Windows 7 plantage de pire en pire
Cédric
-
tanteelise Messages postés 32031 Date d'inscription Statut Contributeur Dernière intervention -
tanteelise Messages postés 32031 Date d'inscription Statut Contributeur Dernière intervention -
Bonjour, alors voilà je m'explique, mon PC a toujours été assez lent depuis 1 an mais la c'est de pire en pire et aujourd'hui c'est devenu CRITIQUE.
Mon PC met 2/3 mins à démarrer et quand il atteint le bureau il met 3/4 mins à se charger entièrement.
Ensuite l'écran de veille basique avec des bulles même lui il lag !
Je reçois aussi un message qui dit "Dépannage d'un problème dans your computer hard disk" et parfois mon PC ne veux pas démarrer, il reste bloqué sur un redémarrage c'est à dire que quand le logo windows apparait il se relance et ainsi de suite. En faisant forcer le démarrage j'avais un écran bleu "Unmoutable Boot Volume". J'arrivais à refaire marcher le PC en faisant une réparation automatique 2 fois de suite.
J'ai aussi souvent le thème aéro qui se désactive et se relance tout seul..
Maintenant aujourd'hui c'est google chrome qui fait planter mon PC, dès que je le lance tout se freeze.. J'ai essayé CCleaner et de désinstaller et réinstaller mais rien n'a changé..
Avast ne détecte rien, spybot ne détecte rien et malwarebytes ne détecte rien. idem pour Windows defender..
J'ai fais un ZHP mais je n'y comprend rien la dedans:
~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par Cédric (31/01/2014 15:44:57)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 11.0
GCIE: Google Chrome v32.0.1700.102 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware version 1.75.0.1300
Spybot - Search & Destroy v1.6.2
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.01 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 45
Java 7 Update 51
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3839 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 347 GB (50%) free of 685 GB
---\\ Mode de connexion au système
~ Computer Name: CÉDRIC-HP
~ User Name: Cédric
~ All Users Names: UpdatusUser, HomeGroupUser$, Cédric, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Cédric\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Cédric\AppData\Roaming\
~ %Desktop% : C:\Users\Cédric\Desktop\
~ %Favorites% : C:\Users\Cédric\Favorites\
~ %LocalAppData% : C:\Users\Cédric\AppData\Local\
~ %StartMenu% : C:\Users\Cédric\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 347 Go of 685 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
H: Hard drive, Flash drive, Thumb drive (Free 86 Go of 233 Go)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2243
~ Mes musiques (My Musics) : 4/1591
~ Mes Videos (My Videos) : 2/42
~ Mes Favoris (My Favorites) : 1/57
~ Mes Documents (My Documents) : 2/9536
~ Mon Bureau (My Desktop) : 1/47809
~ Menu demarrer (Programs) : 1/56
~ Hidden Files: Scanned in 00mn 53s
---\\ Processus lancés
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.1916]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Cédric\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\prefs.js
M3 - MFPP: Plugins - [Cédric] -- C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\searchplugins\absearch-search.xml
M3 - MFPP: Plugins - [Cédric] -- C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\searchplugins\conduit-search.xml =>Toolbar.Conduit
M3 - MFPP: Plugins - [Cédric] -- C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\searchplugins\visualbee.xml =>Adware.VisualBeeToolbar
M2 - MFEP: prefs.js [Cédric - 2g1vosy7.default\***@***] [] VisualBee v (..) =>Adware.VisualBeeToolbar
M2 - MFEP: prefs.js [Cédric - 2g1vosy7.default\***@***] [] VisualBee Toolbar v1.6.0 (..) =>Adware.VisualBeeToolbar
M2 - MFEP: prefs.js [Cédric - 2g1vosy7.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v3.1.0.20130818030116 (..)
~ Firefox Browser: 35 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 02s
~ Nombre de lignes (Lines number): 15514
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: visualbee Helper Object [64Bits] - {66F57190-01EB-45A6-8260-7895267209F7} Clé orpheline =>Adware.VisualBeeToolbar
~ BHO: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{B9E20919-FA55-471F-989B-B107BF8DE785} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Algodoo.lnk . (...) -- C:\Program Files (x86)\Algodoo\Algodoo.exe
O4 - GS\Desktop [Public]: Astroburn Lite.lnk . (.DT Soft Ltd - Astroburn Lite.) -- C:\Program Files (x86)\Astroburn Lite\AstroburnLite.exe
O4 - GS\Desktop [Public]: Aurora.lnk . (.Mozilla Corporation - Aurora.) -- C:\Program Files (x86)\Aurora\firefox.exe
O4 - GS\Desktop [Public]: CASIO FA-124.lnk . (.CASIO COMPUTER CO., LTD - FA-124.) -- C:\Program Files (x86)\CASIO\CASIO FA-124\FA124.exe
O4 - GS\Desktop [Public]: Game Booster 3.lnk . (.IObit - Game Booster.) -- C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: GPGNet - Supreme Commander.lnk . (...) -- C:\Windows\Installer\{C194D333-B84A-4BB7-B35E-060732D98DC4}\_4708847016EFACC47BFD4B.exe
O4 - GS\Desktop [Public]: HP Support Assistant.lnk . (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe =>.Hewlett-Packard Co
O4 - GS\Desktop [Public]: iFunbox.lnk . (.i-Funbox.com - File & App Manager for iPhone/iPad.) -- C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
O4 - GS\Desktop [Public]: Intelli-studio.lnk . (...) -- C:\Program Files (x86)\Samsung\Intelli-studio\iStudio.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: MTA San Andreas 1.3.lnk . (.Multi Theft Auto - Multi Theft Auto Launcher.) -- C:\Program Files (x86)\MTA San Andreas 1.3\Multi Theft Auto.exe
O4 - GS\Desktop [Public]: PhoneClean.lnk . (.iMobie Inc. - PhoneClean.) -- C:\Program Files (x86)\iMobie\PhoneClean\PhoneClean.exe
O4 - GS\Desktop [Public]: Pipix.lnk . (...) -- C:\Program Files (x86)\Pipix\Pipix-3.exe
O4 - GS\Desktop [Public]: Remote Mouse.lnk . (...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
O4 - GS\Desktop [Public]: SketchUp 8.lnk . (.Trimble Navigation Limited - SketchUp Application.) -- C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe
O4 - GS\Desktop [Public]: Switch to Gaming Mode.lnk . (.IObit - Game Booster.) -- C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
O4 - GS\Program [Public]: Aurora.lnk . (.Mozilla Corporation - Aurora.) -- C:\Program Files (x86)\Aurora\firefox.exe
O4 - GS\Program [Public]: Charles.lnk . (...) -- C:\Program Files (x86)\Charles\Charles.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox 4.0 Beta 11.lnk . (...) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Subduction.lnk . (.Studio P - Subduction et magmatisme..) -- C:\Program Files (x86)\subduction\subduction.exe
O4 - GS\QuickLaunch [Cédric]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Cédric\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Cédric]: Free M4a to MP3 Converter.lnk . (...) -- C:\Program Files (x86)\Free M4a to MP3 Converter\m4a_converter.exe
O4 - GS\QuickLaunch [Cédric]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Cédric]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Cédric]: Mozilla Firefox 4.0 Beta 7.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe
O4 - GS\QuickLaunch [Cédric]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\QuickLaunch [Cédric]: UltraMixer.lnk . (.UltraMixer Digital Audio Solutions - UltraMixer 2.4.3.) -- C:\Program Files (x86)\UltraMixer\UltraMixer.exe
O4 - GS\QuickLaunch [Cédric]: XML Marker.lnk . (...) -- C:\Program Files (x86)\XML Marker\xmlmarker.exe
O4 - GS\TaskBar [Cédric]: Aurora.lnk . (.Mozilla Corporation - Aurora.) -- C:\Program Files (x86)\Aurora\firefox.exe
O4 - GS\TaskBar [Cédric]: Google Chrome (2).lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Cédric]: Google Chrome.lnk - Clé orpheline
O4 - GS\TaskBar [Cédric]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Cédric]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Cédric]: Create Amazing Presentations.lnk - Clé orpheline
O4 - GS\Program [Cédric]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Cédric]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Cédric]: XML Marker.lnk . (...) -- C:\Program Files (x86)\XML Marker\xmlmarker.exe
O4 - GS\Desktop [Cédric]: .minecraft - Raccourci.lnk . (...) -- C:\Users\Cédric\AppData\Roaming\.minecraft
O4 - GS\Desktop [Cédric]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Cédric\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Cédric]: Charlie Poker.lnk . (...) -- C:\Users\Cédric\Downloads\CharliePoker.exe
O4 - GS\Desktop [Cédric]: Company of Heroes - Raccourci.lnk . (...) -- C:\Program Files (x86)\THQ\Company of Heroes
O4 - GS\Desktop [Cédric]: Create Amazing Presentations.lnk - Clé orpheline
O4 - GS\Desktop [Cédric]: Free YouTube to MP3 Converter.lnk . (.DVDVideoSoft Ltd. - Free YouTube to MP3.) -- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
O4 - GS\Desktop [Cédric]: Pokcity - Raccourci.lnk . (...) -- C:\Users\Cédric\Downloads\Pokcity
O4 - GS\Desktop [Cédric]: Prison Architect.lnk . (...) -- C:\Program Files (x86)\Prison Architect\Prison Architect.exe
O4 - GS\Desktop [Cédric]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\Desktop [Cédric]: TreeSize Free.lnk . (.JAM Software - TreeSize Free hard disk space manager.) -- C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe
O4 - GS\Desktop [Cédric]: wic - Raccourci.lnk . (.Massive Entertainment - World in Conflict.) -- C:\Program Files (x86)\Ubisoft\World in Conflict\wic.exe
~ Global Startup: 131 Legitimates Filtered in 00mn 55s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Cédric]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Cédric\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.dll
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKCU\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Facebook Update] C:\Users\Cédric\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)
O4 - HKCU\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe (.not file.)
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Remote Mouse] . (...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe =>.PDF Complete Inc
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [HDD Regenerator] C:\Program Files (x86)\HDD Regenerator\Shell.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [Facebook Update] C:\Users\Cédric\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe (.not file.)
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [Remote Mouse] . (...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
~ Application: Scanned in 01mn 37s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FB758A8-2487-41CB-B349-E7DBA6F70872}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FB758A8-2487-41CB-B349-E7DBA6F70872}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FB758A8-2487-41CB-B349-E7DBA6F70872}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Splashtop Software Updater Service (SSUService) . (.Splashtop Inc. - Splashtop Software Updater Service.) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe =>Adware.IncrediBar
~ Services: 15 Legitimates Filtered in 00mn 03s
---\\ Logiciels installés (O42)
O42 - Logiciel: Algodoo v2.1.0 - (.Algoryx.) [HKLM][64Bits] -- Algodoo_is1
O42 - Logiciel: CrypTool 1.4.30 - (...) [HKLM][64Bits] -- CrypTool
O42 - Logiciel: Les Sims(TM) 2 Au fil des saisons - (...) [HKLM][64Bits] -- {DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}
O42 - Logiciel: Mod Vault - (.D2K Studios.) [HKLM][64Bits] -- {34AB3B6D-3192-4151-A366-921209650364}
O42 - Logiciel: No Hope - (...) [HKCU][64Bits] -- No Hope
O42 - Logiciel: XML Marker version 1.1 - (.Symbol Click.) [HKLM][64Bits] -- XML Marker_is1
~ Logic: 47 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\CrypTool]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Symbol Click]
[HKCU\Software\YRTD]
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Wow6432Node\CP]
[HKLM\Software\Wow6432Node\MetaStream] =>Adware.MetaStream
[HKLM\Software\Wow6432Node\ModVault]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\YRTD]
~ Key Software: 581 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/08/2013 - 17:41:20 - [91,996] ----D C:\Program Files (x86)\Algodoo
O43 - CFD: 04/01/2012 - 13:01:40 - [10,629] ----D C:\Program Files (x86)\CityVilleBot
O43 - CFD: 10/10/2011 - 18:25:34 - [94,023] ----D C:\Program Files (x86)\CrypTool
O43 - CFD: 30/03/2011 - 15:11:42 - [1,012] ----D C:\Program Files (x86)\D2K Studios
O43 - CFD: 27/08/2012 - 17:38:14 - [0] ----D C:\Program Files (x86)\Doodle Jump PC
O43 - CFD: 27/08/2012 - 17:22:22 - [14,333] ----D C:\Program Files (x86)\Earth 3D Screensaver
O43 - CFD: 28/01/2014 - 22:15:03 - [102,386] ----D C:\Program Files (x86)\Prison Architect
O43 - CFD: 29/01/2011 - 09:47:43 - [1,478] ----D C:\Program Files (x86)\XML Marker
O43 - CFD: 07/10/2012 - 07:59:25 - [5,878] ----D C:\Users\Cédric\AppData\Roaming\CharliePoker
O43 - CFD: 07/10/2012 - 07:59:46 - [5,878] ----D C:\Users\Cédric\AppData\Roaming\Cp1078
O43 - CFD: 10/10/2011 - 18:25:40 - [0,030] ----D C:\Users\Cédric\AppData\Roaming\CrypTool
O43 - CFD: 30/03/2011 - 14:57:07 - [0] ----D C:\Users\Cédric\AppData\Roaming\D2K Studios
O43 - CFD: 28/11/2013 - 17:25:22 - [0] ----D C:\Users\Cédric\AppData\Local\Lollipop =>Adware.Lollipop
O43 - CFD: 01/05/2013 - 22:51:32 - [12,876] ----D C:\Users\Cédric\AppData\Local\{D327CEC8-9786-418E-9028-0A8ADFE9790F}
O43 - CFD: 09/11/2012 - 17:11:22 - [0,001] ----D C:\Users\Cédric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No Hope
~ 1391 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1759 Legitimates Filtered in 02mn 17s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C0108FDAB90CFB396578381D3C628166] - 31/01/2014 - 15:38:19 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.C0108FDAB90CFB396578381D3C628166] - 31/01/2014 - 15:38:19 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.3D6C0B829575AFB25C4F22537DEA00F9] - 31/01/2014 - 15:43:46 ---A- . (...) -- C:\Windows\ntbtlog.txt [473960]
~ Files: 8 Legitimates Filtered in 00mn 03s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{252622bd-d2f2-11e1-92be-7071bc891c53}\AutoRun\command. (...) -- F:\iLinker.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 23/10/2013 - 18:24:50 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 24/12/2013 - 18:31:28 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.B4BDE3F758A34658A37DFED3D9783CD8] - 07/11/2012 - 14:53:28 ---A- . (...) -- C:\Windows\System32\Drivers\atksgt.sys [88480]
O58 - SDL:[MD5.2285B31039611D509F6120D691CA661F] - 29/05/2012 - 15:53:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - hpvhd 64bit support driver.) -- C:\Windows\System32\Drivers\cpqdfw.sys [27456]
O58 - SDL:[MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - 27/04/2010 - 17:43:50 ---A- . (...) -- C:\Windows\System32\Drivers\cqcpu.sys [24376]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.AE95184462E0D0D4606955DCBE9F4D77] - 28/06/2011 - 17:06:00 ---A- . (.Pas de propriétaire - iLok Kernel Driver.) -- C:\Windows\System32\Drivers\iLokDrvr.sys [25720]
O58 - SDL:[MD5.955982BF4421B77722196552B62E8DC2] - 07/11/2012 - 14:53:28 ---A- . (...) -- C:\Windows\System32\Drivers\lirsgt.sys [46400]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 20/12/2010 - 23:04:53 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 20/12/2010 - 23:05:29 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392]
~ Drivers: 19 Legitimates Filtered in 00mn 24s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Aurora>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Aurora.) -- C:\Program Files (x86)\Aurora\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {43975219-D1D8-4F98-A766-0F37143316FD} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {4CAB2E0E-5D0E-4C23-BA14-7F9CD63C9C57} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {8A244612-A1F7-11E0-95C0-E71F4824019B} [DefaultScope] - (Search) - http://badoo.com
O69 - SBI: SearchScopes [HKCU] {E624FD13-46F5-4CD3-91D5-1D78DCED3301} - (Wikipedia) - http://fr.wikipedia.org
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.C05C5B9369FB5A5077BEB804C916A37C] [SPRF][24/10/2009] (.N/A - chaosAD Keybinder.) -- C:\Users\Cédric\Desktop\chaosAD Keybinder.exe [380928]
[MD5.038E80A8FE9CF88627633AAF46255902] [SPRF][06/10/2011] (.Advanced Chemistry Development Inc. - ACD/Installer application file.) -- C:\Users\Cédric\Desktop\chemsk11.exe [30785744]
[MD5.38EEDB2D4D0C93087521107B2A90EDB7] [SPRF][10/06/2012] (.we_sux - mod_sa.) -- C:\Users\Cédric\Desktop\d3d9.dll [769536]
[MD5.3389F0C8717E7438BFB0B03498756F27] [SPRF][09/07/2013] (...) -- C:\Users\Cédric\Desktop\Minecraft (2).exe [484992]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][16/06/2013] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\Cédric\Desktop\Minecraft CRACK.exe [695296]
[MD5.0F1931E26C21219DB1C90E90037F11F6] [SPRF][12/08/2011] (...) -- C:\Users\Cédric\Desktop\Minecraft.exe [270142]
[MD5.FDDF48819EFAAA9073B622939165A24D] [SPRF][25/12/2013] (.Pixe-Life - Pipix Setup.) -- C:\Users\Cédric\Desktop\Pipix_Setup.exe [13821522]
[MD5.F0B219392A3BDAAA48DF8B62E48075D3] [SPRF][20/04/2013] (...) -- C:\Users\Cédric\Desktop\Pipix_v2.8.1.exe [1115631]
[MD5.36C7EAF51B7E477A121521CE0FA003AC] [SPRF][31/01/2013] (.SA-MP TEAM - SA-MP Client DLL.) -- C:\Users\Cédric\Desktop\samp.dll [2154496]
[MD5.A3A592916889A90D1E06EBCDF6CBF424] [SPRF][13/03/2009] (.KelSat Presents - World In Conflict V1.010 Soviet Assault Plus 10 Trainer.) -- C:\Users\Cédric\Desktop\World_In_Conflict_V1.010_Soviet_Assault_Plus_10_Trainer_V2_By_KelSat.exe [75264]
~ Files: 11 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{3C6A4446-0A20-427D-8257-26B098BB2A2E}F:\company of heroes\reliccoh.exe" |In - Private - P6 - TRUE | .(...) -- F:\company of heroes\reliccoh.exe (.not file.)
O87 - FAEL: "UDP Query User{A2E44323-9B04-4CED-A2DB-9B0D91ED4A12}F:\company of heroes\reliccoh.exe" |In - Private - P17 - TRUE | .(...) -- F:\company of heroes\reliccoh.exe (.not file.)
O87 - FAEL: "TCP Query User{F533722D-BD52-45CD-AC1F-40E0763F3167}C:\program files (x86)\charles\charles.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\charles\charles.exe (.not file.)
O87 - FAEL: "UDP Query User{3EF41F96-D854-4E3D-83D4-ECD103433D2E}C:\program files (x86)\charles\charles.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\charles\charles.exe (.not file.)
O87 - FAEL: "TCP Query User{3661A6A9-9AAD-4E78-8095-F38D89B32FC6}C:\users\cédric\documents\samp03csvr_win32\samp-server.exe" | In - Private - P6 - TRUE | .(.Pas de propriétaire - SA-MP dedicated server.) -- C:\users\cédric\documents\samp03csvr_win32\samp-server.exe
O87 - FAEL: "UDP Query User{3D0C2101-3725-4C67-AA24-62BE18DB388A}C:\users\cédric\documents\samp03csvr_win32\samp-server.exe" | In - Private - P17 - TRUE | .(.Pas de propriétaire - SA-MP dedicated server.) -- C:\users\cédric\documents\samp03csvr_win32\samp-server.exe
O87 - FAEL: "TCP Query User{C7546832-62CE-4C4D-9C4E-4E44BF125D21}F:\company of heroes\bugreport\bugreport.exe" |In - Private - P6 - TRUE | .(...) -- F:\company of heroes\bugreport\bugreport.exe (.not file.)
O87 - FAEL: "UDP Query User{0DAD9335-9C12-4662-B84A-10552B8A415F}F:\company of heroes\bugreport\bugreport.exe" |In - Private - P17 - TRUE | .(...) -- F:\company of heroes\bugreport\bugreport.exe (.not file.)
O87 - FAEL: "{A6024997-6BE1-4CC5-AE90-A9BB4DA1E42E}" |In - Public - P17 - TRUE | .(...) -- F:\company of heroes\bugreport\bugreport.exe (.not file.)
O87 - FAEL: "{ABAFBD15-9334-41A1-AF79-B59C03B83B5E}" |In - Public - P6 - TRUE | .(...) -- F:\company of heroes\bugreport\bugreport.exe (.not file.)
O87 - FAEL: "TCP Query User{6D2DCDB1-1AAB-42C3-9C38-54247AA7A770}C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe
O87 - FAEL: "UDP Query User{08C45A6B-60C4-41A3-831C-47FBAB99804D}C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe
O87 - FAEL: "{31C6085B-505B-4345-B788-660112D0A968}" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe
O87 - FAEL: "{B1D2B834-FAE8-4A77-9A26-13F1DF4541D1}" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe
O87 - FAEL: "TCP Query User{4C7D331C-9654-4D0E-9ED5-B46A628B0D4D}C:\users\cédric\downloads\pipix_v2.6.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\cédric\downloads\pipix_v2.6.exe (.not file.)
O87 - FAEL: "UDP Query User{6B593288-FF8F-4F68-9B9C-439ABF6047F0}C:\users\cédric\downloads\pipix_v2.6.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\cédric\downloads\pipix_v2.6.exe (.not file.)
O87 - FAEL: "{782CA3A1-84BF-4204-92B5-2A580DE7D3B9}" |In - Public - P17 - TRUE | .(...) -- C:\users\cédric\downloads\pipix_v2.6.exe (.not file.)
O87 - FAEL: "{53B56FDF-EDAE-4973-9143-5F2EE214349E}" |In - Public - P6 - TRUE | .(...) -- C:\users\cédric\downloads\pipix_v2.6.exe (.not file.)
O87 - FAEL: "{646988AC-5F0E-4EA3-8D10-BF1D5F989AFF}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\goforfilesdl.exe (.not file.) =>P2P.GoforFiles
O87 - FAEL: "{D79C6AF3-0FD3-4B0C-B1DD-21BF4EC49F67}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\goforfilesdl.exe (.not file.) =>P2P.GoforFiles
O87 - FAEL: "{40D348B2-E4DE-47A7-9E05-ECAFD9815B3B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\GoforFiles.exe (.not file.) =>P2P.GoforFiles
O87 - FAEL: "{6658CFA2-CAED-4681-AF1A-9A72E9938C10}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\GoforFiles.exe (.not file.) =>P2P.GoforFiles
O87 - FAEL: "{6D34981F-4047-4EF5-AEA6-C8A31CD348E2}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
O87 - FAEL: "{0A3AD1FA-8C0F-452E-8DED-1465B7A14379}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
~ Firewall: 297 Legitimates Filtered in 01mn 38s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "1D817D1518ADDAF419F9C5C13E3C3397" . (.Company of Heroes.) -- C:\Windows\Installer\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}\ARPPRODUCTICON.exe
O90 - PUC: "D6B3BA43291315143A66292190563046" . (.Mod Vault.) -- C:\Windows\Installer\{34AB3B6D-3192-4151-A366-921209650364}\controlPanelIcon.exe
~ Update Products: 135 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.13ED95969E8C9DFF51E916544CC43C58] [WIS][30/03/2011] (.D2K Studios - Mod Vault.) -- C:\Windows\Installer\111a3b5.msi [220160]
[MD5.A3AEEC9A9B6984F2E22B90FDC9A23AB8] [WIS][19/12/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\1a093.msi [24993792]
~ WIS: 137 Legitimates Filtered in 00mn 19s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 27/01/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 07/01/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Auto 24/12/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS
SS - | Auto 05/03/2010 496232 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SS - | Demand 04/04/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
SS - | Auto 18/12/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/12/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SS - | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 20/01/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 19/05/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SS - | Demand 24/03/2013 115624 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/03/2010 209000 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SS - | Auto 31/01/2013 878368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Auto 31/01/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Auto 14/10/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SS - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
SS - | Auto 14/05/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Demand 07/04/2008 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 02/09/2013 790368 | (SplashtopRemoteService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe
SS - | Auto 07/08/2013 609056 | (SSUService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 22s
---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 21
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 1
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66F57190-01EB-45A6-8260-7895267209F7}] =>Adware.VisualBeeToolbar^
[HKLM\SYSTEM\CurrentControlSet\Services\SSUService] =>Adware.IncrediBar^
[HKLM\Software\Classes\TypeLib\{9dbb28c1-1925-11d3-a498-00104b6eb52e}] =>Adware.MetaStream
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Classes\axmetastream.metastreamctl] =>Adware.MetaStream
[HKLM\Software\Classes\axmetastream.metastreamctl.1] =>Adware.MetaStream
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Wow6432Node\MetaStream] =>Adware.MetaStream
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Viewpoint] =>Adware.MetaStream
[HKCU\Software\SpeedyPC Software] =>PUP.SpeedyPC
[HKLM\Software\Wow6432Node\SpeedyPC Software] =>PUP.SpeedyPC
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer] =>Adware.MetaStream
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\VBMZ] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66F57190-01EB-45A6-8260-7895267209F7}] =>Adware.VisualBeeToolbar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask
C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\extensions\***@*** =>Adware.VisualBeeToolbar^
C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\extensions\***@*** =>Adware.VisualBeeToolbar^
C:\Users\Cédric\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Program Files (x86)\Viewpoint =>Adware.MetaStream
C:\Program Files (x86)\OneStopSoft.com =>PUP.Dealio
C:\ProgramData\SpeedyPC Software =>PUP.SpeedyPC
C:\Users\Cédric\AppData\Roaming\SpeedyPC Software =>PUP.SpeedyPC
[HKCU\Software\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 535311 Items scanned in 00mn 18s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/29058830-adware-visualbeetoolbar =>Adware.VisualBeeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/27046242-adware-metastream =>Adware.MetaStream
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/28224126-pup-speedypc =>PUP.SpeedyPC
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
~ MSI: 10 link(s) detected in 00mn 18s
~ 2975 Legitimates filtered by white list
End of the scan (593 lines in 08mn 51s)(0)
En espérant que quelqu'un puisse m'aider..
Mon PC met 2/3 mins à démarrer et quand il atteint le bureau il met 3/4 mins à se charger entièrement.
Ensuite l'écran de veille basique avec des bulles même lui il lag !
Je reçois aussi un message qui dit "Dépannage d'un problème dans your computer hard disk" et parfois mon PC ne veux pas démarrer, il reste bloqué sur un redémarrage c'est à dire que quand le logo windows apparait il se relance et ainsi de suite. En faisant forcer le démarrage j'avais un écran bleu "Unmoutable Boot Volume". J'arrivais à refaire marcher le PC en faisant une réparation automatique 2 fois de suite.
J'ai aussi souvent le thème aéro qui se désactive et se relance tout seul..
Maintenant aujourd'hui c'est google chrome qui fait planter mon PC, dès que je le lance tout se freeze.. J'ai essayé CCleaner et de désinstaller et réinstaller mais rien n'a changé..
Avast ne détecte rien, spybot ne détecte rien et malwarebytes ne détecte rien. idem pour Windows defender..
J'ai fais un ZHP mais je n'y comprend rien la dedans:
~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par Cédric (31/01/2014 15:44:57)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 11.0
GCIE: Google Chrome v32.0.1700.102 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
Malwarebytes Anti-Malware version 1.75.0.1300
Spybot - Search & Destroy v1.6.2
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.01 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 45
Java 7 Update 51
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3839 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 347 GB (50%) free of 685 GB
---\\ Mode de connexion au système
~ Computer Name: CÉDRIC-HP
~ User Name: Cédric
~ All Users Names: UpdatusUser, HomeGroupUser$, Cédric, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Cédric\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Cédric\AppData\Roaming\
~ %Desktop% : C:\Users\Cédric\Desktop\
~ %Favorites% : C:\Users\Cédric\Favorites\
~ %LocalAppData% : C:\Users\Cédric\AppData\Local\
~ %StartMenu% : C:\Users\Cédric\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 347 Go of 685 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
H: Hard drive, Flash drive, Thumb drive (Free 86 Go of 233 Go)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 45 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2243
~ Mes musiques (My Musics) : 4/1591
~ Mes Videos (My Videos) : 2/42
~ Mes Favoris (My Favorites) : 1/57
~ Mes Documents (My Documents) : 2/9536
~ Mon Bureau (My Desktop) : 1/47809
~ Menu demarrer (Programs) : 1/56
~ Hidden Files: Scanned in 00mn 53s
---\\ Processus lancés
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.1916]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Cédric\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\prefs.js
M3 - MFPP: Plugins - [Cédric] -- C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\searchplugins\absearch-search.xml
M3 - MFPP: Plugins - [Cédric] -- C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\searchplugins\conduit-search.xml =>Toolbar.Conduit
M3 - MFPP: Plugins - [Cédric] -- C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\searchplugins\visualbee.xml =>Adware.VisualBeeToolbar
M2 - MFEP: prefs.js [Cédric - 2g1vosy7.default\***@***] [] VisualBee v (..) =>Adware.VisualBeeToolbar
M2 - MFEP: prefs.js [Cédric - 2g1vosy7.default\***@***] [] VisualBee Toolbar v1.6.0 (..) =>Adware.VisualBeeToolbar
M2 - MFEP: prefs.js [Cédric - 2g1vosy7.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v3.1.0.20130818030116 (..)
~ Firefox Browser: 35 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 02s
~ Nombre de lignes (Lines number): 15514
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: visualbee Helper Object [64Bits] - {66F57190-01EB-45A6-8260-7895267209F7} Clé orpheline =>Adware.VisualBeeToolbar
~ BHO: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{B9E20919-FA55-471F-989B-B107BF8DE785} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Algodoo.lnk . (...) -- C:\Program Files (x86)\Algodoo\Algodoo.exe
O4 - GS\Desktop [Public]: Astroburn Lite.lnk . (.DT Soft Ltd - Astroburn Lite.) -- C:\Program Files (x86)\Astroburn Lite\AstroburnLite.exe
O4 - GS\Desktop [Public]: Aurora.lnk . (.Mozilla Corporation - Aurora.) -- C:\Program Files (x86)\Aurora\firefox.exe
O4 - GS\Desktop [Public]: CASIO FA-124.lnk . (.CASIO COMPUTER CO., LTD - FA-124.) -- C:\Program Files (x86)\CASIO\CASIO FA-124\FA124.exe
O4 - GS\Desktop [Public]: Game Booster 3.lnk . (.IObit - Game Booster.) -- C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: GPGNet - Supreme Commander.lnk . (...) -- C:\Windows\Installer\{C194D333-B84A-4BB7-B35E-060732D98DC4}\_4708847016EFACC47BFD4B.exe
O4 - GS\Desktop [Public]: HP Support Assistant.lnk . (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe =>.Hewlett-Packard Co
O4 - GS\Desktop [Public]: iFunbox.lnk . (.i-Funbox.com - File & App Manager for iPhone/iPad.) -- C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
O4 - GS\Desktop [Public]: Intelli-studio.lnk . (...) -- C:\Program Files (x86)\Samsung\Intelli-studio\iStudio.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: MTA San Andreas 1.3.lnk . (.Multi Theft Auto - Multi Theft Auto Launcher.) -- C:\Program Files (x86)\MTA San Andreas 1.3\Multi Theft Auto.exe
O4 - GS\Desktop [Public]: PhoneClean.lnk . (.iMobie Inc. - PhoneClean.) -- C:\Program Files (x86)\iMobie\PhoneClean\PhoneClean.exe
O4 - GS\Desktop [Public]: Pipix.lnk . (...) -- C:\Program Files (x86)\Pipix\Pipix-3.exe
O4 - GS\Desktop [Public]: Remote Mouse.lnk . (...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
O4 - GS\Desktop [Public]: SketchUp 8.lnk . (.Trimble Navigation Limited - SketchUp Application.) -- C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe
O4 - GS\Desktop [Public]: Switch to Gaming Mode.lnk . (.IObit - Game Booster.) -- C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
O4 - GS\Program [Public]: Aurora.lnk . (.Mozilla Corporation - Aurora.) -- C:\Program Files (x86)\Aurora\firefox.exe
O4 - GS\Program [Public]: Charles.lnk . (...) -- C:\Program Files (x86)\Charles\Charles.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox 4.0 Beta 11.lnk . (...) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\firefox.exe (.not file.)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Subduction.lnk . (.Studio P - Subduction et magmatisme..) -- C:\Program Files (x86)\subduction\subduction.exe
O4 - GS\QuickLaunch [Cédric]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Cédric\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Cédric]: Free M4a to MP3 Converter.lnk . (...) -- C:\Program Files (x86)\Free M4a to MP3 Converter\m4a_converter.exe
O4 - GS\QuickLaunch [Cédric]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Cédric]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Cédric]: Mozilla Firefox 4.0 Beta 7.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe
O4 - GS\QuickLaunch [Cédric]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\QuickLaunch [Cédric]: UltraMixer.lnk . (.UltraMixer Digital Audio Solutions - UltraMixer 2.4.3.) -- C:\Program Files (x86)\UltraMixer\UltraMixer.exe
O4 - GS\QuickLaunch [Cédric]: XML Marker.lnk . (...) -- C:\Program Files (x86)\XML Marker\xmlmarker.exe
O4 - GS\TaskBar [Cédric]: Aurora.lnk . (.Mozilla Corporation - Aurora.) -- C:\Program Files (x86)\Aurora\firefox.exe
O4 - GS\TaskBar [Cédric]: Google Chrome (2).lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Cédric]: Google Chrome.lnk - Clé orpheline
O4 - GS\TaskBar [Cédric]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Cédric]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Cédric]: Create Amazing Presentations.lnk - Clé orpheline
O4 - GS\Program [Cédric]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Cédric]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Cédric]: XML Marker.lnk . (...) -- C:\Program Files (x86)\XML Marker\xmlmarker.exe
O4 - GS\Desktop [Cédric]: .minecraft - Raccourci.lnk . (...) -- C:\Users\Cédric\AppData\Roaming\.minecraft
O4 - GS\Desktop [Cédric]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Cédric\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Cédric]: Charlie Poker.lnk . (...) -- C:\Users\Cédric\Downloads\CharliePoker.exe
O4 - GS\Desktop [Cédric]: Company of Heroes - Raccourci.lnk . (...) -- C:\Program Files (x86)\THQ\Company of Heroes
O4 - GS\Desktop [Cédric]: Create Amazing Presentations.lnk - Clé orpheline
O4 - GS\Desktop [Cédric]: Free YouTube to MP3 Converter.lnk . (.DVDVideoSoft Ltd. - Free YouTube to MP3.) -- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
O4 - GS\Desktop [Cédric]: Pokcity - Raccourci.lnk . (...) -- C:\Users\Cédric\Downloads\Pokcity
O4 - GS\Desktop [Cédric]: Prison Architect.lnk . (...) -- C:\Program Files (x86)\Prison Architect\Prison Architect.exe
O4 - GS\Desktop [Cédric]: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\Desktop [Cédric]: TreeSize Free.lnk . (.JAM Software - TreeSize Free hard disk space manager.) -- C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe
O4 - GS\Desktop [Cédric]: wic - Raccourci.lnk . (.Massive Entertainment - World in Conflict.) -- C:\Program Files (x86)\Ubisoft\World in Conflict\wic.exe
~ Global Startup: 131 Legitimates Filtered in 00mn 55s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Cédric]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Cédric\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.dll
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKCU\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Facebook Update] C:\Users\Cédric\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)
O4 - HKCU\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe (.not file.)
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Remote Mouse] . (...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe =>.PDF Complete Inc
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [HDD Regenerator] C:\Program Files (x86)\HDD Regenerator\Shell.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [HPAdvisorDock] . (.Hewlett-Packard - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [Facebook Update] C:\Users\Cédric\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe (.not file.)
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-1206958438-2926902878-3837587890-1000\..\Run: [Remote Mouse] . (...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
~ Application: Scanned in 01mn 37s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FB758A8-2487-41CB-B349-E7DBA6F70872}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FB758A8-2487-41CB-B349-E7DBA6F70872}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FB758A8-2487-41CB-B349-E7DBA6F70872}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Splashtop Software Updater Service (SSUService) . (.Splashtop Inc. - Splashtop Software Updater Service.) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe =>Adware.IncrediBar
~ Services: 15 Legitimates Filtered in 00mn 03s
---\\ Logiciels installés (O42)
O42 - Logiciel: Algodoo v2.1.0 - (.Algoryx.) [HKLM][64Bits] -- Algodoo_is1
O42 - Logiciel: CrypTool 1.4.30 - (...) [HKLM][64Bits] -- CrypTool
O42 - Logiciel: Les Sims(TM) 2 Au fil des saisons - (...) [HKLM][64Bits] -- {DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}
O42 - Logiciel: Mod Vault - (.D2K Studios.) [HKLM][64Bits] -- {34AB3B6D-3192-4151-A366-921209650364}
O42 - Logiciel: No Hope - (...) [HKCU][64Bits] -- No Hope
O42 - Logiciel: XML Marker version 1.1 - (.Symbol Click.) [HKLM][64Bits] -- XML Marker_is1
~ Logic: 47 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\CrypTool]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Symbol Click]
[HKCU\Software\YRTD]
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Wow6432Node\CP]
[HKLM\Software\Wow6432Node\MetaStream] =>Adware.MetaStream
[HKLM\Software\Wow6432Node\ModVault]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\YRTD]
~ Key Software: 581 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/08/2013 - 17:41:20 - [91,996] ----D C:\Program Files (x86)\Algodoo
O43 - CFD: 04/01/2012 - 13:01:40 - [10,629] ----D C:\Program Files (x86)\CityVilleBot
O43 - CFD: 10/10/2011 - 18:25:34 - [94,023] ----D C:\Program Files (x86)\CrypTool
O43 - CFD: 30/03/2011 - 15:11:42 - [1,012] ----D C:\Program Files (x86)\D2K Studios
O43 - CFD: 27/08/2012 - 17:38:14 - [0] ----D C:\Program Files (x86)\Doodle Jump PC
O43 - CFD: 27/08/2012 - 17:22:22 - [14,333] ----D C:\Program Files (x86)\Earth 3D Screensaver
O43 - CFD: 28/01/2014 - 22:15:03 - [102,386] ----D C:\Program Files (x86)\Prison Architect
O43 - CFD: 29/01/2011 - 09:47:43 - [1,478] ----D C:\Program Files (x86)\XML Marker
O43 - CFD: 07/10/2012 - 07:59:25 - [5,878] ----D C:\Users\Cédric\AppData\Roaming\CharliePoker
O43 - CFD: 07/10/2012 - 07:59:46 - [5,878] ----D C:\Users\Cédric\AppData\Roaming\Cp1078
O43 - CFD: 10/10/2011 - 18:25:40 - [0,030] ----D C:\Users\Cédric\AppData\Roaming\CrypTool
O43 - CFD: 30/03/2011 - 14:57:07 - [0] ----D C:\Users\Cédric\AppData\Roaming\D2K Studios
O43 - CFD: 28/11/2013 - 17:25:22 - [0] ----D C:\Users\Cédric\AppData\Local\Lollipop =>Adware.Lollipop
O43 - CFD: 01/05/2013 - 22:51:32 - [12,876] ----D C:\Users\Cédric\AppData\Local\{D327CEC8-9786-418E-9028-0A8ADFE9790F}
O43 - CFD: 09/11/2012 - 17:11:22 - [0,001] ----D C:\Users\Cédric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No Hope
~ 1391 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1759 Legitimates Filtered in 02mn 17s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.C0108FDAB90CFB396578381D3C628166] - 31/01/2014 - 15:38:19 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.C0108FDAB90CFB396578381D3C628166] - 31/01/2014 - 15:38:19 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.3D6C0B829575AFB25C4F22537DEA00F9] - 31/01/2014 - 15:43:46 ---A- . (...) -- C:\Windows\ntbtlog.txt [473960]
~ Files: 8 Legitimates Filtered in 00mn 03s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{252622bd-d2f2-11e1-92be-7071bc891c53}\AutoRun\command. (...) -- F:\iLinker.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 23/10/2013 - 18:24:50 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 24/12/2013 - 18:31:28 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.B4BDE3F758A34658A37DFED3D9783CD8] - 07/11/2012 - 14:53:28 ---A- . (...) -- C:\Windows\System32\Drivers\atksgt.sys [88480]
O58 - SDL:[MD5.2285B31039611D509F6120D691CA661F] - 29/05/2012 - 15:53:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - hpvhd 64bit support driver.) -- C:\Windows\System32\Drivers\cpqdfw.sys [27456]
O58 - SDL:[MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - 27/04/2010 - 17:43:50 ---A- . (...) -- C:\Windows\System32\Drivers\cqcpu.sys [24376]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.AE95184462E0D0D4606955DCBE9F4D77] - 28/06/2011 - 17:06:00 ---A- . (.Pas de propriétaire - iLok Kernel Driver.) -- C:\Windows\System32\Drivers\iLokDrvr.sys [25720]
O58 - SDL:[MD5.955982BF4421B77722196552B62E8DC2] - 07/11/2012 - 14:53:28 ---A- . (...) -- C:\Windows\System32\Drivers\lirsgt.sys [46400]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 20/12/2010 - 23:04:53 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 20/12/2010 - 23:05:29 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392]
~ Drivers: 19 Legitimates Filtered in 00mn 24s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Aurora>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Aurora.) -- C:\Program Files (x86)\Aurora\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {43975219-D1D8-4F98-A766-0F37143316FD} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {4CAB2E0E-5D0E-4C23-BA14-7F9CD63C9C57} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {8A244612-A1F7-11E0-95C0-E71F4824019B} [DefaultScope] - (Search) - http://badoo.com
O69 - SBI: SearchScopes [HKCU] {E624FD13-46F5-4CD3-91D5-1D78DCED3301} - (Wikipedia) - http://fr.wikipedia.org
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.C05C5B9369FB5A5077BEB804C916A37C] [SPRF][24/10/2009] (.N/A - chaosAD Keybinder.) -- C:\Users\Cédric\Desktop\chaosAD Keybinder.exe [380928]
[MD5.038E80A8FE9CF88627633AAF46255902] [SPRF][06/10/2011] (.Advanced Chemistry Development Inc. - ACD/Installer application file.) -- C:\Users\Cédric\Desktop\chemsk11.exe [30785744]
[MD5.38EEDB2D4D0C93087521107B2A90EDB7] [SPRF][10/06/2012] (.we_sux - mod_sa.) -- C:\Users\Cédric\Desktop\d3d9.dll [769536]
[MD5.3389F0C8717E7438BFB0B03498756F27] [SPRF][09/07/2013] (...) -- C:\Users\Cédric\Desktop\Minecraft (2).exe [484992]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][16/06/2013] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\Cédric\Desktop\Minecraft CRACK.exe [695296]
[MD5.0F1931E26C21219DB1C90E90037F11F6] [SPRF][12/08/2011] (...) -- C:\Users\Cédric\Desktop\Minecraft.exe [270142]
[MD5.FDDF48819EFAAA9073B622939165A24D] [SPRF][25/12/2013] (.Pixe-Life - Pipix Setup.) -- C:\Users\Cédric\Desktop\Pipix_Setup.exe [13821522]
[MD5.F0B219392A3BDAAA48DF8B62E48075D3] [SPRF][20/04/2013] (...) -- C:\Users\Cédric\Desktop\Pipix_v2.8.1.exe [1115631]
[MD5.36C7EAF51B7E477A121521CE0FA003AC] [SPRF][31/01/2013] (.SA-MP TEAM - SA-MP Client DLL.) -- C:\Users\Cédric\Desktop\samp.dll [2154496]
[MD5.A3A592916889A90D1E06EBCDF6CBF424] [SPRF][13/03/2009] (.KelSat Presents - World In Conflict V1.010 Soviet Assault Plus 10 Trainer.) -- C:\Users\Cédric\Desktop\World_In_Conflict_V1.010_Soviet_Assault_Plus_10_Trainer_V2_By_KelSat.exe [75264]
~ Files: 11 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{3C6A4446-0A20-427D-8257-26B098BB2A2E}F:\company of heroes\reliccoh.exe" |In - Private - P6 - TRUE | .(...) -- F:\company of heroes\reliccoh.exe (.not file.)
O87 - FAEL: "UDP Query User{A2E44323-9B04-4CED-A2DB-9B0D91ED4A12}F:\company of heroes\reliccoh.exe" |In - Private - P17 - TRUE | .(...) -- F:\company of heroes\reliccoh.exe (.not file.)
O87 - FAEL: "TCP Query User{F533722D-BD52-45CD-AC1F-40E0763F3167}C:\program files (x86)\charles\charles.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\charles\charles.exe (.not file.)
O87 - FAEL: "UDP Query User{3EF41F96-D854-4E3D-83D4-ECD103433D2E}C:\program files (x86)\charles\charles.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\charles\charles.exe (.not file.)
O87 - FAEL: "TCP Query User{3661A6A9-9AAD-4E78-8095-F38D89B32FC6}C:\users\cédric\documents\samp03csvr_win32\samp-server.exe" | In - Private - P6 - TRUE | .(.Pas de propriétaire - SA-MP dedicated server.) -- C:\users\cédric\documents\samp03csvr_win32\samp-server.exe
O87 - FAEL: "UDP Query User{3D0C2101-3725-4C67-AA24-62BE18DB388A}C:\users\cédric\documents\samp03csvr_win32\samp-server.exe" | In - Private - P17 - TRUE | .(.Pas de propriétaire - SA-MP dedicated server.) -- C:\users\cédric\documents\samp03csvr_win32\samp-server.exe
O87 - FAEL: "TCP Query User{C7546832-62CE-4C4D-9C4E-4E44BF125D21}F:\company of heroes\bugreport\bugreport.exe" |In - Private - P6 - TRUE | .(...) -- F:\company of heroes\bugreport\bugreport.exe (.not file.)
O87 - FAEL: "UDP Query User{0DAD9335-9C12-4662-B84A-10552B8A415F}F:\company of heroes\bugreport\bugreport.exe" |In - Private - P17 - TRUE | .(...) -- F:\company of heroes\bugreport\bugreport.exe (.not file.)
O87 - FAEL: "{A6024997-6BE1-4CC5-AE90-A9BB4DA1E42E}" |In - Public - P17 - TRUE | .(...) -- F:\company of heroes\bugreport\bugreport.exe (.not file.)
O87 - FAEL: "{ABAFBD15-9334-41A1-AF79-B59C03B83B5E}" |In - Public - P6 - TRUE | .(...) -- F:\company of heroes\bugreport\bugreport.exe (.not file.)
O87 - FAEL: "TCP Query User{6D2DCDB1-1AAB-42C3-9C38-54247AA7A770}C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe
O87 - FAEL: "UDP Query User{08C45A6B-60C4-41A3-831C-47FBAB99804D}C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe
O87 - FAEL: "{31C6085B-505B-4345-B788-660112D0A968}" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe
O87 - FAEL: "{B1D2B834-FAE8-4A77-9A26-13F1DF4541D1}" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\thq\company of heroes\bugreport\bugreport.exe
O87 - FAEL: "TCP Query User{4C7D331C-9654-4D0E-9ED5-B46A628B0D4D}C:\users\cédric\downloads\pipix_v2.6.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\cédric\downloads\pipix_v2.6.exe (.not file.)
O87 - FAEL: "UDP Query User{6B593288-FF8F-4F68-9B9C-439ABF6047F0}C:\users\cédric\downloads\pipix_v2.6.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\cédric\downloads\pipix_v2.6.exe (.not file.)
O87 - FAEL: "{782CA3A1-84BF-4204-92B5-2A580DE7D3B9}" |In - Public - P17 - TRUE | .(...) -- C:\users\cédric\downloads\pipix_v2.6.exe (.not file.)
O87 - FAEL: "{53B56FDF-EDAE-4973-9143-5F2EE214349E}" |In - Public - P6 - TRUE | .(...) -- C:\users\cédric\downloads\pipix_v2.6.exe (.not file.)
O87 - FAEL: "{646988AC-5F0E-4EA3-8D10-BF1D5F989AFF}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\goforfilesdl.exe (.not file.) =>P2P.GoforFiles
O87 - FAEL: "{D79C6AF3-0FD3-4B0C-B1DD-21BF4EC49F67}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\goforfilesdl.exe (.not file.) =>P2P.GoforFiles
O87 - FAEL: "{40D348B2-E4DE-47A7-9E05-ECAFD9815B3B}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\GoforFiles.exe (.not file.) =>P2P.GoforFiles
O87 - FAEL: "{6658CFA2-CAED-4681-AF1A-9A72E9938C10}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\GoforFiles\GoforFiles.exe (.not file.) =>P2P.GoforFiles
O87 - FAEL: "{6D34981F-4047-4EF5-AEA6-C8A31CD348E2}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
O87 - FAEL: "{0A3AD1FA-8C0F-452E-8DED-1465B7A14379}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
~ Firewall: 297 Legitimates Filtered in 01mn 38s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "1D817D1518ADDAF419F9C5C13E3C3397" . (.Company of Heroes.) -- C:\Windows\Installer\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}\ARPPRODUCTICON.exe
O90 - PUC: "D6B3BA43291315143A66292190563046" . (.Mod Vault.) -- C:\Windows\Installer\{34AB3B6D-3192-4151-A366-921209650364}\controlPanelIcon.exe
~ Update Products: 135 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.13ED95969E8C9DFF51E916544CC43C58] [WIS][30/03/2011] (.D2K Studios - Mod Vault.) -- C:\Windows\Installer\111a3b5.msi [220160]
[MD5.A3AEEC9A9B6984F2E22B90FDC9A23AB8] [WIS][19/12/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\1a093.msi [24993792]
~ WIS: 137 Legitimates Filtered in 00mn 19s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 27/01/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 07/01/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Auto 24/12/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS
SS - | Auto 05/03/2010 496232 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SS - | Demand 04/04/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
SS - | Auto 18/12/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/12/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SS - | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 20/01/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 19/05/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SS - | Demand 24/03/2013 115624 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/03/2010 209000 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SS - | Auto 31/01/2013 878368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Auto 31/01/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Auto 14/10/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SS - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
SS - | Auto 14/05/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Demand 07/04/2008 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 02/09/2013 790368 | (SplashtopRemoteService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe
SS - | Auto 07/08/2013 609056 | (SSUService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 22s
---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 21
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 1
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66F57190-01EB-45A6-8260-7895267209F7}] =>Adware.VisualBeeToolbar^
[HKLM\SYSTEM\CurrentControlSet\Services\SSUService] =>Adware.IncrediBar^
[HKLM\Software\Classes\TypeLib\{9dbb28c1-1925-11d3-a498-00104b6eb52e}] =>Adware.MetaStream
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Classes\axmetastream.metastreamctl] =>Adware.MetaStream
[HKLM\Software\Classes\axmetastream.metastreamctl.1] =>Adware.MetaStream
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Wow6432Node\MetaStream] =>Adware.MetaStream
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Viewpoint] =>Adware.MetaStream
[HKCU\Software\SpeedyPC Software] =>PUP.SpeedyPC
[HKLM\Software\Wow6432Node\SpeedyPC Software] =>PUP.SpeedyPC
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer] =>Adware.MetaStream
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\VBMZ] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66F57190-01EB-45A6-8260-7895267209F7}] =>Adware.VisualBeeToolbar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask
C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\extensions\***@*** =>Adware.VisualBeeToolbar^
C:\Users\Cédric\AppData\Roaming\Mozilla\Firefox\Profiles\2g1vosy7.default\extensions\***@*** =>Adware.VisualBeeToolbar^
C:\Users\Cédric\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Program Files (x86)\Viewpoint =>Adware.MetaStream
C:\Program Files (x86)\OneStopSoft.com =>PUP.Dealio
C:\ProgramData\SpeedyPC Software =>PUP.SpeedyPC
C:\Users\Cédric\AppData\Roaming\SpeedyPC Software =>PUP.SpeedyPC
[HKCU\Software\Conduit] =>Toolbar.Conduit^
~ Additionnel Scan: 535311 Items scanned in 00mn 18s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/29058830-adware-visualbeetoolbar =>Adware.VisualBeeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/27046242-adware-metastream =>Adware.MetaStream
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/28224126-pup-speedypc =>PUP.SpeedyPC
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
~ MSI: 10 link(s) detected in 00mn 18s
~ 2975 Legitimates filtered by white list
End of the scan (593 lines in 08mn 51s)(0)
En espérant que quelqu'un puisse m'aider..
A voir également:
- Windows 7 plantage de pire en pire
- Clé windows 7 - Guide
- Photofiltre 7 - Télécharger - Retouche d'image
- Passer de windows 7 à windows 10 - Accueil - Mise à jour
- Windows defender windows 7 - Télécharger - Antivirus & Antimalwares
- Movie maker windows 7 - Télécharger - Montage & Édition
12 réponses
Bonjour,
télécharge et installe malwarbytes :
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
tu décoches : essayer malwarbytes pro à l'installation
tu le mets à jour
tu fais une vérification complète du disque
tu supprimes tout ce qu'il pourrait trouver
tu redémarres
tu joints le rapport après suppression ici dans ta réponse.
cordialement
télécharge et installe malwarbytes :
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
tu décoches : essayer malwarbytes pro à l'installation
tu le mets à jour
tu fais une vérification complète du disque
tu supprimes tout ce qu'il pourrait trouver
tu redémarres
tu joints le rapport après suppression ici dans ta réponse.
cordialement
Bonjour
D'apres les symptomes que tu décris , c'est le disque dur qui est en train de lacher.
sauvegarde ce que tu peux , et remplace le
D'apres les symptomes que tu décris , c'est le disque dur qui est en train de lacher.
sauvegarde ce que tu peux , et remplace le
Tout ces problèmes serait par un disque dur? Car le problème avec ce disque c'est que c'est le disque qui a la partition de windows. J'aurais plus pensé à un virus.
une machine qui ralentit, qui met des messages "unmountable disk volume" , qui plante , ca ressemble à un disque qui lache.
Il faudrait aller voir dans l'observateur d'evenements si il y a des erreurs sur le disque.
mais , je sauvegarderais d'urgence au cas ou ......
Il faudrait aller voir dans l'observateur d'evenements si il y a des erreurs sur le disque.
mais , je sauvegarderais d'urgence au cas ou ......
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Ba justement je peux pas faire de sauvegarde ça ne marche pas il plante à ce niveau la. Et j'ai pas le CD de windows 7 car je savais pas comment on le faisait.
Pour la sauvegarde , il faut monter le disque en second sur un autre pc , en direct ou avec un adaptateur sata/usb.
Ou démarrer sur une clé linux , voir
https://www.commentcamarche.net/faq/24285-recuperer-ses-donnees-personnelles-avec-toutou-linux
Pour le CD de windows , si tu as la licence , tu trouves un cd avec la meme version , ou tu télécharges l'iso correspondant.
Ou démarrer sur une clé linux , voir
https://www.commentcamarche.net/faq/24285-recuperer-ses-donnees-personnelles-avec-toutou-linux
Pour le CD de windows , si tu as la licence , tu trouves un cd avec la meme version , ou tu télécharges l'iso correspondant.
J'ai ces 2 erreurs qui se répète toute les 10 mins d'après l'observateur d'événement:
Source: Disk
Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Source: nvstor64
Erreur de données sur le périphérique.
Source: Disk
Le périphérique \Device\Harddisk0\DR0 comporte un bloc défectueux.
Source: nvstor64
Erreur de données sur le périphérique.
Re,
fais ceci :
démarre ton pc en mode sans échec
prends l'option invite de commande
écris ceci :
chkdsk /f /r
fais ceci :
démarre ton pc en mode sans échec
prends l'option invite de commande
écris ceci :
chkdsk /f /r
Comme c'était le disque utilisé il ma demandé si je voulais faire la vérification au prochain démarrage et j'ai mis oui.
