Mon laptop devient trop lent Fermé

Question

Bonjour, 

dans le titre, je comprends pas ce qui lui arrive. surchargé ou des virus? svp aidez moi, merci


Configuration: Windows 7 / Chrome 38.0.2125.111

Utilisateur anonyme · Answer

Bonsoir

Pour de plus amples informations, fait ceci stp

Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman : 

https://nicolascoolman.eu 

Ou

https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/


 
Une fois le téléchargement achevé, 

Double-clique sur l'icône pour lancer le programme.  Sous Vista ; Seven ou Windows 8 clic droit «  exécuter en tant que administrateur » 

 
Dans la fenêtre ZHPDiag qui vient de s'ouvrir,  clique sur "Complet"


Laisse l'outil travailler, il peut être assez long. 

Un rapport s'ouvre. Ce rapport se trouve également sur ton bureau 

Pour transmettre le rapport clique sur ce lien: 
http://pjjoint.malekal.com/

Si problème utilise un des suivants

https://forums-fec.be/upload 
 https://www.cjoint.com/


Regarde sur le bureau
 
Sélectionne le fichier ZHPDiag.txt. 

Clique sur "Cliquez ici pour déposer le fichier". 

Un lien de cette forme : 

http://www.cijoint.com/cjlink.php?file=cj200905/cijSKAP5fU.txt 

est ajouté dans la page. 

Copie ce lien dans ta réponse.

Merci

@+

mika0000 · Answer

ca finit pas, ça s'arrete toujours a 82%, meme en mode sans echec.

Utilisateur anonyme · Answer

Re

Ton antivirus ne voit rien?
essaie de passer Malwaresbytes et poste moi son rapport après mise en quarantaine 

merci

@+

mika0000 · Answer

j'ai une version d'AVG gratuite 12 qui ne voit rien! pourtant ça rame SERIEUSEMENT;

Utilisateur anonyme · Answer

Bonjour

-->>  Le rapport est disponible dans Historique > Journaux de l'application >Journal d'examen. (Choisis bien le dernier en date)
Tu sélectionnes le fichier et tu demandes l'affichage 
En bas à gauche un bouton  exporter ; tu cliques dessus et tu choisis fichier texte et tu choisis ensuite ou l'enregistrer pour ensuite pouvoir le poster dans ta prochaine réponse

Merci

@+

mika0000 · Answer

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 08/11/2014
Heure de l'examen: 22:08:04
Fichier journal: 
Administrateur: Oui

Version: 0.00.0.0000
Base de données Malveillants: v2014.11.08.06
Base de données Rootkits: v2014.11.08.01
Licence: Premium
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: KAMMI

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 390097
Temps écoulé: 41 min, 30 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Avertir
PUM: Activé(e)

Processus: 0
(Aucun élément malicieux detecté)

Modules: 0
(Aucun élément malicieux detecté)

Clés du Registre: 0
(Aucun élément malicieux detecté)

Valeurs du Registre: 0
(Aucun élément malicieux detecté)

Données du Registre: 0
(Aucun élément malicieux detecté)

Dossiers: 0
(Aucun élément malicieux detecté)

Fichiers: 0
(Aucun élément malicieux detecté)

Secteurs physiques: 0
(Aucun élément malicieux detecté)


(end)

Utilisateur anonyme · Answer

Bonjour

Télécharge  http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven ou Windows 8 fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en cours de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenu de cette citation dans la partie inférieure d'OTL "Personnalisation"

---------------------------------------------------------------------

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT 
-------------------------------------------------------------------------
* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
Pour transmettre le ou les rapport(s)clique sur ce lien: 
 http://pjjoint.malekal.com/

        
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

@+

mika0000 · Answer

ça fait plus de 10h et ça s'arrete pas

Utilisateur anonyme · Answer

Bonsoir

Ton disque dur commence à fatiguer?

Ce serait une solution.

@+

mika0000 · Answer

comment savoir si le disque dur commence a fatiguer?

Utilisateur anonyme · Answer

Bonjour !!

Tu fréquentes CCM !!

https://www.commentcamarche.net/faq/39851-disque-dur-etat-de-sante-et-garantie

 @+

mika0000 · Answer

bonjour, 

j'ai fais une remarque, il y a ce dossier qui s'est repliqué un nombre infini de fois

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data

Utilisateur anonyme · Answer

Bonjour

Le rapport OTL est donc établit?

poste le ,merci

@+

mika0000 · Answer

non il est pas établi, je l'ai lancé hier en début de soirée en mode sans echec, et jusqua ce midi, toujours rien, je l'ai arreté. j'ai donc remarqué qu'il butait sur le dossier 

C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data

Utilisateur anonyme · Answer

Re

Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe 
Ou ici : https://forospyware.com 
>Renomme le pour l'enregistrer sur ton bureau en  asdehi (tout simplement pour que l'infection ne le contre pas)
-> Double clique combofix.exe.(ou clic droit sous vista «  exécuter en tant que... » )
-> Tape sur la touche 1 (Yes) pour démarrer le scan. 
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse. 

NOTE : Le rapport se trouve également ici : C:\Combofix.txt 

 Avant d'utiliser ComboFix :  

->  Déconnecte toi d'Internet et referme les fenêtres de tous les programmes en cours.  

->  Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil. 

Une fois fait, sur ton bureau double-clic sur Combofix.exe ; (ou clic droit sous vista « exécuter en tant que... »)

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc. 


- Installe le console de récupération comme demandé ;utile en cas de plantage

- Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programme. Risque de figer l'ordinateur 

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire. 

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt) 

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet. 

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message. 

/!\  Ne touche à rien tant que le scan n'est pas terminé.  /!\ : risque de figer l'ordinateur (plantage complet) 


::Si combofix détecte quelque chose et de demande a redémarrer tu acceptes


@+

mika0000 · Answer

ComboFix 14-11-09.02 - KAMMI 10/11/2014 12:08:17.1.4 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4077.1754 [GMT 1:00] Lancé depuis: c:\users\KAMMI\Desktop\asdehi.exe AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\4pg34fccb@hfjau.net c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\4pg34fccb@hfjau.net\bootstrap.js c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\4pg34fccb@hfjau.net\chrome.manifest c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\4pg34fccb@hfjau.net\content\bg.js c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\4pg34fccb@hfjau.net\install.rdf c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\q0uq.s@yauaouugcr.com c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\q0uq.s@yauaouugcr.com\bootstrap.js c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\q0uq.s@yauaouugcr.com\chrome.manifest c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\q0uq.s@yauaouugcr.com\content\bg.js c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\extensions\q0uq.s@yauaouugcr.com\install.rdf c:\users\KAMMI\Documents\~WRL1868.tmp c:\windows\msdownld.tmp c:\windows\TEMP\sqlite-3.7.151-amd64-sqlitejdbc.dll c:\windows\SysWow64\out.txt . . . . impossible à supprimer . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_npf . . ((((((((((((((((((((((((((((( Fichiers créés du 2014-10-10 au 2014-11-10 )))))))))))))))))))))))))))))))))))) . . 2014-11-10 12:55 . 2014-11-10 12:55 -------- d-----w- c:\users\Exit\AppData\Local emp 2014-11-10 12:55 . 2014-11-10 12:55 -------- d-----w- c:\users\Default\AppData\Local emp 2014-11-10 10:20 . 2014-11-10 10:20 -------- d-----w- c:\programdata\Package Cache 2014-11-10 10:19 . 2014-11-10 10:19 -------- d-----w- c:\program files (x86)\Seagate 2014-11-08 13:08 . 2014-11-10 09:59 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-11-08 13:08 . 2014-10-01 10:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-11-08 13:08 . 2014-10-01 10:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-11-08 13:08 . 2014-11-08 14:50 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2014-11-07 00:21 . 2014-11-09 17:50 -------- d-----w- c:\program files (x86)\Aurora 2014-11-06 22:00 . 2014-11-07 02:00 -------- d-----w- c:\users\KAMMI\AppData\Local\AVG Web TuneUp 2014-11-06 22:00 . 2014-11-08 12:56 -------- d-----w- c:\programdata\AVG Security Toolbar 2014-11-06 22:00 . 2014-11-06 21:59 50976 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2014-11-06 22:00 . 2014-11-06 22:00 -------- d-----w- c:\programdata\AVG Secure Search 2014-11-06 22:00 . 2014-11-06 22:00 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2014-11-06 21:59 . 2014-11-06 21:59 -------- d-----w- c:\program files (x86)\AVG Web TuneUp 2014-11-06 21:59 . 2014-11-06 22:00 -------- d-----w- c:\programdata\AVG Web TuneUp 2014-11-04 11:25 . 2014-11-04 11:25 -------- d-----w- c:\programdata\HPSSUPPLY 2014-11-04 11:23 . 2012-08-21 16:08 55808 ----a-r- c:\windows\system32\HP1100SMs.dll 2014-11-04 11:23 . 2012-08-21 15:13 350720 ----a-w- c:\windows\system32\mvhlewsi.DLL 2014-11-04 11:23 . 2012-08-21 15:07 1696256 ----a-w- c:\windows\system32\HP1100SM.EXE 2014-11-04 11:23 . 2012-08-21 15:07 74240 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HP1100PP.dll 2014-10-31 00:11 . 2014-10-31 00:12 -------- d-----w- c:\users\KAMMI\AppData\Roaming\SumatraPDF 2014-10-31 00:11 . 2014-10-31 00:11 -------- d-----w- c:\program files (x86)\SumatraPDF 2014-10-29 18:04 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins pqtplugin5.dll 2014-10-29 18:04 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins pqtplugin4.dll 2014-10-29 18:04 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins pqtplugin3.dll 2014-10-29 18:03 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins pqtplugin2.dll 2014-10-29 18:03 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins pqtplugin5.dll 2014-10-29 18:03 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins pqtplugin4.dll 2014-10-29 18:03 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins pqtplugin3.dll 2014-10-29 18:03 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins pqtplugin2.dll 2014-10-29 18:03 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins pqtplugin.dll 2014-10-29 18:03 . 2014-10-29 18:03 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins pqtplugin.dll 2014-10-29 18:03 . 2014-10-29 18:03 -------- d-----w- c:\program files (x86)\QuickTime 2014-10-29 17:46 . 2014-10-29 17:46 -------- d-----w- c:\program files\iPod 2014-10-29 17:45 . 2014-10-29 17:47 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2014-10-29 17:45 . 2014-10-29 17:47 -------- d-----w- c:\program files\iTunes 2014-10-26 23:40 . 2014-10-11 12:53 220784 ----a-w- c:\program files (x86)\Mozilla Firefox\sandboxbroker.dll 2014-10-24 08:26 . 2014-10-24 08:26 -------- d-----w- C:\found.003 2014-10-23 16:27 . 2014-10-23 16:27 -------- d-----w- c:\program files (x86)\Research In Motion 2014-10-20 08:13 . 2014-05-07 16:42 144664 ----a-w- c:\windows\SysWow64\secman.dll 2014-10-20 02:21 . 2014-06-16 06:01 206080 ----a-w- c:\windows\system32\drivers\ssudserd.sys 2014-10-20 02:21 . 2014-06-16 06:01 206080 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2014-10-20 02:20 . 2014-06-16 06:01 110336 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2014-10-20 02:15 . 2013-12-30 01:54 37344 ----a-w- c:\windows\SysWow64\FsUsbExDisk.Sys 2014-10-20 02:15 . 2013-12-30 01:54 37344 ----a-w- c:\windows\SysWow64\FsUsbExDisk.Sy_ 2014-10-20 02:15 . 2013-12-30 01:54 233472 ----a-w- c:\windows\SysWow64\FsUsbExService.Exe 2014-10-20 02:15 . 2012-09-26 19:57 110592 ----a-w- c:\windows\SysWow64\FsUsbExDevice.Dll . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2014-10-02 13:23 . 2014-10-02 13:23 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2014-10-02 13:23 . 2014-10-02 13:23 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts 2014-10-01 10:11 . 2013-11-25 22:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-09-24 20:56 . 2012-06-09 09:12 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2014-09-24 09:40 . 2013-05-04 01:37 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-09-24 09:40 . 2013-05-04 01:37 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-08-19 10:11 . 2014-08-19 10:11 36456 ----a-w- c:\windows\system32\drivers\TrueSight.sys . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2014-11-06 21:59 2369560 ----a-w- c:\program files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\KAMMI\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\KAMMI\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\KAMMI\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\KAMMI\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-05-18 83344] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] "VRLPHelper"="c:\program files (x86)\Sony\Media Gallery\VRLPHelper.exe" [2011-05-23 186768] "SuperCopier2.exe"="c:\program files (x86)\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392] "IDMan"="e:\internet download manager [idm] v6.21 build 1 + crack - [mumbai-tpb]\Crack\IDMan.exe" [2014-09-09 15:07 3858000] "GoogleChromeAutoLaunch_EF3C31C8DB0FF1DFDB680704ED665221"="c:\users\KAMMI\AppData\Local\Google\Chrome\Application\chrome.exe" [2014-10-22 854344] "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440] "Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-05-02 500736] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-05-31 2801288] "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520] "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-07-25 311616] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-12 336384] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176] "RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2014-02-07 443408] "RIM PeerManager"="c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" [2014-05-07 4493824] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888] "HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-04 30264] "vProt"="c:\program files (x86)\AVG Web TuneUp\vprot.exe" [2014-11-06 3060248] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableSecureUIAPath"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys] @="FSFilter System Recovery" . R2 Camtel EVDO-Huawei. RunOuc;Camtel EVDO-Huawei. OUC;c:\program files (x86)\Camtel EVDO-Huawei\UpdateDog\ouc.exe;c:\program files (x86)\Camtel EVDO-Huawei\UpdateDog\ouc.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x] R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x] R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x] R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x] R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x] R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x] R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x] R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 CT_QUALCOMM_U_drv;Qualcomm EVDO USB Device for Serial Communication;c:\windows\system32\DRIVERS\CT_QUALCOMM_U_drv.sys;c:\windows\SYSNATIVE\DRIVERS\CT_QUALCOMM_U_drv.sys [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x] R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x] R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x] R3 GdmFilt;GCT USB Mass Storage Filter Service;c:\windows\system32\DRIVERS\GdmFilt.sys;c:\windows\SYSNATIVE\DRIVERS\GdmFilt.sys [x] R3 GdmUWm;GCT Mobile WiMAX NIC USB Driver;c:\windows\system32\DRIVERS\gdmuwm.sys;c:\windows\SYSNATIVE\DRIVERS\gdmuwm.sys [x] R3 HPFXBULKLEDM;HPFXBULKLEDM;c:\windows\system32\drivers\hppdbulkio.sys;c:\windows\SYSNATIVE\drivers\hppdbulkio.sys [x] R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hppdfaxio.sys;c:\windows\SYSNATIVE\drivers\hppdfaxio.sys [x] R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x] R3 NWUSBCDFIL64;Novatel Wireless Installation CD;c:\windows\system32\DRIVERS\NwUsbCdFil64.sys;c:\windows\SYSNATIVE\DRIVERS\NwUsbCdFil64.sys [x] R3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);c:\windows\system32\DRIVERS wusbmdm_000.sys;c:\windows\SYSNATIVE\DRIVERS wusbmdm_000.sys [x] R3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);c:\windows\system32\DRIVERS wusbser_000.sys;c:\windows\SYSNATIVE\DRIVERS wusbser_000.sys [x] R3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);c:\windows\system32\DRIVERS wusbser2_000.sys;c:\windows\SYSNATIVE\DRIVERS wusbser2_000.sys [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x] R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers susbflt.sys;c:\windows\SYSNATIVE\drivers susbflt.sys [x] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 usbrndis6;USB RNDIS6 Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x] R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys;c:\windows\SYSNATIVE\DRIVERS\CT_ZTEMT_U_USBSER.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 MOBK649Filter;MOBK649Filter;c:\windows\system32\DRIVERS\MOBK649.sys;c:\windows\SYSNATIVE\DRIVERS\MOBK649.sys [x] S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x] S2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x] S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x] S2 avgfws;Pare-feu AVG;c:\program files (x86)\AVG\AVG2012\avgfws.exe;c:\program files (x86)\AVG\AVG2012\avgfws.exe [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x] S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x] S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x] S2 CDROM_Detect;CDROM_Detect;c:\program files\CDMA-1XDO\C+WEject.exe;c:\program files\CDMA-1XDO\C+WEject.exe [x] S2 GCTWiMAXService;GCT WiMAX Service;c:\windows\system32\GCTWiMaxServiceD.exe;c:\windows\SYSNATIVE\GCTWiMaxServiceD.exe [x] S2 GdmWmPrt;GCT WiMax Protocol Driver;c:\windows\system32\DRIVERS\gdmwmprt.sys;c:\windows\SYSNATIVE\DRIVERS\gdmwmprt.sys [x] S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x] S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x] S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] S2 MOBK649backup;Servizio McAfee Online Backup;c:\program files (x86)\McAfee Online Backup\MOBK649backup.exe;c:\program files (x86)\McAfee Online Backup\MOBK649backup.exe [x] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x] S2 NWVZHelper;Novatel Wireless Verizon Device Helper;c:\program files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe;c:\program files (x86)\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe [x] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x] S2 RIM MDNS;RIM MDNS;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [x] S2 RIM Tunnel Service;BlackBerry Link Communication Manager;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager unmgr.exe service;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager unmgr.exe service [x] S2 rimspci;rimspci;c:\windows\system32\drivers imssne64.sys;c:\windows\SYSNATIVE\drivers imssne64.sys [x] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers isdsnxc64.sys;c:\windows\SYSNATIVE\drivers isdsnxc64.sys [x] S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x] S2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x] S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x] S2 UDisk Monitor;UDisk Monitor;c:\program files\ZTE Wireless Terminal\bin\MonServiceUDisk.exe;c:\program files\ZTE Wireless Terminal\bin\MonServiceUDisk.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x] S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x] S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x] S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x] S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x] S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [x] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x] S3 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x] S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS usb3hub.sys;c:\windows\SYSNATIVE\DRIVERS usb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS usb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS usb3xhc.sys [x] S3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers imvndis6_AMD64.sys;c:\windows\SYSNATIVE\Drivers imvndis6_AMD64.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x] S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x] S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x] S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS eamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS eamviewervpn.sys [x] S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x] S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe;c:\program files\Sony\VAIO Update Common\VUAgent.exe [x] . . Contenu du dossier 'Tâches planifiées' . 2014-11-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-04 09:40] . 2014-11-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3405881144-4049165689-1168430626-1000Core.job - c:\users\KAMMI\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-04 16:18] . 2014-11-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3405881144-4049165689-1168430626-1000UA.job - c:\users\KAMMI\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-04 16:18] . 2014-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3405881144-4049165689-1168430626-1000Core.job - c:\users\KAMMI\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-06 01:43] . 2014-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3405881144-4049165689-1168430626-1000UA.job - c:\users\KAMMI\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-06 01:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\KAMMI\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\KAMMI\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\KAMMI\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\KAMMI\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2014-04-21 10:02 25112 ----a-w- e:\internet download manager [idm] v6.21 build 1 + crack - [mumbai-tpb]\Crack\IDMShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK649] @="{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}" [HKEY_CLASSES_ROOT\CLSID\{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}] 2011-04-18 20:00 4734264 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6492] @="{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}" [HKEY_CLASSES_ROOT\CLSID\{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}] 2011-04-18 20:00 4734264 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6493] @="{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}" [HKEY_CLASSES_ROOT\CLSID\{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}] 2011-04-18 20:00 4734264 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-24 11855976] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-24 2226280] "AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-07-05 947360] "AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-07-05 797344] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648] "Samsung Link"="c:\program files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" [2014-09-29 607584] . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = www.google.com mLocal Page = c:\windows\System32\blank.htm uInternet Settings,ProxyOverride = ;*.local IE: &Envoyer à OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Télécharger avec IDM - e:\internet download manager [idm] v6.21 build 1 + crack - [mumbai-tpb]\Crack\IEExt.htm IE: Télécharger le contenu de video FLV avec Internet Download Manager - e:\internet download manager [idm] v6.21 build 1 + crack - [mumbai-tpb]\Crack\IEGetVL.htm IE: Télécharger tous les liens avec Internet Download Manager - e:\internet download manager [idm] v6.21 build 1 + crack - [mumbai-tpb]\Crack\IEGetAll.htm TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{060A7250-6D60-48F5-8118-08133DA6C945}: NameServer = 195.24.192.33 195.24.208.2 TCP: Interfaces\{85C23BF9-AB9C-49AB-92A5-73993BAF73A4}: NameServer = 195.24.192.33 195.24.208.2 TCP: Interfaces\{CDF4BF81-9FCF-4D23-8D48-3B364170ADC6}: NameServer = 195.24.192.33 195.24.208.2 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll FF - ProfilePath - c:\users\KAMMI\AppData\Roaming\Mozilla\Firefox\Profiles\a20son30.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxps://mysearch.avg.com?cid={98CDDD7F-F51C-45B9-8EFF-18443CD7139C}&mid=778c157f103171b308b365050d37a9b8-1e1e3b44f49df1a2fbe6c30acdebcbd34a8e4021&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 23:00&v=4.0.0.19&pid=wtu&sg=&sap=hp . - - - - ORPHELINS SUPPRIMES - - - - . BHO-{CF783DA1-52DE-A59C-7786-501B8307C1ED} - c:\program files (x86)\DowanlOad keeper\oWyldYgvr.dll BHO-{EB752D1F-767B-CE2F-89D9-A6CE6DBC3BAC} - c:\program files (x86)\YoutubeAdblocker\6O.dll Toolbar-10 - (no file) Wow6432Node-HKCU-Run-ultracopier - c:\program files (x86)\Supercopier\supercopier.exe Wow6432Node-HKLM-Run- - (no file) SafeBoot-dmboot.sys SafeBoot-dmio.sys SafeBoot-dmload.sys SafeBoot-dmadmin SafeBoot-dmserver SafeBoot-SRService BHO-{CF783DA1-52DE-A59C-7786-501B8307C1ED} - c:\program files (x86)\DowanlOad keeper\oWyldYgvr.x64.dll BHO-{EB752D1F-767B-CE2F-89D9-A6CE6DBC3BAC} - c:\program files (x86)\YoutubeAdblocker\6O.x64.dll Toolbar-10 - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe AddRemove-{29655059-FC07-1917-0D5F-03F89932AD74} - c:\progra~3\INSTAL~2\{1FC4E~1\Setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\"" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-3405881144-4049165689-1168430626-1000\Software\Microsoft\Notification de cadeaux MSN] @DACL=(02 0000) . [HKEY_USERS\S-1-5-21-3405881144-4049165689-1168430626-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4F5554E3-436D-9E35-1AB4-7A0C5A639E9D}*] "jadfdfojcjjlnpnhoced"=hex:63,61,61,70,62,65,00,00 "paldlghhmmhgakcjlnpodhojhicgephn"=hex:62,61,70,6e,00,00 "hadfdfojcjjlnpnh"=hex:61,61,00,00 . [HKEY_USERS\S-1-5-21-3405881144-4049165689-1168430626-1000_Classes\Wow6432Node\CLSID\{0b459316-a23e-4040-8bbc-f58c1cd63008}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000105 "Therad"=dword:00000010 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_USERS\S-1-5-21-3405881144-4049165689-1168430626-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):7d,6e,19,25,19,41,32,40,dd,f8,ac,1d,c5,46,58,c3,e5,95,0c,a2,ad, 6d,cb,eb,bb,cd,17,46,64,54,a4,1f,89,6d,6e,40,1a,89,d8,5a,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-3405881144-4049165689-1168430626-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):83,be,1a,75,c0,9d,69,46,c9,68,ca,c6,8b,6e,32,48,af,2c,dd,e2,27, 23,a9,83,2d,da,d1,14,d5,29,53,48,9a,01,df,7b,36,2b,14,5a,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-3405881144-4049165689-1168430626-1000_Classes\Wow6432Node\CLSID\{f0cc5702-1df4-4423-89f3-da78df370d9e}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:000000b8 "Therad"=dword:00000016 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\Windows\SysWOW64\Macromed\Flash\Flash32_15_0_0_167.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.15" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\Windows\SysWOW64\Macromed\Flash\Flash32_15_0_0_167.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\Windows\SysWOW64\Macromed\Flash\Flash32_15_0_0_167.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\Windows\SysWOW64\Macromed\Flash\Flash32_15_0_0_167.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000001 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0020\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0022\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0023\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0024\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0025\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0026\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\programdata\Camtel EVDO-Huawei\OnlineUpdate\ouc.exe c:\windows\SysWOW64\GCTWiMaxServiceD.exe c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe c:\windows\SysWOW64\DllHost.exe c:\wamp\apache2\bin\httpd.exe c:\wamp\mysql\bin\mysqld-nt.exe c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager unmgr.exe c:\windows\SysWOW64\DllHost.exe c:\wamp\apache2\bin\httpd.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\program files (x86)\Smadav\SMc:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe c:\program files\Sony\VAIO Personalization Manager\VpmLM.exe . ************************************************************************** . Heure de fin: 2014-11-10 19:10:02 - La machine a redémarré ComboFix-quarantined-files.txt 2014-11-10 18:10 . Avant-CF: 99 229 118 464 octets libres Après-CF: 97 815 576 576 octets libres . - - End Of File - - D904198B8F2BAF90AC13C17B50E9F276

mika0000 · Answer

j'ai posté le rapport combofix. t'arrives a le voir?

Utilisateur anonyme · Answer

Bonsoir

Négatif.
Héberge le

@+

Utilisateur anonyme · Answer

Re

Quoi de neuf?

mika0000 · Answer

je t'écoute guillaume5188

rien de différent

Utilisateur anonyme · Answer

Re

Désolé je sèche un peu.
Problème matériel?
Tester la RAM
problème de surchauffe
etc...

@+

mika0000 · Answer

il ya ce dossier dont je tai parlé plus haut qui arrete pas de se multiplier. c'est normal?

Utilisateur anonyme · Answer

Re

Non ce n'est pas normal.

 Regarde ici : http://support.kaspersky.com/5350#block1   
Lancez le programme en cliquant sur TDSSKiller.exe, 
Une fenêtre s'ouvre « clique sur « start scan » ;
Des fiches sont dispo en fonction des configurations

Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut. 
Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée. 
Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée. 
Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas 
Si Suspicious file est indiqué, laisse l''option cochée sur Skip 
une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer 

sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau
 
Sinon il est enregistré ici : C:\TDSSKiller_N°Version_Date_Heure.txt :
  
Poste moi son rapport à l'issue; merci 

@+

mika0000 · Answer

no threats found

https://www.cjoint.com/?DKkxhUFU6I6

Utilisateur anonyme · Answer

Re

désolé ,je cale

Réinstalle

@+

mika0000 · Answer

merci beaucoup pour l'aide

Utilisateur anonyme · Answer

Re

merci de me tenir informé

@+

Mon laptop devient trop lent

27 réponses

Discussions similaires