Daemon process erreur
Fermé
briococo
Messages postés
2
Date d'inscription
vendredi 15 août 2014
Statut
Membre
Dernière intervention
15 août 2014
-
15 août 2014 à 09:49
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 - 15 août 2014 à 09:59
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 - 15 août 2014 à 09:59
A voir également:
- Daemon process erreur
- Erreur 0x80070643 - Accueil - Windows
- Daemon tools lite - Télécharger - Émulation & Virtualisation
- Erreur 0x80070643 Windows 10 : comment résoudre le problème de la mise à jour KB5001716 - Accueil - Windows
- Process explorer windows - Télécharger - Informations & Diagnostic
- Erreur 1001 outlook - Accueil - Bureautique
3 réponses
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
15 août 2014 à 09:52
15 août 2014 à 09:52
Hello
Rapport incomplet
Rapport incomplet
briococo
Messages postés
2
Date d'inscription
vendredi 15 août 2014
Statut
Membre
Dernière intervention
15 août 2014
15 août 2014 à 09:56
15 août 2014 à 09:56
je vous renvoi le rapport complet. merci.
~ Rapport de ZHPDiag v2014.8.13.118 - Nicolas Coolman (13/08/2014)
~ Lancé par toshiba (15/08/2014 08:33:45)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17239
GCIE: Google Chrome v36.0.1985.143 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.5.464
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
µTorrent v3.3.0.29420 =>P2P.µTorrent
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1931.8 MB (23% free)
System Restore: Activé (Enable)
System drive C: has 1 GB (2%) free of 35 GB
---\\ Mode de connexion au système
~ Computer Name: TOSHIBA-PC
~ User Name: toshiba
~ All Users Names: toshiba, HomeGroupUser$, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\toshiba\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\toshiba\AppData\Roaming\
~ %Desktop% : C:\Users\toshiba\Desktop\
~ %Favorites% : C:\Users\toshiba\Favorites\
~ %LocalAppData% : C:\Users\toshiba\AppData\Local\
~ %StartMenu% : C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 1 Go of 35 Go)
D: CD-ROM drive (Free 0 Go of 6 Go)
E: Hard drive, Flash drive, Thumb drive (Free 194 Go of 263 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.B945BAA81B4805AD6BDDF4D026DCFB47] - (.Microsoft Corporation - Internet Extensions for Win32.) (.25/07/2014 - 11:05:23.) -- C:\Windows\System32\wininet.dll [1792512]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Windows Logon Application.) (.04/03/2014 - 10:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - NT File System Driver.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/804
~ Mes musiques (My Musics) : 1/842
~ Mes Videos (My Videos) : 2/11
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 19/265
~ Mon Bureau (My Desktop) : 2/268
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 16s
---\\ Processus lancés
[MD5.1494918EB9C24C0DA844A755B68C862F] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840] [PID.1036]
[MD5.04AF4FA8AE66E8216EA239EEF0353500] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [144664] [PID.1284]
[MD5.417D8CF6730A6ACC232BB124C2B6CF65] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [180504] [PID.1356]
[MD5.4C0A9414B4975A992B576AD8ECE53B27] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [188184] [PID.1364]
[MD5.1E9B225DE829A6F666A0BA9B8A7984BF] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160] [PID.1388]
[MD5.FF4F87DCDAA5080281E0E70BB116086B] - (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376] [PID.1904]
[MD5.71738E5D624F00EFE56F7C35DB36267C] - (.Adobe Systems Incorporated - Adobe IPC Broker.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe [769904] [PID.848]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.2132]
[MD5.0BDAE865738D27A4D84D50591C8C9D2D] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.2828]
[MD5.4C2812958D3D4342FC21E47CC361D5C2] - (.Pas de propriétaire - Core Sync.) -- C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe [4696432] [PID.2580]
[MD5.AE9BC27D095C2F26E082C4B3D25921FE] - (.Adobe Systems Incorporated - Adobe CEF Helper.) -- C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe [395120] [PID.1612]
[MD5.DC2E338E63159454B71659D82515A04E] - (.Nicolas Coolman - ZHPDiag.) -- E:\ZHPDiag\ZHPDiag.exe [8091648] [PID.3052]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.7 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gcncagkkhfoombgbihckkccmkjemhohl] Allin1Convert v.10.82.4.29690, (Activé) =>Adware.Allin1Convert
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ihfjhopfbonbleebdpnbhgbgflkffpcf] 2pac Shakur v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Google Docs]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl [Allin1Convert] =>Adware.Allin1Convert
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfjhopfbonbleebdpnbhgbgflkffpcf [2pac Shakur]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail]
~ Google Lines Browser: 27 Scanned in 00mn 13s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.11.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) -- C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
~ Firefox Browser: 8 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 11 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
~ BHO: 4 Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\toshiba\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [toshiba]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\toshiba\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Scanned in 00mn 17s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [mobilegeni daemon] . (...) -- C:\Program Files\Mobogenie\DaemonProcess.exe =>PUP.Mobogenie
O4 - HKLM\..\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\toshiba\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3127828169-2698895574-2117450320-1000\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\toshiba\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
~ Application: Scanned in 00mn 01s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - E-mail Naming Shim Provider.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A6E7924-EF12-43E0-AF1E-61FB23CA6030}: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{7A6E7924-EF12-43E0-AF1E-61FB23CA6030}: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{7A6E7924-EF12-43E0-AF1E-61FB23CA6030}: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
~ Services: 4 Scanned in 00mn 06s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
O39 - APT: - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8f43e718f2ee.job [882]
O39 - APT: - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [888]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [888]
O39 - APT: - (..) -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job [228]
O39 - APT: - (..) -- C:\Windows\Tasks\User_Feed_Synchronization-{56B53FAE-32B4-4BC7-96FA-BE871FF89583}.job [282]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{56B53FAE-32B4-4BC7-96FA-BE871FF89583} [282]
~ Scheduled Task: 5 Scanned in 00mn 00s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
~ Active Setup: 11 Scanned in 00mn 01s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - QoS Packet Scheduler.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vpcnfltr) . (.Microsoft Corporation - Virtual PC Network Filter Driver.) - C:\Windows\System32\DRIVERS\vpcnfltr.sys
O41 - Driver: C:\Windows\System32\drivers\vpcvmm.sys (vpcvmm) . (.Microsoft Corporation - Virtual PC Virtual Machine Monitor.) - C:\Windows\System32\drivers\vpcvmm.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 75 Scanned in 00mn 47s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Creative Cloud
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.11) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Avira Free Antivirus v14.0.5.464 - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: File Opener Pro - (.FileOpenerPro.) [HKLM] -- fileopenerpro
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU] -- PhotoFiltre 7
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16}
O42 - Logiciel: Skype 5.2.60.113 - (...) [HKLM] -- Skype 5.2.60.113
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}
O42 - Logiciel: VideoLAN VLC media player 0.8.6-rc1 - (.VideoLAN Team.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM] -- uTorrent =>P2P.BitTorrent
~ Logic: 25 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\53578cdab369ba12] =>Hijacker.Eazel
[HKCU\Software\APN PIP]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Giant Savings Extension] =>Adware.VidSaver
[HKCU\Software\AppDataLow]
[HKCU\Software\Avast Software]
[HKCU\Software\Avira]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Facebook]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\Froggie]
[HKCU\Software\Google]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Partition Assistant]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\TeleCharger]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\delta LTD]
[HKCU\Software\kde.org]
[HKLM\Software\53578cdab369ba12] =>Hijacker.Eazel
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\AdobeFlashPlayerUpdate]
[HKLM\Software\Adobe]
[HKLM\Software\Avira]
[HKLM\Software\Babylon] =>PUP.Babylon
[HKLM\Software\Bunndle]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\PIP]
[HKLM\Software\Policies]
[HKLM\Software\PowerQuest]
[HKLM\Software\REALTEK Semiconductor Corp.]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Skype]
[HKLM\Software\SoftwareUpdater] =>PUP.Eorezo
[HKLM\Software\Sonic]
[HKLM\Software\TOSHIBA Corporation]
[HKLM\Software\TOSHIBA]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\TuneUp]
[HKLM\Software\VideoLAN]
[HKLM\Software\Vittalia] =>PUP.Vittalia
[HKLM\Software\Volatile]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\lameme]
[HKLM\Software\mozilla.org]
~ Key Software: 123 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/01/2014 - 15:01:55 - [] ----D C:\Program Files\Adobe
O43 - CFD: 06/07/2013 - 13:10:49 - [] ----D C:\Program Files\Avira
O43 - CFD: 17/05/2013 - 22:20:00 - [] ----D C:\Program Files\Common Files
O43 - CFD: 01/06/2013 - 09:18:06 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 21/05/2014 - 00:37:14 - [] ----D C:\Program Files\FileOpenerPro
O43 - CFD: 08/05/2014 - 00:54:14 - [] ----D C:\Program Files\Google
O43 - CFD: 07/05/2014 - 14:56:19 - [] ----D C:\Program Files\GUM8B31.tmp
O43 - CFD: 23/03/2013 - 23:57:08 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 03/04/2013 - 09:30:00 - [] ----D C:\Program Files\Intel
O43 - CFD: 14/08/2014 - 10:00:03 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 23/03/2013 - 23:55:08 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 14/07/2009 - 08:49:30 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 23/03/2013 - 23:57:57 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 23/03/2013 - 23:57:56 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 23/03/2013 - 23:57:56 - [] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 23/03/2013 - 23:58:22 - [] ----D C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 23/03/2013 - 23:56:35 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 04/04/2013 - 09:43:38 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 04/01/2014 - 19:20:02 - [] ----D C:\Program Files\Mobogenie =>PUP.Mobogenie
O43 - CFD: 23/03/2013 - 11:58:00 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 04/03/2013 - 00:19:16 - [] ----D C:\Program Files\Realtek WLAN Driver
O43 - CFD: 14/07/2009 - 05:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 04/03/2013 - 00:16:32 - [] ----D C:\Program Files\Skype
O43 - CFD: 09/09/2013 - 16:45:27 - [] ----D C:\Program Files\Tor
O43 - CFD: 04/03/2013 - 00:18:11 - [] ----D C:\Program Files\TOSHIBA
O43 - CFD: 14/07/2009 - 05:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 04/03/2013 - 00:16:48 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 24/07/2013 - 07:28:01 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 11/07/2014 - 10:23:54 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 01/06/2013 - 09:18:06 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 13/12/2013 - 11:22:52 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 05:52:30 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 01/06/2013 - 09:18:05 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 01/06/2013 - 09:18:06 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 01/06/2013 - 09:18:06 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 21/10/2009 - 23:07:50 - [] ----D C:\Program Files\Windows Virtual PC
O43 - CFD: 04/01/2014 - 15:03:32 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 23/03/2013 - 11:58:09 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 23/03/2013 - 23:45:30 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 03/04/2013 - 09:30:01 - [] ----D C:\Program Files\Common Files\Intel
O43 - CFD: 23/03/2013 - 11:58:09 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 03:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 03:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 01/06/2013 - 09:18:05 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 26/05/2013 - 16:51:09 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 06/07/2013 - 13:13:24 - [] ----D C:\ProgramData\APN
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 06/07/2013 - 16:38:05 - [0] ----D C:\ProgramData\AVAST Software
O43 - CFD: 06/07/2013 - 13:11:30 - [] ----D C:\ProgramData\Avira
O43 - CFD: 03/04/2013 - 16:30:05 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 04/01/2014 - 15:12:13 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 19/03/2014 - 07:47:16 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14/08/2014 - 09:43:43 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 26/03/2013 - 23:50:41 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 13/04/2013 - 23:14:02 - [] ----D C:\ProgramData\Real
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 06/07/2013 - 13:47:01 - [] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 04/01/2014 - 15:18:08 - [] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 04/01/2014 - 15:12:13 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 04/01/2014 - 15:05:08 - [] ----D C:\Users\toshiba\AppData\Roaming\Adobe
O43 - CFD: 06/07/2013 - 13:17:39 - [] ----D C:\Users\toshiba\AppData\Roaming\Avira
O43 - CFD: 03/04/2013 - 16:30:05 - [] ----D C:\Users\toshiba\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 31/07/2014 - 21:42:56 - [] ----D C:\Users\toshiba\AppData\Roaming\dvdcss
O43 - CFD: 03/05/2014 - 16:35:06 - [] ----D C:\Users\toshiba\AppData\Roaming\eTeks
O43 - CFD: 04/03/2013 - 00:12:55 - [] ----D C:\Users\toshiba\AppData\Roaming\Identities
O43 - CFD: 04/03/2013 - 00:17:51 - [] ----D C:\Users\toshiba\AppData\Roaming\InstallShield
O43 - CFD: 30/03/2013 - 11:30:32 - [] ----D C:\Users\toshiba\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 08:48:18 - [0] ----D C:\Users\toshiba\AppData\Roaming\Media Center Programs
O43 - CFD: 06/05/2014 - 08:09:30 - [] -S--D C:\Users\toshiba\AppData\Roaming\Microsoft
O43 - CFD: 26/03/2013 - 23:51:21 - [] ----D C:\Users\toshiba\AppData\Roaming\Mozilla
O43 - CFD: 15/08/2014 - 08:17:06 - [] ----D C:\Users\toshiba\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 04/01/2014 - 14:51:27 - [] ----D C:\Users\toshiba\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 04/01/2014 - 20:01:30 - [] ----D C:\Users\toshiba\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 29/07/2014 - 18:33:15 - [] ----D C:\Users\toshiba\AppData\Roaming\Skype
O43 - CFD: 04/01/2014 - 15:14:35 - [] ----D C:\Users\toshiba\AppData\Roaming\TuneUp Software
O43 - CFD: 05/07/2014 - 04:22:15 - [] ----D C:\Users\toshiba\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 06/04/2013 - 11:21:41 - [] ----D C:\Users\toshiba\AppData\Roaming\vlc
O43 - CFD: 04/03/2013 - 00:17:19 - [] ----D C:\Users\toshiba\AppData\Roaming\WinBatch
O43 - CFD: 05/01/2014 - 09:27:45 - [] ----D C:\Users\toshiba\AppData\Roaming\Youtube Downloader HD
O43 - CFD: 15/08/2014 - 08:35:14 - [] ----D C:\Users\toshiba\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 05/01/2014 - 12:09:32 - [] ----D C:\Users\toshiba\AppData\Local\Adobe
O43 - CFD: 04/03/2013 - 00:12:39 - [] -SH-D C:\Users\toshiba\AppData\Local\Application Data
O43 - CFD: 04/01/2014 - 15:04:03 - [] ----D C:\Users\toshiba\AppData\Local\cache
O43 - CFD: 08/03/2014 - 23:35:41 - [] ----D C:\Users\toshiba\AppData\Local\Diagnostics
O43 - CFD: 05/03/2014 - 15:20:10 - [] ----D C:\Users\toshiba\AppData\Local\ElevatedDiagnostics
O43 - CFD: 06/01/2014 - 11:08:51 - [] ----D C:\Users\toshiba\AppData\Local\Facebook
O43 - CFD: 04/01/2014 - 15:03:51 - [] ----D C:\Users\toshiba\AppData\Local\genienext =>PUP.NextLive
O43 - CFD: 03/04/2013 - 16:31:20 - [] ----D C:\Users\toshiba\AppData\Local\Giant Savings Extension =>Adware.VidSaver
O43 - CFD: 08/05/2014 - 00:54:38 - [] ----D C:\Users\toshiba\AppData\Local\Google
O43 - CFD: 04/03/2013 - 00:12:39 - [] -SH-D C:\Users\toshiba\AppData\Local\History
O43 - CFD: 30/03/2013 - 11:30:32 - [] ----D C:\Users\toshiba\AppData\Local\Macromedia
O43 - CFD: 15/05/2014 - 16:31:00 - [] ----D C:\Users\toshiba\AppData\Local\Microsoft
O43 - CFD: 05/12/2013 - 23:35:55 - [] ----D C:\Users\toshiba\AppData\Local\Microsoft Games
O43 - CFD: 05/05/2014 - 07:48:59 - [] ----D C:\Users\toshiba\AppData\Local\Microsoft Help
O43 - CFD: 04/01/2014 - 19:20:01 - [] ----D C:\Users\toshiba\AppData\Local\Mobogenie =>PUP.Mobogenie
O43 - CFD: 18/09/2013 - 15:04:19 - [] ----D C:\Users\toshiba\AppData\Local\Mozilla
O43 - CFD: 03/05/2014 - 16:23:56 - [] ----D C:\Users\toshiba\AppData\Local\Programs
O43 - CFD: 15/08/2014 - 08:35:16 - [] ----D C:\Users\toshiba\AppData\Local\Temp
O43 - CFD: 04/03/2013 - 00:12:39 - [] -SH-D C:\Users\toshiba\AppData\Local\Temporary Internet Files
O43 - CFD: 03/04/2013 - 16:30:42 - [] ----D C:\Users\toshiba\AppData\Local\Updater21810 =>PUP.CrossRider
O43 - CFD: 03/05/2014 - 16:24:58 - [] ----D C:\Users\toshiba\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - 05:42:04 - [] R---D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/08/2014 - 14:30:31 - [] R---D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 05:37:42 - [] R---D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 04/01/2014 - 14:55:43 - [0] ----D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 14/08/2014 - 14:30:31 - [] R---D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 110 Scanned in 00mn 01s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.7B051C4A70F23A84A09366999FE63CBD] - 01/08/2014 - 00:16:34 ---A- . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll [307384]
O44 - LFC:[MD5.C4675C2734716F56FCA370CF1183457F] - 07/08/2014 - 02:39:08 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [302592]
O44 - LFC:[MD5.D14DF403FF550F6B1F4702CD2F288ABD] - 07/08/2014 - 02:43:38 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\aepdu.dll [412160]
O44 - LFC:[MD5.33DB506498E0419CD50B144DE7CCFC75] - 13/08/2014 - 17:03:59 ---A- . (.Microsoft Corporation - Bashkir Keyboard Layout.) -- C:\Windows\System32\KBDBASH.DLL [6144]
O44 - LFC:[MD5.1235259E135F87BF4AE5864A818E1513] - 13/08/2014 - 17:03:59 ---A- . (.Microsoft Corporation - Russia(Typewriter) Keyboard Layout.) -- C:\Windows\System32\KBDRU1.DLL [6144]
O44 - LFC:[MD5.EB3D06A9EDFDFD12228AD7A9F24D15D6] - 13/08/2014 - 17:03:59 ---A- . (.Microsoft Corporation - Russian Keyboard Layout.) -- C:\Windows\System32\KBDRU.DLL [5632]
O44 - LFC:[MD5.40FFC65117C4AC69D33DEC6D567392FD] - 13/08/2014 - 17:03:59 ---A- . (.Microsoft Corporation - Sakha - Russia Keyboard Layout.) -- C:\Windows\System32\KBDYAK.DLL [6144]
O44 - LFC:[MD5.F1886C30C3E4A7C5513525CBA665AA31] - 13/08/2014 - 17:04:00 ---A- . (.Microsoft Corporation - Tatar (Legacy) Keyboard Layout.) -- C:\Windows\System32\KBDTAT.DLL [6144]
O44 - LFC:[MD5.06FC8A93A4FA1F42A3D1D06694F2B339] - 13/08/2014 - 17:04:04 ---A- . (...) -- C:\Windows\System32\locale.nls [419992]
O44 - LFC:[MD5.386BF6FD9FC562B1A5558C49E1C3A6FB] - 13/08/2014 - 17:11:37 ---A- . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll [12874240]
O44 - LFC:[MD5.CADC4CFE957C24984FFA718AB7E4EF3C] - 13/08/2014 - 17:17:31 ---A- . (.Microsoft Corporation - Consent UI for administrative applications.) -- C:\Windows\System32\consent.exe [101824]
O44 - LFC:[MD5.43CD23B65CBF04D6F8ACA984B0EF93FE] - 13/08/2014 - 17:17:31 ---A- . (.Microsoft Corporation - Windows Authentication UI.) -- C:\Windows\System32\authui.dll [1805824]
O44 - LFC:[MD5.C212A43AA83A717AD38505F23ACDCB33] - 13/08/2014 - 17:17:31 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\Windows\System32\msi.dll [2363392]
O44 - LFC:[MD5.9DA1CCDBBF8136AC2383C2624CA8CD14] - 13/08/2014 - 17:17:31 ---A- . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msihnd.dll [337408]
O44 - LFC:[MD5.8C192180F49B102626B6517E9B94645F] - 13/08/2014 - 17:17:37 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [305152]
O44 - LFC:[MD5.EB0AAAAC964609473049AF9A1AE26F42] - 13/08/2014 - 17:17:37 ---A- . (.Microsoft Corporation - Multi-User Win32 Driver.) -- C:\Windows\System32\win32k.sys [2352640]
O44 - LFC:[MD5.D08819FEE0CDB8A8A58E2B34D05E7A11] - 13/08/2014 - 17:17:54 ---A- . (.Microsoft Corporation - Time Zones resource DLL.) -- C:\Windows\System32\tzres.dll [2048]
O44 - LFC:[MD5.5860EE5C807CB3866551B845123493C6] - 13/08/2014 - 17:21:23 ---A- . (.Microsoft Corporation - Canonical Display Driver.) -- C:\Windows\System32\cdd.dll [107520]
O44 - LFC:[MD5.3583A5A8CC2E682BFFBD4630D0FEC08B] - 13/08/2014 - 17:21:23 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [730048]
O44 - LFC:[MD5.0EC652D17AB4607745FB4E6958E8FAB6] - 13/08/2014 - 17:21:23 ---A- . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\Drivers\dxgmms1.sys [219072]
O44 - LFC:[MD5.C9059EF0C94C55C0DA9CACEE160A5F66] - 13/08/2014 - 17:21:30 ---A- . (.Microsoft Corporation - Remote Procedure Call Runtime.) -- C:\Windows\System32\rpcrt4.dll [654336]
O44 - LFC:[MD5.8453DDF167CE2986AA4AB04BC6824925] - 13/08/2014 - 22:01:12 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [17524224]
O44 - LFC:[MD5.7C1BFC2ABE297BCA1A7BA77A8292C088] - 13/08/2014 - 22:01:13 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [4204032]
O44 - LFC:[MD5.24FA5F74D3B4BA62539DF87285BA934E] - 13/08/2014 - 22:01:14 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [597504]
O44 - LFC:[MD5.FF4A917DD7C387BD2715A5F67307FED1] - 13/08/2014 - 22:01:15 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2184704]
O44 - LFC:[MD5.272420427EB96EA052C719AA796C09F2] - 13/08/2014 - 22:01:16 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [61952]
O44 - LFC:[MD5.49FFD37673BD20279A8BF27CC20040B3] - 13/08/2014 - 22:01:16 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1068032]
O44 - LFC:[MD5.444EB30B1610A35FC99D62A91B2BCAA7] - 13/08/2014 - 22:01:17 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [69632]
O44 - LFC:[MD5.90FF511B751A0327D07C4073760F1578] - 13/08/2014 - 22:01:18 ---A- . (.Microsoft Corporation - Internet Browser.) -- C:\Windows\System32\ieframe.dll [11772928]
O44 - LFC:[MD5.F48A1A114382AB4EF8000E1943E6CF1F] - 13/08/2014 - 22:01:19 ---A- . (.Microsoft Corporation - Internet Explorer UI Engine.) -- C:\Windows\System32\ieui.dll [438784]
O44 - LFC:[MD5.B945BAA81B4805AD6BDDF4D026DCFB47] - 13/08/2014 - 22:01:20 ---A- . (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1792512]
O44 - LFC:[MD5.18A3154606E3F8945956948A4E708007] - 13/08/2014 - 22:01:21 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [704512]
O44 - LFC:[MD5.9D16B568E318F49535AD72539C9997C2] - 13/08/2014 - 22:01:21 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [455168]
O44 - LFC:[MD5.D7D412D3436CFB85B383CDD3C9B455F0] - 13/08/2014 - 22:01:22 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.7EFBB7A3C664A8DF93C9937DF76760A4] - 13/08/2014 - 22:01:23 ---A- . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe [663040]
O44 - LFC:[MD5.4D0E91438CE181AF94C653B3BBE3C65A] - 13/08/2014 - 22:01:23 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [61952]
O44 - LFC:[MD5.E70C00791A18866BB23B3A652E3390A0] - 13/08/2014 - 22:01:23 ---A- . (.Microsoft Corporation - Internet Control Panel.) -- C:\Windows\System32\inetcpl.cpl [2001920]
O44 - LFC:[MD5.B91AA3BC8083E66925FAE29FDA485CEA] - 13/08/2014 - 22:01:23 ---A- . (.Microsoft Corporation - Internet Ratings and Local User Management.) -- C:\Windows\System32\msrating.dll [164864]
O44 - LFC:[MD5.87C2B5010779DF6BE4732751C5DB5D64] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) -- C:\Windows\System32\ieUnatt.exe [112128]
O44 - LFC:[MD5.36B67392AFB8901CC442EA988AD4603D] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [43008]
O44 - LFC:[MD5.1A05CFA45B6AEBFCCC835DCF68CBD1D0] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [526336]
O44 - LFC:[MD5.E8D46F442AB53A52BDBB3EA0C51BDABD] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.6D017C0E499443ACDE3D9B5DCD753F32] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [1169920]
O44 - LFC:[MD5.478824EC0BCE9968C0DC787164B1753B] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - Extended RunOnce processing with UI.) -- C:\Windows\System32\iernonce.dll [32768]
O44 - LFC:[MD5.41A3A54603686FD437FA4E8EB95025F9] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [51200]
O44 - LFC:[MD5.004DFEA0B7AE3F8F438CD2D8C643DAEE] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [108032]
O44 - LFC:[MD5.FEE3E022B00A5165ED645E38C1E6C776] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [60416]
O44 - LFC:[MD5.3BB3D5D1CACD68BE8F7A16CCB3AADA93] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [646144]
O44 - LFC:[MD5.28A8B99DE70F376B18709E6B07D6A352] - 14/08/2014 - 09:31:37 ---A- . (.Microsoft Corporation - Windows Presentation Foundation Terminal Se.) -- C:\Windows\System32\TsWpfWrp.exe [35480]
O44 - LFC:[MD5.8D466B36076BCD7997838C0DDB69764C] - 14/08/2014 - 09:31:41 ---A- . (.Microsoft Corporation - Windows CardSpace User Interface Agent.) -- C:\Windows\System32\icardagt.exe [619672]
O44 - LFC:[MD5.370FC4421ADE62FC89AC93B345570388] - 14/08/2014 - 09:31:48 ---A- . (.Microsoft Corporation - Windows CardSpace.) -- C:\Windows\System32\icardres.dll [8856]
O44 - LFC:[MD5.AF6655214DEBB2C8446DE843A02AAEBA] - 14/08/2014 - 09:31:53 ---A- . (.Microsoft Corporation - Microsoft InfoCards.) -- C:\Windows\System32\infocardapi.dll [99480]
O44 - LFC:[MD5.613817D8A16C0881E2C8B3BC1AE65F61] - 14/08/2014 - 09:36:03 ---A- . (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) -- C:\Windows\System32\MRT.exe [96303304]
O44 - LFC:[MD5.1CB240954C70C5E67E213BA7E4935EAD] - 14/08/2014 - 14:35:31 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [781950]
O44 - LFC:[MD5.CB364ABC026AA631E774B91E023139F2] - 14/08/2014 - 14:35:31 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122640]
O44 - LFC:[MD5.9D3ABC14E38206E71BCBCAA6FDE1907C] - 14/08/2014 - 14:35:31 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654768]
O44 - LFC:[MD5.57B7E1E7955AAE5CC56E16061207443E] - 15/08/2014 - 08:15:55 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [408616]
O44 - LFC:[MD5.0625EB612CA3F3F620EA92CD7ABB4957] - 15/08/2014 - 08:15:56 ---A- . (...) -- C:\Windows\setupact.log [98743]
O44 - LFC:[MD5.4621BAE89D1257F87EFDFB7F5F583546] - 15/08/2014 - 08:33:05 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1922621]
~ Files: 61 Scanned in 02mn 45s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Windows Security Configuration Editor Client Engine.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b3ca2b8f-f07d-11e3-b9b3-e269b986803a}\AutoRun\command. (...) -- G:\start.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProvid
~ Rapport de ZHPDiag v2014.8.13.118 - Nicolas Coolman (13/08/2014)
~ Lancé par toshiba (15/08/2014 08:33:45)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17239
GCIE: Google Chrome v36.0.1985.143 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.5.464
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
µTorrent v3.3.0.29420 =>P2P.µTorrent
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1931.8 MB (23% free)
System Restore: Activé (Enable)
System drive C: has 1 GB (2%) free of 35 GB
---\\ Mode de connexion au système
~ Computer Name: TOSHIBA-PC
~ User Name: toshiba
~ All Users Names: toshiba, HomeGroupUser$, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\toshiba\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\toshiba\AppData\Roaming\
~ %Desktop% : C:\Users\toshiba\Desktop\
~ %Favorites% : C:\Users\toshiba\Favorites\
~ %LocalAppData% : C:\Users\toshiba\AppData\Local\
~ %StartMenu% : C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 1 Go of 35 Go)
D: CD-ROM drive (Free 0 Go of 6 Go)
E: Hard drive, Flash drive, Thumb drive (Free 194 Go of 263 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.B945BAA81B4805AD6BDDF4D026DCFB47] - (.Microsoft Corporation - Internet Extensions for Win32.) (.25/07/2014 - 11:05:23.) -- C:\Windows\System32\wininet.dll [1792512]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Windows Logon Application.) (.04/03/2014 - 10:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - NT File System Driver.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/804
~ Mes musiques (My Musics) : 1/842
~ Mes Videos (My Videos) : 2/11
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 19/265
~ Mon Bureau (My Desktop) : 2/268
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 16s
---\\ Processus lancés
[MD5.1494918EB9C24C0DA844A755B68C862F] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840] [PID.1036]
[MD5.04AF4FA8AE66E8216EA239EEF0353500] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [144664] [PID.1284]
[MD5.417D8CF6730A6ACC232BB124C2B6CF65] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [180504] [PID.1356]
[MD5.4C0A9414B4975A992B576AD8ECE53B27] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [188184] [PID.1364]
[MD5.1E9B225DE829A6F666A0BA9B8A7984BF] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [750160] [PID.1388]
[MD5.FF4F87DCDAA5080281E0E70BB116086B] - (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376] [PID.1904]
[MD5.71738E5D624F00EFE56F7C35DB36267C] - (.Adobe Systems Incorporated - Adobe IPC Broker.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe [769904] [PID.848]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.2132]
[MD5.0BDAE865738D27A4D84D50591C8C9D2D] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.2828]
[MD5.4C2812958D3D4342FC21E47CC361D5C2] - (.Pas de propriétaire - Core Sync.) -- C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe [4696432] [PID.2580]
[MD5.AE9BC27D095C2F26E082C4B3D25921FE] - (.Adobe Systems Incorporated - Adobe CEF Helper.) -- C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe [395120] [PID.1612]
[MD5.DC2E338E63159454B71659D82515A04E] - (.Nicolas Coolman - ZHPDiag.) -- E:\ZHPDiag\ZHPDiag.exe [8091648] [PID.3052]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.7 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gcncagkkhfoombgbihckkccmkjemhohl] Allin1Convert v.10.82.4.29690, (Activé) =>Adware.Allin1Convert
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [ihfjhopfbonbleebdpnbhgbgflkffpcf] 2pac Shakur v.1 (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Google Docs]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl [Allin1Convert] =>Adware.Allin1Convert
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihfjhopfbonbleebdpnbhgbgflkffpcf [2pac Shakur]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail]
~ Google Lines Browser: 27 Scanned in 00mn 13s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.11.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) -- C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
~ Firefox Browser: 8 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 11 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
~ BHO: 4 Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\toshiba\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [toshiba]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\toshiba\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Scanned in 00mn 17s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [mobilegeni daemon] . (...) -- C:\Program Files\Mobogenie\DaemonProcess.exe =>PUP.Mobogenie
O4 - HKLM\..\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\toshiba\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3127828169-2698895574-2117450320-1000\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\toshiba\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
~ Application: Scanned in 00mn 01s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - E-mail Naming Shim Provider.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A6E7924-EF12-43E0-AF1E-61FB23CA6030}: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{7A6E7924-EF12-43E0-AF1E-61FB23CA6030}: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{7A6E7924-EF12-43E0-AF1E-61FB23CA6030}: DhcpNameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.2
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
~ Services: 4 Scanned in 00mn 06s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [830]
O39 - APT: - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8f43e718f2ee.job [882]
O39 - APT: - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [888]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [888]
O39 - APT: - (..) -- C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job [228]
O39 - APT: - (..) -- C:\Windows\Tasks\User_Feed_Synchronization-{56B53FAE-32B4-4BC7-96FA-BE871FF89583}.job [282]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{56B53FAE-32B4-4BC7-96FA-BE871FF89583} [282]
~ Scheduled Task: 5 Scanned in 00mn 00s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
~ Active Setup: 11 Scanned in 00mn 01s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - QoS Packet Scheduler.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vpcnfltr) . (.Microsoft Corporation - Virtual PC Network Filter Driver.) - C:\Windows\System32\DRIVERS\vpcnfltr.sys
O41 - Driver: C:\Windows\System32\drivers\vpcvmm.sys (vpcvmm) . (.Microsoft Corporation - Virtual PC Virtual Machine Monitor.) - C:\Windows\System32\drivers\vpcvmm.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 75 Scanned in 00mn 47s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Creative Cloud
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.11) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Avira Free Antivirus v14.0.5.464 - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: File Opener Pro - (.FileOpenerPro.) [HKLM] -- fileopenerpro
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU] -- PhotoFiltre 7
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16}
O42 - Logiciel: Skype 5.2.60.113 - (...) [HKLM] -- Skype 5.2.60.113
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}
O42 - Logiciel: VideoLAN VLC media player 0.8.6-rc1 - (.VideoLAN Team.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM] -- uTorrent =>P2P.BitTorrent
~ Logic: 25 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\53578cdab369ba12] =>Hijacker.Eazel
[HKCU\Software\APN PIP]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Giant Savings Extension] =>Adware.VidSaver
[HKCU\Software\AppDataLow]
[HKCU\Software\Avast Software]
[HKCU\Software\Avira]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Facebook]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\Froggie]
[HKCU\Software\Google]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Partition Assistant]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\TeleCharger]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\delta LTD]
[HKCU\Software\kde.org]
[HKLM\Software\53578cdab369ba12] =>Hijacker.Eazel
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\AdobeFlashPlayerUpdate]
[HKLM\Software\Adobe]
[HKLM\Software\Avira]
[HKLM\Software\Babylon] =>PUP.Babylon
[HKLM\Software\Bunndle]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\PIP]
[HKLM\Software\Policies]
[HKLM\Software\PowerQuest]
[HKLM\Software\REALTEK Semiconductor Corp.]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Skype]
[HKLM\Software\SoftwareUpdater] =>PUP.Eorezo
[HKLM\Software\Sonic]
[HKLM\Software\TOSHIBA Corporation]
[HKLM\Software\TOSHIBA]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\TuneUp]
[HKLM\Software\VideoLAN]
[HKLM\Software\Vittalia] =>PUP.Vittalia
[HKLM\Software\Volatile]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\lameme]
[HKLM\Software\mozilla.org]
~ Key Software: 123 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/01/2014 - 15:01:55 - [] ----D C:\Program Files\Adobe
O43 - CFD: 06/07/2013 - 13:10:49 - [] ----D C:\Program Files\Avira
O43 - CFD: 17/05/2013 - 22:20:00 - [] ----D C:\Program Files\Common Files
O43 - CFD: 01/06/2013 - 09:18:06 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 21/05/2014 - 00:37:14 - [] ----D C:\Program Files\FileOpenerPro
O43 - CFD: 08/05/2014 - 00:54:14 - [] ----D C:\Program Files\Google
O43 - CFD: 07/05/2014 - 14:56:19 - [] ----D C:\Program Files\GUM8B31.tmp
O43 - CFD: 23/03/2013 - 23:57:08 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 03/04/2013 - 09:30:00 - [] ----D C:\Program Files\Intel
O43 - CFD: 14/08/2014 - 10:00:03 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 23/03/2013 - 23:55:08 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 14/07/2009 - 08:49:30 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 23/03/2013 - 23:57:57 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 23/03/2013 - 23:57:56 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 23/03/2013 - 23:57:56 - [] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 23/03/2013 - 23:58:22 - [] ----D C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 23/03/2013 - 23:56:35 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 04/04/2013 - 09:43:38 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 04/01/2014 - 19:20:02 - [] ----D C:\Program Files\Mobogenie =>PUP.Mobogenie
O43 - CFD: 23/03/2013 - 11:58:00 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 04/03/2013 - 00:19:16 - [] ----D C:\Program Files\Realtek WLAN Driver
O43 - CFD: 14/07/2009 - 05:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 04/03/2013 - 00:16:32 - [] ----D C:\Program Files\Skype
O43 - CFD: 09/09/2013 - 16:45:27 - [] ----D C:\Program Files\Tor
O43 - CFD: 04/03/2013 - 00:18:11 - [] ----D C:\Program Files\TOSHIBA
O43 - CFD: 14/07/2009 - 05:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 04/03/2013 - 00:16:48 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 24/07/2013 - 07:28:01 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 11/07/2014 - 10:23:54 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 01/06/2013 - 09:18:06 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 13/12/2013 - 11:22:52 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 05:52:30 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 01/06/2013 - 09:18:05 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 01/06/2013 - 09:18:06 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 01/06/2013 - 09:18:06 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 21/10/2009 - 23:07:50 - [] ----D C:\Program Files\Windows Virtual PC
O43 - CFD: 04/01/2014 - 15:03:32 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 23/03/2013 - 11:58:09 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 23/03/2013 - 23:45:30 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 03/04/2013 - 09:30:01 - [] ----D C:\Program Files\Common Files\Intel
O43 - CFD: 23/03/2013 - 11:58:09 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 03:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 03:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 01/06/2013 - 09:18:05 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 26/05/2013 - 16:51:09 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 06/07/2013 - 13:13:24 - [] ----D C:\ProgramData\APN
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 06/07/2013 - 16:38:05 - [0] ----D C:\ProgramData\AVAST Software
O43 - CFD: 06/07/2013 - 13:11:30 - [] ----D C:\ProgramData\Avira
O43 - CFD: 03/04/2013 - 16:30:05 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 04/01/2014 - 15:12:13 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 19/03/2014 - 07:47:16 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14/08/2014 - 09:43:43 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 26/03/2013 - 23:50:41 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 13/04/2013 - 23:14:02 - [] ----D C:\ProgramData\Real
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 06/07/2013 - 13:47:01 - [] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 14/07/2009 - 05:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 04/01/2014 - 15:18:08 - [] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 04/01/2014 - 15:12:13 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 04/01/2014 - 15:05:08 - [] ----D C:\Users\toshiba\AppData\Roaming\Adobe
O43 - CFD: 06/07/2013 - 13:17:39 - [] ----D C:\Users\toshiba\AppData\Roaming\Avira
O43 - CFD: 03/04/2013 - 16:30:05 - [] ----D C:\Users\toshiba\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 31/07/2014 - 21:42:56 - [] ----D C:\Users\toshiba\AppData\Roaming\dvdcss
O43 - CFD: 03/05/2014 - 16:35:06 - [] ----D C:\Users\toshiba\AppData\Roaming\eTeks
O43 - CFD: 04/03/2013 - 00:12:55 - [] ----D C:\Users\toshiba\AppData\Roaming\Identities
O43 - CFD: 04/03/2013 - 00:17:51 - [] ----D C:\Users\toshiba\AppData\Roaming\InstallShield
O43 - CFD: 30/03/2013 - 11:30:32 - [] ----D C:\Users\toshiba\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 08:48:18 - [0] ----D C:\Users\toshiba\AppData\Roaming\Media Center Programs
O43 - CFD: 06/05/2014 - 08:09:30 - [] -S--D C:\Users\toshiba\AppData\Roaming\Microsoft
O43 - CFD: 26/03/2013 - 23:51:21 - [] ----D C:\Users\toshiba\AppData\Roaming\Mozilla
O43 - CFD: 15/08/2014 - 08:17:06 - [] ----D C:\Users\toshiba\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 04/01/2014 - 14:51:27 - [] ----D C:\Users\toshiba\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 04/01/2014 - 20:01:30 - [] ----D C:\Users\toshiba\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 29/07/2014 - 18:33:15 - [] ----D C:\Users\toshiba\AppData\Roaming\Skype
O43 - CFD: 04/01/2014 - 15:14:35 - [] ----D C:\Users\toshiba\AppData\Roaming\TuneUp Software
O43 - CFD: 05/07/2014 - 04:22:15 - [] ----D C:\Users\toshiba\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 06/04/2013 - 11:21:41 - [] ----D C:\Users\toshiba\AppData\Roaming\vlc
O43 - CFD: 04/03/2013 - 00:17:19 - [] ----D C:\Users\toshiba\AppData\Roaming\WinBatch
O43 - CFD: 05/01/2014 - 09:27:45 - [] ----D C:\Users\toshiba\AppData\Roaming\Youtube Downloader HD
O43 - CFD: 15/08/2014 - 08:35:14 - [] ----D C:\Users\toshiba\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 05/01/2014 - 12:09:32 - [] ----D C:\Users\toshiba\AppData\Local\Adobe
O43 - CFD: 04/03/2013 - 00:12:39 - [] -SH-D C:\Users\toshiba\AppData\Local\Application Data
O43 - CFD: 04/01/2014 - 15:04:03 - [] ----D C:\Users\toshiba\AppData\Local\cache
O43 - CFD: 08/03/2014 - 23:35:41 - [] ----D C:\Users\toshiba\AppData\Local\Diagnostics
O43 - CFD: 05/03/2014 - 15:20:10 - [] ----D C:\Users\toshiba\AppData\Local\ElevatedDiagnostics
O43 - CFD: 06/01/2014 - 11:08:51 - [] ----D C:\Users\toshiba\AppData\Local\Facebook
O43 - CFD: 04/01/2014 - 15:03:51 - [] ----D C:\Users\toshiba\AppData\Local\genienext =>PUP.NextLive
O43 - CFD: 03/04/2013 - 16:31:20 - [] ----D C:\Users\toshiba\AppData\Local\Giant Savings Extension =>Adware.VidSaver
O43 - CFD: 08/05/2014 - 00:54:38 - [] ----D C:\Users\toshiba\AppData\Local\Google
O43 - CFD: 04/03/2013 - 00:12:39 - [] -SH-D C:\Users\toshiba\AppData\Local\History
O43 - CFD: 30/03/2013 - 11:30:32 - [] ----D C:\Users\toshiba\AppData\Local\Macromedia
O43 - CFD: 15/05/2014 - 16:31:00 - [] ----D C:\Users\toshiba\AppData\Local\Microsoft
O43 - CFD: 05/12/2013 - 23:35:55 - [] ----D C:\Users\toshiba\AppData\Local\Microsoft Games
O43 - CFD: 05/05/2014 - 07:48:59 - [] ----D C:\Users\toshiba\AppData\Local\Microsoft Help
O43 - CFD: 04/01/2014 - 19:20:01 - [] ----D C:\Users\toshiba\AppData\Local\Mobogenie =>PUP.Mobogenie
O43 - CFD: 18/09/2013 - 15:04:19 - [] ----D C:\Users\toshiba\AppData\Local\Mozilla
O43 - CFD: 03/05/2014 - 16:23:56 - [] ----D C:\Users\toshiba\AppData\Local\Programs
O43 - CFD: 15/08/2014 - 08:35:16 - [] ----D C:\Users\toshiba\AppData\Local\Temp
O43 - CFD: 04/03/2013 - 00:12:39 - [] -SH-D C:\Users\toshiba\AppData\Local\Temporary Internet Files
O43 - CFD: 03/04/2013 - 16:30:42 - [] ----D C:\Users\toshiba\AppData\Local\Updater21810 =>PUP.CrossRider
O43 - CFD: 03/05/2014 - 16:24:58 - [] ----D C:\Users\toshiba\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - 05:42:04 - [] R---D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/08/2014 - 14:30:31 - [] R---D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 05:37:42 - [] R---D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 04/01/2014 - 14:55:43 - [0] ----D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 14/08/2014 - 14:30:31 - [] R---D C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 110 Scanned in 00mn 01s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.7B051C4A70F23A84A09366999FE63CBD] - 01/08/2014 - 00:16:34 ---A- . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll [307384]
O44 - LFC:[MD5.C4675C2734716F56FCA370CF1183457F] - 07/08/2014 - 02:39:08 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [302592]
O44 - LFC:[MD5.D14DF403FF550F6B1F4702CD2F288ABD] - 07/08/2014 - 02:43:38 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\aepdu.dll [412160]
O44 - LFC:[MD5.33DB506498E0419CD50B144DE7CCFC75] - 13/08/2014 - 17:03:59 ---A- . (.Microsoft Corporation - Bashkir Keyboard Layout.) -- C:\Windows\System32\KBDBASH.DLL [6144]
O44 - LFC:[MD5.1235259E135F87BF4AE5864A818E1513] - 13/08/2014 - 17:03:59 ---A- . (.Microsoft Corporation - Russia(Typewriter) Keyboard Layout.) -- C:\Windows\System32\KBDRU1.DLL [6144]
O44 - LFC:[MD5.EB3D06A9EDFDFD12228AD7A9F24D15D6] - 13/08/2014 - 17:03:59 ---A- . (.Microsoft Corporation - Russian Keyboard Layout.) -- C:\Windows\System32\KBDRU.DLL [5632]
O44 - LFC:[MD5.40FFC65117C4AC69D33DEC6D567392FD] - 13/08/2014 - 17:03:59 ---A- . (.Microsoft Corporation - Sakha - Russia Keyboard Layout.) -- C:\Windows\System32\KBDYAK.DLL [6144]
O44 - LFC:[MD5.F1886C30C3E4A7C5513525CBA665AA31] - 13/08/2014 - 17:04:00 ---A- . (.Microsoft Corporation - Tatar (Legacy) Keyboard Layout.) -- C:\Windows\System32\KBDTAT.DLL [6144]
O44 - LFC:[MD5.06FC8A93A4FA1F42A3D1D06694F2B339] - 13/08/2014 - 17:04:04 ---A- . (...) -- C:\Windows\System32\locale.nls [419992]
O44 - LFC:[MD5.386BF6FD9FC562B1A5558C49E1C3A6FB] - 13/08/2014 - 17:11:37 ---A- . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll [12874240]
O44 - LFC:[MD5.CADC4CFE957C24984FFA718AB7E4EF3C] - 13/08/2014 - 17:17:31 ---A- . (.Microsoft Corporation - Consent UI for administrative applications.) -- C:\Windows\System32\consent.exe [101824]
O44 - LFC:[MD5.43CD23B65CBF04D6F8ACA984B0EF93FE] - 13/08/2014 - 17:17:31 ---A- . (.Microsoft Corporation - Windows Authentication UI.) -- C:\Windows\System32\authui.dll [1805824]
O44 - LFC:[MD5.C212A43AA83A717AD38505F23ACDCB33] - 13/08/2014 - 17:17:31 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\Windows\System32\msi.dll [2363392]
O44 - LFC:[MD5.9DA1CCDBBF8136AC2383C2624CA8CD14] - 13/08/2014 - 17:17:31 ---A- . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msihnd.dll [337408]
O44 - LFC:[MD5.8C192180F49B102626B6517E9B94645F] - 13/08/2014 - 17:17:37 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [305152]
O44 - LFC:[MD5.EB0AAAAC964609473049AF9A1AE26F42] - 13/08/2014 - 17:17:37 ---A- . (.Microsoft Corporation - Multi-User Win32 Driver.) -- C:\Windows\System32\win32k.sys [2352640]
O44 - LFC:[MD5.D08819FEE0CDB8A8A58E2B34D05E7A11] - 13/08/2014 - 17:17:54 ---A- . (.Microsoft Corporation - Time Zones resource DLL.) -- C:\Windows\System32\tzres.dll [2048]
O44 - LFC:[MD5.5860EE5C807CB3866551B845123493C6] - 13/08/2014 - 17:21:23 ---A- . (.Microsoft Corporation - Canonical Display Driver.) -- C:\Windows\System32\cdd.dll [107520]
O44 - LFC:[MD5.3583A5A8CC2E682BFFBD4630D0FEC08B] - 13/08/2014 - 17:21:23 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [730048]
O44 - LFC:[MD5.0EC652D17AB4607745FB4E6958E8FAB6] - 13/08/2014 - 17:21:23 ---A- . (.Microsoft Corporation - DirectX Graphics MMS.) -- C:\Windows\System32\Drivers\dxgmms1.sys [219072]
O44 - LFC:[MD5.C9059EF0C94C55C0DA9CACEE160A5F66] - 13/08/2014 - 17:21:30 ---A- . (.Microsoft Corporation - Remote Procedure Call Runtime.) -- C:\Windows\System32\rpcrt4.dll [654336]
O44 - LFC:[MD5.8453DDF167CE2986AA4AB04BC6824925] - 13/08/2014 - 22:01:12 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll [17524224]
O44 - LFC:[MD5.7C1BFC2ABE297BCA1A7BA77A8292C088] - 13/08/2014 - 22:01:13 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll [4204032]
O44 - LFC:[MD5.24FA5F74D3B4BA62539DF87285BA934E] - 13/08/2014 - 22:01:14 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [597504]
O44 - LFC:[MD5.FF4A917DD7C387BD2715A5F67307FED1] - 13/08/2014 - 22:01:15 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2184704]
O44 - LFC:[MD5.272420427EB96EA052C719AA796C09F2] - 13/08/2014 - 22:01:16 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [61952]
O44 - LFC:[MD5.49FFD37673BD20279A8BF27CC20040B3] - 13/08/2014 - 22:01:16 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1068032]
O44 - LFC:[MD5.444EB30B1610A35FC99D62A91B2BCAA7] - 13/08/2014 - 22:01:17 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [69632]
O44 - LFC:[MD5.90FF511B751A0327D07C4073760F1578] - 13/08/2014 - 22:01:18 ---A- . (.Microsoft Corporation - Internet Browser.) -- C:\Windows\System32\ieframe.dll [11772928]
O44 - LFC:[MD5.F48A1A114382AB4EF8000E1943E6CF1F] - 13/08/2014 - 22:01:19 ---A- . (.Microsoft Corporation - Internet Explorer UI Engine.) -- C:\Windows\System32\ieui.dll [438784]
O44 - LFC:[MD5.B945BAA81B4805AD6BDDF4D026DCFB47] - 13/08/2014 - 22:01:20 ---A- . (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1792512]
O44 - LFC:[MD5.18A3154606E3F8945956948A4E708007] - 13/08/2014 - 22:01:21 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [704512]
O44 - LFC:[MD5.9D16B568E318F49535AD72539C9997C2] - 13/08/2014 - 22:01:21 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [455168]
O44 - LFC:[MD5.D7D412D3436CFB85B383CDD3C9B455F0] - 13/08/2014 - 22:01:22 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.7EFBB7A3C664A8DF93C9937DF76760A4] - 13/08/2014 - 22:01:23 ---A- . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe [663040]
O44 - LFC:[MD5.4D0E91438CE181AF94C653B3BBE3C65A] - 13/08/2014 - 22:01:23 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [61952]
O44 - LFC:[MD5.E70C00791A18866BB23B3A652E3390A0] - 13/08/2014 - 22:01:23 ---A- . (.Microsoft Corporation - Internet Control Panel.) -- C:\Windows\System32\inetcpl.cpl [2001920]
O44 - LFC:[MD5.B91AA3BC8083E66925FAE29FDA485CEA] - 13/08/2014 - 22:01:23 ---A- . (.Microsoft Corporation - Internet Ratings and Local User Management.) -- C:\Windows\System32\msrating.dll [164864]
O44 - LFC:[MD5.87C2B5010779DF6BE4732751C5DB5D64] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) -- C:\Windows\System32\ieUnatt.exe [112128]
O44 - LFC:[MD5.36B67392AFB8901CC442EA988AD4603D] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [43008]
O44 - LFC:[MD5.1A05CFA45B6AEBFCCC835DCF68CBD1D0] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [526336]
O44 - LFC:[MD5.E8D46F442AB53A52BDBB3EA0C51BDABD] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.6D017C0E499443ACDE3D9B5DCD753F32] - 13/08/2014 - 22:01:24 ---A- . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll [1169920]
O44 - LFC:[MD5.478824EC0BCE9968C0DC787164B1753B] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - Extended RunOnce processing with UI.) -- C:\Windows\System32\iernonce.dll [32768]
O44 - LFC:[MD5.41A3A54603686FD437FA4E8EB95025F9] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [51200]
O44 - LFC:[MD5.004DFEA0B7AE3F8F438CD2D8C643DAEE] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [108032]
O44 - LFC:[MD5.FEE3E022B00A5165ED645E38C1E6C776] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [60416]
O44 - LFC:[MD5.3BB3D5D1CACD68BE8F7A16CCB3AADA93] - 13/08/2014 - 22:01:25 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [646144]
O44 - LFC:[MD5.28A8B99DE70F376B18709E6B07D6A352] - 14/08/2014 - 09:31:37 ---A- . (.Microsoft Corporation - Windows Presentation Foundation Terminal Se.) -- C:\Windows\System32\TsWpfWrp.exe [35480]
O44 - LFC:[MD5.8D466B36076BCD7997838C0DDB69764C] - 14/08/2014 - 09:31:41 ---A- . (.Microsoft Corporation - Windows CardSpace User Interface Agent.) -- C:\Windows\System32\icardagt.exe [619672]
O44 - LFC:[MD5.370FC4421ADE62FC89AC93B345570388] - 14/08/2014 - 09:31:48 ---A- . (.Microsoft Corporation - Windows CardSpace.) -- C:\Windows\System32\icardres.dll [8856]
O44 - LFC:[MD5.AF6655214DEBB2C8446DE843A02AAEBA] - 14/08/2014 - 09:31:53 ---A- . (.Microsoft Corporation - Microsoft InfoCards.) -- C:\Windows\System32\infocardapi.dll [99480]
O44 - LFC:[MD5.613817D8A16C0881E2C8B3BC1AE65F61] - 14/08/2014 - 09:36:03 ---A- . (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) -- C:\Windows\System32\MRT.exe [96303304]
O44 - LFC:[MD5.1CB240954C70C5E67E213BA7E4935EAD] - 14/08/2014 - 14:35:31 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [781950]
O44 - LFC:[MD5.CB364ABC026AA631E774B91E023139F2] - 14/08/2014 - 14:35:31 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122640]
O44 - LFC:[MD5.9D3ABC14E38206E71BCBCAA6FDE1907C] - 14/08/2014 - 14:35:31 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654768]
O44 - LFC:[MD5.57B7E1E7955AAE5CC56E16061207443E] - 15/08/2014 - 08:15:55 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [408616]
O44 - LFC:[MD5.0625EB612CA3F3F620EA92CD7ABB4957] - 15/08/2014 - 08:15:56 ---A- . (...) -- C:\Windows\setupact.log [98743]
O44 - LFC:[MD5.4621BAE89D1257F87EFDFB7F5F583546] - 15/08/2014 - 08:33:05 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1922621]
~ Files: 61 Scanned in 02mn 45s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Windows Security Configuration Editor Client Engine.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b3ca2b8f-f07d-11e3-b9b3-e269b986803a}\AutoRun\command. (...) -- G:\start.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProvid
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
15 août 2014 à 09:59
15 août 2014 à 09:59
Tu as dû installer des logiciels potentiellement indésirables
Pour éviter ce genre de problème :
- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.
- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.
Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires
* Télécharge cet outil simple d'utilisation
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus
* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]
* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]
* Héberge le rapport sur cjoint
* Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
Pour éviter ce genre de problème :
- Ne télécharge aucun programme proposé dans des publicités ou sur des sites suspects. A noter que certains sites connus comme Softronic, Tuto4PC, etc modifient parfois les programmes proposés au téléchargement pour y ajouter des logiciels publicitaires ==> Préfère toujours le téléchargement directement sur le site de l'éditeur.
- Au cours de l'installation d'un programme gratuit, lis bien attentivement et décoche tous les programmes additionnels qui sont proposés, en particulier les barres d'outils.
Pour ton information lis ces dossier sur les Programmes Potentiellement Indésirables et Les Barres d'Outils ce n'est pas obligatoires
* Télécharge cet outil simple d'utilisation
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
* Si problème avec le 1er lien prends le ici https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
* Lance le (Sous vista/seven/8 clic droit dessus,et sur exécuter en tant qu'administrateur)si tu es sous xp double cliques dessus
* Cliques sur scanner
* Poste le rapport de recherche C:\Adwcleaner[R]
* Note le rapport de recherche est également sauvegardé sous C:\Adwcleaner[R1]
* Héberge le rapport sur cjoint
* Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers