Sujet Précédent Sujet Suivant

Internet rame surtout en regardant une vidéo

reezerb Messages postés 12 Statut Membre -  
neolythique57 Messages postés 584 Statut Membre -
Bonjour,

voici quelques jours (semaines) que j'ai internet, mozilla, chrome qui bug mais surtout quand je veux regarder des vidéos sur youtube c'est pas fluide :/ mais pas dutout alors que le reste sur mon pc est fluide...

Quelqu'un pourrait-il m'aider svp?

Merci

Reezerb

22 réponses

  • 1
  • 2
Réponse 1 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
envoye le rapport
0
Réponse 2 / 22
reezerb Messages postés 12 Statut Membre
 
Voilà celui que j'ai fait aujourd'hui

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

Dossier Présent C:\ProgramData\boost_interprocess

***** [ Raccourcis ] *****

***** [ Registre ] *****

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Mozilla Firefox v

[ Fichier : C:\Users\alex1409\AppData\Roaming\Mozilla\Firefox\Profiles\pijxbzuv.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [7435 octets] - [08/01/2014 17:04:36]
AdwCleaner[R1].txt - [888 octets] - [12/01/2014 14:33:15]
AdwCleaner[S0].txt - [6885 octets] - [08/01/2014 17:13:58]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1007 octets] ##########

J'avais déjà une fois nettoyé avec ZHP

~ Rapport de ZHPDiag v2014.1.2.5 - Nicolas Coolman (02-01-14)
~ Lancé par alex1409 (08-01-14 17:57:37)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476 (Defaut)
GCIE: Google Chrome v31.0.1650.63

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1, 64-bit (Build 9600)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : DYFD6
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Internet Security v9.0.2011
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Internet Security Suite v12.8.856
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.08 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.7

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1931 MB (9% free)
System Restore: Activé (Enable)
System drive C: has 20 GB (36%) free of 55 GB

---\\ Mode de connexion au système
~ Computer Name: ALEX
~ User Name: alex1409
~ All Users Names: alex1409, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\alex1409\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\alex1409\AppData\Roaming\
~ %Desktop% : C:\Users\alex1409\Desktop\
~ %Favorites% : C:\Users\alex1409\Favorites\
~ %LocalAppData% : C:\Users\alex1409\AppData\Local\
~ %StartMenu% : C:\Users\alex1409\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 20 Go of 55 Go)

---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Explorateur Windows.) (.22-10-13 - 08:55:27.) -- C:\Windows\Explorer.exe [2328872]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22-08-13 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26-11-13 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.22-08-13 - 10:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Bibliothèque de licences.) (.22-08-13 - 11:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22-08-13 - 14:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22-08-13 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22-08-13 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22-08-13 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22-08-13 - 12:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22-08-13 - 12:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22-08-13 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.E23D32BAF152FBE35F18C6A2AB8EF271] - (.Microsoft Corporation - IP Network Address Translator.) (.30-09-13 - 05:14:00.) -- C:\Windows\system32\Drivers\IpNat.sys [141824]
[MD5.6129EDB793A4255B1E2FB41773AC9D9A] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30-09-13 - 05:13:57.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404992]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22-08-13 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.22-08-13 - 14:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22-08-13 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22-08-13 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.30-09-13 - 04:59:53.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22-08-13 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.22-08-13 - 13:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160]
~ Generic Processes: Scanned in 00mn 02s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/70
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 1/156
~ Mon Bureau (My Desktop) : 3/42
~ Menu demarrer (Programs) : 1/41
~ Hidden Files: Scanned in 00mn 01s

---\\ Processus lancés
[MD5.89770C53B0CE6B2D5CCCF94FEB126177] - (.Pas de propriétaire - HID Monitor MFC Application.) -- C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe [30640] [PID.3348]
[MD5.2F03C763EE0DFB4DE56176737DEFB2E2] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [21184] [PID.3660]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.4964]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.132]
[MD5.03E8686F0CA2B27B3E6C6E4531AF54AB] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285680] [PID.5848]
[MD5.0BFF19C431EB8AE12259AAD5E9F3B56F] - (.Pas de propriétaire - iuBrowserIEAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [44616] [PID.2256]
[MD5.2348CB1F0241CE5D6C0EC348354E325E] - (.Pas de propriétaire - iuEmailOutlookAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [25672] [PID.760]
[MD5.534A3CB0847BA114F0D8A5F2BB2EF6D0] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [887432] [PID.3524]
[MD5.EE889775E0F9755C90FAEBFB93FBD781] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [805992] [PID.4816]
[MD5.B2CEC71D9D94278D3DDFC24382FE3867] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe [778792] [PID.7412]
[MD5.486BDC196F8914845302745A15310D62] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8321024] [PID.7920]
~ Processes Running: Scanned in 00mn 01s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Managerr v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [fbdagnimlohkpamglloopgfnoiijpmoj] PassWidget v.1.134 (Activé) =>PUP.PassWidget
G2 - GCE: Preference [User Data\Default] [fjoijdanhaiflhibkljeklcghcmmfffh] Web Cake v.1.0.3 (Activé) =>Adware.WebCake
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
~ Google Browser: 16 Legitimates Filtered in 00mn 17s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\alex1409\AppData\Roaming\Mozilla\Firefox\Profiles\pijxbzuv.default\prefs.js
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\QuickLaunch [alex1409]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [alex1409]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [alex1409]: Docs.lnk . (...) -- C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe
O4 - GS\TaskBar [alex1409]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [alex1409]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [alex1409]: alexandre geradon.lnk . (...) -- C:\Users\alex1409
O4 - GS\Program [alex1409]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [alex1409]: Ordinateur - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [alex1409]: VirtualDJ Acer Edition.lnk . (.Atomix Productions - VirtualDJ.) -- C:\Program Files (x86)\VirtualDJ\virtualdj_acer.exe
~ Global Startup: 45 Legitimates Filtered in 00mn 01s

---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [alex1409]: Envoyer à OneNote.lnk . (.Microsoft Corporation - Send to OneNote Tool.) -- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.exe
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe =>.Symantec Corporation
O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-4115680413-4195575985-3915961318-1001\..\Run: [Speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe
~ Application: Scanned in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~3\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~3\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A3C800B-D3F7-47F2-BCEC-C705B1139304}: DhcpNameServer = 138.48.104.17 138.48.104.18
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A3C800B-D3F7-47F2-BCEC-C705B1139304}: DhcpDomain = wifi.fundp.ac.be
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A3C800B-D3F7-47F2-BCEC-C705B1139304}: DhcpNameServer = 138.48.104.17 138.48.104.18
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A3C800B-D3F7-47F2-BCEC-C705B1139304}: DhcpDomain = wifi.fundp.ac.be
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 138.48.104.17 138.48.104.18
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: PassWidget - (.PassWidget Software.) [HKLM][64Bits] -- {30a1801e-d40c-497d-9e9b-4f454a36d71e} =>PUP.PassWidget
~ Logic: 26 Legitimates Filtered in 00mn 02s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Pando Networks]
[HKCU\Software\SpeedBit]
[HKLM\Software\SpeedBit]
[HKLM\Software\Wow6432Node\Pando Networks]
~ Key Software: 239 Legitimates Filtered in 00mn 02s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14-08-13 - 22:06:55 - [7,182] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 04-08-13 - 19:36:17 - [0] ----D C:\Program Files (x86)\Common Files\SpeedBit
O43 - CFD: 08-01-14 - 17:16:52 - [0,040] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 29-07-13 - 17:59:54 - [0] ----D C:\ProgramData\OEM_YAHOO
O43 - CFD: 06-08-13 - 13:08:51 - [0] ----D C:\ProgramData\SpeedBit
O43 - CFD: 11-09-13 - 10:58:52 - [0] ----D C:\Users\alex1409\AppData\Roaming\Reg
O43 - CFD: 03-08-13 - 10:32:34 - [0] ----D C:\Users\alex1409\AppData\Local\FreePascal
~ Program Folder: 169 Legitimates Filtered in 00mn 30s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02-01-14 - 11:50:31 ---A- . (...) -- C:\Recovery.txt [0]
~ Files: 21 Legitimates Filtered in 00mn 36s

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.148C53A64ACF700C904FE62BD119EED4] - 01-01-14 - 05:02:00 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.7A2D1E4AA9DDD57D2B107E2C7B6A16B7] - 01-01-14 - 13:15:30 ---A- - C:\Windows\Prefetch\NCC.EXE-EC3816AD.pf
O45 - LFCP:[MD5.D186CDA25F8D0091B55FB312D25EB8B9] - 01-01-14 - 17:35:49 ---A- - C:\Windows\Prefetch\WINDOWS7-USB-DVD-TOOL.EXE-3B759199.pf
O45 - LFCP:[MD5.CF2BEE335CA181B6875881C678AB1BA0] - 01-01-14 - 23:46:44 ---A- - C:\Windows\Prefetch\NARRATOR.EXE-6ADE25EF.pf
O45 - LFCP:[MD5.3760C5DA528A8E41EAB7F6669828F578] - 02-01-14 - 11:52:02 ---A- - C:\Windows\Prefetch\MCSVHOST.EXE-57FFFCAE.pf
O45 - LFCP:[MD5.A9B1B96CB8E760E86F50414E5FF45143] - 02-01-14 - 11:52:54 ---A- - C:\Windows\Prefetch\MCVSSHLD.EXE-71926677.pf
O45 - LFCP:[MD5.DA67D4E75E3EF69954C67EE435F803CE] - 02-01-14 - 12:12:29 ---A- - C:\Windows\Prefetch\DPTFPOLICYLPMSERVICE.EXE-5981626A.pf
O45 - LFCP:[MD5.2F4EEDA9B912F5FA1DECC830F22991AF] - 06-01-14 - 17:47:39 ---A- - C:\Windows\Prefetch\9C3628B7-B0F2-43F0-9FBB-D205D-F764AAA4.pf
O45 - LFCP:[MD5.D2FA6524CCF16A2AED8FD5A68544607E] - 06-01-14 - 17:49:10 ---A- - C:\Windows\Prefetch\INSTUP.EXE-E16D015F.pf
O45 - LFCP:[MD5.B4192A4E5824C2565662389C3C4447DD] - 08-01-14 - 12:06:14 ---A- - C:\Windows\Prefetch\PASSWIDGET_.EXE-BB91B6DD.pf =>PUP.PassWidget
O45 - LFCP:[MD5.F252C1460AD71911D3B184736BE9075C] - 08-01-14 - 12:41:56 ---A- - C:\Windows\Prefetch\MCMIGR~1.EXE-564F8E99.pf
O45 - LFCP:[MD5.DCDF568F5CFC3CE29800AE13A61E1939] - 08-01-14 - 16:19:21 ---A- - C:\Windows\Prefetch\CCDMONITORSERVICE.EXE-0B25AEDF.pf
O45 - LFCP:[MD5.DC4D0F7330FD1BBBA8D330CDF3C3F0BC] - 08-01-14 - 16:19:21 ---A- - C:\Windows\Prefetch\DPTFPARTICIPANTPROCESSORSERVI-A04339F0.pf
O45 - LFCP:[MD5.08D1A6FB62D5F46E0086EA0AFD28CBC4] - 08-01-14 - 16:19:21 ---A- - C:\Windows\Prefetch\DPTFPOLICYCONFIGTDPSERVICE.EX-94A4BDDB.pf
O45 - LFCP:[MD5.AE7DCBA796C50E8C77B344FDD3AB0E9D] - 08-01-14 - 16:28:23 ---A- - C:\Windows\Prefetch\BU_.EXE-5AD5E46C.pf
O45 - LFCP:[MD5.4A389E0E96F2EFF8FC9A78E451A199F1] - 08-01-14 - 16:38:10 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf
O45 - LFCP:[MD5.9C884AD5566F937C51F1FCD3C6EF8A63] - 08-01-14 - 16:38:52 ---A- - C:\Windows\Prefetch\SYSTEMRESET.EXE-3E7CD9FA.pf
O45 - LFCP:[MD5.282601A2475E83ABC2ACAD3A778A5B3C] - 08-01-14 - 16:47:33 ---A- - C:\Windows\Prefetch\PHOTOSAPP.EXE-8FE95EC8.pf
O45 - LFCP:[MD5.D6CC875BDB631C5C8099BDD747DED92F] - 08-01-14 - 16:47:42 ---A- - C:\Windows\Prefetch\BULKOPERATIONHOST.EXE-1D031CC3.pf
O45 - LFCP:[MD5.A800D6B3107CBECF7D313787873DF64A] - 08-01-14 - 17:15:57 ---A- - C:\Windows\Prefetch\PfPre_a34f6bc1.db
O45 - LFCP:[MD5.6964835D4E3EBB04DFB474362703B13E] - 08-01-14 - 17:17:40 ---A- - C:\Windows\Prefetch\DPTFPOLICYLPMSERVICEHELPER.EX-8EC05A62.pf
O45 - LFCP:[MD5.20460338142338354E76B0EFD019499E] - 08-01-14 - 17:18:07 ---A- - C:\Windows\Prefetch\INTEGRATEDOFFICE.EXE-DFB67DA0.pf
O45 - LFCP:[MD5.E378BE5F63CFB6D270E76C7DED1A73D7] - 08-01-14 - 17:21:19 ---A- - C:\Windows\Prefetch\INSTUP.EXE-3AF05CB9.pf
O45 - LFCP:[MD5.53379FCBDB814F4A82A702D5BC1068F4] - 08-01-14 - 17:23:26 ---A- - C:\Windows\Prefetch\WSHOST.EXE-05F0A3AF.pf
O45 - LFCP:[MD5.BE562D5F0A238DE351BD932E6EBD599F] - 08-01-14 - 17:41:59 ---A- - C:\Windows\Prefetch\AVASTCLEAR.EXE-E3411CFC.pf
O45 - LFCP:[MD5.667D2777132E832845F29D1776A324D0] - 13-12-13 - 15:01:13 ---A- - C:\Windows\Prefetch\PIANO8.EXE-5B016F25.pf
O45 - LFCP:[MD5.DE2DFE7E1C4F696E57752FD7D82DD5FF] - 17-12-13 - 11:13:28 ---A- - C:\Windows\Prefetch\GFXUIEX.EXE-9CA5FF42.pf
O45 - LFCP:[MD5.0F1D805BED75EB5C38F28C807820C774] - 18-12-13 - 15:19:02 ---A- - C:\Windows\Prefetch\SNAKE.EXE-3A3D290A.pf
O45 - LFCP:[MD5.B827700DFD023B8C4F17714B831EF8DA] - 18-12-13 - 15:19:45 ---A- - C:\Windows\Prefetch\PIANO8.EXE-1848C183.pf
O45 - LFCP:[MD5.692FBAA062222CEED8DE3C04AD9E1168] - 18-12-13 - 15:23:30 ---A- - C:\Windows\Prefetch\HILLCLIMBRACING.EXE-E3EB19AA.pf
O45 - LFCP:[MD5.FF5381803E58EBFD0B62741E7C206A7F] - 19-12-13 - 12:08:50 ---A- - C:\Windows\Prefetch\VIRTUALDJ_ACER.EXE-F57B0ECF.pf
O45 - LFCP:[MD5.BACE271BBD003EEBA3DFF74A5B07EE77] - 19-12-13 - 12:13:40 ---A- - C:\Windows\Prefetch\FILEMANAGER.EXE-D7E24B17.pf
O45 - LFCP:[MD5.0D710FC76EE60E7BCAA4F381D76A3D13] - 19-12-13 - 18:32:41 ---A- - C:\Windows\Prefetch\PINBALLFX2.EXE-10FC0CB6.pf
O45 - LFCP:[MD5.CAC7002FF7F4D9E1BEF18E4760109707] - 23-12-13 - 16:53:27 ---A- - C:\Windows\Prefetch\MCUIHOST.EXE-AE5E0AD4.pf
O45 - LFCP:[MD5.6DE1377B1FA0F62845C2FD447B28EC32] - 23-12-13 - 16:54:27 ---A- - C:\Windows\Prefetch\CAMERA.EXE-D751BF92.pf
O45 - LFCP:[MD5.60073F4B69EE701F49E289CF3939C5BF] - 23-12-13 - 16:56:08 ---A- - C:\Windows\Prefetch\EPOWERUI.EXE-0EFC7954.pf
O45 - LFCP:[MD5.C8571804ECC7DC179EAA709FEAC5A30B] - 25-12-13 - 20:28:37 ---A- - C:\Windows\Prefetch\SPEECHUXWIZ.EXE-76AD27CE.pf
O45 - LFCP:[MD5.E25784CC34C5F4E18BC8A8B6A037074D] - 28-12-13 - 00:28:49 ---A- - C:\Windows\Prefetch\JXPIINSTALL(1).EXE-408DB6CA.pf
O45 - LFCP:[MD5.FD7F7BDA582D84490B5668148AB4557D] - 28-12-13 - 20:57:38 ---A- - C:\Windows\Prefetch\JXPIINSTALL(2).EXE-A6002807.pf
O45 - LFCP:[MD5.2CEDE603C66807E1E292C4EA0703E309] - 30-12-13 - 15:24:08 ---A- - C:\Windows\Prefetch\NRJ.EXE-824DB1A6.pf
O45 - LFCP:[MD5.CCF4C5E829576C6A2DDDA31A81B7E312] - 30-12-13 - 16:16:18 ---A- - C:\Windows\Prefetch\EE3_207.EXE-99CC589C.pf
O45 - LFCP:[MD5.A297A35443509ABFFE9F6F5C4B7757C7] - 30-12-13 - 19:38:32 ---A- - C:\Windows\Prefetch\GLCND.EXE-02A191A6.pf
O45 - LFCP:[MD5.2DAA03268FB92A4C58A87AEB85271CBA] - 30-12-13 - 20:21:41 ---A- - C:\Windows\Prefetch\SYSTEMINFORMATION.EXE-7DFDD4D3.pf
~ Prefetcher: 305 Legitimates Filtered in 00mn 02s

---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 20 Legitimates Filtered in 00mn 00s

---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s

---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 20-11-13 - 20:20:11 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 28-12-13 - 20:41:14 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - 13-08-13 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:[MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - 22-08-13 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 20 Legitimates Filtered in 00mn 13s

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 08-01-14 - 18:02:24 ---A- . (...) -- C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [265850]
O61 - LFC: 08-01-14 - 18:02:24 ---A- . (...) -- C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5]
O61 - LFC: 08-01-14 - 18:02:40 ---A- . (...) -- C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Local State [51116]
O61 - LFC: 08-01-14 - 18:03:26 ---A- . (...) -- C:\Users\alex1409\AppData\Roaming\ZHP\Log.txt [41553] =>.Nicolas Coolman
O61 - LFC: 08-01-14 - 18:03:26 ---A- . (...) -- C:\Users\alex1409\AppData\Roaming\ZHP\TestsZHPDiag.txt [2901] =>.Nicolas Coolman
O61 - LFC: 08-01-14 - 18:03:26 ---A- . (...) -- C:\Users\alex1409\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman
~ 7 Fichiers temporaires (Temporary files)
~ Files: 409 Legitimates Filtered in 01mn 06s

---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Opera.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s

---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.F0A5B44B9B8A23E2F2950B346B5C7718] [SPRF][23-12-13] (...) -- C:\Users\alex1409\AppData\Local\Temp\Quarantine.exe [360051]
[MD5.3226E70FA04BACD79C679C9D901BA20A] [SPRF][25-12-13] (...) -- C:\Users\alex1409\AppData\Local\Temp\utt4627.tmp.bat [104]
~ Files: 2 Legitimates Filtered in 00mn 00s

---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "1BF4A48A307DBD84980E866B94D98210" . (..) -- C:\Windows\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\ARPPRODUCTICON.exe
~ Update Products: 72 Legitimates Filtered in 00mn 00s

---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 22-12-13 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 03-10-13 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 03-08-13 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03-08-13 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 26-01-12 332080 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\mcafee\msc\McAWFwk.exe
SS - | Demand 02-08-13 602944 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Disabled 31-08-12 201304 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SS - | Demand 10-07-58 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22-08-13 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 05-09-13 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 28-02-13 227968 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
SR - | Auto 28-12-13 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 28-12-13 113704 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 19-02-13 2615368 | (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
SR - | Auto 25-09-12 30080 | (DptfParticipantProcessorService) . (.Intel Corporation.) - C:\Windows\System32\DptfParticipantProcessorService.exe
SR - | Auto 25-09-12 31616 | (DptfPolicyConfigTDPService) . (.Intel Corporation.) - C:\Windows\System32\DptfPolicyConfigTDPService.exe
SR - | Auto 25-09-12 37760 | (DptfPolicyLpmService) . (.Intel Corporation.) - C:\Windows\System32\DptfPolicyLpmService.exe
SR - | Demand 15-03-13 662088 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
SR - | Auto 30-07-13 328928 | (HomeNetSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 11-02-13 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 24-04-12 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 19-06-12 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 26-09-12 128896 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 26-09-12 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 26-09-12 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 31-08-12 201304 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 24-09-13 178048 | (McAPExe) . (.McAfee, Inc..) - C:\Program Files\McAfee\MSC\McAPexe.exe
SR - | Auto 30-07-13 328928 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30-07-13 328928 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30-07-13 328928 | (mcpltsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 30-07-13 328928 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 11-09-13 335216 | (MfeASUM) . (.McAfee, Inc..) - C:\Program Files\McAfee\AppStats\MfeASUM.exe
SR - | Auto 20-09-13 1017016 | (mfecore) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
SR - | Auto 24-09-13 219272 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 24-09-13 182752 | (mfevtp) . (.McAfee, Inc..) - C:\windows\system32\mfevtps.exe
SR - | Auto 30-07-13 328928 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
SR - | Auto 14-07-12 769432 | (NAUpdate) . (.Nero AG.) - c:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 15-08-12 3943104 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 26-09-12 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10-07-58 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10-07-58 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe

~ Services: Scanned in 00mn 24s

---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by alex1409 at 08-01-14 18:06:02
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s

---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by alex1409 at 08-01-14 18:06:04

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s

---\\ Scan Additionnel (O88)
Database Version : 13018 - (02-01-14)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 0

[HKLM\Software\Google\Chrome\Extensions\fbdagnimlohkpamglloopgfnoiijpmoj] =>PUP.PassWidget^
[HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{30a1801e-d40c-497d-9e9b-4f454a36d71e}] =>PUP.PassWidget^
C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbdagnimlohkpamglloopgfnoiijpmoj =>PUP.PassWidget^
C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh =>Adware.WebCake^
~ Additionnel Scan: 221086 Items scanned in 02mn 30s

---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/34453908-pup-passwidget =>PUP.PassWidget
~ http://nicolascoolman.webs.com/apps/blog/show/27285539-adware-webcake =>Adware.WebCake
~ MSI: 2 link(s) detected in 02mn 32s

~ 1686 Legitimates filtered by white list
End of the scan (509 lines in 11mn 02s)(0)

Merci :)
0
Réponse 3 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
zhpdiag ne nettoye pas ;-) fait ceci stp
telecharge ensuite malwarebytes ici :https://fr.malwarebytes.com/
installe le prends bien la version gratuite et mets le a jour puis fais une
recherche rapide et poste moi le rapport stp
0
Réponse 4 / 22
reezerb Messages postés 12 Statut Membre
 
Voilà :)

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Version de la base de données: v2014.01.08.04

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
alex1409 :: ALEX [administrateur]

12-01-14 15:01:17
MBAM-log-2014-01-12 (15-11-58).txt

Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 228675
Temps écoulé: 9 minute(s), 39 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 1
C:\Users\alex1409\Downloads\produkey_setup.exe (PUP.PSWTool.ProductKey) -> Aucune action effectuée.

(fin)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
reezerb Messages postés 12 Statut Membre
 
et parfois quand je sus sur internet je recois un message d'erreur dans une fenetre qui s'ouvre si tu veux je te met ce que ca dit :/
0
Réponse 6 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
ok supprimes avec malwarebytes oui dit moi ce que ca dit ensuite telecharge jrt ici: https://www.bleepingcomputer.com/download/junkware-removal-tool/dl/131/
le telechargement se fait automatiquement enregistre le sur le bureau lance le et poste le rapport
ici https://www.cjoint.com/ et donne le lien dans ta prochaine reponse stp
0
Réponse 7 / 22
reezerb Messages postés 12 Statut Membre
 
faut absolument qu'il soit enregistrer sur le bureau? ou si il est dans téléchargement c'est bon? pck quand je veux le move sur le bureau il me dit qu'il est ouvert dans avast et que je peux pas le bouger :/
0
Réponse 8 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
non c bon
0
Réponse 9 / 22
reezerb Messages postés 12 Statut Membre
 
voilà

https://www.cjoint.com/?3AmpYqxchoY
0
Réponse 10 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
as tu encore des soucis ?
0
Réponse 11 / 22
reezerb Messages postés 12 Statut Membre
 
toujours des petits freezes :/
0
Réponse 12 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
refait un zhpdiag stp
0
Réponse 13 / 22
reezerb Messages postés 12 Statut Membre
 
~ Rapport de ZHPDiag v2014.1.10.8 - Nicolas Coolman (10-01-14)
~ Lancé par alex1409 (12-01-14 16:06:04)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476 (Defaut)
GCIE: Google Chrome v31.0.1650.63

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1, 64-bit (Build 9600)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : DYFD6
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.08 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.7

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 45
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1931 MB (24% free)
System Restore: Activé (Enable)
System drive C: has 19 GB (34%) free of 55 GB

---\\ Mode de connexion au système
~ Computer Name: ALEX
~ User Name: alex1409
~ All Users Names: alex1409, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\alex1409\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\alex1409\AppData\Roaming\
~ %Desktop% : C:\Users\alex1409\Desktop\
~ %Favorites% : C:\Users\alex1409\Favorites\
~ %LocalAppData% : C:\Users\alex1409\AppData\Local\
~ %StartMenu% : C:\Users\alex1409\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 19 Go of 55 Go)

---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Explorateur Windows.) (.22-10-13 - 08:55:27.) -- C:\Windows\Explorer.exe [2328872]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22-08-13 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26-11-13 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.22-08-13 - 10:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Bibliothèque de licences.) (.22-08-13 - 11:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22-08-13 - 14:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22-08-13 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22-08-13 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22-08-13 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22-08-13 - 12:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22-08-13 - 12:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22-08-13 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.E23D32BAF152FBE35F18C6A2AB8EF271] - (.Microsoft Corporation - IP Network Address Translator.) (.30-09-13 - 05:14:00.) -- C:\Windows\system32\Drivers\IpNat.sys [141824]
[MD5.6129EDB793A4255B1E2FB41773AC9D9A] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30-09-13 - 05:13:57.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404992]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22-08-13 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.22-08-13 - 14:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22-08-13 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22-08-13 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.30-09-13 - 04:59:53.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22-08-13 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.22-08-13 - 13:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160]
~ Generic Processes: Scanned in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/73
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 1/156
~ Mon Bureau (My Desktop) : 3/45
~ Menu demarrer (Programs) : 1/44
~ Hidden Files: Scanned in 00mn 00s

---\\ Processus lancés
[MD5.89770C53B0CE6B2D5CCCF94FEB126177] - (.Pas de propriétaire - HID Monitor MFC Application.) -- C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe [30640] [PID.3160]
[MD5.2F03C763EE0DFB4DE56176737DEFB2E2] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [21184] [PID.3608]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.2328]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024] [PID.4908]
[MD5.03E8686F0CA2B27B3E6C6E4531AF54AB] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285680] [PID.5308]
[MD5.2348CB1F0241CE5D6C0EC348354E325E] - (.Pas de propriétaire - iuEmailOutlookAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [25672] [PID.2528]
[MD5.0BFF19C431EB8AE12259AAD5E9F3B56F] - (.Pas de propriétaire - iuBrowserIEAgent.) -- C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [44616] [PID.3412]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184] [PID.3940]
[MD5.29A4611EE6F24AF1EB4014088A1911C6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8323072] [PID.5268]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Managerr v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé)
~ Google Browser: 14 Legitimates Filtered in 00mn 12s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\alex1409\AppData\Roaming\Mozilla\Firefox\Profiles\pijxbzuv.default\prefs.js
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar: Scanned in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [Public]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) -- C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\QuickLaunch [alex1409]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) -- C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe
O4 - GS\QuickLaunch [alex1409]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [alex1409]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [alex1409]: Docs.lnk . (...) -- C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe
O4 - GS\TaskBar [alex1409]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [alex1409]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [alex1409]: alexandre geradon.lnk . (...) -- C:\Users\alex1409
O4 - GS\Program [alex1409]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [alex1409]: Ordinateur - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [alex1409]: VirtualDJ Acer Edition.lnk . (.Atomix Productions - VirtualDJ.) -- C:\Program Files (x86)\VirtualDJ\virtualdj_acer.exe
~ Global Startup: 46 Legitimates Filtered in 00mn 00s

---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [alex1409]: Envoyer à OneNote.lnk . (.Microsoft Corporation - Send to OneNote Tool.) -- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.exe
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe =>.Symantec Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-4115680413-4195575985-3915961318-1001\..\Run: [Speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe
~ Application: Scanned in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~3\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~3\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A3C800B-D3F7-47F2-BCEC-C705B1139304}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A3C800B-D3F7-47F2-BCEC-C705B1139304}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: PassWidget - (.PassWidget Software.) [HKLM][64Bits] -- {30a1801e-d40c-497d-9e9b-4f454a36d71e} =>PUP.PassWidget
~ Logic: 25 Legitimates Filtered in 00mn 01s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Pando Networks]
[HKCU\Software\SpeedBit]
[HKLM\Software\SpeedBit]
[HKLM\Software\Wow6432Node\Pando Networks]
~ Key Software: 242 Legitimates Filtered in 00mn 01s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14-08-13 - 22:06:55 - [7,182] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 04-08-13 - 19:36:17 - [0] ----D C:\Program Files (x86)\Common Files\SpeedBit
O43 - CFD: 12-01-14 - 14:53:05 - [0,040] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 29-07-13 - 17:59:54 - [0] ----D C:\ProgramData\OEM_YAHOO
O43 - CFD: 06-08-13 - 13:08:51 - [0] ----D C:\ProgramData\SpeedBit
O43 - CFD: 11-09-13 - 10:58:52 - [0] ----D C:\Users\alex1409\AppData\Roaming\Reg
O43 - CFD: 03-08-13 - 10:32:34 - [0] ----D C:\Users\alex1409\AppData\Local\FreePascal
~ Program Folder: 172 Legitimates Filtered in 00mn 04s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02-01-14 - 11:50:31 ---A- . (...) -- C:\Recovery.txt [0]
~ Files: 22 Legitimates Filtered in 00mn 09s

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.7A2D1E4AA9DDD57D2B107E2C7B6A16B7] - 01-01-14 - 13:15:30 ---A- - C:\Windows\Prefetch\NCC.EXE-EC3816AD.pf
O45 - LFCP:[MD5.B4192A4E5824C2565662389C3C4447DD] - 08-01-14 - 12:06:14 ---A- - C:\Windows\Prefetch\PASSWIDGET_.EXE-BB91B6DD.pf =>PUP.PassWidget
O45 - LFCP:[MD5.9C884AD5566F937C51F1FCD3C6EF8A63] - 08-01-14 - 16:38:52 ---A- - C:\Windows\Prefetch\SYSTEMRESET.EXE-3E7CD9FA.pf
O45 - LFCP:[MD5.F40C8925602D9746789CE9F5DA39F6E9] - 08-01-14 - 20:10:03 ---A- - C:\Windows\Prefetch\AVASTCLEAR.EXE-E3411CFC.pf
O45 - LFCP:[MD5.FDCA742A369286831E21209E163D627F] - 08-01-14 - 20:28:18 ---A- - C:\Windows\Prefetch\MCUIHOST.EXE-AE5E0AD4.pf
O45 - LFCP:[MD5.32BA0EE684839B2E52B3B8779CF22A92] - 08-01-14 - 20:47:38 ---A- - C:\Windows\Prefetch\INSTUP.EXE-0CFFBB36.pf
O45 - LFCP:[MD5.2138D30CB3CB8BD07F7D7A85C78E536D] - 08-01-14 - 21:02:46 ---A- - C:\Windows\Prefetch\PKEYUI.EXE-57589AF3.pf
O45 - LFCP:[MD5.44E4C8960923168B2AA8DDDA85CDBB54] - 08-01-14 - 21:03:16 ---A- - C:\Windows\Prefetch\PKEYUI.EXE-F36CA89C.pf
O45 - LFCP:[MD5.CA64D11DFCE4CDE915BE7C6AB936D383] - 08-01-14 - 21:18:12 ---A- - C:\Windows\Prefetch\WEBPREP.EXE-11EEFE7F.pf
O45 - LFCP:[MD5.8EB9EAAC35593B48F300723D4CB48A05] - 08-01-14 - 21:21:20 ---A- - C:\Windows\Prefetch\ADVISORINSTALLER.EXE-A674C1C3.pf
O45 - LFCP:[MD5.41135C8DF10A4E2A49244978A064B9D5] - 08-01-14 - 21:21:42 ---A- - C:\Windows\Prefetch\BELARC~1.EXE-B15D6B19.pf
O45 - LFCP:[MD5.37773A4CC0B04EBCEA6F80C64F98B2C0] - 08-01-14 - 21:23:56 ---A- - C:\Windows\Prefetch\PKEYUI.EXE-BC993D72.pf
O45 - LFCP:[MD5.947818820685686DC902BB7F98512C87] - 08-01-14 - 21:34:39 ---A- - C:\Windows\Prefetch\WEBPREP.EXE-8A177D67.pf
O45 - LFCP:[MD5.629706FC1E367CFBF69DB121E46BFDC0] - 08-01-14 - 21:45:07 ---A- - C:\Windows\Prefetch\PRODUKEY.EXE-ED38018E.pf
O45 - LFCP:[MD5.AAD6A15A5D272C815BCA5CE812635DA1] - 08-01-14 - 21:58:49 ---A- - C:\Windows\Prefetch\WEBPREP.EXE-89A4A5C4.pf
O45 - LFCP:[MD5.C908EE844E99227BD8EEEB7A11D605CE] - 08-01-14 - 22:06:51 ---A- - C:\Windows\Prefetch\WINDOWSSETUPBOX.EXE-6FBBE9DF.pf
O45 - LFCP:[MD5.6E326A2B11A6797CD25252931265951B] - 08-01-14 - 22:07:34 ---A- - C:\Windows\Prefetch\WEBPREP.EXE-429FED48.pf
O45 - LFCP:[MD5.C97BC055D1C24E9E67868C45D6F06D5F] - 08-01-14 - 22:17:03 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf
O45 - LFCP:[MD5.CCCF4AFC9FB16222B3C0EC8829958246] - 08-01-14 - 22:23:03 ---A- - C:\Windows\Prefetch\WEBPREP.EXE-BE09282B.pf
O45 - LFCP:[MD5.309B15AB22C531AF4ACF92AB3463B992] - 08-01-14 - 22:30:51 ---A- - C:\Windows\Prefetch\WINDOWS7-USB-DVD-DOWNLOAD-TOO-8F50CE41.pf
O45 - LFCP:[MD5.D6118EBE5452F7C333E9FC62E528D965] - 09-01-14 - 10:55:17 ---A- - C:\Windows\Prefetch\NRJ.EXE-824DB1A6.pf
O45 - LFCP:[MD5.621AA169BFB7D25B4D9CB1A9BA0D38E7] - 09-01-14 - 18:26:39 ---A- - C:\Windows\Prefetch\ARA.EXE-A6FD5EAC.pf
O45 - LFCP:[MD5.0C3457ADEB08CDF680D053118BD4145C] - 10-01-14 - 10:49:15 ---A- - C:\Windows\Prefetch\PHOTOSAPP.EXE-8FE95EC8.pf
O45 - LFCP:[MD5.39918AF652044A98CAD207D03BE902D9] - 10-01-14 - 10:49:22 ---A- - C:\Windows\Prefetch\BULKOPERATIONHOST.EXE-1D031CC3.pf
O45 - LFCP:[MD5.BEF3F59C4C1F4EF62BD6613A689D4FB6] - 10-01-14 - 11:03:33 ---A- - C:\Windows\Prefetch\S86S.F.EXE-19065189.pf
O45 - LFCP:[MD5.398011AAA6F767E76BAD37BA6CAC5BE7] - 10-01-14 - 11:03:35 ---A- - C:\Windows\Prefetch\SAINST.EXE-57B8C1C6.pf
O45 - LFCP:[MD5.EBD2A40677DADBBEDC029227E05167FD] - 10-01-14 - 15:23:42 ---A- - C:\Windows\Prefetch\NARRATOR.EXE-6ADE25EF.pf
O45 - LFCP:[MD5.C097456DE062EC92649B2FAA38423AEA] - 12-01-14 - 02:13:15 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.444B6557913129CF43CFD732B57C4E57] - 12-01-14 - 12:55:26 ---A- - C:\Windows\Prefetch\JPATCH.EXE-D7BB384F.pf
O45 - LFCP:[MD5.520391F10D68E11A7AA87EC3A4D5CAE4] - 12-01-14 - 14:21:14 ---A- - C:\Windows\Prefetch\PMB.EXE-32B85BAB.pf
O45 - LFCP:[MD5.A0F73E8FC9D2ACF1844B7638B9BD54EF] - 12-01-14 - 15:19:18 ---A- - C:\Windows\Prefetch\PfPre_a34f6bc1.db
O45 - LFCP:[MD5.BBBE474968DC36B66E00AE998E256371] - 12-01-14 - 15:20:58 ---A- - C:\Windows\Prefetch\DPTFPOLICYLPMSERVICEHELPER.EX-8EC05A62.pf
O45 - LFCP:[MD5.2E0EA7CC954C5993F65E52400CCFA795] - 12-01-14 - 15:21:08 ---A- - C:\Windows\Prefetch\INSTUP.EXE-3AF05CB9.pf
O45 - LFCP:[MD5.D56E16A89E1599CEC84B10983833D780] - 12-01-14 - 15:21:34 ---A- - C:\Windows\Prefetch\INTEGRATEDOFFICE.EXE-DFB67DA0.pf
O45 - LFCP:[MD5.0F17200966216C9F8D406A46EDC320F5] - 12-01-14 - 15:27:14 ---A- - C:\Windows\Prefetch\WSHOST.EXE-05F0A3AF.pf
O45 - LFCP:[MD5.C11CD5EEEE4D5B1D013E3263A563E22E] - 12-01-14 - 15:28:45 ---A- - C:\Windows\Prefetch\JRT.EXE-69275B96.pf
O45 - LFCP:[MD5.5D624583AEFC9F4628293A092C3CD8F7] - 12-01-14 - 15:29:03 ---A- - C:\Windows\Prefetch\WGET.DAT-23D21235.pf
O45 - LFCP:[MD5.1B0C08610F4FAB5BCC322FF67EF94448] - 12-01-14 - 15:46:54 ---A- - C:\Windows\Prefetch\FC.EXE-A601B343.pf
O45 - LFCP:[MD5.70DD117DE6348898E90490D6B74E246B] - 12-01-14 - 15:47:47 ---A- - C:\Windows\Prefetch\CUT.DAT-93ACF5FE.pf
O45 - LFCP:[MD5.A96CDA408FD608A7AA333AC8A4A7466A] - 12-01-14 - 15:48:03 ---A- - C:\Windows\Prefetch\FIND.EXE-3298DC3B.pf
O45 - LFCP:[MD5.BCA7890B2996A90E13D3A3643C24F152] - 12-01-14 - 15:49:07 ---A- - C:\Windows\Prefetch\SHORTCUT.DAT-48EFDF36.pf
O45 - LFCP:[MD5.6AF1235FEC5E77BD95DB430AA209B36F] - 12-01-14 - 15:49:08 ---A- - C:\Windows\Prefetch\NIRCMD.DAT-050A0F8B.pf
O45 - LFCP:[MD5.DE2DFE7E1C4F696E57752FD7D82DD5FF] - 17-12-13 - 11:13:28 ---A- - C:\Windows\Prefetch\GFXUIEX.EXE-9CA5FF42.pf
O45 - LFCP:[MD5.B827700DFD023B8C4F17714B831EF8DA] - 18-12-13 - 15:19:45 ---A- - C:\Windows\Prefetch\PIANO8.EXE-1848C183.pf
O45 - LFCP:[MD5.692FBAA062222CEED8DE3C04AD9E1168] - 18-12-13 - 15:23:30 ---A- - C:\Windows\Prefetch\HILLCLIMBRACING.EXE-E3EB19AA.pf
O45 - LFCP:[MD5.FF5381803E58EBFD0B62741E7C206A7F] - 19-12-13 - 12:08:50 ---A- - C:\Windows\Prefetch\VIRTUALDJ_ACER.EXE-F57B0ECF.pf
O45 - LFCP:[MD5.BACE271BBD003EEBA3DFF74A5B07EE77] - 19-12-13 - 12:13:40 ---A- - C:\Windows\Prefetch\FILEMANAGER.EXE-D7E24B17.pf
O45 - LFCP:[MD5.0D710FC76EE60E7BCAA4F381D76A3D13] - 19-12-13 - 18:32:41 ---A- - C:\Windows\Prefetch\PINBALLFX2.EXE-10FC0CB6.pf
O45 - LFCP:[MD5.6DE1377B1FA0F62845C2FD447B28EC32] - 23-12-13 - 16:54:27 ---A- - C:\Windows\Prefetch\CAMERA.EXE-D751BF92.pf
O45 - LFCP:[MD5.60073F4B69EE701F49E289CF3939C5BF] - 23-12-13 - 16:56:08 ---A- - C:\Windows\Prefetch\EPOWERUI.EXE-0EFC7954.pf
O45 - LFCP:[MD5.C8571804ECC7DC179EAA709FEAC5A30B] - 25-12-13 - 20:28:37 ---A- - C:\Windows\Prefetch\SPEECHUXWIZ.EXE-76AD27CE.pf
O45 - LFCP:[MD5.CCF4C5E829576C6A2DDDA31A81B7E312] - 30-12-13 - 16:16:18 ---A- - C:\Windows\Prefetch\EE3_207.EXE-99CC589C.pf
O45 - LFCP:[MD5.A297A35443509ABFFE9F6F5C4B7757C7] - 30-12-13 - 19:38:32 ---A- - C:\Windows\Prefetch\GLCND.EXE-02A191A6.pf
O45 - LFCP:[MD5.2DAA03268FB92A4C58A87AEB85271CBA] - 30-12-13 - 20:21:41 ---A- - C:\Windows\Prefetch\SYSTEMINFORMATION.EXE-7DFDD4D3.pf
~ Prefetcher: 286 Legitimates Filtered in 00mn 01s

---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 22 Legitimates Filtered in 00mn 00s

---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s

---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 08-01-14 - 20:54:57 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 08-01-14 - 20:54:57 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.C1ABB0F7E3BEA48A0417BDF6FF14AB21] - 13-08-13 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:[MD5.366DEA74BBA65B362BCCFC6FC2ADFD8B] - 22-08-13 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 22 Legitimates Filtered in 00mn 02s

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 09-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Coipel.pdf [37042]
O61 - LFC: 09-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Deffains.pdf [28154]
O61 - LFC: 09-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Questions Réponses Eco 2013-2014.pdf [7362823]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Exam_Eco_juin_2013_partie_2_Version_A.docx [120342]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q01_Chapitres_3_et_5.pptx [67890]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q03_Chapitres_5_et_6 (1).pptx [158289]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q03_Chapitres_5_et_6.pptx [158289]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q04_Chapitre_6.pptx [80561]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q05_Chapitre_7.pptx [80404]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q06_Chapitre_8 (1).pptx [86531]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q06_Chapitre_8.pptx [86531]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q07_Chapitre_8_fin.pptx [327561]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q09_Questions_ch9-10.docx [878194]
O61 - LFC: 10-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\Q15_Questions_finales_-_synthese.pptx [78822]
O61 - LFC: 12-01-14 - 16:07:24 ---A- . (...) -- C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [267409]
O61 - LFC: 12-01-14 - 16:07:27 ---A- . (...) -- C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Local State [51155]
O61 - LFC: 12-01-14 - 16:07:37 ---A- . (...) -- C:\Users\alex1409\AppData\Local\PMB Files\cert\cert8.db [65536] =>P2P.Pando
O61 - LFC: 12-01-14 - 16:07:37 ---A- . (...) -- C:\Users\alex1409\AppData\Local\PMB Files\cert\key3.db [16384] =>P2P.Pando
O61 - LFC: 12-01-14 - 16:07:37 ---A- . (...) -- C:\Users\alex1409\AppData\Local\PMB Files\cert\secmod.db [16384] =>P2P.Pando
O61 - LFC: 12-01-14 - 16:07:37 ---A- . (...) -- C:\Users\alex1409\AppData\Local\PMB Files\pando.save [846] =>P2P.Pando
O61 - LFC: 12-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\AppData\Roaming\ZHP\Log.txt [64772] =>.Nicolas Coolman
O61 - LFC: 12-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\AppData\Roaming\ZHP\TestsZHPDiag.txt [2902] =>.Nicolas Coolman
O61 - LFC: 12-01-14 - 16:07:40 ---A- . (...) -- C:\Users\alex1409\Downloads\adwcleaner-3.016.exe [1233962]
~ 17 Fichiers temporaires (Temporary files)
~ Files: 192 Legitimates Filtered in 00mn 16s

---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Opera.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
~ Keys: Scanned in 00mn 00s

---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.F0A5B44B9B8A23E2F2950B346B5C7718] [SPRF][23-12-13] (...) -- C:\Users\alex1409\AppData\Local\Temp\Quarantine.exe [360051]
[MD5.3226E70FA04BACD79C679C9D901BA20A] [SPRF][25-12-13] (...) -- C:\Users\alex1409\AppData\Local\Temp\utt4627.tmp.bat [104]
~ Files: 2 Legitimates Filtered in 00mn 00s

---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "1BF4A48A307DBD84980E866B94D98210" . (..) -- C:\Windows\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\ARPPRODUCTICON.exe
~ Update Products: 73 Legitimates Filtered in 00mn 00s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 22-12-13 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 03-10-13 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 03-08-13 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03-08-13 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10-07-58 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22-08-13 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 05-09-13 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 28-02-13 227968 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
SR - | Auto 08-01-14 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 19-02-13 2615368 | (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
SR - | Auto 25-09-12 30080 | (DptfParticipantProcessorService) . (.Intel Corporation.) - C:\Windows\System32\DptfParticipantProcessorService.exe
SR - | Auto 25-09-12 31616 | (DptfPolicyConfigTDPService) . (.Intel Corporation.) - C:\Windows\System32\DptfPolicyConfigTDPService.exe
SR - | Auto 25-09-12 37760 | (DptfPolicyLpmService) . (.Intel Corporation.) - C:\Windows\System32\DptfPolicyLpmService.exe
SR - | Demand 15-03-13 662088 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
SR - | Auto 11-02-13 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 24-04-12 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 19-06-12 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 26-09-12 128896 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 26-09-12 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 26-09-12 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 31-08-12 201304 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 11-09-13 335216 | (MfeASUM) . (.McAfee, Inc..) - C:\Program Files\McAfee\AppStats\MfeASUM.exe
SR - | Auto 14-07-12 769432 | (NAUpdate) . (.Nero AG.) - c:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 15-08-12 3943104 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 26-09-12 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10-07-58 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10-07-58 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe

~ Services: Scanned in 00mn 13s

---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by alex1409 at 12-01-14 16:08:47
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s

---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by alex1409 at 12-01-14 16:08:49

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s

---\\ Scan Additionnel (O88)
Database Version : 13019 - (10-01-14)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{30a1801e-d40c-497d-9e9b-4f454a36d71e}] =>PUP.PassWidget^
~ Additionnel Scan: 221328 Items scanned in 01mn 14s

---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/34453908-pup-passwidget =>PUP.PassWidget
~ MSI: 1 link(s) detected in 01mn 14s

~ 1445 Legitimates filtered by white list
End of the scan (500 lines in 04mn 01s)(0)
0
Réponse 14 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
peux tu me donner la liste de tes extensions stp?
0
Réponse 15 / 22
reezerb Messages postés 12 Statut Membre
 
je trouve ca ou? :/
0
Réponse 16 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
sous chrome tu vas en haut a droite sur les 3 traits puis outils et extension
0
Réponse 17 / 22
reezerb Messages postés 12 Statut Membre
 
avast online security (activé)
site advisor (désactivé)
0
Réponse 18 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
desinstalle site advisor et refait un adwcleaner en le prenant ici https://toolslib.net
0
Réponse 19 / 22
reezerb Messages postés 12 Statut Membre
 
# AdwCleaner v3.016 - Rapport créé le 12/01/2014 à 16:42:55
# Mis à jour le 23/12/2013 par Xplode
# Système d'exploitation : Windows 8.1 (64 bits)
# Nom d'utilisateur : alex1409 - ALEX
# Exécuté depuis : C:\Users\alex1409\Downloads\adwcleaner.exe
# Option : Scanner

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

Dossier Présent C:\ProgramData\boost_interprocess

***** [ Raccourcis ] *****

***** [ Registre ] *****

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Mozilla Firefox v

[ Fichier : C:\Users\alex1409\AppData\Roaming\Mozilla\Firefox\Profiles\pijxbzuv.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\alex1409\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [7435 octets] - [08/01/2014 17:04:36]
AdwCleaner[R1].txt - [1087 octets] - [12/01/2014 14:33:15]
AdwCleaner[R2].txt - [942 octets] - [12/01/2014 16:42:55]
AdwCleaner[S0].txt - [6885 octets] - [08/01/2014 17:13:58]
AdwCleaner[S1].txt - [1152 octets] - [12/01/2014 14:52:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1121 octets] ##########
0
Réponse 20 / 22
neolythique57 Messages postés 584 Statut Membre 56
 
ben la je vois pas quoi faire de plus mon ami juste encore ca pour enlever tout ce qu'on a utilisé telecharge delfix ici : http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/9-delfix
Exécutes le en tant qu'administrateur(si tu es sous xp double clic sur le fichier téléchargé) puis une fois lancé coches les cases suivantes

Réactive l'Uac (juste pour Vista, Seven et W8)
Supprimer les outils de désinfection (coché par défaut)
Réinitialisation des paramètres système
purger la restauration du système

Cliques ensuite sur Exécuter
0