Virus :(
Résolu/Fermé
angeloise
-
22 avril 2015 à 12:46
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 - 24 avril 2015 à 14:01
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 - 24 avril 2015 à 14:01
A voir également:
- Virus :(
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Softonic virus ✓ - Forum Virus
- Faux message virus iphone - Forum iPhone
8 réponses
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
22 avril 2015 à 13:03
22 avril 2015 à 13:03
Bonjour,
on peut faire un diagnostique , je te laisse les liens :
Pour le diagnostique il s'agit de ce logiciel : https://nicolascoolman.eu
il suffit de le lancer, il va ensuite créer un rapport sur votre système sur le bureau au format .txt qu'il faudra transmettre ici (ou par MP si vous préférez) à l'aide de : http://pjjoint.malekal.com/
Si vous avez besoins d'explication sur des points précis comme l'utilisation du générateur de fichier.
on peut faire un diagnostique , je te laisse les liens :
Pour le diagnostique il s'agit de ce logiciel : https://nicolascoolman.eu
il suffit de le lancer, il va ensuite créer un rapport sur votre système sur le bureau au format .txt qu'il faudra transmettre ici (ou par MP si vous préférez) à l'aide de : http://pjjoint.malekal.com/
Si vous avez besoins d'explication sur des points précis comme l'utilisation du générateur de fichier.
~ Rapport de ZHPDiag v2015.4.20.40 - Nicolas Coolman (20/04/2015)
~ Lancé par geoff et ange (22/04/2015 13:09:48)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v42.0.2311.90 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
---\\ Logiciels de protection du système
Computer Security 12.83.104.0
Pack Sécurité v1.83.311.0
Pack Sécurité v1.83.311.0
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader X
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3326 MB (26% free)
System Restore: Activé (Enable)
System drive C: has 330 GB (70%) free of 466 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-GEOFFETAN
~ User Name: geoff et ange
~ All Users Names: UpdatusUser, geoff et ange, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\geoff et ange\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\geoff et ange\AppData\Roaming\
~ %Desktop% : C:\Users\geoff et ange\Desktop\
~ %Favorites% : C:\Users\geoff et ange\Favorites\
~ %LocalAppData% : C:\Users\geoff et ange\AppData\Local\
~ %StartMenu% : C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 330 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 42 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.19B481D70FBC176AE5D3E91347B0128F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.09/03/2015 - 23:57:20.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 1/28
~ Mon Bureau (My Desktop) : 1/1132
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.A1673BAA5DCA4794DF601072FB2F2ECD] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821472] [PID.3436]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.1556]
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.2200]
[MD5.82F68EBA0FCEA46BA8919D6A264A833E] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [1065024] [PID.1612]
[MD5.FB9F9392B3D24012D22CDA7F9FF17C18] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATILHE.exe [260160] [PID.1668]
[MD5.10AA923C7622D57C3D4B1D9A4EAF14BC] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [31344744] [PID.1724]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.1772]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.7008]
[MD5.7E850A56633C620295E4E7779BA41893] - (.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.3918\Agent.exe [7169072] [PID.6512]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.1460]
[MD5.921E55F99F297553FFB1CA52BE2874FE] - (.Blizzard Entertainment - Battle.net desktop app.) -- C:\Program Files\Battle.net\Battle.net.5669\Battle.net.exe [10103344] [PID.612]
[MD5.CE9806603D3C635EA6E0BB79FE916D2E] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [812872] [PID.5964]
[MD5.2C009C50C0EE073EC0F993698CDB6C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8198656] [PID.4464]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [Speedial] =>Adware.SearchYa
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [__MSG_ExtnName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl [Allin1Convert] =>Adware.Allin1Convert
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [Bookmark Manager]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinlofiojphnmpllecgejammnjcmeipf [Internet Speed Tracker] =>PUP.MindSpark
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [SharePoint Fix]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [Ask App for iLivid] =>Adware.Bandoo
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [iLivid] =>Adware.Bandoo
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__]
~ Google Lines Browser: 30 Scanned in 00mn 09s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.31.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.31.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.31.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.13.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 7 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.13.) (No version) -- (.not file.)
~ IE Browser: 9 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File: Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: E-Web Print - [HKLM]{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} . (.SEIKO EPSON CORPORATION - ewps_tb.) -- C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [F-Secure Manager] C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe (.not file.)
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILHE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1429676531
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILHE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\RunOnce: [Adobe Speed Launcher] 1429676531
~ Application: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{967EF2ED-5C3B-414F-ADC3-19F16B7D5D01}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{967EF2ED-5C3B-414F-ADC3-19F16B7D5D01}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{967EF2ED-5C3B-414F-ADC3-19F16B7D5D01}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: SystemMolder (b92b1769) . (...) - c:\Program Files\SystemMolder\SystemMolder.dll
O23 - Service: Epson Scanner Service (EpsonScanSvc) . (.Seiko Epson Corporation - Epson Scanner Service (32bit).) - C:\Windows\system32\EscSvc.exe
O23 - Service: F-Secure Dll Hoster (fshoster) . (.F-Secure Corporation - F-Secure Host Process.) - C:\Program Files\SFR\Pack_Securite\fshoster32.exe
O23 - Service: F-Secure ORSP Client (FSORSPClient) . (.F-Secure Corporation - F-Secure ORSP Service.) - C:\Program Files\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 314.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 9 Scanned in 00mn 03s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.00000000000000000000000000000000] [APT] [Digital Sites] (...) -- C:\Users\geoff et ange\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Hijacker.DSite
[MD5.E674671A541A96A251F7CADEB12E06A5] [APT] [EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416}] (.SEIKO EPSON CORPORATION.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.exe [679488]
[MD5.E674671A541A96A251F7CADEB12E06A5] [APT] [EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416}] (.SEIKO EPSON CORPORATION.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.exe [679488]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: Digital Sites - (...) -- C:\Windows\Tasks\Digital Sites.job [314] =>Hijacker.DSite
O39 - APT: Digital Sites - (...) -- C:\Windows\System32\Tasks\Digital Sites [314] =>Hijacker.DSite
O39 - APT: EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\Tasks\EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416}.job [731]
O39 - APT: EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\System32\Tasks\EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416} [731]
O39 - APT: EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\Tasks\EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416}.job [917]
O39 - APT: EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\System32\Tasks\EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416} [917]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1056]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056]
~ Scheduled Task: 13 Scanned in 00mn 03s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_17_0_0_169.ocx
~ Active Setup: 13 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (F-Secure HIPS) . (. - .) - C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\HIPS\drivers\fshs.sys (.not file.)
O41 - Driver: (fsvista) . (. - .) - C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys (.not file.)
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 66 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader X (10.1.13) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM] -- Battle.net
O42 - Logiciel: Computer Security 12.83.104.0 (release) - (.F-Secure Corporation.) [HKLM] -- {658FDBCA-B7A1-43E4-A849-9F0812473331}
O42 - Logiciel: EOS USB WIA Driver - (...) [HKLM] -- EOS USB WIA Driver
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON XP-212 213 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON XP-212 213 Series
O42 - Logiciel: Epson E-Web Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {896667C8-53F8-47B8-B6B0-B113B10F05BC}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}
O42 - Logiciel: Epson Event Manager - (.Seiko Epson Corporation.) [HKLM] -- {0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}
O42 - Logiciel: F-Secure CCF Reputation - (.F-Secure.) [HKLM] -- {00000000-2778-5BED-8199-52EB14D8D22F}
O42 - Logiciel: F-Secure CCF Scanning 1.51.111.300 (release) - (.F-Secure Corporation.) [HKLM] -- {A90E17E2-18B2-411C-9D87-7598C796C11D}
O42 - Logiciel: F-Secure Network CCF 1.02.128 - (.F-Secure Corporation.) [HKLM] -- {6D4E3662-A321-4D98-84B8-934229348575}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0}
O42 - Logiciel: Mises à jour NVIDIA 1.12.12 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mumble 1.2.5 - (.Thorvald Natvig.) [HKLM] -- {F818243E-51A8-418D-8A71-595D5121BECA}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote graphique 314.07 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Online Safety 2.83.1346.10 - (.F-Secure Corporation.) [HKLM] -- {4A1D6878-ED34-4885-AF28-9FA259D67377}
O42 - Logiciel: PMU Poker - (.PMU.) [HKLM] -- PMUPoker
O42 - Logiciel: Pack Sécurité - (.F-Secure Corporation.) [HKLM] -- F-Secure ServiceEnabler 44996
O42 - Logiciel: Pack Sécurité - (.F-Secure Corporation.) [HKLM] -- {FCDA0DD0-F899-4529-917C-16ADEA6550B9}
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: Skype(TM) 7.2 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Software Updater - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B307472F-7BD9-4040-9255-CE6D6A1196A3}
O42 - Logiciel: SystemMolder - (.Software Publisher.) [HKLM] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b92b1769} =>Adware.Graftor
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client
O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM] -- World of Warcraft
O42 - Logiciel: WorldWideCoupon - (.WorldWideCoupon.) [HKLM] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1 =>PUP.WOwCoupon
~ Logic: 43 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}] =>Adware.Graftor
[HKCU\Software\AppDataLow]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DSiteproducts] =>Hijacker.DSite
[HKCU\Software\EPSON Software Updater]
[HKCU\Software\EPSON]
[HKCU\Software\F-Secure]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mumble]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\PC SOFT]
[HKCU\Software\PMU]
[HKCU\Software\Policies]
[HKCU\Software\QtProject]
[HKCU\Software\SEIKO EPSON CORPORATION]
[HKCU\Software\Skype]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Software]
[HKCU\Software\TeamSpeak 3 Client]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\drpsu]
[HKLM\Software\Adobe]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CUSTPDF Writer]
[HKLM\Software\Canon]
[HKLM\Software\Canon_Inc_IC]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Data Fellows]
[HKLM\Software\EPSON]
[HKLM\Software\F-Secure]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Neuf]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\WOW6432Node]
[HKLM\Software\c3c1e949-a8d1-7dc4-9b85-bfc12b2ac3d5] =>PUP.CrossRider
~ Key Software: 145 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/03/2015 - 21:14:54 - [] ----D C:\Program Files\AdImmo
O43 - CFD: 18/03/2015 - 21:19:23 - [] ----D C:\Program Files\Adobe
O43 - CFD: 07/04/2015 - 18:45:36 - [] ----D C:\Program Files\Battle.net
O43 - CFD: 01/09/2014 - 20:48:10 - [] ----D C:\Program Files\Canon
O43 - CFD: 18/03/2015 - 21:07:42 - [] ----D C:\Program Files\Common Files
O43 - CFD: 07/10/2014 - 17:04:26 - [] ----D C:\Program Files\epson
O43 - CFD: 07/10/2014 - 17:04:25 - [] ----D C:\Program Files\EPSON Software
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 18/03/2015 - 21:13:12 - [] ----D C:\Program Files\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 19/03/2014 - 21:41:49 - [] ----D C:\Program Files\Google
O43 - CFD: 22/05/2014 - 19:49:43 - [] ----D C:\Program Files\GPLGS
O43 - CFD: 18/03/2015 - 21:15:32 - [0] ----D C:\Program Files\GU Player =>PUP.GUPlayer
O43 - CFD: 14/04/2015 - 19:41:09 - [] ----D C:\Program Files\Hearthstone
O43 - CFD: 08/10/2014 - 05:16:22 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/04/2015 - 15:56:46 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 25/02/2015 - 10:40:48 - [] ----D C:\Program Files\Java
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 19/03/2014 - 15:42:43 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 19/03/2014 - 22:10:21 - [] ----D C:\Program Files\Mumble
O43 - CFD: 19/03/2014 - 14:16:27 - [] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 17/06/2014 - 15:36:11 - [] ----D C:\Program Files\Overwolf
O43 - CFD: 22/05/2014 - 19:54:00 - [0] ----D C:\Program Files\PDFCreator
O43 - CFD: 18/03/2015 - 20:44:25 - [0] ----D C:\Program Files\predm =>Adware.Downware
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 19/03/2014 - 21:54:19 - [] ----D C:\Program Files\SFR
O43 - CFD: 19/02/2015 - 20:06:14 - [0] ----D C:\Program Files\SFR Sécurité
O43 - CFD: 19/03/2015 - 14:35:32 - [] R---D C:\Program Files\Skype
O43 - CFD: 18/03/2015 - 21:14:55 - [] ----D C:\Program Files\SmartSaver+ 3 =>PUP.CrossRider
O43 - CFD: 07/04/2015 - 05:51:15 - [] ----D C:\Program Files\SystemMolder
O43 - CFD: 13/09/2014 - 17:02:37 - [] ----D C:\Program Files\TeamSpeak 3 Client
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 19/03/2014 - 17:01:28 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 09/07/2014 - 15:51:44 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 21/03/2014 - 06:33:06 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 18/03/2014 - 15:51:52 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 21/03/2014 - 06:34:00 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 07/04/2015 - 18:49:02 - [] ----D C:\Program Files\World of Warcraft
O43 - CFD: 18/03/2015 - 21:36:06 - [] ----D C:\Program Files\XTab
O43 - CFD: 22/04/2015 - 13:08:52 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 04/08/2014 - 15:28:01 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 15/10/2014 - 07:42:23 - [] ----D C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD: 01/09/2014 - 20:47:31 - [] ----D C:\Program Files\Common Files\Canon
O43 - CFD: 23/04/2014 - 08:53:07 - [] ----D C:\Program Files\Common Files\EPSON
O43 - CFD: 25/02/2015 - 10:40:29 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 27/01/2015 - 08:03:28 - [] ----D C:\Program Files\Common Files\Java(1)
O43 - CFD: 10/04/2014 - 17:07:31 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 24/02/2015 - 18:33:40 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/03/2014 - 06:32:45 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 08/04/2015 - 21:48:44 - [] ----D C:\ProgramData\2002414423348218191
O43 - CFD: 07/04/2015 - 05:51:30 - [0] ----D C:\ProgramData\42664300000032e5
O43 - CFD: 04/08/2014 - 15:37:53 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 20/03/2014 - 08:19:14 - [] ----D C:\ProgramData\Battle.net
O43 - CFD: 19/03/2014 - 20:00:20 - [] ----D C:\ProgramData\Blizzard Entertainment
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 23/04/2014 - 09:26:16 - [] ----D C:\ProgramData\Epson
O43 - CFD: 19/03/2014 - 22:08:35 - [] ----D C:\ProgramData\F-Secure
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 18/03/2015 - 20:24:31 - [] ----D C:\ProgramData\IHProtectUpDate =>Adware.AgentODR
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 30/03/2014 - 22:37:49 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 24/02/2015 - 20:01:06 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 19/03/2014 - 14:15:21 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 25/02/2015 - 10:40:55 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 19/03/2015 - 14:35:36 - [] ----D C:\ProgramData\Skype
O43 - CFD: 07/10/2014 - 17:02:15 - [] ----D C:\ProgramData\Sony Corporation
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 26/03/2014 - 10:18:51 - [] ----D C:\ProgramData\Sun
O43 - CFD: 02/11/2006 - 15:02:04 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 23/04/2014 - 09:26:16 - [] ----D C:\ProgramData\UDL
O43 - CFD: 18/03/2015 - 20:24:00 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 07/04/2015 - 06:11:48 - [] ----D C:\ProgramData\WorldWideCoupon =>PUP.WOwCoupon
O43 - CFD: 19/03/2014 - 15:02:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 25/04/2014 - 08:50:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADAPT IMMO
O43 - CFD: 19/03/2014 - 15:02:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 19/03/2014 - 20:00:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
O43 - CFD: 01/09/2014 - 20:48:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 23/04/2014 - 08:52:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 07/10/2014 - 17:04:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
O43 - CFD: 21/01/2008 - 04:42:47 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
O43 - CFD: 09/03/2015 - 22:43:46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 18/03/2015 - 21:35:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 25/03/2014 - 18:01:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
O43 - CFD: 25/02/2015 - 10:39:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 02/11/2006 - 14:56:46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 19/03/2014 - 22:14:22 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
O43 - CFD: 09/03/2015 - 22:43:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMU Poker
O43 - CFD: 24/02/2015 - 18:33:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFR
O43 - CFD: 11/11/2014 - 09:59:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 02/11/2006 - 14:50:50 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 02/11/2006 - 14:37:34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 20/03/2014 - 22:05:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
O43 - CFD: 19/03/2014 - 20:03:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
O43 - CFD: 22/04/2015 - 13:08:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 27/12/2014 - 12:12:36 - [] ----D C:\Users\geoff et ange\AppData\Roaming\.DestiHunterZ
O43 - CFD: 20/04/2015 - 07:53:57 - [] ----D C:\Users\geoff et ange\AppData\Roaming\.minecraft
O43 - CFD: 18/03/2015 - 20:41:23 - [] ----D C:\Users\geoff et ange\AppData\Roaming\0A2C8FF8-1426703023-11DE-80A1-A5431FBD5F56
O43 - CFD: 18/03/2015 - 20:24:02 - [] ----D C:\Users\geoff et ange\AppData\Roaming\0A2C8FF8-1426703041-11DE-80A1-A5431FBD5F56
O43 - CFD: 04/08/2014 - 15:34:06 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Adobe
O43 - CFD: 18/03/2015 - 20:41:29 - [] -SH-D C:\Users\geoff et ange\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 18/03/2015 - 21:35:10 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Battle.net
O43 - CFD: 22/05/2014 - 19:49:07 - [] ----D C:\Users\geoff et ange\AppData\Roaming\DigitalSites =>Hijacker.DSite
O43 - CFD: 24/04/2014 - 08:06:43 - [] ----D C:\Users\geoff et ange\AppData\Roaming\EPSON
O43 - CFD: 18/03/2014 - 15:54:12 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Identities
O43 - CFD: 18/03/2015 - 21:08:30 - [] ----D C:\Users\geoff et ange\AppData\Roaming\istartsurf =>PUP.Istart
O43 - CFD: 27/01/2015 - 19:56:47 - [] ----D C:\Users\geoff et ange\AppData\Roaming\java
O43 - CFD: 18/03/2014 - 16:12:02 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\Media Center Programs
O43 - CFD: 18/03/2015 - 20:24:50 - [] -S--D C:\Users\geoff et ange\AppData\Roaming\Microsoft
O43 - CFD: 06/03/2015 - 20:01:59 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Mumble
O43 - CFD: 18/03/2015 - 21:09:51 - [] ----D C:\Users\geoff et ange\AppData\Roaming\mystartsearch =>PUP.StartSearch
O43 - CFD: 18/03/2015 - 21:03:11 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\Nosibay =>PUP.BubbleDock
O43 - CFD: 20/03/2014 - 00:22:11 - [] ----D C:\Users\geoff et ange\AppData\Roaming\NVIDIA
O43 - CFD: 06/11/2014 - 06:56:38 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Oracle
O43 - CFD: 18/03/2014 - 16:25:40 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\PeerNetworking
O43 - CFD: 26/03/2014 - 12:44:07 - [] ----D C:\Users\geoff et ange\AppData\Roaming\PMU
O43 - CFD: 07/04/2015 - 17:28:35 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Skype
O43 - CFD: 14/01/2015 - 14:58:50 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\Systweak
O43 - CFD: 04/04/2015 - 16:31:32 - [] ----D C:\Users\geoff et ange\AppData\Roaming\TS3Client
O43 - CFD: 08/08/2014 - 11:22:54 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Unity
O43 - CFD: 18/03/2015 - 21:23:47 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\WTools =>PUP.Nosibay
O43 - CFD: 22/04/2015 - 13:10:31 - [] ----D C:\Users\geoff et ange\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 18/03/2015 - 21:05:50 - [] ----D C:\Users\geoff et ange\AppData\Local\0A2C8FF8-1426706902-11DE-80A1-A5431FBD5F56
O43 - CFD: 09/04/2015 - 22:06:12 - [] ----D C:\Users\geoff et ange\AppData\Local\Adobe
O43 - CFD: 18/03/2014 - 15:54:08 - [] -SH-D C:\Users\geoff et ange\AppData\Local\Application Data
O43 - CFD: 19/03/2014 - 21:38:52 - [] ----D C:\Users\geoff et ange\AppData\Local\Apps
O43 - CFD: 22/04/2015 - 13:09:50 - [] ----D C:\Users\geoff et ange\AppData\Local\Battle.net
O43 - CFD: 26/03/2014 - 18:52:30 - [] ----D C:\Users\geoff et ange\AppData\Local\Blizzard
O43 - CFD: 20/03/2014 - 00:21:49 - [] ----D C:\Users\geoff et ange\AppData\Local\Blizzard Entertainment
O43 - CFD: 19/03/2014 - 21:39:17 - [0] ----D C:\Users\geoff et ange\AppData\Local\Deployment
O43 - CFD: 24/02/2015 - 20:05:29 - [] ----D C:\Users\geoff et ange\AppData\Local\F-Secure
O43 - CFD: 18/03/2015 - 20:22:57 - [] ----D C:\Users\geoff et ange\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 19/03/2014 - 21:42:02 - [] ----D C:\Users\geoff et ange\AppData\Local\Google
O43 - CFD: 18/03/2014 - 15:54:08 - [] -SH-D C:\Users\geoff et ange\AppData\Local\Historique
O43 - CFD: 12/03/2015 - 10:08:00 - [] ----D C:\Users\geoff et ange\AppData\Local\Microsoft
O43 - CFD: 05/02/2015 - 18:04:08 - [] ----D C:\Users\geoff et ange\AppData\Local\Microsoft Games
O43 - CFD: 19/03/2014 - 22:37:45 - [] ----D C:\Users\geoff et ange\AppData\Local\Skype
O43 - CFD: 22/04/2015 - 13:10:21 - [] ----D C:\Users\geoff et ange\AppData\Local\Temp
O43 - CFD: 18/03/2014 - 15:54:08 - [] -SH-D C:\Users\geoff et ange\AppData\Local\Temporary Internet Files
O43 - CFD: 10/04/2015 - 16:28:39 - [0] ----D C:\Users\geoff et ange\AppData\Local\Unity
O43 - CFD: 09/06/2014 - 09:32:51 - [] ----D C:\Users\geoff et ange\AppData\Local\VirtualStore
O43 - CFD: 25/04/2014 - 08:50:00 - [] ----D C:\Users\geoff et ange\AppData\Local\WDSetup
O43 - CFD: 21/01/2008 - 04:42:46 - [] R---D C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 18/03/2014 - 15:54:20 - [] R---D C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/01/2008 - 04:42:46 - [] R---D C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/03/2015 - 21:21:12 - [] R---D C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 159 Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.7A2262293A9A0666926D32CB3A541153] - 11/04/2015 - 07:25:31 ---A- . (...) -- C:\Windows\PFRO.log [106244]
O44 - LFC:[MD5.C16128AF698D98D23849A6AC59D0E672] - 14/04/2015 - 19:35:31 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [778416]
O44 - LFC:[MD5.B432B52EAD3006A61D7A37A2F7978416] - 14/04/2015 - 19:35:31 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [142512]
O44 - LFC:[MD5.1035970885DD6ABA0EBCB3C02006A8E9] - 15/04/2015 - 05:18:14 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [12377600]
O44 - LFC:[MD5.59717C2C872AAEA7519B0124409B4578] - 15/04/2015 - 05:18:15 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [9747968]
O44 - LFC:[MD5.5FCA6B58D90B6D17327B48216451266D] - 15/04/2015 - 05:18:16 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [1810944]
O44 - LFC:[MD5.16BAD3B8ABC01EC9D34E912162CA4A53] - 15/04/2015 - 05:18:16 ---A- . (.Microsoft Corporation - Moteur de l'interface utilisateur d'Interne.) -- C:\Windows\System32\ieui.dll [176640]
O44 - LFC:[MD5.F73E3C29743621D9AAF09503E523E175] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [367104]
O44 - LFC:[MD5.19B481D70FBC176AE5D3E91347B0128F] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1129472]
O44 - LFC:[MD5.95D3A97897CE0386358FA6F65D8F343D] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [717824]
O44 - LFC:[MD5.6B5500DE200DC9C51A3F6A9377D14789] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [607744]
O44 - LFC:[MD5.02D9B399770C9C971F3B3344017106BA] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe [10752]
O44 - LFC:[MD5.5E2BFFFBAA061C1660F8255B2E3BD25C] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [73216]
O44 - LFC:[MD5.E8DFFB36F1120DC1DB7C0BCBCF1640AD] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [231936]
O44 - LFC:[MD5.B4AAF0FD9C32478889639DE464B21DA0] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [65024]
O44 - LFC:[MD5.E38129C89502D27580368D9762B6AFC6] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2382848]
O44 - LFC:[MD5.E6DE7F4A4BF8CD9E5C4F9466981892EC] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Outil d'installation sans assistance d'IE 7.) -- C:\Windows\System32\ieUnatt.exe [142848]
O44 - LFC:[MD5.B76F31C79764D2D8835CBEC935D49DB7] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [1427968]
O44 - LFC:[MD5.052A629983DD1A2116629293D02B1B58] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [1803264]
O44 - LFC:[MD5.67DB0E50E830E45BA24AA7B1B2143B93] - 15/04/2015 - 05:18:20 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1139200]
O44 - LFC:[MD5.9B1B09743E49F4E2364C34203F843844] - 15/04/2015 - 05:18:20 ---A- . (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) -- C:\Windows\System32\mshta.exe [11776]
O44 - LFC:[MD5.C1BC2B2E0AA56E9C28299273C86A73E4] - 15/04/2015 - 05:18:20 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [421376]
O44 - LFC:[MD5.686DFDA82EE2DBE1F58A48C9E3093996] - 15/04/2015 - 05:18:20 ---A- . (.Microsoft Corporation - Synchronisation en arrière-plan des flux Mi.) -- C:\Windows\System32\msfeedsbs.dll [41472]
O44 - LFC:[MD5.319DB2F956E00D8396772619A87C82EB] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1589958]
O44 - LFC:[MD5.32F26D5F0E807B0F0FCCECCB47EF4B96] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\perfc009.dat [119314]
O44 - LFC:[MD5.D6D2E609A57C77096B84CA862CE97F14] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [145546]
O44 - LFC:[MD5.47C983E63DB0EDA921B4E4DCFCD3C28F] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\perfh009.dat [633748]
O44 - LFC:[MD5.F2B0218F74EEB42BD167271CA2A522F7] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [721712]
O44 - LFC:[MD5.952EA6E27E3A16F02F85C10BB7F4752A] - 15/04/2015 - 12:22:27 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [3552184]
O44 - LFC:[MD5.E33CD56F2F344658C6000821611BBBD7] - 15/04/2015 - 12:22:28 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1205168]
O44 - LFC:[MD5.377602E869DA9C05AC67CA3A5019A051] - 15/04/2015 - 12:22:28 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntkrnlpa.exe [3604920]
O44 - LFC:[MD5.5D9311526801643000D7032A83B18B12] - 15/04/2015 - 12:22:45 ---A- . (.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System32\clfs.sys [244152]
O44 - LFC:[MD5.2FF4B8BA9805BABA5E8FB923AF44F480] - 15/04/2015 - 12:22:45 ---A- . (.Microsoft Corporation - Common Log Marshalling Win32 DLL.) -- C:\Windows\System32\clfsw32.dll [57344]
O44 - LFC:[MD5.1359F3CD7DF4D105C6C70CCE671F8520] - 15/04/2015 - 12:23:01 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [297984]
O44 - LFC:[MD5.BC817A039C2CEF89B82E7F4F53AA252B] - 15/04/2015 - 12:23:19 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\mrt.exe [125832184]
O44 - LFC:[MD5.BFC1892FFA0E8D3351EF59D6E3F39A2F] - 15/04/2015 - 12:29:05 ---A- . (.Microsoft Corporation - MSXML 3.0 SP10.) -- C:\Windows\System32\msxml3.dll [1249280]
O44 - LFC:[MD5.46C8842A2A1A02382FBE84738538B50C] - 22/04/2015 - 05:17:29 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.661641AA56FB13F6754A35D69FFA6150] - 22/04/2015 - 09:10:17 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1326284]
~ Files: 40 Scanned in 00mn 07s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ MWPE Keys: 1 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968]
O58 - SDL:21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [300600]
O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys [101432]
O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [149560]
O58 - SDL:21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [17464]
O58 - SDL:21/01/2008 - 03
~ Lancé par geoff et ange (22/04/2015 13:09:48)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v42.0.2311.90 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
---\\ Logiciels de protection du système
Computer Security 12.83.104.0
Pack Sécurité v1.83.311.0
Pack Sécurité v1.83.311.0
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader X
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3326 MB (26% free)
System Restore: Activé (Enable)
System drive C: has 330 GB (70%) free of 466 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-GEOFFETAN
~ User Name: geoff et ange
~ All Users Names: UpdatusUser, geoff et ange, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\geoff et ange\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\geoff et ange\AppData\Roaming\
~ %Desktop% : C:\Users\geoff et ange\Desktop\
~ %Favorites% : C:\Users\geoff et ange\Favorites\
~ %LocalAppData% : C:\Users\geoff et ange\AppData\Local\
~ %StartMenu% : C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 330 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 42 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.19B481D70FBC176AE5D3E91347B0128F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.09/03/2015 - 23:57:20.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 1/28
~ Mon Bureau (My Desktop) : 1/1132
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.A1673BAA5DCA4794DF601072FB2F2ECD] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821472] [PID.3436]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.1556]
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.2200]
[MD5.82F68EBA0FCEA46BA8919D6A264A833E] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [1065024] [PID.1612]
[MD5.FB9F9392B3D24012D22CDA7F9FF17C18] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATILHE.exe [260160] [PID.1668]
[MD5.10AA923C7622D57C3D4B1D9A4EAF14BC] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [31344744] [PID.1724]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.1772]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.7008]
[MD5.7E850A56633C620295E4E7779BA41893] - (.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.3918\Agent.exe [7169072] [PID.6512]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.1460]
[MD5.921E55F99F297553FFB1CA52BE2874FE] - (.Blizzard Entertainment - Battle.net desktop app.) -- C:\Program Files\Battle.net\Battle.net.5669\Battle.net.exe [10103344] [PID.612]
[MD5.CE9806603D3C635EA6E0BB79FE916D2E] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [812872] [PID.5964]
[MD5.2C009C50C0EE073EC0F993698CDB6C92] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8198656] [PID.4464]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [Speedial] =>Adware.SearchYa
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [__MSG_ExtnName__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl [Allin1Convert] =>Adware.Allin1Convert
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [Bookmark Manager]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinlofiojphnmpllecgejammnjcmeipf [Internet Speed Tracker] =>PUP.MindSpark
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbkoobmboaainhbkbdojincpeoldlfc [SharePoint Fix]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [Ask App for iLivid] =>Adware.Bandoo
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [iLivid] =>Adware.Bandoo
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\geoff et ange\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__]
~ Google Lines Browser: 30 Scanned in 00mn 09s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.31.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.31.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.31.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.13.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 7 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.13.) (No version) -- (.not file.)
~ IE Browser: 9 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File: Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: E-Web Print - [HKLM]{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} . (.SEIKO EPSON CORPORATION - ewps_tb.) -- C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [F-Secure Manager] C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.exe (.not file.)
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [F-Secure Hoster (44996)] . (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILHE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1429676531
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILHE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-1537051935-1931752224-3485730409-1000\..\RunOnce: [Adobe Speed Launcher] 1429676531
~ Application: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{967EF2ED-5C3B-414F-ADC3-19F16B7D5D01}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{967EF2ED-5C3B-414F-ADC3-19F16B7D5D01}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{967EF2ED-5C3B-414F-ADC3-19F16B7D5D01}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: SystemMolder (b92b1769) . (...) - c:\Program Files\SystemMolder\SystemMolder.dll
O23 - Service: Epson Scanner Service (EpsonScanSvc) . (.Seiko Epson Corporation - Epson Scanner Service (32bit).) - C:\Windows\system32\EscSvc.exe
O23 - Service: F-Secure Dll Hoster (fshoster) . (.F-Secure Corporation - F-Secure Host Process.) - C:\Program Files\SFR\Pack_Securite\fshoster32.exe
O23 - Service: F-Secure ORSP Client (FSORSPClient) . (.F-Secure Corporation - F-Secure ORSP Service.) - C:\Program Files\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 314.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 9 Scanned in 00mn 03s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.00000000000000000000000000000000] [APT] [Digital Sites] (...) -- C:\Users\geoff et ange\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Hijacker.DSite
[MD5.E674671A541A96A251F7CADEB12E06A5] [APT] [EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416}] (.SEIKO EPSON CORPORATION.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.exe [679488]
[MD5.E674671A541A96A251F7CADEB12E06A5] [APT] [EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416}] (.SEIKO EPSON CORPORATION.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.exe [679488]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: Digital Sites - (...) -- C:\Windows\Tasks\Digital Sites.job [314] =>Hijacker.DSite
O39 - APT: Digital Sites - (...) -- C:\Windows\System32\Tasks\Digital Sites [314] =>Hijacker.DSite
O39 - APT: EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\Tasks\EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416}.job [731]
O39 - APT: EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\System32\Tasks\EPSON XP-212 213 Series Invitation {4798D5A8-02F7-449A-ADD2-8509D2681416} [731]
O39 - APT: EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\Tasks\EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416}.job [917]
O39 - APT: EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416} - (.SEIKO EPSON CORPORATION.) -- C:\Windows\System32\Tasks\EPSON XP-212 213 Series Update {4798D5A8-02F7-449A-ADD2-8509D2681416} [917]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1056]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056]
~ Scheduled Task: 13 Scanned in 00mn 03s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_17_0_0_169.ocx
~ Active Setup: 13 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (F-Secure HIPS) . (. - .) - C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\HIPS\drivers\fshs.sys (.not file.)
O41 - Driver: (fsvista) . (. - .) - C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys (.not file.)
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 66 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader X (10.1.13) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM] -- Battle.net
O42 - Logiciel: Computer Security 12.83.104.0 (release) - (.F-Secure Corporation.) [HKLM] -- {658FDBCA-B7A1-43E4-A849-9F0812473331}
O42 - Logiciel: EOS USB WIA Driver - (...) [HKLM] -- EOS USB WIA Driver
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON XP-212 213 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON XP-212 213 Series
O42 - Logiciel: Epson E-Web Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {896667C8-53F8-47B8-B6B0-B113B10F05BC}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}
O42 - Logiciel: Epson Event Manager - (.Seiko Epson Corporation.) [HKLM] -- {0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}
O42 - Logiciel: F-Secure CCF Reputation - (.F-Secure.) [HKLM] -- {00000000-2778-5BED-8199-52EB14D8D22F}
O42 - Logiciel: F-Secure CCF Scanning 1.51.111.300 (release) - (.F-Secure Corporation.) [HKLM] -- {A90E17E2-18B2-411C-9D87-7598C796C11D}
O42 - Logiciel: F-Secure Network CCF 1.02.128 - (.F-Secure Corporation.) [HKLM] -- {6D4E3662-A321-4D98-84B8-934229348575}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0}
O42 - Logiciel: Mises à jour NVIDIA 1.12.12 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mumble 1.2.5 - (.Thorvald Natvig.) [HKLM] -- {F818243E-51A8-418D-8A71-595D5121BECA}
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote graphique 314.07 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Online Safety 2.83.1346.10 - (.F-Secure Corporation.) [HKLM] -- {4A1D6878-ED34-4885-AF28-9FA259D67377}
O42 - Logiciel: PMU Poker - (.PMU.) [HKLM] -- PMUPoker
O42 - Logiciel: Pack Sécurité - (.F-Secure Corporation.) [HKLM] -- F-Secure ServiceEnabler 44996
O42 - Logiciel: Pack Sécurité - (.F-Secure Corporation.) [HKLM] -- {FCDA0DD0-F899-4529-917C-16ADEA6550B9}
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: Skype(TM) 7.2 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Software Updater - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B307472F-7BD9-4040-9255-CE6D6A1196A3}
O42 - Logiciel: SystemMolder - (.Software Publisher.) [HKLM] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{b92b1769} =>Adware.Graftor
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client
O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM] -- World of Warcraft
O42 - Logiciel: WorldWideCoupon - (.WorldWideCoupon.) [HKLM] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1 =>PUP.WOwCoupon
~ Logic: 43 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}] =>Adware.Graftor
[HKCU\Software\AppDataLow]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DSiteproducts] =>Hijacker.DSite
[HKCU\Software\EPSON Software Updater]
[HKCU\Software\EPSON]
[HKCU\Software\F-Secure]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mumble]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\PC SOFT]
[HKCU\Software\PMU]
[HKCU\Software\Policies]
[HKCU\Software\QtProject]
[HKCU\Software\SEIKO EPSON CORPORATION]
[HKCU\Software\Skype]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Software]
[HKCU\Software\TeamSpeak 3 Client]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\drpsu]
[HKLM\Software\Adobe]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CUSTPDF Writer]
[HKLM\Software\Canon]
[HKLM\Software\Canon_Inc_IC]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Data Fellows]
[HKLM\Software\EPSON]
[HKLM\Software\F-Secure]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Neuf]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\WOW6432Node]
[HKLM\Software\c3c1e949-a8d1-7dc4-9b85-bfc12b2ac3d5] =>PUP.CrossRider
~ Key Software: 145 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/03/2015 - 21:14:54 - [] ----D C:\Program Files\AdImmo
O43 - CFD: 18/03/2015 - 21:19:23 - [] ----D C:\Program Files\Adobe
O43 - CFD: 07/04/2015 - 18:45:36 - [] ----D C:\Program Files\Battle.net
O43 - CFD: 01/09/2014 - 20:48:10 - [] ----D C:\Program Files\Canon
O43 - CFD: 18/03/2015 - 21:07:42 - [] ----D C:\Program Files\Common Files
O43 - CFD: 07/10/2014 - 17:04:26 - [] ----D C:\Program Files\epson
O43 - CFD: 07/10/2014 - 17:04:25 - [] ----D C:\Program Files\EPSON Software
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 18/03/2015 - 21:13:12 - [] ----D C:\Program Files\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 19/03/2014 - 21:41:49 - [] ----D C:\Program Files\Google
O43 - CFD: 22/05/2014 - 19:49:43 - [] ----D C:\Program Files\GPLGS
O43 - CFD: 18/03/2015 - 21:15:32 - [0] ----D C:\Program Files\GU Player =>PUP.GUPlayer
O43 - CFD: 14/04/2015 - 19:41:09 - [] ----D C:\Program Files\Hearthstone
O43 - CFD: 08/10/2014 - 05:16:22 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/04/2015 - 15:56:46 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 25/02/2015 - 10:40:48 - [] ----D C:\Program Files\Java
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 19/03/2014 - 15:42:43 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 19/03/2014 - 22:10:21 - [] ----D C:\Program Files\Mumble
O43 - CFD: 19/03/2014 - 14:16:27 - [] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 17/06/2014 - 15:36:11 - [] ----D C:\Program Files\Overwolf
O43 - CFD: 22/05/2014 - 19:54:00 - [0] ----D C:\Program Files\PDFCreator
O43 - CFD: 18/03/2015 - 20:44:25 - [0] ----D C:\Program Files\predm =>Adware.Downware
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 19/03/2014 - 21:54:19 - [] ----D C:\Program Files\SFR
O43 - CFD: 19/02/2015 - 20:06:14 - [0] ----D C:\Program Files\SFR Sécurité
O43 - CFD: 19/03/2015 - 14:35:32 - [] R---D C:\Program Files\Skype
O43 - CFD: 18/03/2015 - 21:14:55 - [] ----D C:\Program Files\SmartSaver+ 3 =>PUP.CrossRider
O43 - CFD: 07/04/2015 - 05:51:15 - [] ----D C:\Program Files\SystemMolder
O43 - CFD: 13/09/2014 - 17:02:37 - [] ----D C:\Program Files\TeamSpeak 3 Client
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 19/03/2014 - 17:01:28 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 09/07/2014 - 15:51:44 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 21/03/2014 - 06:33:06 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 18/03/2014 - 15:51:52 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 21/03/2014 - 06:34:00 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 19/03/2014 - 17:01:29 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 07/04/2015 - 18:49:02 - [] ----D C:\Program Files\World of Warcraft
O43 - CFD: 18/03/2015 - 21:36:06 - [] ----D C:\Program Files\XTab
O43 - CFD: 22/04/2015 - 13:08:52 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 04/08/2014 - 15:28:01 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 15/10/2014 - 07:42:23 - [] ----D C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD: 01/09/2014 - 20:47:31 - [] ----D C:\Program Files\Common Files\Canon
O43 - CFD: 23/04/2014 - 08:53:07 - [] ----D C:\Program Files\Common Files\EPSON
O43 - CFD: 25/02/2015 - 10:40:29 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 27/01/2015 - 08:03:28 - [] ----D C:\Program Files\Common Files\Java(1)
O43 - CFD: 10/04/2014 - 17:07:31 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 24/02/2015 - 18:33:40 - [] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/03/2014 - 06:32:45 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 08/04/2015 - 21:48:44 - [] ----D C:\ProgramData\2002414423348218191
O43 - CFD: 07/04/2015 - 05:51:30 - [0] ----D C:\ProgramData\42664300000032e5
O43 - CFD: 04/08/2014 - 15:37:53 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 20/03/2014 - 08:19:14 - [] ----D C:\ProgramData\Battle.net
O43 - CFD: 19/03/2014 - 20:00:20 - [] ----D C:\ProgramData\Blizzard Entertainment
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 23/04/2014 - 09:26:16 - [] ----D C:\ProgramData\Epson
O43 - CFD: 19/03/2014 - 22:08:35 - [] ----D C:\ProgramData\F-Secure
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 18/03/2015 - 20:24:31 - [] ----D C:\ProgramData\IHProtectUpDate =>Adware.AgentODR
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 30/03/2014 - 22:37:49 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 18/03/2014 - 15:51:52 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 24/02/2015 - 20:01:06 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 19/03/2014 - 14:15:21 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 25/02/2015 - 10:40:55 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 19/03/2015 - 14:35:36 - [] ----D C:\ProgramData\Skype
O43 - CFD: 07/10/2014 - 17:02:15 - [] ----D C:\ProgramData\Sony Corporation
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 26/03/2014 - 10:18:51 - [] ----D C:\ProgramData\Sun
O43 - CFD: 02/11/2006 - 15:02:04 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 23/04/2014 - 09:26:16 - [] ----D C:\ProgramData\UDL
O43 - CFD: 18/03/2015 - 20:24:00 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 07/04/2015 - 06:11:48 - [] ----D C:\ProgramData\WorldWideCoupon =>PUP.WOwCoupon
O43 - CFD: 19/03/2014 - 15:02:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 25/04/2014 - 08:50:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADAPT IMMO
O43 - CFD: 19/03/2014 - 15:02:52 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 19/03/2014 - 20:00:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
O43 - CFD: 01/09/2014 - 20:48:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 23/04/2014 - 08:52:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 07/10/2014 - 17:04:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
O43 - CFD: 21/01/2008 - 04:42:47 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
O43 - CFD: 09/03/2015 - 22:43:46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 18/03/2015 - 21:35:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 25/03/2014 - 18:01:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
O43 - CFD: 25/02/2015 - 10:39:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 02/11/2006 - 14:56:46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 19/03/2014 - 22:14:22 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
O43 - CFD: 09/03/2015 - 22:43:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMU Poker
O43 - CFD: 24/02/2015 - 18:33:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFR
O43 - CFD: 11/11/2014 - 09:59:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 02/11/2006 - 14:50:50 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 02/11/2006 - 14:37:34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 20/03/2014 - 22:05:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
O43 - CFD: 19/03/2014 - 20:03:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
O43 - CFD: 22/04/2015 - 13:08:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 27/12/2014 - 12:12:36 - [] ----D C:\Users\geoff et ange\AppData\Roaming\.DestiHunterZ
O43 - CFD: 20/04/2015 - 07:53:57 - [] ----D C:\Users\geoff et ange\AppData\Roaming\.minecraft
O43 - CFD: 18/03/2015 - 20:41:23 - [] ----D C:\Users\geoff et ange\AppData\Roaming\0A2C8FF8-1426703023-11DE-80A1-A5431FBD5F56
O43 - CFD: 18/03/2015 - 20:24:02 - [] ----D C:\Users\geoff et ange\AppData\Roaming\0A2C8FF8-1426703041-11DE-80A1-A5431FBD5F56
O43 - CFD: 04/08/2014 - 15:34:06 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Adobe
O43 - CFD: 18/03/2015 - 20:41:29 - [] -SH-D C:\Users\geoff et ange\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 18/03/2015 - 21:35:10 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Battle.net
O43 - CFD: 22/05/2014 - 19:49:07 - [] ----D C:\Users\geoff et ange\AppData\Roaming\DigitalSites =>Hijacker.DSite
O43 - CFD: 24/04/2014 - 08:06:43 - [] ----D C:\Users\geoff et ange\AppData\Roaming\EPSON
O43 - CFD: 18/03/2014 - 15:54:12 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Identities
O43 - CFD: 18/03/2015 - 21:08:30 - [] ----D C:\Users\geoff et ange\AppData\Roaming\istartsurf =>PUP.Istart
O43 - CFD: 27/01/2015 - 19:56:47 - [] ----D C:\Users\geoff et ange\AppData\Roaming\java
O43 - CFD: 18/03/2014 - 16:12:02 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\Media Center Programs
O43 - CFD: 18/03/2015 - 20:24:50 - [] -S--D C:\Users\geoff et ange\AppData\Roaming\Microsoft
O43 - CFD: 06/03/2015 - 20:01:59 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Mumble
O43 - CFD: 18/03/2015 - 21:09:51 - [] ----D C:\Users\geoff et ange\AppData\Roaming\mystartsearch =>PUP.StartSearch
O43 - CFD: 18/03/2015 - 21:03:11 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\Nosibay =>PUP.BubbleDock
O43 - CFD: 20/03/2014 - 00:22:11 - [] ----D C:\Users\geoff et ange\AppData\Roaming\NVIDIA
O43 - CFD: 06/11/2014 - 06:56:38 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Oracle
O43 - CFD: 18/03/2014 - 16:25:40 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\PeerNetworking
O43 - CFD: 26/03/2014 - 12:44:07 - [] ----D C:\Users\geoff et ange\AppData\Roaming\PMU
O43 - CFD: 07/04/2015 - 17:28:35 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Skype
O43 - CFD: 14/01/2015 - 14:58:50 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\Systweak
O43 - CFD: 04/04/2015 - 16:31:32 - [] ----D C:\Users\geoff et ange\AppData\Roaming\TS3Client
O43 - CFD: 08/08/2014 - 11:22:54 - [] ----D C:\Users\geoff et ange\AppData\Roaming\Unity
O43 - CFD: 18/03/2015 - 21:23:47 - [0] ----D C:\Users\geoff et ange\AppData\Roaming\WTools =>PUP.Nosibay
O43 - CFD: 22/04/2015 - 13:10:31 - [] ----D C:\Users\geoff et ange\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 18/03/2015 - 21:05:50 - [] ----D C:\Users\geoff et ange\AppData\Local\0A2C8FF8-1426706902-11DE-80A1-A5431FBD5F56
O43 - CFD: 09/04/2015 - 22:06:12 - [] ----D C:\Users\geoff et ange\AppData\Local\Adobe
O43 - CFD: 18/03/2014 - 15:54:08 - [] -SH-D C:\Users\geoff et ange\AppData\Local\Application Data
O43 - CFD: 19/03/2014 - 21:38:52 - [] ----D C:\Users\geoff et ange\AppData\Local\Apps
O43 - CFD: 22/04/2015 - 13:09:50 - [] ----D C:\Users\geoff et ange\AppData\Local\Battle.net
O43 - CFD: 26/03/2014 - 18:52:30 - [] ----D C:\Users\geoff et ange\AppData\Local\Blizzard
O43 - CFD: 20/03/2014 - 00:21:49 - [] ----D C:\Users\geoff et ange\AppData\Local\Blizzard Entertainment
O43 - CFD: 19/03/2014 - 21:39:17 - [0] ----D C:\Users\geoff et ange\AppData\Local\Deployment
O43 - CFD: 24/02/2015 - 20:05:29 - [] ----D C:\Users\geoff et ange\AppData\Local\F-Secure
O43 - CFD: 18/03/2015 - 20:22:57 - [] ----D C:\Users\geoff et ange\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 19/03/2014 - 21:42:02 - [] ----D C:\Users\geoff et ange\AppData\Local\Google
O43 - CFD: 18/03/2014 - 15:54:08 - [] -SH-D C:\Users\geoff et ange\AppData\Local\Historique
O43 - CFD: 12/03/2015 - 10:08:00 - [] ----D C:\Users\geoff et ange\AppData\Local\Microsoft
O43 - CFD: 05/02/2015 - 18:04:08 - [] ----D C:\Users\geoff et ange\AppData\Local\Microsoft Games
O43 - CFD: 19/03/2014 - 22:37:45 - [] ----D C:\Users\geoff et ange\AppData\Local\Skype
O43 - CFD: 22/04/2015 - 13:10:21 - [] ----D C:\Users\geoff et ange\AppData\Local\Temp
O43 - CFD: 18/03/2014 - 15:54:08 - [] -SH-D C:\Users\geoff et ange\AppData\Local\Temporary Internet Files
O43 - CFD: 10/04/2015 - 16:28:39 - [0] ----D C:\Users\geoff et ange\AppData\Local\Unity
O43 - CFD: 09/06/2014 - 09:32:51 - [] ----D C:\Users\geoff et ange\AppData\Local\VirtualStore
O43 - CFD: 25/04/2014 - 08:50:00 - [] ----D C:\Users\geoff et ange\AppData\Local\WDSetup
O43 - CFD: 21/01/2008 - 04:42:46 - [] R---D C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 18/03/2014 - 15:54:20 - [] R---D C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/01/2008 - 04:42:46 - [] R---D C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/03/2015 - 21:21:12 - [] R---D C:\Users\geoff et ange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 159 Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.7A2262293A9A0666926D32CB3A541153] - 11/04/2015 - 07:25:31 ---A- . (...) -- C:\Windows\PFRO.log [106244]
O44 - LFC:[MD5.C16128AF698D98D23849A6AC59D0E672] - 14/04/2015 - 19:35:31 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [778416]
O44 - LFC:[MD5.B432B52EAD3006A61D7A37A2F7978416] - 14/04/2015 - 19:35:31 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [142512]
O44 - LFC:[MD5.1035970885DD6ABA0EBCB3C02006A8E9] - 15/04/2015 - 05:18:14 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [12377600]
O44 - LFC:[MD5.59717C2C872AAEA7519B0124409B4578] - 15/04/2015 - 05:18:15 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [9747968]
O44 - LFC:[MD5.5FCA6B58D90B6D17327B48216451266D] - 15/04/2015 - 05:18:16 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [1810944]
O44 - LFC:[MD5.16BAD3B8ABC01EC9D34E912162CA4A53] - 15/04/2015 - 05:18:16 ---A- . (.Microsoft Corporation - Moteur de l'interface utilisateur d'Interne.) -- C:\Windows\System32\ieui.dll [176640]
O44 - LFC:[MD5.F73E3C29743621D9AAF09503E523E175] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [367104]
O44 - LFC:[MD5.19B481D70FBC176AE5D3E91347B0128F] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1129472]
O44 - LFC:[MD5.95D3A97897CE0386358FA6F65D8F343D] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [717824]
O44 - LFC:[MD5.6B5500DE200DC9C51A3F6A9377D14789] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [607744]
O44 - LFC:[MD5.02D9B399770C9C971F3B3344017106BA] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe [10752]
O44 - LFC:[MD5.5E2BFFFBAA061C1660F8255B2E3BD25C] - 15/04/2015 - 05:18:18 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [73216]
O44 - LFC:[MD5.E8DFFB36F1120DC1DB7C0BCBCF1640AD] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [231936]
O44 - LFC:[MD5.B4AAF0FD9C32478889639DE464B21DA0] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [65024]
O44 - LFC:[MD5.E38129C89502D27580368D9762B6AFC6] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2382848]
O44 - LFC:[MD5.E6DE7F4A4BF8CD9E5C4F9466981892EC] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Outil d'installation sans assistance d'IE 7.) -- C:\Windows\System32\ieUnatt.exe [142848]
O44 - LFC:[MD5.B76F31C79764D2D8835CBEC935D49DB7] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [1427968]
O44 - LFC:[MD5.052A629983DD1A2116629293D02B1B58] - 15/04/2015 - 05:18:19 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [1803264]
O44 - LFC:[MD5.67DB0E50E830E45BA24AA7B1B2143B93] - 15/04/2015 - 05:18:20 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1139200]
O44 - LFC:[MD5.9B1B09743E49F4E2364C34203F843844] - 15/04/2015 - 05:18:20 ---A- . (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) -- C:\Windows\System32\mshta.exe [11776]
O44 - LFC:[MD5.C1BC2B2E0AA56E9C28299273C86A73E4] - 15/04/2015 - 05:18:20 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [421376]
O44 - LFC:[MD5.686DFDA82EE2DBE1F58A48C9E3093996] - 15/04/2015 - 05:18:20 ---A- . (.Microsoft Corporation - Synchronisation en arrière-plan des flux Mi.) -- C:\Windows\System32\msfeedsbs.dll [41472]
O44 - LFC:[MD5.319DB2F956E00D8396772619A87C82EB] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1589958]
O44 - LFC:[MD5.32F26D5F0E807B0F0FCCECCB47EF4B96] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\perfc009.dat [119314]
O44 - LFC:[MD5.D6D2E609A57C77096B84CA862CE97F14] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [145546]
O44 - LFC:[MD5.47C983E63DB0EDA921B4E4DCFCD3C28F] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\perfh009.dat [633748]
O44 - LFC:[MD5.F2B0218F74EEB42BD167271CA2A522F7] - 15/04/2015 - 12:21:39 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [721712]
O44 - LFC:[MD5.952EA6E27E3A16F02F85C10BB7F4752A] - 15/04/2015 - 12:22:27 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [3552184]
O44 - LFC:[MD5.E33CD56F2F344658C6000821611BBBD7] - 15/04/2015 - 12:22:28 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1205168]
O44 - LFC:[MD5.377602E869DA9C05AC67CA3A5019A051] - 15/04/2015 - 12:22:28 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntkrnlpa.exe [3604920]
O44 - LFC:[MD5.5D9311526801643000D7032A83B18B12] - 15/04/2015 - 12:22:45 ---A- . (.Microsoft Corporation - Common Log File System Driver.) -- C:\Windows\System32\clfs.sys [244152]
O44 - LFC:[MD5.2FF4B8BA9805BABA5E8FB923AF44F480] - 15/04/2015 - 12:22:45 ---A- . (.Microsoft Corporation - Common Log Marshalling Win32 DLL.) -- C:\Windows\System32\clfsw32.dll [57344]
O44 - LFC:[MD5.1359F3CD7DF4D105C6C70CCE671F8520] - 15/04/2015 - 12:23:01 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [297984]
O44 - LFC:[MD5.BC817A039C2CEF89B82E7F4F53AA252B] - 15/04/2015 - 12:23:19 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\mrt.exe [125832184]
O44 - LFC:[MD5.BFC1892FFA0E8D3351EF59D6E3F39A2F] - 15/04/2015 - 12:29:05 ---A- . (.Microsoft Corporation - MSXML 3.0 SP10.) -- C:\Windows\System32\msxml3.dll [1249280]
O44 - LFC:[MD5.46C8842A2A1A02382FBE84738538B50C] - 22/04/2015 - 05:17:29 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.661641AA56FB13F6754A35D69FFA6150] - 22/04/2015 - 09:10:17 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1326284]
~ Files: 40 Scanned in 00mn 07s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ MWPE Keys: 1 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968]
O58 - SDL:21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [300600]
O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys [101432]
O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [149560]
O58 - SDL:21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [17464]
O58 - SDL:21/01/2008 - 03
http://pjjoint.malekal.com/files.php?id=ZHPDiag_20150422_y11f8y15x10c10
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
22 avril 2015 à 14:45
22 avril 2015 à 14:45
Merci angeloise, je suis de retour sur mon poste principale dans 2 heures pour faire l'analyse, à toute à l'heure :)
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
Modifié par artaban7 le 22/04/2015 à 15:03
Modifié par artaban7 le 22/04/2015 à 15:03
Alors, étant donné qu'il y a quelques infections :
peux-tu passer ces deux logiciels :
1)ZHP cleaner sur ce lien : https://nicolascoolman.eu
Faits un scan et un nettoyage ....
2) ADWcleaner , ici : https://nicolascoolman.eu
Là aussi scan et nettoyage et bien sur redémarrage.
il me faudra ensuite un autre rapport ZHPdiag , mais il doit être fait après redémarrage ....
Indiques-moi quels changement tu constates dans les réactions de ta machine....
peux-tu passer ces deux logiciels :
1)ZHP cleaner sur ce lien : https://nicolascoolman.eu
Faits un scan et un nettoyage ....
2) ADWcleaner , ici : https://nicolascoolman.eu
Là aussi scan et nettoyage et bien sur redémarrage.
il me faudra ensuite un autre rapport ZHPdiag , mais il doit être fait après redémarrage ....
Indiques-moi quels changement tu constates dans les réactions de ta machine....
http://pjjoint.malekal.com/files.php?id=ZHPDiag_20150422_l14t6j12q13n5
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
22 avril 2015 à 17:39
22 avril 2015 à 17:39
alors?
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
22 avril 2015 à 17:44
22 avril 2015 à 17:44
il viens d'où cet antivirus?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
sur http://www.nicolascoolman.fr/download/roguekiller-2/
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
22 avril 2015 à 22:44
22 avril 2015 à 22:44
c'est le pack SFR qui vous bloque?
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
22 avril 2015 à 22:52
22 avril 2015 à 22:52
vous pouvez me confirmer que vous avez bien passé les 2 logiciels que je vous ai donné au début :
ZHPcleaner et ADWcleaner?
ZHPcleaner et ADWcleaner?
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
22 avril 2015 à 22:57
22 avril 2015 à 22:57
ça ne vous dérange pas ? :)
Bonjour, apres avoir passer les 2liens pour nettoyer bah toujours pareille toujours des pub etc...
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
23 avril 2015 à 09:11
23 avril 2015 à 09:11
je vous invite à télécharger ZHP fix : https://nicolascoolman.eu
vous le lancez et dans la fenêtre vide du soft vous copier-coller le script tel quel et en entier :
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
EmptyCLSID
MBRFix
ProxyFix
ShortcutFix
Ensuite vous cliquez sur "go", et à la fin de l'opération, relancer l'ordinateur...
Avez-vous toujours des pubs après ceci ?
vous le lancez et dans la fenêtre vide du soft vous copier-coller le script tel quel et en entier :
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
EmptyCLSID
MBRFix
ProxyFix
ShortcutFix
Ensuite vous cliquez sur "go", et à la fin de l'opération, relancer l'ordinateur...
Avez-vous toujours des pubs après ceci ?
Bonjour, pouvais vous m'aidez pour désinstaller mon anti virus svp?
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
24 avril 2015 à 09:37
24 avril 2015 à 09:37
Avez-vous l'habitude d'utiliser CCleaner ou REVO? Avez-vous déjà essayé de le désinstaller ? avec quoi?
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
24 avril 2015 à 10:20
24 avril 2015 à 10:20
Essayez avec REVO , vous le lancez , vous cherchez l'icône de votre antivirus, vous faites "désinstaller" (je crois que c'est en anglais :) ).
Ensuite vous faites suivant à toutes les fenêtres , REVO va nettoyer en profondeur, puis vous redémarrez ...
https://www.commentcamarche.net/telecharger/utilitaires/19405-revo-uninstaller/
Ensuite vous faites suivant à toutes les fenêtres , REVO va nettoyer en profondeur, puis vous redémarrez ...
https://www.commentcamarche.net/telecharger/utilitaires/19405-revo-uninstaller/
super mille merci :) sa fonctionner
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
24 avril 2015 à 12:56
24 avril 2015 à 12:56
je sais :)
artaban7
Messages postés
2204
Date d'inscription
samedi 12 juillet 2014
Statut
Membre
Dernière intervention
19 août 2015
90
24 avril 2015 à 14:01
24 avril 2015 à 14:01
Que dire de plus :)