShop
O43 - CFD: 11/01/2013 - 23:13:58 - [0,001] ----D C:\Users\Admin Parents\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam =>Toolbar.Wajam
~ 556 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 891 Legitimates Filtered in 03mn 22s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2FB6D122E77B183DB8525749C9B97023] - 21/05/2013 - 00:07:33 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [28080]
O44 - LFC:[MD5.2FB6D122E77B183DB8525749C9B97023] - 21/05/2013 - 00:07:33 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [28080]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/05/2013 - 20:01:34 ---A- . (...) -- C:\END [0]
~ Files: 42 Legitimates Filtered in 01mn 31s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.0E628BC116090C4E1984A7003D9F8D6B] - 14/05/2013 - 06:34:25 ---A- - C:\Windows\Prefetch\RTHDVBG.EXE-DFF40266.pf
O45 - LFCP:[MD5.85F8D96C91C7C4B2DEB8EFA9630D899F] - 20/05/2013 - 23:50:35 ---A- - C:\Windows\Prefetch\RLVKNLG.EXE-E04CF673.pf
~ Prefetcher: 82 Legitimates Filtered in 00mn 04s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "ClearRecentProgForNewUserInStartMenu"=1
~ MWPE Keys: 2 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 19/05/2013 - 23:08:38 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\ZHP.chm [706099]
O61 - LFC: 19/05/2013 - 23:09:40 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\ZHPScan.txt [89]
O61 - LFC: 20/05/2013 - 11:59:11 ---A- C:\Users\Admin Parents\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268398]
O61 - LFC: 20/05/2013 - 14:48:22 ---A- C:\Users\Admin Parents\AppData\Local\Google\Chrome\User Data\Local State [32656]
O61 - LFC: 20/05/2013 - 14:48:42 ---A- C:\Users\Admin Parents\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [6]
O61 - LFC: 20/05/2013 - 22:54:14 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\ZHPDiag.exe [7386624]
O61 - LFC: 20/05/2013 - 23:58:51 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag2(1).exe [5660352]
O61 - LFC: 20/05/2013 - 23:59:11 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\unins000.exe [694736]
O61 - LFC: 21/05/2013 - 00:01:36 ---A- C:\Users\Admin Parents\Downloads\ZHPDiag\unins000.dat [9134]
~ 35 Fichiers temporaires (Temporary files)
~ Files: 214 Legitimates Filtered in 08mn 46s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Admin Parents\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com =>Toolbar.Babylon
O69 - SBI: SearchScopes [HKCU] {286A4D0E-276B-4234-8BC9-563C1517BA17} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.98E8E46A72919905D6A686605AB38E64] [SPRF][28/02/2012] (.Adobe Systems Inc. - Adobe AIR Installer.) -- C:\Users\Admin Parents\AppData\Local\Temp\AdobeAIRInstaller.exe [15160720]
[MD5.AD503ADB60349AD245CA07948141E9A4] [SPRF][08/08/2012] (.Musiclab, LLC - BearShare.) -- C:\Users\Admin Parents\AppData\Local\Temp\BearShare_setup.exe [2395272] =>PUP.BearShare
[MD5.132E1C3A27E824EB6B120226AC368593] [SPRF][17/03/2012] (.Conduit - Pas de description.) -- C:\Users\Admin Parents\AppData\Local\Temp\conduitinstaller.exe [211032] =>Toolbar.Conduit
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][10/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD118.exe [47796216]
[MD5.5BAF84812F4E60CB6714D77882FB6763] [SPRF][29/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1286.exe [20348928]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][07/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD138F.exe [47796216]
[MD5.D20CB3C32A51199E4B70670A12F19844] [SPRF][18/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD15D0.exe [23222272]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][11/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD16DA.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][04/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1747.exe [47796216]
[MD5.B7846BE1C8D73F606EBD01D1108BB2F1] [SPRF][24/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD17C4.exe [15958016]
[MD5.BEA06FA94CF556A2F4252A511F6C5A7D] [SPRF][22/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD17F2.exe [3719168]
[MD5.5363D2A4014EA29F59129F90379C77E3] [SPRF][28/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD193A.exe [10168320]
[MD5.8A540A86306812D7374878BF1F0B23BA] [SPRF][02/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1C36.exe [614400]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][06/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1C84.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][27/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1CA4.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][20/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1DBC.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][21/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1E87.exe [47796216]
[MD5.8A2ABF7371FC52990CDF89D2228C31CB] [SPRF][27/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1E88.exe [5910528]
[MD5.9A8C40EDA68AF017B448F21CA0C1C347] [SPRF][06/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1EF4.exe [7694336]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][24/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1F3.exe [47796216]
[MD5.EC3AD4E5190C5D210D20866573FB8AEE] [SPRF][19/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD1F52.exe [41132032]
[MD5.26AA954D135E74A0E2416B2984F9D1D7] [SPRF][19/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD20E8.exe [458752]
[MD5.5C87E5E8DE180A4DDD6689212638C36E] [SPRF][03/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2145.exe [12392448]
[MD5.B7B4112C0F974DD37960C1FD83BC7179] [SPRF][13/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2174.exe [1712128]
[MD5.503DECAA548748EDAD5FE5E2A2B4EB99] [SPRF][29/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2338.exe [45924352]
[MD5.F32F707A2C8E26B0A60CCDBEA73E0B06] [SPRF][09/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD24BE.exe [29536256]
[MD5.58E82D9C68E9D05AF48ADE5FA273264C] [SPRF][25/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD252C.exe [25106432]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][09/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD253B.exe [47796216]
[MD5.DBA2EB70651F07601FA7E540E86D70F9] [SPRF][23/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2644.exe [20531200]
[MD5.E4837A996D9D61E88F8871616823DBD5] [SPRF][21/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD26C1.exe [9553920]
[MD5.1C9930E0F7ADCA6820156EB28672419D] [SPRF][09/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2B34.exe [16678912]
[MD5.DDFC403B35A288ECA2EC0160B77E9629] [SPRF][10/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2C7C.exe [44455936]
[MD5.D02006CB20DE9F490D2EFA75039B2003] [SPRF][14/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2E.exe [35753984]
[MD5.B6456D68AD1D87A8B68FBAB08F86A753] [SPRF][29/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2F97.exe [679936]
[MD5.A958B8F50BAA7F4B325A37AABC5EFE71] [SPRF][11/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2FA7.exe [37902336]
[MD5.AF3A45E6FCF3DED64B330C769FA75FF8] [SPRF][15/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2FC.exe [17942528]
[MD5.DEB44FEFDDBF2DFF62855B55D804E5D7] [SPRF][12/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2FF5.exe [7854080]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][21/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD2FF6.exe [47796216]
[MD5.3DD4EF11C811B81971E76ABAB3AF581D] [SPRF][15/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3014.exe [4698112]
[MD5.C444E2350D5FF198934E00F2DEF7B872] [SPRF][08/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD341A.exe [41199616]
[MD5.8A8897446D7C0D241DE13F39C3C103CF] [SPRF][14/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3764.exe [32428032]
[MD5.34266AC0F13522D0086A016D7FCDD2BC] [SPRF][24/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3909.exe [282624]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][09/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3B4A.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][18/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3EE3.exe [47796216]
[MD5.911B225272BB560A6FE3956640002C0E] [SPRF][26/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD3F60.exe [9984000]
[MD5.0BA208A3923F47E77B0F32D72319E246] [SPRF][22/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD4134.exe [26830848]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][29/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD429A.exe [47796216]
[MD5.8A60262B5C4B41AE403A7146E6B02394] [SPRF][05/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD452A.exe [13099008]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][14/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD45E5.exe [47796216]
[MD5.83F716CBD6FDFC467EA931BC8F866300] [SPRF][25/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD4642.exe [45699072]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][14/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD472.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][07/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD473C.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][14/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD49CB.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][13/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD4B80.exe [47796216]
[MD5.35F4C71E7437049E75DC854C1664232F] [SPRF][11/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD4F57.exe [40337408]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][08/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD50DD.exe [47796216]
[MD5.0AD77682901165AAECDBBAD244418E22] [SPRF][27/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5408.exe [18726912]
[MD5.2899C93D849A173CDA606975DD86937B] [SPRF][31/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5447.exe [4507648]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][30/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD55C.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][13/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD562A.exe [47796216]
[MD5.D32FA9F9441354E1EE3590FB1DC0A91C] [SPRF][05/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5994.exe [47089664]
[MD5.0F2370C32470FC2102FF9846493B058C] [SPRF][05/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5A4F.exe [21846016]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][27/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5C23.exe [47796216]
[MD5.C4AF497BB31A3C8B2A17B27AB79CAFDD] [SPRF][16/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5D2C.exe [28635136]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][07/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD5DC8.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][09/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6048.exe [47796216]
[MD5.A4630A2C1867CF34F7E50CCC8AA3ED43] [SPRF][13/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD61CE.exe [32417792]
[MD5.2F984C31CC880D7E6E9AEABD4533BCDF] [SPRF][07/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD627.exe [14368768]
[MD5.47B006C641BBA15A8604AB225EED45D9] [SPRF][21/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD637.exe [38428672]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][28/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD63E0.exe [47796216]
[MD5.798D0301796D8AA317BD6579A87512E2] [SPRF][26/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6650.exe [2203648]
[MD5.9B7AECBEFF514C14E677E5D8228B0266] [SPRF][06/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD68DF.exe [45185024]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][05/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6A46.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][29/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6BFB.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][15/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD6C78.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][30/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD70DB.exe [47796216]
[MD5.1CF9C7DF95D774072890EE6B17535F11] [SPRF][04/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD721.exe [35835904]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][12/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD73F7.exe [47796216]
[MD5.55C0046E9DF56154C6005B852768A31D] [SPRF][17/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7445.exe [20664320]
[MD5.68545148D0CF369A9E3438D65F9EEA97] [SPRF][16/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7722.exe [4014080]
[MD5.8563D0C83AB038388539DFB74942FA59] [SPRF][06/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD79E.exe [23556096]
[MD5.0C8237BBEB8BAC2C242BB5C3BF08B59C] [SPRF][24/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD79FF.exe [28805120]
[MD5.0E5C8A489E45CCE4CE7FED6C7AAFADA3] [SPRF][10/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7A0F.exe [1316864]
[MD5.0AF060ABB73E121BCF66AE7956474CFA] [SPRF][05/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7AD9.exe [39809024]
[MD5.54A9EC7966B44D94437753C6657862A4] [SPRF][16/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD7CC.exe [8073216]
[MD5.661D052FEF592AC30A7071933BD599C7] [SPRF][29/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD83A.exe [47783936]
[MD5.4AA3875D146A0E55B5D87E3EFC2DEE00] [SPRF][28/11/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD8748.exe [41961472]
[MD5.68C4C728D1059932D1B0AFD3305F38AC] [SPRF][06/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD905C.exe [29462528]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][19/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD909B.exe [47796216]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][03/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9127.exe [47796216]
[MD5.3ABB6F21B1CC66AE223436AE7FF96BDA] [SPRF][17/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9AA9.exe [13215744]
[MD5.BF13746BE7B19C06F062E39BA3906ED2] [SPRF][24/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9C.exe [133120]
[MD5.C67819FC745F8DF5821A22C21FF27DEF] [SPRF][02/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9CBB.exe [29779968]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][27/08/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9D09.exe [47796216]
[MD5.B0E00695AC37C276CEB45D2687DB1D4B] [SPRF][23/01/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EAD9F4A.exe [6393856]
[MD5.7D92442E3228FF280F463068AEAEDBD7] [SPRF][12/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADA90A.exe [37617664]
[MD5.572D74647A7EBE735F7E3BAD49EAAB26] [SPRF][17/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADA9D5.exe [5648384]
[MD5.16F436F8FBD1E1E2DAFBBC82F03C70B4] [SPRF][17/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADAC9.exe [21161984]
[MD5.9FF6078C0DEA0672EAD358A1EC359F70] [SPRF][07/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADACF1.exe [47796216]
[MD5.4080C125598459D7DB4EC7610B47AA39] [SPRF][04/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADAE57.exe [3231744]
[MD5.B61F60A7F51D24FD8DC006C000E3100A] [SPRF][11/01/2013] (...) -- C:\Users\Admin Parents\AppData\Local\Temp\EADAF51.exe [4096]
[MD5.2897C377E82319E237E87E54887ACDD5] [SPRF][17/09/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADAFBE.exe [5564416]
[MD5.5792C3BA146D1749E265A1156676FB24] [SPRF][04/02/2013] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB17.exe [25159680]
[MD5.AC5CAECD7E9E0FF8272C5B614757B33E] [SPRF][17/10/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB173.exe [42084352]
[MD5.BB4AA496DA8027863AE21BEBD97C92E9] [SPRF][20/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB1D1.exe [29986816]
[MD5.804FD7A1B8BFA1885B07F7D5BC3DDBC4] [SPRF][13/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB21F.exe [23373824]
[MD5.C745A2296B4B2C6B4AE9F7FA51917504] [SPRF][19/12/2012] (.Electronic Arts, Inc. - Origin.) -- C:\Users\Admin Parents\AppData\Local\Temp\EADB22E.exe [22302720]
[MD5.4ECADE91F4E348C17BF07113AF8B0111] [SPRF][29/08/2012] (.Electronic Arts, Inc. - Origin
Utilisateur anonyme
21 mai 2013 à 19:02
21 mai 2013 à 19:02
Bonsoir
Le rapport est incomplet.
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
Si problème utilise un des suivants
https://forums-fec.be/upload
https://www.cjoint.com/
Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
Clique sur Ouvrir.
Clique sur "Envoyer le fichier".
Un lien de cette forme :
http://pjjoint.malekal.com/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
@+
Le rapport est incomplet.
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
Si problème utilise un des suivants
https://forums-fec.be/upload
https://www.cjoint.com/
Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
Clique sur Ouvrir.
Clique sur "Envoyer le fichier".
Un lien de cette forme :
http://pjjoint.malekal.com/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
@+
Eva.Problèmes
Messages postés
5
Date d'inscription
mercredi 8 mai 2013
Statut
Membre
Dernière intervention
27 août 2013
25 mai 2013 à 17:39
25 mai 2013 à 17:39
Où je dois trouver ce ficher ? Et de quel sujet parles-tu ?