Sujet Précédent Sujet Suivant

Malicious domain 21 et 22

Fermé
eloraleeloo Messages postés 2 Date d'inscription dimanche 8 octobre 2006 Statut Membre Dernière intervention 6 juillet 2019 - 6 juil. 2019 à 08:39
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 6 juil. 2019 à 11:46
Bonjour tout le monde,

depuis hier soir, je ne cesse d'avoir des alertes de norton, malicious domain 21 et 22 en alternance.
J'ai lancé ZHPDIAG pendant que je lançais l'analyse, entre 2 attaques norton m'a écrit que : gmpopenh264.dll était ok, qu'est-ce ?

et sinon

Voici le rapport ( j'ai tout collé ne sachant trop ce dont vous auriez besoin), merci d'avance pour toute aide apportée.

Belle journée à vous

~ ZHPDiag v2016.1.31.23 Par Nicolas Coolman (2016/01/30)
~ Démarré par Elora (Administrator) (2019/07/06 08:30:59)
~ Site: https://nicolascoolman.eu
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Pas de fichier réseau
~ Mode: Scanner
~ Rapport: C:\Users\Elora\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Elora\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 17134)

---\\ Navigateurs Internet (2) - 0s
MFIE: Mozilla Firefox 67.0.4 (x64 fr)
MSIE: Internet Explorer v11.829.17134.0

---\\ Informations sur les produits Windows (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection (2) - 10s
Norton Security v22.17.3.50
Windows Defender (Deactivate)

---\\ Surveillance de Logiciels (1) - 10s
Adobe Flash Player 32 NPAPI

---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 158 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 6173.924 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 677 GB () free of 938 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: PC-ELORA-ROUGE
~ User Name: Elora
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 677 GB free of 938 GB (System)
~ Drive D: has 1 GB free of 14 GB

---\\ Etat du Centre de Sécurité Windows (7) - 1s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Recherche particulière de fichiers génériques (25) - 2s
[MD5.C8FB56B60458B09C1CAEBD4DAF1AC8BB] - 14/03/2019 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [3933296] {33000001C313A085C356E299D70000000001C3} =>.Microsoft Corporation
[MD5.73C519F050C20580F8A62C849D49215A] - 12/04/2018 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [69632] =>.Microsoft Corporation
[MD5.A58B0CB069DA7840B935872ADCD7F0C2] - 12/04/2018 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [366792] {330000016B5AF7A2A57141582700000000016B} =>.Microsoft Corporation
[MD5.8DA81943DAA4CE6BD1DE91F56BE72EE7] - 17/05/2019 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [4937216] =>.Microsoft Corporation
[MD5.749CA1F1B638E4E4A8A1F0990377012F] - 08/09/2018 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [677888] =>.Microsoft Corporation
[MD5.7A377800FF15426B7D89768A8727CFEF] - 12/04/2018 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [415232] =>.Microsoft Corporation
[MD5.86FE93AFDD8B2BCD389E30839A652181] - 09/11/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [766704] {33000001C422B2F79B793DACB20000000001C4} =>.Microsoft Corporation
[MD5.B668D6FD24465E11155B47808553DA61] - 09/11/2018 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [573504] {33000001C422B2F79B793DACB20000000001C4} =>.Microsoft Corporation
[MD5.80BC3B8D2055BC38ECD84769C074C18F] - 12/04/2018 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.7FCE169D96CE4AA1009A459661EAE109] - 06/03/2019 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [626488] {33000001C422B2F79B793DACB20000000001C4} =>.Microsoft Corporation
[MD5.90AB4ED8EBD72A1C096A40CC35404B91] - 12/04/2018 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28568] {330000017469DE108B3765A8D7000000000174} =>.Microsoft Corporation
[MD5.54821BC6FD2D26ECC3081109AF1AEAD5] - 06/03/2019 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93696] =>.Microsoft Corporation
[MD5.6834DBBA2A1DBA5B9B6360D0B9A3CBB5] - 15/06/2018 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [159744] =>.Microsoft Corporation
[MD5.8A1C10410FDA4287A76EC5A64371E221] - 15/06/2018 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [141312] =>.Microsoft Corporation
[MD5.DED74127C7A2266715C0B8EA2EE75214] - 12/04/2018 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86016] =>.Microsoft Corporation
[MD5.DA179667B8CEC22E4ECBBF4210DC0E35] - 12/04/2018 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [105984] =>.Microsoft Corporation
[MD5.7408B83959A4B8271EF67FD06A6B366B] - 12/04/2018 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214528] =>.Microsoft Corporation
[MD5.6C321DB795F5EF5FF870737177825FC9] - 20/09/2018 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [500536] {33000001C422B2F79B793DACB20000000001C4} =>.Microsoft Corporation
[MD5.EDA5D5221622818816FC006097CC5A18] - 02/04/2019 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [310272] =>.Microsoft Corporation
[MD5.D1EC917BA8861AE9DB655232422146F8] - 14/03/2019 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2421048] {33000001C313A085C356E299D70000000001C3} =>.Microsoft Corporation
[MD5.13B175715A4391E4E5D2AB2EBC8CDBB5] - 12/04/2018 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [98816] =>.Microsoft Corporation
[MD5.775ED7E51B58CF9EB415A1DBA540DACF] - 12/04/2018 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [106496] =>.Microsoft Corporation
[MD5.172A40D2A354F328F08264543E9D57A6] - 14/03/2019 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [182784] =>.Microsoft Corporation
[MD5.16071C42E21CE3378FA449322FB9AB1D] - 12/04/2018 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [121248] {330000017469DE108B3765A8D7000000000174} =>.Microsoft Corporation
[MD5.F0EE4E6028CCA58BEA9A04E7BEAB7DB4] - 12/04/2018 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [398240] {330000017469DE108B3765A8D7000000000174} =>.Microsoft Corporation

---\\ Liste des services NT non Microsoft et non désactivés (24) - 3s
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) - C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
O23 - Service: @oem29.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\Windows\System32\Intel\DPTF\esif_uf.exe {00C6F74DBCBB1908D453D975055162EDD2} =>.Intel Corporation
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe {2F6C404969D511652B6B865B02FFC3CD} =>.Intel(R) Corporation
O23 - Service: HP Comm Recovery (HP Comm Recover) . (.HP Inc. - CommRecovery.) - C:\Program Files\HPCommRecovery\HPCommRecovery.exe {0BAA0523610C72D3F619B1FF6406B215}
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) . (.HP Inc. - HP JumpStart Bridge.) - C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe {0BE5F20C15519E2ABD71DB9B8D41AB08}
O23 - Service: HP Service (hpsrv) . (.HP - HP Service.) - C:\Program Files (x86)\HP\HP 3D DriveGuard\hpservice.exe {0377064DEE583559DABB982C4DD33722} =>.HP
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc. - HP Support Solutions Framework Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe {0C834A23A8F6DA243E24A688741CCB0F}
O23 - Service: HPWMISVC (HPWMISVC) . (.HP Inc. - HP WMI Service.) - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe {01F5E7B9243B50531605AF6141A6F8D8}
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe {560000006441BCFD1CA85DB259000000000064} =>.Intel Corporation
O23 - Service: @oem82.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) . (...) - C:\WINDOWS\System32\ibtsiva (.not file.)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
O23 - Service: Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) . (.Intel(R) Corporation - Intel(R) TPM Provisioning Service.) - C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe {56000001475EA46CCAEF0B7481000000000147} =>.Intel(R) Corporation
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe {56000001757376CD78AD000C9A000000000175} =>.Intel Corporation
O23 - Service: Norton Security (NortonSecurity) . (.Symantec Corporation - Norton Security.) - C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe {46735060C8D2436A20F7384996EC931B} =>.Symantec Corporation
O23 - Service: Norton WSC Service (nsWscSvc) . (.Symantec Corporation - Norton Security WSC Service.) - C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe {46735060C8D2436A20F7384996EC931B} =>.Symantec Corporation
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe {2F6C404969D511652B6B865B02FFC3CD} =>.Intel(R) Corporation
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe {0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe {19FE2B7721886C7BCAC1364C90CD7FA9} =>.Synaptics Incorporated
O23 - Service: TeamViewer 14 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 14.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe {2F6C404969D511652B6B865B02FFC3CD} =>.Intel® Corporation

---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (33) - 23s

SS - Demand [18/06/2019] [ 335416] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe {0D2CACCD3E9EEC06738410BA31BF6595} =>.Adobe
SR - Auto [30/08/2011] [ 462184] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SR - Demand [15/05/2019] [ 485928] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHeciSvc.exe {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
SR - Auto [15/05/2019] [ 469032] Intel(R) Content Protection HDCP Service (cplspcon) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
SR - Auto [15/05/2019] [ 1696312] @oem29.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) . (.Intel Corporation.) - C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe =>.Intel Corporation
SR - Auto [05/09/2018] [ 670816] Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe {2F6C404969D511652B6B865B02FFC3CD} =>.Intel(R) Corporation
SR - Auto [28/09/2018] [ 1321096] HP Comm Recovery (HP Comm Recover) . (.HP Inc..) - C:\Program Files\HPCommRecovery\HPCommRecovery.exe {0BAA0523610C72D3F619B1FF6406B215}
SR - Auto [28/07/2017] [ 471040] HP JumpStart Bridge (HPJumpStartBridge) . (.HP Inc..) - C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe {0BE5F20C15519E2ABD71DB9B8D41AB08}
SR - Demand [28/09/2016] [ 1077752] HP CASL Framework Service (hpqcaslwmiex) . (.HP.) - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe {00ED900AA6C38DE2F2F56B9C65FD452551} =>.HP
SR - Auto [20/11/2017] [ 28192] HP Service (hpsrv) . (.HP.) - C:\Program Files (x86)\HP\HP 3D DriveGuard\hpservice.exe {0377064DEE583559DABB982C4DD33722} =>.HP
SR - Auto [12/06/2019] [ 356728] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc..) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe {0C834A23A8F6DA243E24A688741CCB0F}
SR - Auto [13/07/2017] [ 628768] HPWMISVC (HPWMISVC) . (.HP Inc..) - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe {01F5E7B9243B50531605AF6141A6F8D8}
SR - Auto [20/09/2016] [ 17976] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe {560000006441BCFD1CA85DB259000000000064} =>.Intel Corporation
SR - Auto [15/05/2019] [ 398376] Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
SS - Demand [11/10/2017] [ 742704] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe {56000001475EA46CCAEF0B7481000000000147} =>.Intel(R) Corporation
SS - Auto [11/10/2017] [ 668472] Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe {56000001475EA46CCAEF0B7481000000000147} =>.Intel(R) Corporation
SR - Auto [03/12/2017] [ 205968] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe {56000001757376CD78AD000C9A000000000175} =>.Intel Corporation
SS - Demand [26/06/2019] [ 238624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Foundation
SS - Demand [05/09/2018] [ 310880] Wireless PAN DHCP Server (MyWiFiDHCPDNS) . (.Copyright (C) 2005-2010 by Achal Dhir.) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe {2F6C404969D511652B6B865B02FFC3CD} =>.Copyright (C) 2005-2010 by Achal Dhir
SR - Auto [20/06/2019] [ 225608] Norton Security (NortonSecurity) . (.Symantec Corporation.) - C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe {46735060C8D2436A20F7384996EC931B} =>.Symantec Corporation
SR - Auto [20/06/2019] [ 933200] Norton WSC Service (nsWscSvc) . (.Symantec Corporation.) - C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe {46735060C8D2436A20F7384996EC931B} =>.Symantec Corporation
SS - Demand [08/05/2017] [ 494136] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SS - Demand [08/05/2017] [ 494136] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SR - Auto [24/06/2018] [ 767272] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation®
SR - Auto [08/05/2017] [ 427064] NVIDIA Telemetry Container (NvTelemetryContainer) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe =>.NVIDIA Corporation®
SR - Auto [05/09/2018] [ 170592] Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe {2F6C404969D511652B6B865B02FFC3CD} =>.Intel(R) Corporation
SR - Auto [17/04/2017] [ 324608] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe {0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor
SS - Disabl [10/03/2018] [ 495616] OpenSSH Authentication Agent (ssh-agent) . (...) - C:\Windows\System32\OpenSSH\ssh-agent.exe
SR - Auto [16/01/2017] [ 752224] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
SR - Auto [21/09/2018] [ 360872] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe {19FE2B7721886C7BCAC1364C90CD7FA9} =>.Synaptics Incorporated
SR - Auto [05/06/2019] [11814232] TeamViewer 14 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH
SR - Auto [05/09/2018] [ 4059744] Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe {2F6C404969D511652B6B865B02FFC3CD} =>.Intel® Corporation

---\\ Tâches planifiées en automatique (26) - 4s
[MD5.2B3AA344117F9378077187AE5AB80380] [APT] [Adobe Flash Player NPAPI Notifier] (.Adobe.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208] {0D2CACCD3E9EEC06738410BA31BF6595} =>.Adobe
[MD5.B3D8206F09D9FFD03C30234DC2678509] [APT] [Adobe Flash Player Updater] (.Adobe.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416] {0D2CACCD3E9EEC06738410BA31BF6595} =>.Adobe
[MD5.9C474459637F046135C424FF87498516] [APT] [HPAudioSwitch] (.HP Inc..) -- C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960] {0BE5F20C15519E2ABD71DB9B8D41AB08}
[MD5.1EF06BF7CB94BAA8C2CFD506320E3276] [APT] [HPCeeScheduleForElora] (.HP Inc..) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208] =>.Hewlett-Packard Company®
[MD5.1FAD6CFD824DED5A212AB130607612E9] [APT] [HPEA3JOBS] (.HP.) -- C:\Program Files\HP\HP ePrint\hpeprint.exe [1978720] {6207AD04EFA2FD166CC7D986887E4B18} =>.HP
[MD5.FE8868FCD850778F15CE60165F63569B] [APT] [HPJumpStartLaunch] (...) -- C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680] {0BE5F20C15519E2ABD71DB9B8D41AB08}
[MD5.7D9F8B3476E156388DA772CC1207AEF7] [APT] [Intel PTT EK Recertification] (.Intel(R) Corporation.) -- C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960] {56000001475EA46CCAEF0B7481000000000147} =>.Intel(R) Corporation
[MD5.AE5E2212C78F1DF9218C647BC761D596] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296] {46735060C8D2436A20F7384996EC931B} =>.Symantec Corporation
[MD5.FEECA8AA2B7326D22A8B54E576008FB8] [APT] [NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [494136] =>.NVIDIA Corporation®
[MD5.500FD69F85D2F806FDDA15D7EFB3C23C] [APT] [NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947768] =>.NVIDIA Corporation®
[MD5.5EB1D64C77448068005FC9B2DCD0B8B5] [APT] [NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649272] =>.NVIDIA Corporation®
[MD5.5EB1D64C77448068005FC9B2DCD0B8B5] [APT] [NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649272] =>.NVIDIA Corporation®
[MD5.E05F570BB24E5871F70EABB829D0C9FA] [APT] [NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [437816] =>.NVIDIA Corporation®
[MD5.BE488431384B523E8F63D8C76624AAEC] [APT] [NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [721976] =>.NVIDIA Corporation®
[MD5.BE488431384B523E8F63D8C76624AAEC] [APT] [NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}] (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [721976] =>.NVIDIA Corporation®
[MD5.6DBF5E67EEA838135065948A99219D0F] [APT] [Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)] (.HP Inc..) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696] {06EEEB059F8022329ED5C6C79DCFC4A9}
[MD5.BBC70C04C7FE71E5E2FD3C454164A676] [APT] [HP\HP CoolSense\HP CoolSense Start at Logon] (.HP Development Company, L.P..) -- C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1362464] {00997679F436BB669ECF7FDF00CDA69403}
O39 - APT: HPCeeScheduleForElora - (.HP Inc..) -- C:\WINDOWS\Tasks\HPCeeScheduleForElora.job [362]
O39 - APT: Adobe Flash Player NPAPI Notifier - (.Adobe.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier [4758] =>.Adobe
O39 - APT: Adobe Flash Player Updater - (.Adobe.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [4594] =>.Adobe
O39 - APT: HPAudioSwitch - (.HP Inc..) -- C:\WINDOWS\System32\Tasks\HPAudioSwitch [2440]
O39 - APT: HPCeeScheduleForElora - (.HP Inc..) -- C:\WINDOWS\System32\Tasks\HPCeeScheduleForElora [3254]
O39 - APT: HPEA3JOBS - (.HP.) -- C:\WINDOWS\System32\Tasks\HPEA3JOBS [2504] =>.HP
O39 - APT: HPJumpStartLaunch - (...) -- C:\WINDOWS\System32\Tasks\HPJumpStartLaunch [2856]
O39 - APT: Intel PTT EK Recertification - (.Intel(R) Corporation.) -- C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification [3118] =>.Intel(R) Corporation
O39 - APT: Norton WSC Integration - (.Symantec Corporation.) -- C:\WINDOWS\System32\Tasks\Norton WSC Integration [3376] =>.Symantec Corporation

---\\ Processus lancés (53) - 5s
[MD5.1BB99EB01B569F430D81972FDAA4FD39] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [767272] [PID.1944] =>.NVIDIA Corporation®
[MD5.2F18DA2179EEF0F7F24E2F019CFF1194] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe [398376] [PID.2008] {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
[MD5.A303FAF52707831AB7E524B602A8709E] - (.HP - HP Service.) -- C:\Program Files (x86)\HP\HP 3D DriveGuard\hpservice.exe [28192] [PID.1932] {0377064DEE583559DABB982C4DD33722} =>.HP
[MD5.1C7F6933D161C0CFF1C0010D196B6896] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608] [PID.3116] {0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor
[MD5.B7D7E160ECCDFD5E6CED42DADFCE7F9B] - (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) -- C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe [469032] [PID.4068] {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
[MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.3216] =>.Apple Inc.®
[MD5.32E786B0FF47283639E37415736220FD] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\Windows\System32\Intel\DPTF\esif_uf.exe [1696312] [PID.3228] {00C6F74DBCBB1908D453D975055162EDD2} =>.Intel Corporation
[MD5.0402ED31C7EF3D5A5BAA110AC3A141D8] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [170592] [PID.3268] {2F6C404969D511652B6B865B02FFC3CD} =>.Intel(R) Corporation
[MD5.ADE1977463CFB2622E6FDC6E9F31CD8E] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [360872] [PID.2184] {19FE2B7721886C7BCAC1364C90CD7FA9} =>.Synaptics Incorporated
[MD5.E71D8D771B0B87F732F1DC2881703593] - (.TeamViewer GmbH - TeamViewer 14.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232] [PID.4164] {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH
[MD5.CE7D8EDB2D4A3E919FC4826EDB791319] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064] [PID.4180] =>.NVIDIA Corporation®
[MD5.B7406573975FA697A6E262F27AED0649] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Serv.) -- C:\Windows\System32\ibtsiva.exe [529912] [PID.4188] {560000089D2953A788A5B8886900000000089D} =>.Intel Corporation
[MD5.F70A099BC16564F178EDA982377911D5] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [670816] [PID.4212] {2F6C404969D511652B6B865B02FFC3CD} =>.Intel(R) Corporation
[MD5.86DAAF947ED2B8E5C4CCA9749FE25522] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744] [PID.4220] {2F6C404969D511652B6B865B02FFC3CD} =>.Intel® Corporation
[MD5.46826B02C346D48A62FF11882AF662BB] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224] [PID.4368] =>.Samsung Electronics CO., LTD.®
[MD5.EDEAFE9F5E1616E1CEC641A97BBFEB42] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHeciSvc.exe [485928] [PID.4424] {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
[MD5.757B61477D4E77152B5195C80B1CA16F] - (.HP Inc. - CommRecovery.) -- C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096] [PID.8368] {0BAA0523610C72D3F619B1FF6406B215}
[MD5.D6314611A197BACD59669A2784E290FD] - (.HP Inc. - HP JumpStart Bridge.) -- C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040] [PID.11100] {0BE5F20C15519E2ABD71DB9B8D41AB08}
[MD5.138F6A3E13BF002852EDA02B2DEBDD19] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976] [PID.10608] {560000006441BCFD1CA85DB259000000000064} =>.Intel Corporation
[MD5.43CC4761BCB743C01FC05C5A9975EC82] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968] [PID.11028] {56000001757376CD78AD000C9A000000000175} =>.Intel Corporation
[MD5.72E9B5159D34E5AB086A9883F7C53E1A] - (.HP - HP CASL Framework Service.) -- C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1077752] [PID.11344] {00ED900AA6C38DE2F2F56B9C65FD452551} =>.HP
[MD5.42E069FFB76C271DB9E9F81A0359822D] - (.HP Inc. - HP Support Solutions Framework Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [356728] [PID.3484] {0C834A23A8F6DA243E24A688741CCB0F}
[MD5.047F3B559175EE6BD87466F115B96DFA] - (.Symantec Corporation - Norton Security.) -- C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608] [PID.10816] {46735060C8D2436A20F7384996EC931B} =>.Symantec Corporation
[MD5.1BB99EB01B569F430D81972FDAA4FD39] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [767272] [PID.12068] =>.NVIDIA Corporation®
[MD5.D6DA7A20FF3B8C3941044D71CC63D96F] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4509608] [PID.11280] {19FE2B7721886C7BCAC1364C90CD7FA9} =>.Synaptics Incorporated
[MD5.9EC6EDE282CFA62322819B6B0B9475D7] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\Windows\System32\Intel\DPTF\dptf_helper.exe [577080] [PID.11224] {00C6F74DBCBB1908D453D975055162EDD2} =>.Intel Corporation
[MD5.652ED9438A3A6984686EEC5703CCAD3D] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312] [PID.9192] {0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor
[MD5.73C614B9A7592273D72F9D8C5FEB6568] - (.TeamViewer GmbH - TeamViewer 14.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe [46445344] [PID.356] {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH
[MD5.6E54DF87F17D9FE40F1ECE0A55F8AB9A] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [229288] [PID.9304] {19FE2B7721886C7BCAC1364C90CD7FA9} =>.Synaptics Incorporated
[MD5.FE8868FCD850778F15CE60165F63569B] - (...) -- C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680] [PID.7964] {0BE5F20C15519E2ABD71DB9B8D41AB08}
[MD5.9565D2B17A12412486B1FC274C009A1C] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxEM.exe [550952] [PID.4984] {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
[MD5.C28E7C9A4CE516BF8DB2FAA22F12532B] - (.TeamViewer GmbH - TeamViewer 14.) -- C:\Program Files (x86)\TeamViewer\tv_w32.exe [193368] [PID.11432] {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH
[MD5.2267799449582C0A70A7E120D406F1FC] - (.TeamViewer GmbH - TeamViewer 14.) -- C:\Program Files (x86)\TeamViewer\tv_x64.exe [224088] [PID.7576] {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH
[MD5.047F3B559175EE6BD87466F115B96DFA] - (.Symantec Corporation - Norton Security.) -- C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608] [PID.11736] {46735060C8D2436A20F7384996EC931B} =>.Symantec Corporation
[MD5.BBC70C04C7FE71E5E2FD3C454164A676] - (.HP Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1362464] [PID.11968] {00997679F436BB669ECF7FDF00CDA69403}
[MD5.AE6124D99BC82D523126B78069AFB69D] - (...) -- C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe [182272] [PID.7640]
[MD5.6C0DB832C4F8EC6E9685A4C0726A34F0] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024] [PID.11108] {0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor
[MD5.9C474459637F046135C424FF87498516] - (.HP Inc. - HPAudioSwitch.) -- C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960] [PID.12716] {0BE5F20C15519E2ABD71DB9B8D41AB08}
[MD5.82A4658E3D76822F04BC24BE2B247A15] - (.HP Inc. - HP Message Service.) -- C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [707624] [PID.2208] {032A2CC22EF44007ADE9E0C4F28024D0}
[MD5.C6BDF0F7C7354CE2073BAB2C8B1BE845] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744] [PID.9384] {1F8663313222FF9957A7D5EDD27A3346} =>.Wondershare
[MD5.8C433B757234147A90650869CB856C80] - (.HP Inc. - HP WMI Service.) -- C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768] [PID.7336] {01F5E7B9243B50531605AF6141A6F8D8}
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\program files\Mozilla Firefox\firefox.exe [566304] [PID.12744] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.9512] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.13916] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.9268] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.13096] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.5856] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.9040] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.5068] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.1440] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.3660] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.1422C3BC639571BB30C2F456B4C518AA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [566304] [PID.12456] {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
[MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Elora\Downloads\ZHPDiag3.exe [2105344] [PID.10412] =>.Nicolas Coolman

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (3) - 1s
P2 - EXT FILE: (...) -- C:\Users\Elora\AppData\Roaming\Mozilla\Firefox\Profiles\twqr8e2x.default-1548342062089\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Users\Elora\AppData\Roaming\Mozilla\Firefox\Profiles\twqr8e2x.default-1548342062089\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll =>.Adobe

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (16) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp17win10.msn.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer,Proxy Management (2) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object de navigateur (BHO) (3) - 0s
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation
O2 - BHO: Norton Password Manager [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll {46735060C8D2436A20F7384996EC931B} =>.Symantec Corporation
O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.HP Inc. - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll {0098B182EAF5DF8BDE0F8872EDE210C75E}

---\\ Internet Explorer, Barre d'outil (1) - 0s
O3 - Toolbar: 0x00 - [HKLM]{BFD9D8A8-57FF-488A-B919-065EC77CF82F} . (...) -- C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll {0F58F98CC525F6A9965FCAB605AC27D7}

---\\ Applications lancées au démarrage du système (11) - 1s
O4 - HKLM\..\Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe {0320BE3EB866526927F999B97B04346E} =>.Realtek Semiconductor
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Elora\AppData\Local\Microsoft\OneDrive\OneDrive.exe {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [HPMessageService] . (.HP Inc. - HP Message Service.) -- C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe {032A2CC22EF44007ADE9E0C4F28024D0}
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe {1F8663313222FF9957A7D5EDD27A3346} =>.Wondershare
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe {330000004C80D5F9985076B09C00010000004C} =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe {330000004C80D5F9985076B09C00010000004C} =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files (x86)\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files (x86)\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4062444817-3780627345-3766515777-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Elora\AppData\Local\Microsoft\OneDrive\OneDrive.exe {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation

---\\ Raccourcis Global Startup (25) - 4s
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Elora\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: Smart Switch.lnk . (.Samsung - Smart Switch PC.) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe {084CE11D0AEB94BF0EAEEC32A755A013} =>.Samsung
O4 - GS\sendTo [Administrateur]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 14.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH
O4 - GS\TaskBar [Administrateur]: Firefox (2).lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
O4 - GS\TaskBar [Administrateur]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
O4 - GS\TaskBar [Administrateur]: WhatsApp.lnk . (.WhatsApp - WhatsApp.) C:\Users\Elora\AppData\Local\WhatsApp\WhatsApp.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [Elora]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Elora\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Elora]: Smart Switch.lnk . (.Samsung - Smart Switch PC.) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe {084CE11D0AEB94BF0EAEEC32A755A013} =>.Samsung
O4 - GS\sendTo [Elora]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 14.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH
O4 - GS\TaskBar [Elora]: Firefox (2).lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
O4 - GS\TaskBar [Elora]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
O4 - GS\TaskBar [Elora]: WhatsApp.lnk . (.WhatsApp - WhatsApp.) C:\Users\Elora\AppData\Local\WhatsApp\WhatsApp.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Elora\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Smart Switch.lnk . (.Samsung - Smart Switch PC.) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe {084CE11D0AEB94BF0EAEEC32A755A013} =>.Samsung
O4 - GS\sendTo [WDAGUtilityAccount]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 14.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH
O4 - GS\TaskBar [WDAGUtilityAccount]: Firefox (2).lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: WhatsApp.lnk . (.WhatsApp - WhatsApp.) C:\Users\Elora\AppData\Local\WhatsApp\WhatsApp.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\CommonDesktop [Public]: Foxit PhantomPDF.lnk . (.Foxit Software Inc. - Foxit PhantomPDF 9.5.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDF.exe {0F58F98CC525F6A9965FCAB605AC27D7} =>.Foxit Software Inc.
O4 - GS\CommonDesktop [Public]: LibreOffice 6.1.lnk . (.The Document Foundation - LibreOffice.) C:\Program Files (x86)\LibreOffice\program\soffice.exe {0FA06588AEB609B052D92B5F956279FE} =>.The Document Foundation
O4 - GS\CommonDesktop [Public]: Norton Security.lnk . (.Symantec Corporation - .) C:\Program Files (x86)\Norton Security\Engine\22.17.3.50\uiStub.exe =>.Symantec Corporation
O4 - GS\CommonDesktop [Public]: OpenOffice 4.1.5.lnk . (.Apache Software Foundation - OpenOffice 4.1.5.) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe =>.Apache Software Foundation
O4 - GS\CommonDesktop [Public]: PDFelement 6 Pro.lnk . (.Wondershare Software Co.,Ltd. - Wondershare PDFelement.) C:\Program Files (x86)\Wondershare\PDFelement 6 Professional\PDFelement.exe {3041CA987F1E99A9906953A576A59F65} =>.Wondershare Software Co.,Ltd.
O4 - GS\CommonDesktop [Public]: Sphinx iQ2.lnk . (.Le Sphinx Développement - SphinxiQ Version Selector.) C:\SphinxIQ2\SphinxLauncher.exe {0CD56CFDA75AB42704AEB7731E31A066}
O4 - GS\CommonDesktop [Public]: TeamViewer 14.lnk . (.TeamViewer GmbH - TeamViewer 14.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe {03471E2C8171B1679D898AC19BDA37BB} =>.TeamViewer GmbH

---\\ Modification Domaine/Adresses DNS (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{332e9780-3620-4a11-8f69-9ece8e7e712a}: DhcpNameServer = 172.18.14.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f711d395-c2db-4ead-b4b3-09e18192643c}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{332e9780-3620-4a11-8f69-9ece8e7e712a}: DhcpDomain = 0770010T.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{f711d395-c2db-4ead-b4b3-09e18192643c}: DhcpDomain = lan

---\\ Protocole additionnel (27) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation
O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation
O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office component.) -- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation

---\\ Liste des clés Explorer StartupApproved (4) - 0s
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Envoyer à OneNote.lnk
[HKEY_USERS\S-1-5-21-4062444817-3780627345-3766515777-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive
[HKEY_USERS\S-1-5-21-4062444817-3780627345-3766515777-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Envoyer à OneNote.lnk

---\\ Logiciels installés (113) - 8s
O42 - Logiciel: Adobe Digital Editions 4.5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Digital Editions 4.5 =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 32 NPAPI - (.Adobe.) [HKLM][64Bits] -- Adobe Flash Player NPAPI {0D2CACCD3E9EEC06738410BA31BF6595} =>.Adobe
O42 - Logiciel: AnyMP4 MTS Convertisseur 7.2.18 - (.AnyMP4 Studio.) [HKLM][64Bits] -- {F2F0EC5D-05B0-484c-8ABF-31A8835A02C3}_is1 {0AFD944478627E983C737CF6}
O42 - Logiciel: Apowersoft Online Launcher version 1.7.0 - (.APOWERSOFT LIMITED.) [HKCU][64Bits] -- {20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1 =>.APOWERSOFT LIMITED
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} =>.Apple Inc.
O42 - Logiciel: Canon SELPHY CP1300 - (.Canon INC..) [HKLM][64Bits] -- Canon SELPHY CP1300 {732228FDFE83E71D0F87EDAD2A8CFCAF} =>.CANON INC.
O42 - Logiciel: Energy Star - (.HP Inc..) [HKLM][64Bits] -- {5CB22648-35F8-41BC-9C35-1E41FE6E12A5}
O42 - Logiciel: Foxit PhantomPDF - (.Foxit Software Inc..) [HKLM][64Bits] -- {85592264-5E3D-11E9-B133-0021CCC51F2B} =>.Foxit Software Inc.
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1 {36AC037AA81D63FD} =>.Foxit Software Inc.
O42 - Logiciel: HP 3D DriveGuard - (...) [HKLM][64Bits] -- {D3D0E6C5-4B65-4088-A5A9-A7DF27DB5D1A}
O42 - Logiciel: HP Audio Switch - (.HP Inc..) [HKLM][64Bits] -- {BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}
O42 - Logiciel: HP Connection Optimizer - (.HP Inc..) [HKLM][64Bits] -- {6468C4A5-E47E-405F-B675-A70A70983EA6} {0BAA0523610C72D3F619B1FF6406B215}
O42 - Logiciel: HP CoolSense - (.HP Inc..) [HKLM][64Bits] -- {AC154691-D9B6-4CD9-BB9B-ACDAF61367E5}
O42 - Logiciel: HP Customer Experience Enhancements - (.HP Inc..) [HKLM][64Bits] -- {9720A595-3D2D-440E-9523-0B6F970745DD}
O42 - Logiciel: HP Documentation - (.HP Inc..) [HKLM][64Bits] -- HP_Documentation
O42 - Logiciel: HP ePrint SW - (.HP Inc..) [HKLM][64Bits] -- {20185BDA-D396-4C93-95C7-ECD0FB397FF7}
O42 - Logiciel: HP ePrint SW - (.HP Inc..) [HKLM][64Bits] -- {2889C948-F002-4992-815F-DBE0AFB5DC6E}
O42 - Logiciel: HP ePrint SW - (.HP Inc..) [HKLM][64Bits] -- {54da9769-2364-4bd3-8139-6400500778b3} {6207AD04EFA2FD166CC7D986887E4B18}
O42 - Logiciel: HP ePrint SW - (.HP Inc..) [HKLM][64Bits] -- {5BBB44D5-3CC0-4434-AA0C-5883B975E45E}
O42 - Logiciel: HP ePrint SW - (.HP Inc..) [HKLM][64Bits] -- {6884D818-9E0E-4984-A6CA-B17757DCB8FA}
O42 - Logiciel: HP ePrint SW - (.HP Inc..) [HKLM][64Bits] -- {98AA8BB0-0C0A-411A-BB43-1265CA769155}
O42 - Logiciel: HP ePrint SW - (.HP Inc..) [HKLM][64Bits] -- {F7E8A494-97B6-4786-9E2C-A42A082483EB}
O42 - Logiciel: HP JumpStart Apps - (.HP Inc..) [HKLM][64Bits] -- HP JumpStart Apps
O42 - Logiciel: HP JumpStart Bridge - (.HP Inc..) [HKLM][64Bits] -- {1E7D6A6F-E28B-4057-BD4F-9989C1F5353D}
O42 - Logiciel: HP JumpStart Launch - (.HP Inc..) [HKLM][64Bits] -- {4380D813-39E5-46FD-AC23-FC9A1A8B98AA}
O42 - Logiciel: HP PC Hardware Diagnostics UEFI - (.HP.) [HKLM][64Bits] -- {924D3ABC-FC75-4042-9DDB-FB846A45848D} =>.HP
O42 - Logiciel: HP Recovery Manager - (.HP.) [HKLM][64Bits] -- {64BAA990-F1FC-4145-A7B1-E41FBBC9DA47} =>.HP
O42 - Logiciel: HP Support Assistant - (.HP Inc..) [HKLM][64Bits] -- {05F81C27-62A5-4A0C-8519-60CB66CF87C6}
O42 - Logiciel: HP Support Solutions Framework - (.HP Inc..) [HKLM][64Bits] -- {9F79033A-84FC-4137-BCDC-C505246F78E1}
O42 - Logiciel: HP System Event Utility - (.HP Inc..) [HKLM][64Bits] -- {57058272-92B0-4EFA-8FDD-ED3E5D689D37}
O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {3AAD3A73-0D6A-4EFE-93FC-7719DC6C89E4} =>.Intel Corporation
O42 - Logiciel: Intel(R) Dynamic Platform and Thermal Framework - (.Intel Corporation.) [HKLM][64Bits] -- {654EE65D-FAA4-4EA6-8C07-DC94E6A304D4} {00C6F74DBCBB1908D453D975055162EDD2} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} {56000001757376CD78AD000C9A000000000175} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {90291EBF-187A-4C7E-A9AD-DCCB6C946536} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {FBDA24D3-1A19-4D75-B3F1-F2A1FB6B61BF} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Driver - (.Intel Corporation.) [HKLM][64Bits] -- {8DEA4234-C97D-41BE-B2BC-313A196BCD09} =>.Intel Corporation
O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {E9B9A1A5-6398-4C99-8FDE-10794F6505C5} =>.Intel Corporation
O42 - Logiciel: Intel(R) PRO/Wireless Driver - (.Intel Corporation.) [HKLM][64Bits] -- {8fb9abdb-d154-4df3-bd67-8817a4550027} =>.Intel Corporation
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} {330000C1099D64BE0C43EAE20500020000C109} =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} {560000006441BCFD1CA85DB259000000000064} =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {EBE12EC7-60DF-41C2-AAC8-0B2586F15C96} =>.Intel Corporation
O42 - Logiciel: Intel(R) Trusted Connect Service Client x64 - (.Intel Corporation.) [HKLM][64Bits] -- {C9552825-7BF2-4344-BA91-D3CD46F4C442} =>.Intel Corporation
O42 - Logiciel: Intel(R) Trusted Connect Service Client x86 - (.Intel Corporation.) [HKLM][64Bits] -- {C9552825-7BF2-4344-BA91-D3CD46F4C441} =>.Intel Corporation
O42 - Logiciel: Intel(R) Trusted Connect Services Client - (.Intel Corporation.) [HKLM][64Bits] -- {246c6cc0-9810-4728-9a29-28474de2eec5} {56000001475EA46CCAEF0B7481000000000147} =>.Intel Corporation
O42 - Logiciel: Intel(R) Wireless Bluetooth(R) - (.Intel Corporation.) [HKLM][64Bits] -- {829A630C-9C4C-4CC9-BE90-DFEAA87F106C} =>.Intel Corporation
O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {EF71AFFB-85B5-407C-A301-39EA25F98313} =>.Intel Corporation
O42 - Logiciel: LibreOffice 6.1.4.2 - (.The Document Foundation.) [HKLM][64Bits] -- {EF638C97-4D34-463A-A6BD-A4B02CE6ED36} =>.The Document Foundation
O42 - Logiciel: Logiciel Intel® PROSet/Wireless - (.Intel Corporation.) [HKLM][64Bits] -- {f8c930bd-0a68-425f-8c11-87723d1e2c97} {56000001F46907127A1D6406CD0000000001F4} =>.Intel Corporation
O42 - Logiciel: Logiciel pour périphérique à chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {226be6c3-8e08-4d52-bd3a-d361008448c5} {5600000071934283BFC7A54FBD000000000071} =>.Intel(R) Corporation
O42 - Logiciel: Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtensio - (.Microsoft Corporation.) [HKLM][64Bits] -- {B0169E83-757B-EF66-E2F0-391944D785BC} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe {33000001B1DDEDBA54E965B85F0001000001B1} =>.Microsoft Corporation
O42 - Logiciel: Microsoft VC++ redistributables repacked. - (.Intel Corporation.) [HKLM][64Bits] -- {200969CA-4114-4553-832D-4286C5ACBB98} =>.Intel Corporation
O42 - Logiciel: Microsoft VC++ redistributables repacked. - (.Intel Corporation.) [HKLM][64Bits] -- {BD2E4F7B-30B0-46A7-8E5C-D99D21C52336} =>.Intel Corporation
O42 - Logiciel: Mises à jour NVIDIA 24.0.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: Mozilla Firefox 67.0.4 (x64 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 67.0.4 (x64 fr) {0B1F8CD59E64746BEAE153ECCA21066B} =>.Mozilla
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: Norton Security - (.Symantec Corporation.) [HKLM][64Bits] -- NGC {46735060C8D2436A20F7384996EC931B} =>.Symantec Corporation
O42 - Logiciel: NVIDIA Ansel - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience 3.5.0.70 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.17.0329 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Optimus Update 24.0.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.
A voir également:

1 réponse

Réponse 1 / 1
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
6 juil. 2019 à 11:46
Bonjour/Bonsoir,

Voici la procédure à suivre.
Sur les liens en bleus, tu trouveras des tutoriels explicatifs avec tous les détails pour suivre les étapes.

1)
Répare les navigateurs WEB concernés par les problèmes :
(ne pas utiliser zoek et faire une réinitialisation manuelle)


2) Pour vérifier ton ordinateur, pour d'éventuels infections et avoir un état général du système :

Suis le tutoriel FRST en cliquant sur ce lien bleu. ( prends le temps de lire attentivement - tout y est bien expliqué ).

Télécharge et lance le scan FRST,
Attendre la fin du scan, un message indique que l'analyse est terminée.

Trois rapports FRST seront générés :
  • FRST.txt
  • Shortcut.
  • Additionnal.txt


Envoie ces 3 rapports sur le site https://pjjoint.malekal.com/ et en retour donne les 3 liens pjjoint qui mènent aux rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.

(Les liens bleus mènent à des tutoriels explicatifs pas à pas, clic dessus pour avoir les instructions plus précises à suivre).


1

Discussions similaires

malicious domain request 22
dary de guadeloupe -
dary de guadeloupe -

2 réponses
Norton a bloqué une attaque
Jamina21 -
kikirez -

30 réponses
Malicious domains request
tvllde -
bazfile -

3 réponses
comment debloquer acces internet, bloquer par symantec.
sarl lhb -
sarl lhb -

2 réponses
Norton bloque mon programme.
Swevel -
TortleMB -

14 réponses
norton internet security bloque internet
samia -
diabolof -

6 réponses