Bonjour,
Voici 3 rapports de scan, en espérant qu'ils vous suffisent pou m'aider à résoudre mon GROS problème...
ZHP CLEANER
~ ZHPCleaner v2015.4.21.177 by Nicolas Coolman (21/04/2015)
~ Run by Administrateur (Administrator) (21/04/2015 19:08:05)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : C:\Users\Administrateur\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Administrateur\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (1)
---\\ Navigateur internet. (0)
~ Aucun élément malicieux trouvé.
---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (5)
---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [ReimageUpdater] [C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (Not File) ] (PUP.ReimageRepair)
---\\ Explorateur ( Dossiers, Fichiers ). (6)
DEPLACÉ fichier: C:\Windows\Prefetch\REIMAGEPACKAGE.EXE-387CA924.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\Windows\Prefetch\REIMAGEREPAIR.EXE-ED9CA779.pf (PUP.ReimageRepair)
DEPLACÉ fichier: C:\Users\Administrateur\Downloads\ReimageRepair.exe [Reimage® - Reimage Downloader] (PUP.ReimageRepair)
DEPLACÉ fichier: C:\Users\ADMINI~1\AppData\Local\Temp\reimage.log (PUP.ReimageRepair)
DEPLACÉ fichier: C:\Windows\Reimage.ini (PUP.ReimageRepair)
DEPLACÉ dossier: C:\Program Files\Reimage (PUP.ReimageRepair)
---\\ Base de Registres ( Clés, Valeurs, Données ). (14)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector [C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (Not File)] (PUP.ReimageRepair)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500\Software\Reimage [] (PUP.ReimageRepair)
SUPPRIMÉ clé^: HKCU\Software\Reimage [] (PUP.ReimageRepair)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine [] (PUP.GetLiveSupport)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1 [] (PUP.GetLiveSupport)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Reimage [] (PUP.ReimageRepair)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{09CFDB88-F9F0-40ba-885E-F47A957D12E6} [CompReg Class] (PUP.ReimageRepair)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\CLSID\{09CFDB88-F9F0-40ba-885E-F47A957D12E6}\InprocServer32 [C:\Program Files\Reimage\Reimage Express\ReiEngine.dll (Not File)] (PUP.ReimageRepair)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484} [ReiEngine Class] (PUP.ReimageRepair)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}\InprocServer32 [C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll (Not File)] (PUP.ReimageRepair)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{2B1B440F-A9DB-46e3-ADCF-AA6E08143FB8} [ReiEngine Class] (PUP.ReimageRepair)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\CLSID\{2B1B440F-A9DB-46e3-ADCF-AA6E08143FB8}\InprocServer32 [C:\Program Files\Reimage\Reimage Express\ReiEngine.dll (Not File)] (PUP.ReimageRepair)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB} [CompReg Class] (PUP.ReimageRepair)
SUPPRIMÉ clé^: [X64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}\InprocServer32 [C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll (Not File)] (PUP.ReimageRepair)
---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Google Chrome)
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.
---\\ Statistiques
~ Items scannés : 661
~ Items trouvés : 0
~ Items réparés : 22
End of clean at 19:08:36
===================
ZHPCleaner-[R]-21042015-11_16_53.txt
ZHPCleaner-[R]-21042015-19_08_36.txt
ZHPCleaner-[S]-21042015-11_15_58.txt
ZHPCleaner-[S]-21042015-19_07_44.txt
Farbar Recovery Scan Tool
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015
Ran by Administrateur at 2015-04-22 11:40:22
Running from C:\Users\Administrateur\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-122800082-2312236393-379482090-500\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.0.6.519 - Online Media Technologies Ltd.)
AVS Audio Editor 7.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.1.6.484 - Online Media Technologies Ltd.)
AVS Audio Recorder version 4.0 (HKLM-x32\...\AVS Audio Recorder_is1) (Version: 4.0.1.21 - Online Media Technologies Ltd.)
AVS Cover Editor 2.0.1.3 (HKLM-x32\...\AVSCoverEditor2_is1) (Version: 2.0.1.3 - Online Media Technologies Ltd.)
AVS Disc Creator 5 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.0.7.521 - Online Media Technologies Ltd.)
AVS Document Converter 2.2.6 (HKLM-x32\...\AVS Document Converter_is1) (Version: 2.2.6.220 - Online Media Technologies Ltd.)
AVS DVD Copy 4.1.2.283 (HKLM-x32\...\AVS DVD Copy_is1) (Version: 4.1.2.283 - Online Media Technologies Ltd.)
AVS Image Converter 2.3.3.249 (HKLM-x32\...\AVS Image Converter_is1) (Version: 2.3.3.249 - Online Media Technologies Ltd.)
AVS Media Player 4.1.11.100 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.1.11.100 - Online Media Technologies Ltd.)
AVS Photo Editor (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.0.9.129 - Online Media Technologies Ltd.)
AVS Registry Cleaner 2.2.3.237 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 2.2.3.237 - Online Media Technologies Ltd.)
AVS Ringtone Maker version 1.6 (HKLM-x32\...\AVS Ringtone Maker 1.6_is1) (Version: 1.6.1.140 - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.3.3.535 - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.3.3.235 - Online Media Technologies Ltd.)
AVS Video Recorder 2.5 (HKLM-x32\...\AVS Video Recorder_is1) (Version: 2.5.4.84 - Online Media Technologies Ltd.)
AVS Video ReMaker 4.1.4.150 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 4.1.4.150 - Online Media Technologies Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 7 - Illustrate)
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 14.2 - Illustrate)
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Hercules Webcam Station Evolution SE (HKLM-x32\...\{C3C44248-B8F7-4B20-A5C7-994870B60F55}) (Version: 4.1.1.2 - Hercules)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lexmark 3600-4600 Series (HKLM\...\Lexmark 3600-4600 Series) (Version: - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mises à jour NVIDIA 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 fr) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 fr)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-122800082-2312236393-379482090-500\...\MyFreeCodec) (Version: - )
Nero 8 (HKLM-x32\...\{D6C9AF27-9414-46C8-B9D8-D878BA041036}) (Version: 8.3.314 - Nero AG)
NirSoft ProduKey (HKLM-x32\...\NirSoft ProduKey) (Version: - )
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA nView 136.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.27 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Pilote du contrôleur 3D Vision 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
NVIDIA WMI 296.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 296.35 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}) (Version: 4.01.9714 - Apache Software Foundation)
PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.0.0.0256 - PACE Anti-Piracy, Inc.)
Panneau de configuration NVIDIA 347.09 (Version: 347.09 - NVIDIA Corporation) Hidden
Photomatix Pro version 5.0.3 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.3 - HDRsoft Ltd)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Reader Library by Sony (HKLM-x32\...\{B70E5793-F912-4C62-AFE2-C4F0B078FD31}) (Version: 3.3.00.07130 - Sony)
Samplitude Music Studio 2014 (HKLM-x32\...\MX.{E7B81E36-0C3B-4549-A2DF-6B53D3C7098A}) (Version: 20.0.0.11 - MAGIX AG)
Samplitude Music Studio 2014 (Version: 20.0.0.11 - MAGIX AG) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
SFR - Mediacenter Evolution (HKLM-x32\...\SFR_Mediacenter Evolution) (Version: 13.2.26.0 - SFR)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype(TM) 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sound Forge Pro 11.0 (HKLM-x32\...\{A376BDE2-EE3D-11E2-AA13-F04DA23A5C58}) (Version: 11.0.234 - Sony)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.7280 - Analog Devices)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-122800082-2312236393-379482090-500_Classes\CLSID\{16D3CC08-103E-9728-E546-D542A49226F9}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
==================== Restore Points =========================
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-04-21 16:46 - 00000172 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0AA9EFA3-AABD-405F-B173-B834191402EA} - System32\Tasks\DLAWG => C:\ProgramData\26221878d16445c88675b5d759862b46\26221878d16445c88675b5d759862b46.exe
Task: {14BCB63C-3D44-45CE-A881-5E23037334F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29] (Google Inc.)
Task: {27393486-4A4C-4CB2-9A6B-29103F1A1B86} - System32\Tasks\{5328F79E-6EE8-4F7D-875F-FC3BCF49CD7F} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\1\SS_Uninstall.exe
Task: {2B825127-7658-488D-9E06-CE7EA6467478} - System32\Tasks\{8ADF4445-B2D1-4253-A33B-58540818D13B} => pcalua.exe -a C:\Users\Administrateur\Desktop\SamsungPCStudio322.exe -d C:\Users\Administrateur\Desktop
Task: {2C4BA424-B1A3-4D68-AEA8-01EB63B797C5} - System32\Tasks\{D810F72B-7327-475C-B516-7C3728512A54} => pcalua.exe -a C:\Users\Administrateur\Downloads\20080128135518500_Samsung_PC_Studio_313_HA4.exe -d C:\Users\Administrateur\Downloads
Task: {38F0380F-BC13-4D38-B184-F08DDC843AF0} - System32\Tasks\Installation App Launcher => C:\Program Files (x86) (x86)\Lexmark 4900 Series\ezprint.exe
Task: {58550CBC-C4DB-42C9-8F6C-FC595922881C} - System32\Tasks\{EB4C786D-8C5A-4102-B025-F1FC590ABCAB} => Firefox.exe http://ui.skype.com/ui/0/6.22.64.106/fr/abandoninstall?source=lightinstaller&page=tsPlugin
Task: {5BFE80DD-60E4-4A02-BC2C-15C206DBE901} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {686F16EC-7E17-4553-9BC1-D0C07515FB94} - System32\Tasks\{6E83772B-1007-4C8B-96F5-CDE7B27105A4} => pcalua.exe -a C:\Users\Administrateur\Downloads\windows-movie-maker_2012_fr_10967.exe -d C:\Users\Administrateur\Downloads
Task: {6C55E0BF-C972-4DE7-95B8-1FAF9C420AB7} - System32\Tasks\Driver Booster SkipUAC (Administrateur) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {71983FAC-4392-479D-B87D-010CDBDA86A9} - System32\Tasks\{C4C3E89B-E521-4D19-A26B-F44628AE8F37} => pcalua.exe -a C:\Users\Administrateur\AppData\Roaming\omniboxes\UninstallManager.exe -c -ptid=amt
Task: {741BAFAF-E4E9-4553-AC8D-88A53EB1C370} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {7D67E8E5-A649-4887-B183-3FB5ACCE3D6F} - System32\Tasks\{20730989-EC15-41B9-AD3B-5BA1D76CAE9F} => pcalua.exe -a C:\Users\Administrateur\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=pcs
Task: {89ADCD48-46AE-4037-A696-4BB5025E0903} - System32\Tasks\{22F1E0F4-B5D8-4BAB-B9AA-1E413763977E} => pcalua.exe -a C:\Users\Administrateur\Downloads\ie6setupOe.exe -d C:\Users\Administrateur\Downloads
Task: {9384887C-62F2-43A7-856A-EA21803A5BA0} - System32\Tasks\{890393D2-554A-4428-9BAE-85070E3B4D27} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe
Task: {A437A8AA-8A90-46EF-B55A-DD4DA856888F} - System32\Tasks\Opera scheduled Autoupdate 1424690671 => C:\Program Files (x86)\Opera\launcher.exe
Task: {ABC6A3F4-8F03-4D56-95E6-6255FB00F114} - System32\Tasks\{FFDCFC85-234F-4948-B25E-E72408B55EFF} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Task: {CE08010B-6F16-422A-9046-2CD653918C3F} - System32\Tasks\{7D6A1865-686D-4AE3-AE36-7E19B3D6B3DC} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SSBCUninstall.exe
Task: {D951078B-4AB7-45F3-80B2-4AF8ECDD1B19} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {DFCAF4B8-8A59-4750-A22E-CB4E7E29FFB8} - System32\Tasks\Programme de mise à jour en ligne de Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E4A89DF6-1D56-4E47-9A9A-FA932E09E10B} - System32\Tasks\{A643AE64-A564-4FEB-B255-FBBCC56C4EF6} => Firefox.exe http://ui.skype.com/ui/0/6.22.64.106/fr/abandoninstall?source=lightinstaller&page=tsMain
Task: {E5221461-7777-4100-94C9-E32C11F5040E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29] (Google Inc.)
Task: {ED6EBB41-88E8-4877-A223-AEAA526D14FA} - System32\Tasks\{D0038CAA-0B4C-4593-81CB-93C8F205B2D3} => pcalua.exe -a C:\Users\Administrateur\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=smt -simple=0
Task: {F386A757-0638-4E67-A049-97A4408E2C83} - System32\Tasks\{ED9D6433-40AA-41E5-91B4-5FE2A1DA0B5E} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
Task: {F773BEEF-CAB1-44B7-A470-69FACC47CF54} - System32\Tasks\{A4226341-6A36-477B-9180-8028E6E58CB2} => pcalua.exe -a "C:\Users\Administrateur\Downloads\Dailymotion Video Downloader\Dailymotion Video Downloader.exe" -d "C:\Users\Administrateur\Downloads\Dailymotion Video Downloader"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-09-10 16:28 - 2014-12-13 10:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-13 19:26 - 2009-10-16 13:12 - 00177664 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdxdrpp.dll
2015-04-15 16:45 - 2015-04-15 16:45 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Administrateur\Cookies:PUkUv1IV4BIBy4Y88WDcTW
AlternateDataStreams: C:\Users\Administrateur\AppData\Local\Temp:mxdz0rxKk41m0ydE0Vb0bZ5
AlternateDataStreams: C:\Users\Administrateur\AppData\Local\Temp:q7vjpVQImPYvk5A97
AlternateDataStreams: C:\Users\Administrateur\AppData\Local\xehDxRAWAo:EjIiOgyRziPMlgQvFISq7ss
AlternateDataStreams: C:\ProgramData\Microsoft:8l6xEwzz5OYOPCXjS6jpypV16UzGs8
AlternateDataStreams: C:\ProgramData\Microsoft:A5NrWfDxLDksUDG8bUI
AlternateDataStreams: C:\ProgramData\Microsoft:bcxZ8IVIeEozQ35XDXlvbstr
AlternateDataStreams: C:\ProgramData\Microsoft:M5g2Cfe99OUW4IQGhWhCtbN
AlternateDataStreams: C:\ProgramData\Microsoft:NO1M7zXfCeVtnzXLz0
AlternateDataStreams: C:\ProgramData\Microsoft:q0QzHETK5SthDuazKJbILEgk3A
AlternateDataStreams: C:\ProgramData\Microsoft:VDcj67R0cqwTdKO7M4eNsJGCis
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\europacasino.com -> www.europacasino.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-122800082-2312236393-379482090-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
==================== Accounts: =============================
Administrateur (S-1-5-21-122800082-2312236393-379482090-500 - Administrator - Enabled) => C:\Users\Administrateur
B87B5539DAF0460091E1 (S-1-5-21-122800082-2312236393-379482090-1005 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-122800082-2312236393-379482090-1007 - Limited - Enabled)
Invité (S-1-5-21-122800082-2312236393-379482090-501 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Énumérateur de bus racine UMBus
Description: Énumérateur de bus racine UMBus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (04/22/2015 10:39:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 » à la ligne C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/22/2015 10:39:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (04/22/2015 10:39:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: La création du contexte d'activation a échoué pour « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1 ». Erreur dans le fichier de manifeste ou de stratégie « C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2 » à la ligne C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Une version de composant nécessaire à l'application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (04/22/2015 07:05:44 AM) (Source: NVWMI) (EventID: 3) (User: )
Description: RegisterProvider: failed - Espace de noms non valide
(0x8004100E)
Error: (04/22/2015 07:05:44 AM) (Source: NVWMI) (EventID: 3) (User: )
Description: RegisterProvider: event registration failed - Espace de noms non valide
(0x8004100E)
Error: (04/22/2015 07:05:44 AM) (Source: NVWMI) (EventID: 3) (User: )
Description: RegisterProvider: failed - Espace de noms non valide
(0x8004100E)
Error: (04/22/2015 07:05:41 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
Error: (04/22/2015 07:05:41 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
Error: (04/21/2015 10:34:39 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (04/21/2015 07:11:11 PM) (Source: NVWMI) (EventID: 3) (User: )
Description: RegisterProvider: failed - Espace de noms non valide
(0x8004100E)
System errors:
=============
Error: (04/22/2015 07:05:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
StarOpen
Error: (04/22/2015 07:05:17 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Le chargement de \SystemRoot\SysWow64\Drivers\StarOpen.SYS a été bloqué en raison d'une incompatibilité avec ce système. Contactez l'éditeur de votre logiciel pour obtenir une version compatible du pilote.
Error: (04/21/2015 07:11:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
StarOpen
Error: (04/21/2015 07:10:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Le chargement de \SystemRoot\SysWow64\Drivers\StarOpen.SYS a été bloqué en raison d'une incompatibilité avec ce système. Contactez l'éditeur de votre logiciel pour obtenir une version compatible du pilote.
Error: (04/21/2015 06:46:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
StarOpen
Error: (04/21/2015 06:46:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Reimage Real Time Protector n'a pas pu démarrer en raison de l'erreur :
%%2
Error: (04/21/2015 06:45:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Le chargement de \SystemRoot\SysWow64\Drivers\StarOpen.SYS a été bloqué en raison d'une incompatibilité avec ce système. Contactez l'éditeur de votre logiciel pour obtenir une version compatible du pilote.
Error: (04/21/2015 06:26:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
StarOpen
Error: (04/21/2015 06:26:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Reimage Real Time Protector n'a pas pu démarrer en raison de l'erreur :
%%2
Error: (04/21/2015 06:26:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Le chargement de \SystemRoot\SysWow64\Drivers\StarOpen.SYS a été bloqué en raison d'une incompatibilité avec ce système. Contactez l'éditeur de votre logiciel pour obtenir une version compatible du pilote.
Microsoft Office Sessions:
=========================
Error: (04/22/2015 10:39:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe
Error: (04/22/2015 10:39:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe
Error: (04/22/2015 10:39:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe
Error: (04/22/2015 07:05:44 AM) (Source: NVWMI) (EventID: 3) (User: )
Description: RegisterProvider: failed - Espace de noms non valide
(0x8004100E)
Error: (04/22/2015 07:05:44 AM) (Source: NVWMI) (EventID: 3) (User: )
Description: RegisterProvider: event registration failed - Espace de noms non valide
(0x8004100E)
Error: (04/22/2015 07:05:44 AM) (Source: NVWMI) (EventID: 3) (User: )
Description: RegisterProvider: failed - Espace de noms non valide
(0x8004100E)
Error: (04/22/2015 07:05:41 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
Error: (04/22/2015 07:05:41 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
Error: (04/21/2015 10:34:39 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (04/21/2015 07:11:11 PM) (Source: NVWMI) (EventID: 3) (User: )
Description: RegisterProvider: failed - Espace de noms non valide
(0x8004100E)
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 63%
Total physical RAM: 4029.62 MB
Available physical RAM: 1489.45 MB
Total Pagefile: 10070.81 MB
Available Pagefile: 6765.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.91 GB) (Free:55.02 GB) NTFS
Drive e: () (Fixed) (Total:83.82 GB) (Free:17.58 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 8A5AC40A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=148.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=83.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
cOMBO FIX
ComboFix 15-04-19.01 - Administrateur 22/04/2015 11:59:28.1.2 - x64
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.4030.1493 [GMT 2:00]
Lancé depuis: c:\users\Administrateur\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\SET4242.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-03-22 au 2015-04-22 ))))))))))))))))))))))))))))))))))))
.
.
2015-04-22 10:05 . 2015-04-22 10:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-04-22 10:05 . 2015-04-22 10:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-22 09:39 . 2015-04-22 09:42 -------- dc----w- C:\FRST
2015-04-22 06:46 . 2015-04-22 06:46 79064 ----a-w- c:\windows\system32\drivers\qvjyyr.sys
2015-04-21 19:12 . 2015-04-21 19:12 -------- d-----w- c:\users\Administrateur\AppData\Local\Macromedia
2015-04-21 18:11 . 2015-04-21 18:11 -------- d-----w- c:\users\Administrateur\AppData\Local\Adobe
2015-04-21 18:01 . 2015-04-21 18:01 -------- d-----w- c:\users\Administrateur\AppData\Local\NVIDIA Corporation
2015-04-21 09:35 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F97CF179-CD41-467D-A922-8EEBBB8897C7}\mpengine.dll
2015-04-21 09:06 . 2015-04-21 17:08 -------- d-----w- c:\users\Administrateur\AppData\Roaming\ZHP
2015-04-20 10:36 . 2015-04-20 10:43 -------- d-----w- c:\windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2015-04-20 09:44 . 2015-04-20 09:44 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2015-04-20 09:28 . 2015-04-21 09:16 -------- d-----w- c:\programdata\{defb25c3-a433-8f40-defb-b25c3a43970e}
2015-04-20 05:58 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-04-20 05:48 . 2015-04-20 05:48 -------- d-----w- c:\programdata\{85c37f72-50f6-6e9f-85c3-37f7250ffdc9}
2015-04-18 16:19 . 2015-04-18 16:49 -------- d-----w- c:\program files (x86)\Samsung
2015-04-15 04:59 . 2015-03-17 04:50 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2015-04-06 11:23 . 2015-04-06 11:23 -------- dc----w- C:\AdsFix
2015-04-01 09:55 . 2015-03-28 17:55 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E8E798FB-6763-451C-8D80-D210B69F5967}\gapaengine.dll
2015-03-31 16:35 . 2015-04-19 22:15 -------- d-----w- c:\programdata\{73b0c93f-9091-c249-73b0-0c93f90924fe}
2015-03-31 15:26 . 2015-03-31 15:26 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2015-03-31 15:10 . 2015-03-31 15:10 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2015-03-31 15:10 . 2013-09-03 10:01 56336 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2015-03-31 15:10 . 2012-04-24 10:01 11376 ------w- c:\windows\system32\drivers\cdralw2k.sys
2015-03-31 15:10 . 2012-04-24 10:01 10864 ------w- c:\windows\system32\drivers\cdr4_xp.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-22 06:14 . 2015-02-05 17:58 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-15 14:45 . 2015-02-05 17:54 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 14:45 . 2015-02-05 17:54 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-15 05:32 . 2013-09-10 15:07 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-03-28 17:55 . 2013-12-06 21:50 1187344 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-03-17 04:56 . 2015-04-15 05:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-03-17 04:15 . 2015-02-05 17:57 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-03-17 04:15 . 2015-02-05 17:57 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-17 04:15 . 2015-02-05 17:57 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-03-03 13:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-26 03:25 . 2015-03-10 22:20 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-20 04:41 . 2015-03-10 22:22 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-10 22:22 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-10 22:22 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-10 22:22 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-10 22:22 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-10 22:22 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-10 22:22 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-10 22:22 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-10 22:22 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-10 22:22 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-19 18:42 . 2015-02-19 18:42 0 ----a-w- c:\windows\SysWow64\FAPB8F6.tmp
2015-02-19 18:42 . 2015-02-19 18:42 0 ----a-w- c:\windows\SysWow64\FAPB432.tmp
2015-02-19 18:42 . 2015-02-19 18:42 0 ----a-w- c:\windows\SysWow64\FAPAE36.tmp
2015-02-19 18:41 . 2015-02-19 18:41 0 ----a-w- c:\windows\SysWow64\FAP2A74.tmp
2015-02-19 18:41 . 2015-02-19 18:41 0 ----a-w- c:\windows\SysWow64\FAP2948.tmp
2015-02-19 18:33 . 2015-02-19 18:33 0 ----a-w- c:\windows\SysWow64\FAP4DC6.tmp
2015-02-19 18:33 . 2015-02-19 18:33 0 ----a-w- c:\windows\SysWow64\FAP4D07.tmp
2015-02-19 18:22 . 2015-02-19 18:22 0 ----a-w- c:\windows\SysWow64\FAP60A3.tmp
2015-02-19 18:22 . 2015-02-19 18:22 0 ----a-w- c:\windows\SysWow64\FAP5A4A.tmp
2015-02-19 18:22 . 2015-02-19 18:22 0 ----a-w- c:\windows\SysWow64\FAP5326.tmp
2015-02-19 18:13 . 2015-02-19 18:13 0 ----a-w- c:\windows\SysWow64\FAP28A9.tmp
2015-02-19 18:13 . 2015-02-19 18:13 0 ----a-w- c:\windows\SysWow64\FAP2665.tmp
2015-02-19 18:02 . 2015-02-19 18:02 0 ----a-w- c:\windows\SysWow64\FAPC35C.tmp
2015-02-19 18:02 . 2015-02-19 18:02 0 ----a-w- c:\windows\SysWow64\FAPBEE6.tmp
2015-02-19 18:02 . 2015-02-19 18:02 0 ----a-w- c:\windows\SysWow64\FAPB7C2.tmp
2015-02-13 05:22 . 2015-03-10 22:21 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-10 22:20 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-10 22:20 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-10 22:22 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-10 22:22 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-10 22:22 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-10 22:22 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-10 22:22 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-10 22:22 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-10 22:20 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-10 22:21 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-10 22:22 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-10 22:22 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-10 22:22 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-10 22:22 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-10 22:22 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-10 22:22 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-10 22:22 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-10 22:22 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-10 22:22 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-10 22:22 641024 ----a-w- c:\windows\system32\msscp.dll
2015-02-03 03:31 . 2015-03-10 22:22 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-02-03 03:31 . 2015-03-10 22:22 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-02-03 03:31 . 2015-03-10 22:22 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-02-03 03:31 . 2015-03-10 22:22 4121600 ----a-w- c:\windows\system32\mf.dll
2015-02-03 03:31 . 2015-03-10 22:22 206848 ----a-w- c:\windows\system32\mfps.dll
2015-02-03 03:30 . 2015-03-10 22:22 631808 ----a-w- c:\windows\system32\evr.dll
2015-02-03 03:30 . 2015-03-10 22:22 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-02-03 03:30 . 2015-03-10 22:22 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-02-03 03:30 . 2015-03-10 22:22 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-02-03 03:30 . 2015-03-10 22:22 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-03 03:30 . 2015-03-10 22:22 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-03 03:30 . 2015-03-10 22:22 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-02-03 03:30 . 2015-03-10 22:22 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-02-03 03:30 . 2015-03-10 22:22 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-02-03 03:30 . 2015-03-10 22:22 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-02-03 03:30 . 2015-03-10 22:22 680960 ----a-w- c:\windows\system32\audiosrv.dll
2015-02-03 03:30 . 2015-03-10 22:22 296448 ----a-w- c:\windows\system32\AudioSes.dll
2015-02-03 03:30 . 2015-03-10 22:22 440832 ----a-w- c:\windows\system32\AudioEng.dll
2015-02-03 03:30 . 2015-03-10 22:22 32256 ----a-w- c:\windows\system32\appidsvc.dll
2015-02-03 03:30 . 2015-03-10 22:22 58880 ----a-w- c:\windows\system32\appidapi.dll
2015-02-03 03:30 . 2015-03-10 22:22 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2015-02-03 03:30 . 2015-03-10 22:22 11264 ----a-w- c:\windows\system32\pcawrk.exe
2015-02-03 03:30 . 2015-03-10 22:22 9728 ----a-w- c:\windows\system32\pcalua.exe
2015-02-03 03:30 . 2015-03-10 22:22 24576 ----a-w- c:\windows\system32\mfpmp.exe
2015-02-03 03:30 . 2015-03-10 22:22 126464 ----a-w- c:\windows\system32\audiodg.exe
2015-02-03 03:30 . 2015-03-10 22:22 146944 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-02-03 03:30 . 2015-03-10 22:22 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-02-03 03:30 . 2015-03-10 22:22 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2015-02-03 03:29 . 2015-03-10 22:22 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-02-03 03:28 . 2015-03-10 22:22 2048 ----a-w- c:\windows\system32\mferror.dll
2015-02-03 03:19 . 2015-03-10 22:22 663552 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-02-03 03:12 . 2015-03-10 22:22 617984 ----a-w- c:\windows\SysWow64\wmdrmsdk.dll
2015-02-03 03:12 . 2015-03-10 22:22 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-02-03 03:12 . 2015-03-10 22:20 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-02-03 03:12 . 2015-03-10 22:21 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-02-03 03:12 . 2015-03-10 22:22 4096 ----a-w- c:\windows\SysWow64\msdxm.ocx
2015-02-03 03:12 . 2015-03-10 22:22 4096 ----a-w- c:\windows\SysWow64\dxmasf.dll
2015-02-03 03:12 . 2015-03-10 22:22 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
2015-02-03 03:12 . 2015-03-10 22:22 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2015-02-03 03:12 . 2015-03-10 22:22 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2015-02-03 03:12 . 2015-03-10 22:22 8192 ----a-w- c:\windows\SysWow64\spwmp.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" [2015-03-17 54072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz134;cpuz134;c:\users\ADMINI~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\ADMINI~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys;c:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe;c:\windows\SYSNATIVE\lxdxcoms.exe [x]
R4 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxdxserv.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\drivers\PxHlpa64.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys;c:\windows\SYSNATIVE\DRIVERS\diginet.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 NVWMI;NVIDIA WMI Provider;c:\windows\system32\nvwmi64.exe;c:\windows\SYSNATIVE\nvwmi64.exe [x]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S3 hxctlflt;hxctlflt;c:\windows\system32\Drivers\hxctlflt.sys;c:\windows\SYSNATIVE\Drivers\hxctlflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NisSrv;Inspection du réseau Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
NewlyCreated* - MBAMSWISSARMY .
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-16 19:55 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-04-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 14:45]
.
2015-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 18:32]
.
2015-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-29 18:32]
.
.
--------- X64 Entries -----------
.
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
mSearch Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Administrateur\AppData\Roaming\Mozilla\Firefox\Profiles\2zwh0z6r.default-1391073052318\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/
.
.
------- Associations de fichier -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-223a6fc3-c68d-464d-a9c8-1bc2178f01e2 - c:\progra~3\INSTAL~1\{279CF~1\Setup.exe
AddRemove-dBpoweramp DSP Effects - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PaceLicenseDServices]
"ImagePath"="\"c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe\" -u https://activation.paceap.com/InitiateActivation"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}"=hex:51,66,7a,6c,4c,1d,3b,1b,5b,c7,b0,
2f,e3,9e,ab,03,bb,d4,10,42,dd,5f,53,fb
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7f,78,ed,7c,20,9b,60,44,81,aa,6a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7f,78,ed,7c,20,9b,60,44,81,aa,6a,\
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acsm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="acsmfile"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AVI"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PhotoViewer.FileAssoc.Bitmap"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="OperaStable"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.epub\UserChoice]
@Denied: (2) (Administrator)
"Progid"="epubfile"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.flac"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.flv"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="VLC.mkv"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-122800082-2312236393-379482090-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Admi
Afficher la suite
22 avril 2015 à 17:40
Cordialement.
# AdwCleaner v4.201 - Rapport créé le 22/04/2015 à 17:33:21
# Mis à jour le 08/04/2015 par Xplode
# Base de données : 2015-04-21.3 [Serveur]
# Système d'exploitation : Windows 7 Professional Service Pack 1 (x64)
# Nom d'utilisateur : Administrateur - PC5
# Exécuté depuis : C:\Users\Administrateur\Desktop\adwcleaner_4.201.exe
# Option : Nettoyer
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Clé Supprimée : HKCU\Software\Local AppWizard-Generated Applications
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.1 (x86 fr)
AdwCleaner[R0].txt - [16458 octets] - [23/02/2015 23:59:45]
AdwCleaner[R10].txt - [1777 octets] - [21/04/2015 11:23:09]
AdwCleaner[R11].txt - [1838 octets] - [21/04/2015 16:50:16]
AdwCleaner[R12].txt - [2739 octets] - [22/04/2015 17:32:13]
AdwCleaner[R1].txt - [4083 octets] - [27/02/2015 10:26:35]
AdwCleaner[R2].txt - [3083 octets] - [06/04/2015 13:12:19]
AdwCleaner[R3].txt - [1507 octets] - [17/04/2015 12:57:34]
AdwCleaner[R4].txt - [4386 octets] - [20/04/2015 07:44:06]
AdwCleaner[R5].txt - [1414 octets] - [20/04/2015 08:34:30]
AdwCleaner[R6].txt - [1475 octets] - [20/04/2015 08:54:01]
AdwCleaner[R7].txt - [1535 octets] - [20/04/2015 08:58:55]
AdwCleaner[R8].txt - [1595 octets] - [20/04/2015 09:06:17]
AdwCleaner[R9].txt - [10576 octets] - [21/04/2015 10:56:22]
AdwCleaner[S0].txt - [20079 octets] - [24/02/2015 00:01:49]
AdwCleaner[S1].txt - [4177 octets] - [27/02/2015 10:29:22]
AdwCleaner[S2].txt - [2685 octets] - [06/04/2015 13:15:30]
AdwCleaner[S3].txt - [1579 octets] - [17/04/2015 12:59:51]
AdwCleaner[S4].txt - [4366 octets] - [20/04/2015 07:44:49]
AdwCleaner[S5].txt - [9393 octets] - [21/04/2015 10:57:18]
AdwCleaner[S6].txt - [2595 octets] - [22/04/2015 17:33:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2655 octets] ##########
22 avril 2015 à 18:05
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 22/04/2015
Heure de l'examen: 17:41:20
Fichier journal: Malwarebytes rapport.txt
Administrateur: Oui
Version: 2.01.4.1018
Base de données Malveillants: v2015.04.22.04
Base de données Rootkits: v2015.04.21.01
Licence: Premium
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Administrateur
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 434611
Temps écoulé: 19 min, 23 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)
Processus: 0
(Aucun élément malicieux détecté)
Modules: 0
(Aucun élément malicieux détecté)
Clés du Registre: 0
(Aucun élément malicieux détecté)
Valeurs du Registre: 0
(Aucun élément malicieux détecté)
Données du Registre: 0
(Aucun élément malicieux détecté)
Dossiers: 0
(Aucun élément malicieux détecté)
Fichiers: 0
(Aucun élément malicieux détecté)
Secteurs physiques: 0
(Aucun élément malicieux détecté)
Merci de m'aider car c'est insupportable.
Cordialement
22 avril 2015 à 18:06
- Lance-le (icone avec un parchemin)
- Clique sur "Complet"
- Attends la fin de l'analyse
- Une fois l'analyse terminée, un fichier bloc note devrait se créer sur ton bureau (il devrait s'appeler ZHPDiag)
- Rends-toi sur ce site : https://www.cjoint.com/
- Clique sur "Choisir un fichier" et choisis le bloc note ZHPDiag qui est sur ton bureau
- Dans le type de diffusion choisis "Privée"
- Dans le champ "Pour quelle durée" choisis 4 jours
- Remplis ensuite la suite du formulaire
- Enfin, donne-nous le lien du fichier que tu viens de mettre sur le site
22 avril 2015 à 18:27
22 avril 2015 à 18:27