Sujet Précédent Sujet Suivant

Strong signal à l'aide !!

Fermé
ariagleek Messages postés 6 Date d'inscription vendredi 22 mai 2015 Statut Membre Dernière intervention 23 mai 2015 - 22 mai 2015 à 18:29
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 - 23 mai 2015 à 23:12
Bonjour, j'ai windows 8 et j'utlise google chrome et il se trouve que je suis envahie de pub a caude de strong signal, j'ai essayé de m'en débarrasser mais il persiste.. aidez moi svp merci d'avance

1 réponse

Réponse 1 / 1
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 90
22 mai 2015 à 18:33
Bonsoir,

on va voir ça ensemble :

Pour le diagnostique il s'agit de ce logiciel : https://nicolascoolman.eu

il suffit de le lancer, de choisir "complet", il va ensuite créer un rapport du système sur le bureau au format .txt qu'il faudra transmettre ici à l'aide de : http://pjjoint.malekal.com/

Si tu as besoins d'explication sur des points précis comme l'utilisation du générateur de fichier, n'hésites pas..
0
ariagleek Messages postés 6 Date d'inscription vendredi 22 mai 2015 Statut Membre Dernière intervention 23 mai 2015
22 mai 2015 à 18:41
merci de la rapidité, ensuite que dois je faire pour éliminer ce virus ?
0
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 90
22 mai 2015 à 18:54
tu colles le rapport ici pour que je puisse voire ce qui t'infecte exactement ....
0
ariagleek Messages postés 6 Date d'inscription vendredi 22 mai 2015 Statut Membre Dernière intervention 23 mai 2015
22 mai 2015 à 19:06
~ Rapport de ZHPDiag v2015.5.17.49 - Nicolas Coolman (17/05/2015)
~ Lancé par Popo (22/05/2015 18:36:30)
~ Adresse du Forum https://nicolascoolman.eu [Pays FR - 213.186.33.168]
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17801 [Attention - Internet Explorer n'est pas à jour]
GCIE: Google Chrome v43.0.2357.65 (Defaut)
OPIE: Opera Stable v27.0.1689.66

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : MG8JQ
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)

---\\ Logiciels de protection du système
McAfee LiveSafe - Internet Security v13.6.1529
Windows Defender W8 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v5.02

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3985 MB (49% free) [Attention - Mémoire libre insuffisante - désinstaller les programmes inutiles]
System Restore: Activé (Enable)
System drive C: has 349 GB (77%) free of 448 GB

---\\ Mode de connexion au système
~ Computer Name: PAULINE
~ User Name: Popo
~ All Users Names: Popo, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Popo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Popo\AppData\Roaming\
~ %Desktop% : C:\Users\Popo\Desktop\
~ %Favorites% : C:\Users\Popo\Favorites\
~ %LocalAppData% : C:\Users\Popo\AppData\Local\
~ %StartMenu% : C:\Users\Popo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 349 Go of 448 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.28/01/2015 - 00:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29/10/2014 - 02:25:54.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2015 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.29/10/2014 - 02:22:52.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 04:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 10:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 12:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - Pilote de port i8042.) (.07/10/2014 - 04:29:50.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 13:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.08/10/2014 - 08:32:10.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.15/10/2014 - 09:32:37.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.22/08/2013 - 20:11:06.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 03:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4684
~ Mes musiques (My Musics) : 2/1148
~ Mes Videos (My Videos) : 1/31
~ Mes Favoris (My Favorites) : 1/12
~ Mes Documents (My Documents) : 1/158
~ Mon Bureau (My Desktop) : 0/824
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 19s



---\\ Processus lancés
[MD5.AB5A1205E7A622099E4A2169BF0D459D] - (...) -- C:\Users\Popo\AppData\Roaming\Internet-Controller\internet-controller.exe [913184] [PID.2600]
[MD5.95E3B489E744D46DA6490F9842B71534] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.6488]
[MD5.51CFFD7BBFEA2F7316C560DCC4479759] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8209408] [PID.4148]
~ Processes Running: Scanned in 00mn 04s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Popo\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Popo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [GeoGebra]
G2 - EXT: C:\Users\Popo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [__MSG_name__]
G2 - EXT: C:\Users\Popo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [AdBlock]
G2 - EXT: C:\Users\Popo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [Bookmark Manager]
G2 - EXT: C:\Users\Popo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module]
G2 - EXT: C:\Users\Popo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
~ Google Lines Browser: 12 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Popo\AppData\Roaming\Mozilla\Firefox\Profiles\cotmd33a.default\prefs.js
M3 - MFPP: Plugins - [Popo] -- C:\Users\Popo\AppData\Roaming\Mozilla\Firefox\Profiles\cotmd33a.default\searchplugins\yahoo.xml
M2 - MFEP: prefs.js [Popo - cotmd33a.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v3.2.11.20150318094910 (..)
M2 - MFEP: Extension [Popo - cotmd33a.default] {635abd67-4fe9-1b23-4f01-e679fa7484c1}
M2 - MFEP: Extension [Popo - cotmd33a.default] {7ed5e138-ac26-4542-adc5-765dee01c1f8}.xpi
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\McSiteAdvisor.xml
~ Firefox Browser: 8 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=acer13.msn.com&ocid=AARDHP&pc=MAARJS
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
~ IE Browser: 16 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKCU\..\Run: [Pokki] %LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe /LOGON
O4 - HKCU\..\Run: [{6472EC22-FBC2-4B06-87BE-5F1BCCEDD3CD}] . (.Company Name - This installer database contains the logic.) -- C:\Users\Popo\Downloads\openoffice_setup.exe
O4 - HKUS\S-1-5-21-1341147681-22977863-3018672030-1001\..\Run: [Pokki] %LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe /LOGON
O4 - HKUS\S-1-5-21-1341147681-22977863-3018672030-1001\..\Run: [{6472EC22-FBC2-4B06-87BE-5F1BCCEDD3CD}] . (.Company Name - This installer database contains the logic.) -- C:\Users\Popo\Downloads\openoffice_setup.exe
~ Application: Scanned in 00mn 01s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{11EE3FD2-AB98-447E-A03E-8694CB638C25}: DhcpNameServer = 212.27.40.241 212.27.40.240 [Pays FR - 212.27.40.241]
O17 - HKLM\System\CS1\Services\Tcpip\..\{11EE3FD2-AB98-447E-A03E-8694CB638C25}: DhcpNameServer = 212.27.40.241 212.27.40.240 [Pays FR - 212.27.40.241]
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 [Pays FR - 212.27.40.241]
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Internet-Controller Service (internetControllerService) . (...) - C:\Users\Popo\AppData\Roaming\Internet-Controller\internet-controllerservice.exe
O23 - Service: C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
~ Services: 22 Scanned in 00mn 11s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.94C883FE6DE0939403AF9E98C9B1BF00] [APT] [AcerCloud] (.Acer Incorporated.) -- C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [17737800]
[MD5.0C9D9446E7430E2D40F1A88EACD76F6E] [APT] [ALU] (...) -- C:\Program Files (x86)\Acer\Live Updater\updater.exe [4150312]
[MD5.B690DE3B3D28AD45112BE310780DBE8D] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40008]
[MD5.9A1F3AEA8D61AA67D90F1B336C00984E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5496600]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.284B7132DF91F48C83E61A2B437F1776] [APT] [Launch Manager] (.Acer Incorporate.) -- C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [437288]
[MD5.0784C06E13C18B3342558C63B3A0240D] [APT] [Norton Online Backup ARA] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\Ara.exe [699728]
[MD5.876109E12D6E35706643FBE605FB6EFA] [APT] [Opera scheduled Autoupdate 1423481602] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [487544]
[MD5.63FC3383151D90D4E7CF135661CE8342] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5306408]
[MD5.4F57B40BEE426AEEB16E54042E8A0FE6] [APT] [Quick Access] (.Acer Incorporate.) -- C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [322088]
[MD5.441274C321383936860E845BD1EB4340] [APT] [{5F75DB42-E115-4462-85C5-7344FF779BB6}] (...) -- C:\Users\Popo\Downloads\7z920.exe [1138397]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.47AACF204D22F4CD64CDD9B1C0BACF2A] [APT] [Notification] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [282152]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1088]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1092]
~ Scheduled Task: 18 Scanned in 00mn 11s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
~ Drivers: 34 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acer Docs - (.Acer Incorporated.) [HKLM][64Bits] -- {CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
O42 - Logiciel: Acer Games - (.Pokki.) [HKCU][64Bits] -- Pokki_03d432a7e610c3e908213e7689d4342ce2111caf
O42 - Logiciel: Acer Launch Manager - (.Acer Incorporated.) [HKLM][64Bits] -- {C18D55BD-1EC6-466D-B763-8EEDDDA9100E}
O42 - Logiciel: Acer Media - (.Acer Incorporated.) [HKLM][64Bits] -- {E9AF1707-3F3A-49E2-8345-4F2D629D0876}
O42 - Logiciel: Acer Photo - (.Acer Incorporated.) [HKLM][64Bits] -- {B5AD89F2-03D3-4206-8487-018298007DD0}
O42 - Logiciel: Acer Portal - (.Acer Incorporated.) [HKLM][64Bits] -- {A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
O42 - Logiciel: Acer Quick Access - (.Acer Incorporated.) [HKLM][64Bits] -- {C1FA525F-D701-4B31-9D32-504FC0CF0B98}
O42 - Logiciel: Acer Remote Files - (.Acer Incorporated.) [HKLM][64Bits] -- {13885028-098C-4799-9B71-27DAC96502D5}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC}
O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {D7B824DE-DA32-4772-9E5E-39C5158136A7}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {C4123106-B685-48E6-B9BD-E4F911841EB4}
O42 - Logiciel: Broadcom Card Reader Driver Installer - (.Broadcom Corporation.) [HKLM][64Bits] -- {67AA948F-8D83-4566-B84A-7CAABCF64E3F}
O42 - Logiciel: Broadcom NetLink Controller - (.Broadcom Corporation.) [HKLM][64Bits] -- {D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Host App Service - (.Pokki.) [HKCU][64Bits] -- Pokki
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6}
O42 - Logiciel: Internet Controller - (.Inquiro SA.) [HKLM][64Bits] -- Internet Controller
O42 - Logiciel: McAfee LiveSafe - Internet Security - (.McAfee, Inc..) [HKLM][64Bits] -- MSC
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Nero BackItUp 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {551AC8F2-FEA2-4B45-ACF7-C98681233CC9}
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- NARA =>.Symantec Corporation
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {E625FCA0-E43E-4D3B-92FF-4851308A0366} =>.Symantec Corporation
O42 - Logiciel: Office Addin - (.Acer.) [HKLM][64Bits] -- {6D2BBE1D-E600-4695-BA37-0B0E605542CC}
O42 - Logiciel: Office Addin 2003 - (.Acer.) [HKLM][64Bits] -- {1FCC073B-CC01-4443-AD20-E559F66E6E83}
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}
O42 - Logiciel: Opera Stable 27.0.1689.66 - (.Opera Software ASA.) [HKLM][64Bits] -- Opera 27.0.1689.66
O42 - Logiciel: Pokki Start Menu - (.Pokki.) [HKCU][64Bits] -- Pokki_Start_Menu
O42 - Logiciel: Visual Studio 2005 Tools pour Office Second Edition Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Visual Studio 2005 Tools for Office Runtime
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Visual Studio Tools for the Office system 3.0 Runtime
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {91589413-6675-4C27-8AFC-EFB9103B90A5}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {93F2A022-6C37-48B8-B241-FFABD9F60C30}
~ Logic: 41 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Atheros]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Company Name AiTemp]
[HKCU\Software\CyberLink]
[HKCU\Software\Elantech]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Internet Controller]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\McAfee]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\OEM]
[HKCU\Software\OpenOffice]
[HKCU\Software\Opera Software]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SYNCJM]
[HKCU\Software\Trolltech]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\_GI]
[HKCU\Software\nuevos-programas.com]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\Classes]
[HKLM\Software\Clearfi]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Symantec]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\7-Zip]
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clearfi]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\McAfeeInstaller]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\OpenOffice]
[HKLM\Software\Wow6432Node\Opera Software]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WLAN and Bluetooth Client Installation Program]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SiteAdvisor]
[HKLM\Software\Wow6432Node\StrongSignal] =>PUP.StrongSignal
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 209 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/04/2015 - 11:55:04 - [] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 10/02/2015 - 12:22:07 - [] ----D C:\Program Files (x86)\Acer
O43 - CFD: 16/04/2015 - 12:35:22 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 22/05/2015 - 16:34:00 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 09/02/2015 - 13:35:53 - [] ----D C:\Program Files (x86)\Company Name
O43 - CFD: 19/02/2014 - 13:15:45 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 10/02/2015 - 12:58:28 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 19/02/2014 - 13:15:07 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 19/02/2014 - 12:48:53 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 15/05/2015 - 23:44:30 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 16/04/2015 - 12:37:00 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 19/02/2014 - 13:24:06 - [] ----D C:\Program Files (x86)\McAfee
O43 - CFD: 19/02/2014 - 13:13:55 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 20/04/2015 - 19:25:51 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 22/05/2015 - 18:17:01 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 15/10/2013 - 16:27:41 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 15/10/2013 - 16:42:57 - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 19/02/2014 - 13:14:53 - [] ----D C:\Program Files (x86)\Norton Online Backup ARA =>.Symantec Corporation
O43 - CFD: 19/02/2014 - 13:14:49 - [] ----D C:\Program Files (x86)\NortonInstaller
O43 - CFD: 09/02/2015 - 13:19:08 - [] ----D C:\Program Files (x86)\OEM
O43 - CFD: 10/02/2015 - 13:58:00 - [] ----D C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 18/05/2015 - 21:58:13 - [] ----D C:\Program Files (x86)\Opera
O43 - CFD: 19/02/2014 - 13:00:45 - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 19/02/2014 - 12:53:53 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 15/10/2013 - 16:27:41 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 19/02/2014 - 13:14:59 - [] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 19/02/2014 - 12:54:29 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 16/04/2015 - 12:25:56 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 12/03/2015 - 19:10:50 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 20/04/2015 - 19:25:46 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 23/04/2015 - 10:34:31 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 23/04/2015 - 10:34:31 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 23/04/2015 - 10:34:31 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 23/04/2015 - 10:34:30 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 23/04/2015 - 10:34:31 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 22/08/2013 - 17:36:30 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 17:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 22/05/2015 - 18:36:04 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 16/04/2015 - 12:35:09 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 19/02/2014 - 12:58:10 - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 19/02/2014 - 12:53:50 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 19/02/2014 - 12:24:14 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 15/10/2013 - 16:44:35 - [] ----D C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 10/02/2015 - 15:40:42 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 15/10/2013 - 16:42:44 - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 19/02/2014 - 12:48:31 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 23/04/2015 - 10:34:28 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 20/04/2015 - 19:20:32 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 19/02/2014 - 13:20:31 - [] ----D C:\ProgramData\Acer
O43 - CFD: 16/04/2015 - 12:35:17 - [] ----D C:\ProgramData\Apple
O43 - CFD: 16/04/2015 - 12:36:58 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 19/02/2014 - 13:02:41 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 19/02/2014 - 13:14:59 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 09/02/2015 - 13:15:41 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 19/02/2014 - 13:16:19 - [] ----D C:\ProgramData\CLSK
O43 - CFD: 08/03/2015 - 12:23:49 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 16/04/2015 - 12:38:00 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 27/02/2015 - 18:40:39 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 19/02/2014 - 13:15:07 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 19/02/2014 - 12:48:53 - [] ----D C:\ProgramData\Intel
O43 - CFD: 22/05/2015 - 16:59:10 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 10/02/2015 - 16:07:49 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 09/02/2015 - 13:15:41 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 20/04/2015 - 19:20:28 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 20/04/2015 - 19:22:35 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 09/02/2015 - 13:15:41 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 20/05/2015 - 21:34:33 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 15/10/2013 - 16:42:44 - [] ----D C:\ProgramData\Nero
O43 - CFD: 19/02/2015 - 18:18:39 - [] ----D C:\ProgramData\Norton
O43 - CFD: 19/02/2014 - 13:14:49 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 19/02/2014 - 13:11:57 - [] ----D C:\ProgramData\OEM
O43 - CFD: 09/02/2015 - 13:18:35 - [] ----D C:\ProgramData\OEM_YAHOO
O43 - CFD: 19/02/2014 - 12:57:33 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 23/04/2015 - 10:34:28 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 19/02/2014 - 13:14:59 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 19/02/2014 - 13:15:29 - [] ----D C:\ProgramData\Temp
O43 - CFD: 22/08/2013 - 16:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 16/04/2015 - 12:25:32 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 09/02/2015 - 13:52:36 - [] ----D C:\ProgramData\{1390FB53-4312-2AD5-F294-5A57221689D9}
O43 - CFD: 16/04/2015 - 11:55:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 23/04/2015 - 10:38:19 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 23/04/2015 - 10:38:19 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 10/02/2015 - 12:37:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
O43 - CFD: 23/04/2015 - 10:38:19 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 10/02/2015 - 13:09:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 19/02/2014 - 13:16:10 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
O43 - CFD: 16/04/2015 - 12:25:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 10/02/2015 - 13:00:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 16/04/2015 - 12:40:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 22/08/2013 - 17:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 22/05/2015 - 18:08:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
O43 - CFD: 15/10/2013 - 16:42:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 19/02/2014 - 13:14:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup =>.Symantec Corporation
O43 - CFD: 10/02/2015 - 14:08:28 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
O43 - CFD: 22/08/2013 - 17:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 23/04/2015 - 10:38:19 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 22/08/2013 - 21:11:12 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 20/04/2015 - 19:26:19 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 22/05/2015 - 18:36:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 09/02/2015 - 19:05:08 - [] ----D C:\Users\Popo\AppData\Roaming\acer
O43 - CFD: 09/02/2015 - 13:17:08 - [] ----D C:\Users\Popo\AppData\Roaming\Adobe
O43 - CFD: 16/04/2015 - 13:09:31 - [] ----D C:\Users\Popo\AppData\Roaming\Apple Computer
O43 - CFD: 09/02/2015 - 13:19:56 - [] ----D C:\Users\Popo\AppData\Roaming\Atheros
O43 - CFD: 10/02/2015 - 12:23:21 - [] ----D C:\Users\Popo\AppData\Roaming\Company Name
O43 - CFD: 08/03/2015 - 12:23:52 - [] ----D C:\Users\Popo\AppData\Roaming\CyberLink
O43 - CFD: 23/04/2015 - 10:52:26 - [] ----D C:\Users\Popo\AppData\Roaming\Identities
O43 - CFD: 09/02/2015 - 13:35:28 - [] ----D C:\Users\Popo\AppData\Roaming\Internet-Controller
O43 - CFD: 09/02/2015 - 13:40:46 - [] ----D C:\Users\Popo\AppData\Roaming\Macromedia
O43 - CFD: 20/04/2015 - 19:27:15 - [] -S--D C:\Users\Popo\AppData\Roaming\Microsoft
O43 - CFD: 20/05/2015 - 21:34:58 - [] ----D C:\Users\Popo\AppData\Roaming\Mozilla
O43 - CFD: 09/02/2015 - 15:04:35 - [] ----D C:\Users\Popo\AppData\Roaming\OpenOffice
O43 - CFD: 01/05/2015 - 10:37:04 - [] ----D C:\Users\Popo\AppData\Roaming\Opera Software
O43 - CFD: 09/02/2015 - 13:45:04 - [] ----D C:\Users\Popo\AppData\Roaming\WildTangent
O43 - CFD: 22/05/2015 - 18:37:31 - [] ----D C:\Users\Popo\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 10/02/2015 - 12:14:56 - [] ----D C:\Users\Popo\AppData\Local\Acer
O43 - CFD: 10/02/2015 - 12:18:43 - [] ----D C:\Users\Popo\AppData\Local\Acer Aspire R7 Tutorial
O43 - CFD: 10/02/2015 - 12:14:48 - [] ----D C:\Users\Popo\AppData\Local\AOP SDK
O43 - CFD: 16/04/2015 - 12:35:25 - [] ----D C:\Users\Popo\AppData\Local\Apple
O43 - CFD: 16/04/2015 - 12:40:55 - [] ----D C:\Users\Popo\AppData\Local\Apple Computer
O43 - CFD: 09/02/2015 - 13:13:42 - [] -SH-D C:\Users\Popo\AppData\Local\Application Data
O43 - CFD: 09/02/2015 - 13:50:45 - [] ----D C:\Users\Popo\AppData\Local\Apps
O43 - CFD: 10/02/2015 - 12:45:58 - [] ----D C:\Users\Popo\AppData\Local\clear.fi
O43 - CFD: 10/02/2015 - 12:37:18 - [] ----D C:\Users\Popo\AppData\Local\ClearfiMedia
O43 - CFD: 10/02/2015 - 12:37:18 - [] ----D C:\Users\Popo\AppData\Local\ClearfiPhoto
O43 - CFD: 27/02/2015 - 19:45:33 - [] ----D C:\Users\Popo\AppData\Local\CyberLink
O43 - CFD: 10/02/2015 - 12:57:44 - [0] ----D C:\Users\Popo\AppData\Local\Deployment
O43 - CFD: 18/05/2015 - 14:24:37 - [] ----D C:\Users\Popo\AppData\Local\Diagnostics
O43 - CFD: 16/04/2015 - 12:00:21 - [] ----D C:\Users\Popo\AppData\Local\ElevatedDiagnostics
O43 - CFD: 09/02/2015 - 13:53:16 - [] ----D C:\Users\Popo\AppData\Local\Google
O43 - CFD: 09/02/2015 - 13:13:42 - [] -SH-D C:\Users\Popo\AppData\Local\Historique
O43 - CFD: 08/03/2015 - 12:23:42 - [0] ----D C:\Users\Popo\AppData\Local\MediaShow
O43 - CFD: 18/05/2015 - 14:24:18 - [] ----D C:\Users\Popo\AppData\Local\Microsoft
O43 - CFD: 20/05/2015 - 21:35:00 - [] ----D C:\Users\Popo\AppData\Local\Mozilla
O43 - CFD: 09/02/2015 - 13:40:48 - [0] ----D C:\Users\Popo\AppData\Local\Opera Software
O43 - CFD: 03/04/2015 - 17:53:38 - [] ----D C:\Users\Popo\AppData\Local\Packages
O43 - CFD: 09/02/2015 - 13:30:22 - [0] ----D C:\Users\Popo\AppData\Local\PackageStaging
O43 - CFD: 22/05/2015 - 18:04:49 - [] ----D C:\Users\Popo\AppData\Local\Pokki
O43 - CFD: 22/05/2015 - 16:58:41 - [] ----D C:\Users\Popo\AppData\Local\Programs
O43 - CFD: 22/05/2015 - 18:37:11 - [] ----D C:\Users\Popo\AppData\Local\Temp
O43 - CFD: 09/02/2015 - 13:13:42 - [] -SH-D C:\Users\Popo\AppData\Local\Temporary Internet Files
O43 - CFD: 09/02/2015 - 13:17:01 - [0] ----D C:\Users\Popo\AppData\Local\VirtualStore
O43 - CFD: 23/04/2015 - 10:53:44 - [] ----D C:\Users\Popo\AppData\Local\Windows Live
O43 - CFD: 22/08/2013 - 17:36:32 - [] R---D C:\Users\Popo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - 17:36:32 - [] R---D C:\Users\Popo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/03/2015 - 12:56:24 - [] R---D C:\Users\Popo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 22/08/2013 - 17:36:32 - [] ----D C:\Users\Popo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 11/03/2015 - 12:56:24 - [] R---D C:\Users\Popo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 22/08/2013 - 17:36:32 - [] R---D C:\Users\Popo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
~ Program Folder: 156 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0D2B130C7B5BCEC85D7A789A4338F9B7] - 13/05/2015 - 08:03:45 ---A- . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll [262144]
O44 - LFC:[MD5.14673D16D433373898FE3006C5A01157] - 13/05/2015 - 08:03:45 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [1032704]
O44 - LFC:[MD5.49B1935F131A44CD29857D6900CB643F] - 13/05/2015 - 08:03:45 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [800768]
O44 - LFC:[MD5.8541124139D68239B1EDE3E490367A6C] - 13/05/2015 - 08:03:45 ---A- . (.Microsoft Corporation - Moteur d'installation.) -- C:\Windows\System32\inseng.dll [107520]
O44 - LFC:[MD5.AB8DF81AC1BF4546C3102469B840009E] - 13/05/2015 - 08:03:45 ---A- . (.Microsoft Corporation - Objets homologues Internet Explorer.) -- C:\Windows\System32\iepeers.dll [145408]
O44 - LFC:[MD5.673582881DAC4B27E9368BC8834507DD] - 13/05/2015 - 08:03:45 ---A- . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll [374272]
O44 - LFC:[MD5.1D610F215769E4FF56C7B1847DE4B86D] - 13/05/2015 - 08:03:46 ---A- . (.Microsoft Corporation - Moteur de l'interface utilisateur d'Interne.) -- C:\Windows\System32\ieui.dll [633856]
O44 - LFC:[MD5.C1D6BD834E69E8F77C8B4DDFCEE073F6] - 13/05/2015 - 08:03:47 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [417792]
O44 - LFC:[MD5.E20B5098C8707B2CF0858024568234FF] - 13/05/2015 - 08:03:47 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [801280]
O44 - LFC:[MD5.1921A72BF1273BED72E569EF1F1A0611] - 13/05/2015 - 08:03:47 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [92160]
O44 - LFC:[MD5.F918BE3C5ACA0B6485D725CC1A5348DC] - 13/05/2015 - 08:03:47 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2125824]
O44 - LFC:[MD5.5EDC6AF7589B65C89CB1154B3377D0C4] - 13/05/2015 - 08:03:47 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [720384]
O44 - LFC:[MD5.B85ECB91C88F6E74045061B7F7DDEFA2] - 13/05/2015 - 08:03:48 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [584192]
O44 - LFC:[MD5.63061A0826839DE8F5B4713976C99F1B] - 13/05/2015 - 08:03:49 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [816640]
O44 - LFC:[MD5.ED4EB5A0CDD251A17B946C515CB94D70] - 13/05/2015 - 08:03:51 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1547264]
O44 - LFC:[MD5.843D063E75B19188759CBEC82828BCB1] - 13/05/2015 - 08:03:52 ---A- . (.Microsoft Corporation - Utilitaire à l'exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2885120]
O44 - LFC:[MD5.F0289B3A341429117696F0279DA977B6] - 13/05/2015 - 08:03:53 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2352128]
O44 - LFC:[MD5.79A4C71CD8B610DE9F66B72B5654C450] - 13/05/2015 - 08:03:57 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [6025728]
O44 - LFC:[MD5.E061B5A1D0F9BBACA41149201ADF4A3B] - 13/05/2015 - 08:03:59 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [14401536]
O44 - LFC:[MD5.C31D57F7A58FACDA2671075CEBA75199] - 13/05/2015 - 08:04:00 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [24971776]
O44 - LFC:[MD5.7719BBE3BDA2171FF0955171D9460D26] - 13/05/2015 - 08:04:04 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [4180480]
O44 - LFC:[MD5.6C068E7207F183FF3647E45D2599E80C] - 13/05/2015 - 08:04:04 ---A- . (.Microsoft Corporation - Service de cache de police Windows.) -- C:\Windows\System32\FntCache.dll [1387008]
O44 - LFC:[MD5.4829F2EFACF23F63D6D85B7F1084FB70] - 13/05/2015 - 08:04:04 ---A- . (.Microsoft Corporation - Services de typographie Microsoft DirectX.) -- C:\Windows\System32\DWrite.dll [1996800]
O44 - LFC:[MD5.B023C38663271E79FC2A9B63F6FE6417] - 13/05/2015 - 08:04:05 ---A- . (.Microsoft Corporation - Photo Metadata Handler.) -- C:\Windows\System32\PhotoMetadataHandler.dll [445440]
O44 - LFC:[MD5.C61EAF8E1E4B2F62BA4FDF457440B2C6] - 13/05/2015 - 08:04:05 ---A- . (.Microsoft Corporation - UDF File System Driver.) -- C:\Windows\System32\Drivers\udfs.sys [316416]
O44 - LFC:[MD5.053EF531F55B508343BB3CA91386C1C7] - 13/05/2015 - 08:04:07 ---A- . (.Microsoft Corporation - DPAPI Server.) -- C:\Windows\System32\dpapisrv.dll [186368]
O44 - LFC:[MD5.E0C7813A97CA7947FF5C18A8F3B61A45] - 13/05/2015 - 08:04:10 ---A- . (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\System32\services.exe [410128]
O44 - LFC:[MD5.0BB6089A1AEE468209FE22E29E6B87BD] - 13/05/2015 - 08:04:10 ---A- . (.Microsoft Corporation - Extension de l'environnement des appareils.) -- C:\Windows\System32\wpdshext.dll [2067968]
O44 - LFC:[MD5.161156327265FB02A820506B98DA7A07] - 13/05/2015 - 08:04:11 ---A- . (.Microsoft Corporation - Windows Image Helper.) -- C:\Windows\System32\dbghelp.dll [1491456]
O44 - LFC:[MD5.48CC2698381AA1F6FBE0D78507281B40] - 13/05/2015 - 08:04:11 ---A- . (.Microsoft Corporation - Windows Symbolic Debugger Engine.) -- C:\Windows\System32\dbgeng.dll [4417536]
O44 - LFC:[MD5.C54B6B2170BF628FD42F799A66956D75] - 13/05/2015 - 08:04:12 ---A- . (.Microsoft Corporation - Pilote du bus numérique sécurisé (SD).) -- C:\Windows\System32\Drivers\sdbus.sys [239424]
O44 - LFC:[MD5.95E295FD19F80B3AD33629B5AEFEC9C7] - 13/05/2015 - 08:04:12 ---A- . (.Microsoft Corporation - SD Crashdump Port Driver.) -- C:\Windows\System32\Drivers\dumpsd.sys [154432]
O44 - LFC:[MD5.8442CC9A31FC381255B98D615E49EF82] - 13/05/2015 - 08:04:12 ---A- . (.Microsoft Corporation - Screen Reader Helper DLL.) -- C:\Windows\System32\SRH.dll [2162176]
O44 - LFC:[MD5.0F5DF8F08C138D9E1DE88984FEAA1B96] - 13/05/2015 - 08:04:13 ---A- . (.Microsoft Corporation - Service journal des événements.) -- C:\Windows\System32\wevtsvc.dll [1696256]
O44 - LFC:[MD5.952D277678FC177CA8549B92A01C4C2C] - 13/05/2015 - 08:04:14 ---A- . (.Microsoft Corporation - Programme d'installation de la base de donn.) -- C:\Windows\System32\sdbinst.exe [24576]
O44 - LFC:[MD5.2DDC7AE2C753033E5EC95F3358358043] - 13/05/2015 - 08:04:17 ---A- . (.Microsoft Corporation - Client Microsoft® Active Directory Certific.) -- C:\Windows\System32\certcli.dll [445440]
O44 - LFC:[MD5.CBB2FE432D81825C174A65DCE538A610] - 13/05/2015 - 08:04:18 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1441792]
O44 - LFC:[MD5.5E5AB950693F2C6D6ACBEE3A74697ED7] - 13/05/2015 - 08:04:18 ---A- . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\Drivers\cng.sys [561928]
O44 - LFC:[MD5.9D17F78BB04A3EF67426AFD087660188] - 13/05/2015 - 08:04:20 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [410017]
O44 - LFC:[MD5.4C0E8295772A78291A0E256882A0D0E2] - 13/05/2015 - 08:04:20 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\UtcResources.dll [36864]
O44 - LFC:[MD5.9703EC57F5BBB94F89CA80A5D0C12221] - 13/05/2015 - 08:04:20 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\diagtrack.dll [1429504]
O44 - LFC:[MD5.62E3FCC2789CA52AA8A59122FDFCE26E] - 13/05/2015 - 08:04:21 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll [429568]
O44 - LFC:[MD5.FE14D249D39368CA62D8DA6BC94AC694] - 13/05/2015 - 08:04:22 ---A- . (.Microsoft Corporation - Application Compatibility Cache.) -- C:\Windows\System32\Drivers\ahcache.sys [80384]
O44 - LFC:[MD5.A709D50BD3125B53283220BA44B78690] - 13/05/2015 - 08:04:22 ---A- . (.Microsoft Corporation - Implémentation de la base de données de par.) -- C:\Windows\System32\SystemSettingsDatabase.dll [116736]
O44 - LFC:[MD5.4658D596725A71521971054D3AF1DCD0] - 13/05/2015 - 08:04:22 ---A- . (.Microsoft Corporation - System Settings Handlers Implementation.) -- C:\Windows\System32\SettingsHandlers.dll [2819584]
O44 - LFC:[MD5.7E36F0698777668A09DD316E59807E0E] - 13/05/2015 - 08:04:22 ---A- . (.Microsoft Corporation - WinRT Windows Inking DLL.) -- C:\Windows\System32\Windows.UI.Input.Inking.dll [172544]
O44 - LFC:[MD5.272A62B660A48AEF366F8A1836CED19F] - 13/05/2015 - 08:04:47 ---A- . (.Microsoft Corporation - Bluetooth Hands-Free Audio and Call Control.) -- C:\Windows\System32\Drivers\bthhfenum.sys [57856]
O44 - LFC:[MD5.95B0179BDA907252025DEEA183699FB3] - 13/05/2015 - 08:04:47 ---A- . (.Microsoft Corporation - Pilote de concentrateur USB3.) -- C:\Windows\System32\Drivers\USBHUB3.SYS [467776]
O44 - LFC:[MD5.3DB29814EA5A2091425200B58E25BA15] - 13/05/2015 - 08:04:48 ---A- . (.Microsoft Corporation - Bibliothèque principale du Gestionnaire de.) -- C:\Windows\System32\dwmcore.dll [2256896]
O44 - LFC:[MD5.65D9D98DBFF574BA9B68F76F0BB1630E] - 15/05/2015 - 17:57:21 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [140425016]
O44 - LFC:[MD5.5461373AB510F4C22CE61EB7965BE8F2] - 15/05/2015 - 18:06:23 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [124112]
O44 - LFC:[MD5.6AABB995ADA57D72AC28A59D72A12BD1] - 16/05/2015 - 09:28:05 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [362680]
O44 - LFC:[MD5.828AE71F67ACDB05C94F76FE37E55099] - 20/05/2015 - 20:52:43 ---A- . (...) -- C:\Windows\kwn.dat [631296]
O44 - LFC:[MD5.4E90156341C4F564F10DA38961215FE9] - 22/05/2015 - 15:46:06 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1824010]
O44 - LFC:[MD5.34D119FC203F99C1B823FEE3FF99254F] - 22/05/2015 - 15:46:06 ---A- . (...) -- C:\Windows\System32\perfc009.dat [135592]
O44 - LFC:[MD5.BC9DE06E399C0974D3C318E9F599A685] - 22/05/2015 - 15:46:06 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [159412]
O44 - LFC:[MD5.4473FFCBF9C6493A22A41ED499DEB75B] - 22/05/2015 - 15:46:06 ---A- . (...) -- C:\Windows\System32\perfh009.dat [722476]
O44 - LFC:[MD5.993D6423ADB07B5B55282CF43DFC5B98] - 22/05/2015 - 15:46:06 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [812350]
O44 - LFC:[MD5.655CCC241903AC5A342C289E13E99A4A] - 22/05/2015 - 15:49:02 ---A- . (.ELAN Microelectronics Corp. - ETD Ware Uninstall Application.) -- C:\Windows\ETDUninst.dll [2214216]
O44 - LFC:[MD5.FA86666C94696264267F4750FFA63996] - 22/05/2015 - 17:04:48 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.B82762A35FB503366D08BE538F52DB27] - 22/05/2015 - 17:16:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [881929]
~ Files: 62 Scanned in 00mn 16s



---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
~ CSB: 19 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\msacm.l3acm=C:\Windows\System32\l3codeca.acm . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\C:\Windows\System32\l3codeca.acm=Fraunhofer IIS MPEG Layer-3 Codec . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - EnableVirtualization=1
O55 - MWPS:[HKLM\...\Policies\System] - EnableInstallerDetection=1
O55 - MWPS:[HKLM\...\Policies\System] - PromptOnSecureDesktop=1
O55 - MWPS:[HKLM\...\Policies\System] - EnableLUA=1
O55 - MWPS:[HKLM\...\Policies\System] - EnableSecureUIAPaths=1
O55 - MWPS:[HKLM\...\Policies\System] - ConsentPromptBehaviorAdmin=5
O55 - MWPS:[HKLM\...\Policies\System] - ValidateAdminCodeSignatures=0
O55 - MWPS:[HKLM\...\Policies\System] - EnableUIADesktopToggle=0
O55 - MWPS:[HKLM\...\Policies\System] - EnableCursorSuppression=1
O55 - MWPS:[HKLM\...\Policies\System] - ConsentPromptBehaviorUser=3
O55 - MWPS:[HKLM\...\Policies\System] - dontdisplaylastusername=0
O55 - MWPS:[HKLM\...\Policies\System] - legalnoticecaption=0
O55 - MWPS:[HKLM\...\Policies\System] - legalnoticetext=0
O55 - MWPS:[HKLM\...\Policies\System] - scforceoption=0
O55 - MWPS:[HKLM\...\Policies\System] - shutdownwithoutlogon=1
O55 - MWPS:[HKLM\...\Policies\System] - undockwithoutlogon=1
O55 - MWPS:[HKLM\...\Policies\System] - FilterAdministratorToken=0
O55 - MWPS:[HKLM\...\Policies\System] - EnableLinkedConnections=1
O55 - MWPS:[HKLM\...\Policies\System] - DisableTaskMgr=0
O55 - MWPS:[HKLM\...\Policies\System] - DisableRegistryTools=0
~ MWPS: 20 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - ForceActiveDesktopOn=0
O56 - MWPE:[HKLM\...\policies\Explorer] - NoActiveDesktopChanges=1
O56 - MWPE:[HKLM\...\policies\Explorer] - NoActiveDesktop=1
O56 - MWPE:[HKLM\...\policies\Explorer] - NoRun=0
O56 - MWPE:[HKLM\...\policies\Explorer] - NoFolderOptions=0
O56 - MWPE:[HKLM\...\policies\Explorer] - NoControlPanel=0
~ MWPE Keys: 6 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:19/09/2014 - 02:45:12 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\System32\Drivers\mfeclnrk.sys [11336]
~ Drivers: 69 Scanned in 00mn 07s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 16/05/2015 - 18:38:30 ---A- . (...) -- C:\Users\Popo\AppData\Local\Packages\METEOFRANCE.Mto-France_x15hyjpa1740a\AC\Microsoft\CLR_v4.0\NativeImages\MeteoFrance.Services\782b70fbbebca3359ffc552eaa487678\MeteoFrance.Services.ni.dll [402944]
O61 - LFC: 16/05/2015 - 18:38:30 ---A- . (.Newtonsoft.) -- C:\Users\Popo\AppData\Local\Packages\METEOFRANCE.Mto-France_x15hyjpa1740a\AC\Microsoft\CLR_v4.0\NativeImages\Newtonsoft.Json\e9200a68f15e0ff0a7a034bca7dd272a\Newtonsoft.Json.ni.dll [1967616]
O61 - LFC: 18/05/2015 - 18:38:29 ---A- . (.Autofac Project - http://autofac.org.) -- C:\Users\Popo\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Autofac\c8fbf64fe318ea1b05f07b1e3730622c\Autofac.ni.dll [1047040] [Pays US - 192.30.252.153]
O61 - LFC: 20/05/2015 - 18:39:21 ---A- . (.Mozilla Corporation.) -- C:\Users\Popo\AppData\Local\Temp\~nsu.tmp\Bu_.exe [103588]
O61 - LFC: 20/05/2015 - 18:39:44 ---A- . (...) -- C:\Users\Popo\Downloads\Adblock-Plus-1-7-2(1).exe [422400]
O61 - LFC: 20/05/2015 - 18:39:48 ---A- . (...) -- C:\Users\Popo\Downloads\Adblock-Plus-1-7-2.exe [422400]
O61 - LFC: 20/05/2015 - 18:39:53 ---A- . (...) -- C:\Users\Popo\Downloads\Firefox Setup 38.0.exe [40165016]
O61 - LFC: 22/05/2015 - 18:38:13 ---A- . (...) -- C:\Users\Popo\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 22/05/2015 - 18:38:16 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll [291016]
O61 - LFC: 22/05/2015 - 18:38:16 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [1645256]
O61 - LFC: 22/05/2015 - 18:38:16 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\LoggingPlatform64.dll [135880]
O61 - LFC: 22/05/2015 - 18:38:16 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\msvcp110.dll [661448]
O61 - LFC: 22/05/2015 - 18:38:17 ---A- . (...) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\CollectOneDriveLogs.bat [5850]
O61 - LFC: 22/05/2015 - 18:38:17 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\ETWlog.dll [28872]
O61 - LFC: 22/05/2015 - 18:38:17 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSync.LocalizedResources.dll [82632]
O61 - LFC: 22/05/2015 - 18:38:17 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSync.Resources.dll [2653896]
O61 - LFC: 22/05/2015 - 18:38:17 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncApi.dll [227008]
O61 - LFC: 22/05/2015 - 18:38:17 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\msvcr110.dll [828872]
O61 - LFC: 22/05/2015 - 18:38:18 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncClient.dll [1949384]
O61 - LFC: 22/05/2015 - 18:38:18 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncConfig.exe [149704]
O61 - LFC: 22/05/2015 - 18:38:18 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncSessions.dll [1359560]
O61 - LFC: 22/05/2015 - 18:38:19 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [1605832]
O61 - LFC: 22/05/2015 - 18:38:19 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\LoggingPlatform.dll [110792]
O61 - LFC: 22/05/2015 - 18:38:19 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\OneDriveSetup.exe [7676608]
O61 - LFC: 22/05/2015 - 18:38:19 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\RemoteAccess.dll [765640]
O61 - LFC: 22/05/2015 - 18:38:19 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\msvcp110.dll [534480]
O61 - LFC: 22/05/2015 - 18:38:19 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\msvcr110.dll [862664]
O61 - LFC: 22/05/2015 - 18:38:19 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\sqmapi.dll [196416]
O61 - LFC: 22/05/2015 - 18:38:20 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\SqmWrapper.dll [39112]
O61 - LFC: 22/05/2015 - 18:38:20 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\SyncEngine.dll [3187912]
O61 - LFC: 22/05/2015 - 18:38:20 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\Telemetry.dll [317128]
O61 - LFC: 22/05/2015 - 18:38:20 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\VideoStreamingPlugin.dll [414400]
O61 - LFC: 22/05/2015 - 18:38:20 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\WnsClientApi.dll [393920]
O61 - LFC: 22/05/2015 - 18:38:20 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\wlmfds.dll [427208]
O61 - LFC: 22/05/2015 - 18:38:21 ---A- . (.Microsoft Corporation.) -- C:\Users\Popo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe [7676608]
O61 - LFC: 22/05/2015 - 18:39:20 ---A- . (.Mozilla Corporation.) -- C:\Users\Popo\AppData\Local\Temp\~nsu.tmp\Au_.exe [517660]
O61 - LFC: 22/05/2015 - 18:40:01 ---A- . (.Malwarebytes Corporation.) -- C:\Users\Popo\Downloads\mbam-setup-2.1.6.1022.exe [21546080]
~ 189 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 39 Scanned in 01mn 49s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> batfile[HKLM\..\open\Command] (...) -- %1 %*
O67 - Shell Spawning: <.cmd> cmdfile[HKLM\..\open\Command] (...) -- %1 %*
O67 - Shell Spawning: <.com> comfile[HKLM\..\open\Command] (...) -- %1 %*
O67 - Shell Spawning: <.exe> exefile[HKLM\..\open\Command] (...) -- %1 %*
O67 - Shell Spawning: <.scr> scrfile[HKLM\..\open\Command] (...) -- %1 /S
O67 - Shell Spawning: <.html> ChromeHTML[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] OldSearch - (Web Search) - https://search.homepage-web.com/ [Pays US - 64.233.167.121]
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
~ Services: 34 Scanned in 00mn 00s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 29/10/2014 38792 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 27/11/2014 187168 | (internetControllerService) . (...) - C:\Users\Popo\AppData\Roaming\Internet-Controller\internet-controllerservice.exe
~ Services: Scanned in 00mn 22s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Popo at 22/05/2015 18:41:50
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Popo at 22/05/2015 18:41:52
                  • Dump file Name *********

C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/05/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

C:\Users\Popo\AppData\LocalLow\Toolbar4 =>PUP.Conduit
[HKLM\Software\Wow6432Node\StrongSignal] =>PUP.StrongSignal^
~ Additionnel Scan: 249459 Items scanned in 00mn 48s



---\\ Informations complémentaires sur les modules
~ https://nicolascoolman.eu =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) [Pays FR - 213.186.33.169]
~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5) [Pays FR - 213.186.33.169]
~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4) [Pays FR - 213.186.33.169]
~ AMI: 3 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
https://nicolascoolman.eu =>PUP.StrongSignal [Pays FR - 213.186.33.169]
https://nicolascoolman.eu =>PUP.Conduit [Pays FR - 213.186.33.169]
~ MSI: 2 link(s) detected in 00mn 00s
0
ariagleek Messages postés 6 Date d'inscription vendredi 22 mai 2015 Statut Membre Dernière intervention 23 mai 2015
22 mai 2015 à 19:08
ça?
0
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 90
22 mai 2015 à 20:45
oui, par contre utilises pijoint la prochaine fois, je te l'ai fournies dans le 1er post :)

on va désinfecter , tu peux passer ceci :

tu peux passer ceci :

1)ZHP cleaner sur ce lien : https://nicolascoolman.eu

Faits un scan et un nettoyage ....

2) ADWcleaner , ici : https://nicolascoolman.eu

Là aussi scan et nettoyage et bien sur redémarrage.

il me faudra ensuite un nouvau rapport ZHPdiag , mais il doit être fait après redémarrage ....
0

Discussions similaires

input signal out of range
marlene -
usman000 -

14 réponses
Check signal cable ?
lud59 -
Eric -

10 réponses
Je suis nouveau sur IPTV et j'ai essayé juste strongiptv.com, un autre est meill
lamia1991 -
glandu -

1 réponse
Réception fransat
Yann -
Andy31200 -

7 réponses
Signal 83 qualite 0
Gaellejnr -
SATFREAK -

7 réponses