Aide desinstallation SpyHunter4 et élimination Iminent/Umbrella
Résolu/Fermé
bonne_brele
Messages postés
9
Date d'inscription
samedi 22 novembre 2014
Statut
Membre
Dernière intervention
22 novembre 2014
-
Modifié par bonne_brele le 22/11/2014 à 04:20
bonne_brele Messages postés 9 Date d'inscription samedi 22 novembre 2014 Statut Membre Dernière intervention 22 novembre 2014 - 22 nov. 2014 à 22:12
bonne_brele Messages postés 9 Date d'inscription samedi 22 novembre 2014 Statut Membre Dernière intervention 22 novembre 2014 - 22 nov. 2014 à 22:12
A voir également:
- Aide desinstallation SpyHunter4 et élimination Iminent/Umbrella
- Iminent - Télécharger - Albums photo
- Tiny umbrella - Télécharger - Sauvegarde
- Logiciel de desinstallation - Télécharger - Nettoyage
- Mcafee desinstallation - Guide
- Désinstallation avast - Télécharger - Antivirus & Antimalwares
4 réponses
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
22 nov. 2014 à 04:41
22 nov. 2014 à 04:41
Bonjour,
1/
--> Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Scanner".
--> Une fois le scan terminé, choisis l'option "Nettoyer".
--> Redémarre le PC comme demandé, héberge le rapport sur pjjoint.malekal.com puis copie-colle le lien donné par le site dans ta réponse. Le rapport est enregistré dans C:\AdwCleaner sous le nom d'AdwCleaner[s?].
2/
--> Télécharge ZHPDiag (de Nicolas Coolman).
--> Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (laisse "Créer une icône sur le Bureau" coché).
--> Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.
--> Clique sur "Complet".
--> Une fois le scan terminé, un rapport est créé sur le Bureau.
--> Héberge-le sur pjjoint.malekal.com puis copie-colle le lien donné par le site dans ton prochain message.
1/
--> Télécharge et lance AdwCleaner (d'Xplode), choisis l'option "Scanner".
--> Une fois le scan terminé, choisis l'option "Nettoyer".
--> Redémarre le PC comme demandé, héberge le rapport sur pjjoint.malekal.com puis copie-colle le lien donné par le site dans ta réponse. Le rapport est enregistré dans C:\AdwCleaner sous le nom d'AdwCleaner[s?].
2/
--> Télécharge ZHPDiag (de Nicolas Coolman).
--> Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (laisse "Créer une icône sur le Bureau" coché).
--> Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.
--> Clique sur "Complet".
--> Une fois le scan terminé, un rapport est créé sur le Bureau.
--> Héberge-le sur pjjoint.malekal.com puis copie-colle le lien donné par le site dans ton prochain message.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
22 nov. 2014 à 16:13
22 nov. 2014 à 16:13
--> Copie tout le texte présent en gras ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").
Script ZHPFix
SysRestore
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0414c] . (...) -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
[MD5.C73A34375975BF29D8F57AD3A09075D3] [APT] [AVG-Secure-Search-Update_0414c_rel] (...) -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912] =>Toolbar.AVGSearch
[MD5.C73A34375975BF29D8F57AD3A09075D3] [APT] [AVG-Secure-Search-Update_0414c_rmv] (...) -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912] =>Toolbar.AVGSearch
[MD5.633BB002E3061041EE6B1D3136E773E7] [APT] [SpyHunter4Startup] (.Enigma Software Group USA, LLC..) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [7580544]
O39 - APT: AVG-Secure-Search-Update_0414c_rel - (...) -- C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job [390] =>Toolbar.AVGSearch
O39 - APT: AVG-Secure-Search-Update_0414c_rel - (...) -- C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0414c_rel [390] =>Toolbar.AVGSearch
O39 - APT: AVG-Secure-Search-Update_0414c_rmv - (...) -- C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job [390] =>Toolbar.AVGSearch
O39 - APT: AVG-Secure-Search-Update_0414c_rmv - (...) -- C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0414c_rmv [390] =>Toolbar.AVGSearch
O42 - Logiciel: SpyHunter 4 - (.Enigma Software Group, LLC.) [HKLM][64Bits] -- SpyHunter
[HKLM\Software\EnigmaSoftwareGroup]
O43 - CFD: 09/02/2014 - 17:22:26 - [] -SH-D C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O43 - CFD: 20/11/2014 - 22:35:08 - [] ----D C:\Users\Aurélie\AppData\Roaming\Enigma Software Group
C:\Program Files\Enigma Software Group
O45 - LFCP:[MD5.D3A307C578E8B917309D2581BEABCF6A] - 22/11/2014 - 15:31:57 ---A- - C:\Windows\Prefetch\AVG-SECURE-SEARCH-UPDATE_0414-4359EE03.pf =>Toolbar.AVGSearch
O45 - LFCP:[MD5.5E0ADF76571974B1A4CAB5ADA8546528] - 15/10/2014 - 13:18:16 ---A- - C:\Windows\Prefetch\IMINENTSOFTONICREADY.EXE-FA0B9996.pf =>Adware.IMBooster
O45 - LFCP:[MD5.ED81836FDAEAC417122D51F67E011DA6] - 15/10/2014 - 13:15:43 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_FREE--478770A3.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.C6105C6839237C0B21F3D81C5E1C6880] - 20/11/2014 - 22:33:51 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-73AC40E6.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.8305817D4F6AB56F45F25EE5C6E68186] - 20/11/2014 - 22:35:19 ---A- - C:\Windows\Prefetch\SPYHUNTER4.EXE-3B4E3201.pf =>Crapware.SpyHunter
O61 - LFC: 20/11/2014 - 15:42:10 ---A- . (.Enigma Software Group USA, LLC..) -- C:\Users\Aurélie\Downloads\SpyHunter-Installer.exe [2998656]
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.disableHPGuard", false); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.disableSPGuard", false); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guardCountInit", 156); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guardPopupCountInit", -1); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guardSPCountInit", 156); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guardSPPopupCountInit", -1); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guard_xpcom", 0); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guards_inactive", 1); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.newtab", true); => Toolbar.AVGSearch*
SR - | Auto 20/11/2014 1025920 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter] =>Crapware.SpyHunter^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
EmptyFlash
EmptyTemp
--> Lance ZHPFix depuis le raccourci situé sur ton Bureau.
--> Clique sur le bouton IMPORTER. Dans l'encadré principal, tu verras les lignes que tu as copié précédemment apparaître.
--> Clique sur GO et confirme pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.
--> Accepte la désinstallation des programmes si proposé, mais refuse le redémarrage de ton PC si également proposé, car cela stopperait ZHPFix.
--> Une fois terminé, héberge le rapport sur pjjoint.malekal.com puis copie-colle le lien dans ton prochain message.
Script ZHPFix
SysRestore
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0414c] . (...) -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
[MD5.C73A34375975BF29D8F57AD3A09075D3] [APT] [AVG-Secure-Search-Update_0414c_rel] (...) -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912] =>Toolbar.AVGSearch
[MD5.C73A34375975BF29D8F57AD3A09075D3] [APT] [AVG-Secure-Search-Update_0414c_rmv] (...) -- C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912] =>Toolbar.AVGSearch
[MD5.633BB002E3061041EE6B1D3136E773E7] [APT] [SpyHunter4Startup] (.Enigma Software Group USA, LLC..) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [7580544]
O39 - APT: AVG-Secure-Search-Update_0414c_rel - (...) -- C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rel.job [390] =>Toolbar.AVGSearch
O39 - APT: AVG-Secure-Search-Update_0414c_rel - (...) -- C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0414c_rel [390] =>Toolbar.AVGSearch
O39 - APT: AVG-Secure-Search-Update_0414c_rmv - (...) -- C:\Windows\Tasks\AVG-Secure-Search-Update_0414c_rmv.job [390] =>Toolbar.AVGSearch
O39 - APT: AVG-Secure-Search-Update_0414c_rmv - (...) -- C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0414c_rmv [390] =>Toolbar.AVGSearch
O42 - Logiciel: SpyHunter 4 - (.Enigma Software Group, LLC.) [HKLM][64Bits] -- SpyHunter
[HKLM\Software\EnigmaSoftwareGroup]
O43 - CFD: 09/02/2014 - 17:22:26 - [] -SH-D C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O43 - CFD: 20/11/2014 - 22:35:08 - [] ----D C:\Users\Aurélie\AppData\Roaming\Enigma Software Group
C:\Program Files\Enigma Software Group
O45 - LFCP:[MD5.D3A307C578E8B917309D2581BEABCF6A] - 22/11/2014 - 15:31:57 ---A- - C:\Windows\Prefetch\AVG-SECURE-SEARCH-UPDATE_0414-4359EE03.pf =>Toolbar.AVGSearch
O45 - LFCP:[MD5.5E0ADF76571974B1A4CAB5ADA8546528] - 15/10/2014 - 13:18:16 ---A- - C:\Windows\Prefetch\IMINENTSOFTONICREADY.EXE-FA0B9996.pf =>Adware.IMBooster
O45 - LFCP:[MD5.ED81836FDAEAC417122D51F67E011DA6] - 15/10/2014 - 13:15:43 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_FREE--478770A3.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.C6105C6839237C0B21F3D81C5E1C6880] - 20/11/2014 - 22:33:51 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-73AC40E6.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.8305817D4F6AB56F45F25EE5C6E68186] - 20/11/2014 - 22:35:19 ---A- - C:\Windows\Prefetch\SPYHUNTER4.EXE-3B4E3201.pf =>Crapware.SpyHunter
O61 - LFC: 20/11/2014 - 15:42:10 ---A- . (.Enigma Software Group USA, LLC..) -- C:\Users\Aurélie\Downloads\SpyHunter-Installer.exe [2998656]
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.disableHPGuard", false); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.disableSPGuard", false); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guardCountInit", 156); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guardPopupCountInit", -1); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guardSPCountInit", 156); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guardSPPopupCountInit", -1); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guard_xpcom", 0); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.guards_inactive", 1); => Toolbar.AVGSearch*
O69 - SBI: prefs.js [Aurélie - 4q3yaegz.default] user_pref("avg.install.newtab", true); => Toolbar.AVGSearch*
SR - | Auto 20/11/2014 1025920 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter] =>Crapware.SpyHunter^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
EmptyFlash
EmptyTemp
--> Lance ZHPFix depuis le raccourci situé sur ton Bureau.
--> Clique sur le bouton IMPORTER. Dans l'encadré principal, tu verras les lignes que tu as copié précédemment apparaître.
--> Clique sur GO et confirme pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.
--> Accepte la désinstallation des programmes si proposé, mais refuse le redémarrage de ton PC si également proposé, car cela stopperait ZHPFix.
--> Une fois terminé, héberge le rapport sur pjjoint.malekal.com puis copie-colle le lien dans ton prochain message.
bonne_brele
Messages postés
9
Date d'inscription
samedi 22 novembre 2014
Statut
Membre
Dernière intervention
22 novembre 2014
22 nov. 2014 à 16:25
22 nov. 2014 à 16:25
C'est parti! (je réponds via un autre ordi). Mais une fenêtre s'est très vite affichée me demandant ANNULER ou OK au choix de la langue pour le programme d'installation Enigma Software. Le Scan semble en pause depuis! Dois-je cliquer sur annuler, car plus rien n'avance?
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
22 nov. 2014 à 16:31
22 nov. 2014 à 16:31
Oui.
bonne_brele
Messages postés
9
Date d'inscription
samedi 22 novembre 2014
Statut
Membre
Dernière intervention
22 novembre 2014
22 nov. 2014 à 16:34
22 nov. 2014 à 16:34
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
22 nov. 2014 à 16:47
22 nov. 2014 à 16:47
Plus de souci ?
Redémarre le PC et génère un nouveau rapport ZHPDiag (pour vérifier).
Redémarre le PC et génère un nouveau rapport ZHPDiag (pour vérifier).
bonne_brele
Messages postés
9
Date d'inscription
samedi 22 novembre 2014
Statut
Membre
Dernière intervention
22 novembre 2014
22 nov. 2014 à 18:09
22 nov. 2014 à 18:09
J'ai bien l'impression que je suis débarrassé de tout virus et autre infection!!
SH4 n'apparait plus dans mes programmes et je ne trouve plus de trace de Iminent/Umbrella.
Je vous remercie infiniment pour m'avoir consacré ce temps!! Heureusement qu'il existe des gens comme vous pour contrer les atteintes des personnes malveillantes.
Je poste quand même le diag que j'ai fait fait pour vérifier avec ZHP.
Je marque le sujet comme "résolu".
merci encore!!!!!!!
voici le diag:
~ Rapport de ZHPDiag v2014.11.19.165 - Nicolas Coolman (19/11/2014)
~ Lancé par Aurélie (22/11/2014 17:57:07)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17416
MFIE: Mozilla Firefox 33.1 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1, 64-bit (Build 9600)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : V2WYG
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.4335
Malwarebytes Anti-Malware version 2.0.3.1025
Windows Defender W8 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v4.19
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3971 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 187 GB (41%) free of 449 GB
---\\ Mode de connexion au système
~ Computer Name: AURELIE
~ User Name: Aurélie
~ All Users Names: UpdatusUser, Aurélie, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Aurélie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Aurélie\AppData\Roaming\
~ %Desktop% : C:\Users\Aurélie\Desktop\
~ %Favorites% : C:\Users\Aurélie\Favorites\
~ %LocalAppData% : C:\Users\Aurélie\AppData\Local\
~ %StartMenu% : C:\Users\Aurélie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 187 Go of 449 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] - (.Microsoft Corporation - Explorateur Windows.) (.23/08/2014 - 08:48:28.) -- C:\Windows\Explorer.exe [2374784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.BF1FC65A307B31939ADF7F976FDE033C] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.31/10/2014 - 04:45:17.) -- C:\Windows\System32\wininet.dll [2365440]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.18/03/2014 - 11:09:53.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.18/03/2014 - 11:09:55.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.01/08/2014 - 16:49:54.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.01/08/2014 - 16:54:33.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 12:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 11:09:57.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30/04/2014 - 07:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/07/2014 - 16:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [2009920]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.18/03/2014 - 10:41:24.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 03:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/184
~ Mes musiques (My Musics) : 1/40
~ Mes Videos (My Videos) : 1/11456
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 3/17636
~ Mon Bureau (My Desktop) : 2/716
~ Menu demarrer (Programs) : 1/52
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.F89773DFA9B8C95A3AC2AF1E7D99E483] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.3204]
[MD5.89770C53B0CE6B2D5CCCF94FEB126177] - (.Pas de propriétaire - HID Monitor MFC Application.) -- C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe [30640] [PID.3996]
[MD5.2F03C763EE0DFB4DE56176737DEFB2E2] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [21184] [PID.1276]
[MD5.0049D80BAB72557E9DD09C223FD71E58] - (...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176] [PID.6012]
[MD5.80C830207A104F6C1BDE91D0D86D8685] - (.Microsoft Corporation - Send to OneNote Tool.) -- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.exe [195240] [PID.1228]
[MD5.4312B4DD07050FC58146756634058CE8] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136] [PID.5776]
[MD5.8180FF8E683B8A997746143F6286B668] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8129536] [PID.4492]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Aurélie\AppData\Roaming\Mozilla\Firefox\Profiles\4q3yaegz.default\prefs.js
M2 - MFEP: Extension [Aurélie - 4q3yaegz.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [Aurélie - 4q3yaegz.default] {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect_x86_64] - (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
~ Firefox Browser: 5 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.Google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=acer13.msn.com&ocid=AARDHP&pc=MAARJS
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17351 (winblue_r3.140925-1500)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 16 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} Clé orpheline
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline
~ BHO: 6 Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Aurélie]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Aurélie\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-4095549978-381055601-3677954166-1001\..\RunOnce: [WAB Migrate] . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files (x86)\Windows Mail\wab.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C62C1B9D-1CEF-4014-A4E2-EED52EF45460}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C62C1B9D-1CEF-4014-A4E2-EED52EF45460}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (...) -- igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 327.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: CCDMonitorService (CCDMonitorService) . (.Acer Incorporated - CCD Monitor Service.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Launch Manager Service (LMSvc) . (.Acer Incorporate - LMSvc.) - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Nero Update (NAUpdate) . (.Nero AG - NeroUpdate.) - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 327.0.) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 17 Scanned in 00mn 08s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.46C65974CA912E5751905432D649BC25] [APT] [0414cUpdateInfo] (...) -- C:\ProgramData\Avg_Update_0414c\0414c_{32059411-D7D5-42B4-A606-EADC37EF2E47}.exe [2733080]
[MD5.6569176A01B351ED9E87106E6CA0C1DC] [APT] [1114tbUpdateInfo] (...) -- C:\ProgramData\Avg_Update_1114tb\1114tb_{F075F8BC-946E-4FCE-B182-3C184D24A849}.exe [2782744]
[MD5.D51145F6B0CE987850F13A61DAD5E531] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.EC309A6F5A4838243C74E58314875498] [APT] [ALU] (...) -- C:\Program Files (x86)\Acer\Live Updater\updater.exe [4149832]
[MD5.B690DE3B3D28AD45112BE310780DBE8D] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40008]
[MD5.870893F2365CA9D91D2AC7C0BD391868] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4826904]
[MD5.B05E57047FC5C0E20A342A0407848CFC] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [994880]
[MD5.EE864CD35936E4AAD8120321907DA8F5] [APT] [Dolby Selector] (.Dolby Laboratories Inc..) -- C:\Dolby PCEE4\pcee4.exe [508656]
[MD5.1A14F52DC735730CB4D683FB3F468C28] [APT] [Launch Manager] (.Acer Incorporate.) -- C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [415272]
[MD5.D7E16AB9AAB8BFA219D84C79536319E2] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5306440]
[MD5.C6CAB8F629AE677E4B5AE0D9E28241E6] [APT] [Notification] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [523848]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
~ Scheduled Task: 24 Scanned in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (Avgdiska) . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - C:\Windows\System32\DRIVERS\avgdiska.sys
O41 - Driver: (AVGIDSDriver) . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - C:\Windows\System32\DRIVERS\avgidsdrivera.sys
O41 - Driver: (Avgldx64) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx64.sys
O41 - Driver: (avgtp) . (.AVG Technologies - Pas de description.) - C:\Windows\system32\drivers\avgtpx64.sys
O41 - Driver: (Avgwfpa) . (.AVG Technologies CZ, s.r.o. - AVG Firewall driver.) - C:\Windows\system32\DRIVERS\avgwfpa.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
~ Drivers: 42 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- {7C4C5901-A58F-4018-A93B-01C93EF8D3F3}
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM][64Bits] -- AVG
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM][64Bits] -- {2B77B867-D7B9-4789-94E1-94D3BBBA642C}
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM][64Bits] -- {41357956-5B67-489C-9F7D-FABACC2CD3CB}
O42 - Logiciel: Acer Launch Manager - (.Acer Incorporated.) [HKLM][64Bits] -- {C18D55BD-1EC6-466D-B763-8EEDDDA9100E}
O42 - Logiciel: Acer Power Management - (.Acer Incorporated.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479}
O42 - Logiciel: Acer Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}
O42 - Logiciel: Acer USB Charge Manager - (.Acer Incorporated.) [HKLM][64Bits] -- {07E867C5-0C48-40FF-A013-DDAF4565AD47}
O42 - Logiciel: AcerCloud Docs - (.Acer Incorporated.) [HKLM][64Bits] -- {CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
O42 - Logiciel: AcerCloud Portal - (.Acer Incorporated.) [HKLM][64Bits] -- {A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {77D28FF5-242F-488A-8215-937D6A4D69E0}
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud
O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Lightroom 5.6 64-bit - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D19E99C2-6D9D-4075-B446-B4387EAF70A5} =>.Adobe Systems Incorporated
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Canon Utilities EOS Utility - (.Canon Inc..) [HKLM][64Bits] -- EOS Utility
O42 - Logiciel: Centre Souris et Claviers Microsoft - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center
O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dolby Home Theater v4 - (.Dolby Laboratories Inc.) [HKLM][64Bits] -- {B26438B4-BF51-49C3-9567-7F14A5E40CB9}
O42 - Logiciel: GIMP 2.8.10 - (.The GIMP Team.) [HKLM][64Bits] -- GIMP-2_is1
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B}
O42 - Logiciel: GoodFrame - (.FDSoftware.) [HKLM][64Bits] -- GoodFrame_is1
O42 - Logiciel: HID Monitor - (.Acer Incorporated.) [HKLM][64Bits] -- {D902785C-B770-4D1E-9237-6803DE6E4CD3}
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- {3D9CB654-99AD-4301-89C6-0D12A790767C}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {5EB368A4-562A-41B6-A5B3-06054A27F5A6}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {977D1ABF-4089-4CA7-BA33-CC75808B7ACE}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79}
O42 - Logiciel: Light Image Resizer 4.6.4.0 - (.ObviousIdea.) [HKLM][64Bits] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1
O42 - Logiciel: Live Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.3.1025 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mises à jour NVIDIA 1.14.17 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mozilla Firefox 33.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 33.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.12.1031 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
O42 - Logiciel: NVIDIA Pilote graphique 327.02 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}
O42 - Logiciel: Nero BackItUp 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {4CA8F973-6377-4ABF-9ED5-CC2323B3C000}
O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}
O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: Office Addin - (.Acer.) [HKLM][64Bits] -- {6D2BBE1D-E600-4695-BA37-0B0E605542CC}
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}
O42 - Logiciel: Qualcomm Atheros WLAN and Bluetooth Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C9661090-C134-46E8-90B2-76D72355C2A6}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Spotify - (.Spotify AB.) [HKLM][64Bits] -- Spotify
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {99072AB4-D795-44D5-9D65-E3C9F8322C97}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Visual Studio 2005 Tools pour Office Second Edition Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Visual Studio 2005 Tools for Office Runtime
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Visual Studio Tools for the Office system 3.0 Runtime
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258
O42 - Logiciel: WinRAR 5.10 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Winamax Poker - (.Winamax.) [HKLM][64Bits] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O42 - Logiciel: Winamax Poker - (.Winamax.) [HKLM][64Bits] -- {4ECBD396-002E-0B72-8453-1F0EE0797C49}
O42 - Logiciel: clear.fi Media - (.Acer Incorporated.) [HKLM][64Bits] -- {E9AF1707-3F3A-49E2-8345-4F2D629D0876}
O42 - Logiciel: clear.fi Photo - (.Acer Incorporated.) [HKLM][64Bits] -- {B5AD89F2-03D3-4206-8487-018298007DD0}
O42 - Logiciel: clear.fi SDK - Video 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {EBA33CAD-E071-48d5-A168-FBA4EEB42E93}
O42 - Logiciel: clear.fi SDK- Movie 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}
O42 - Logiciel: myCANAL - (.player.canalplus.fr.) [HKCU][64Bits] -- 832818715.player.canalplus.fr
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
~ Logic: 51 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe Lightroom]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Atheros]
[HKCU\Software\Avg Secure Update]
[HKCU\Software\Avg]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\FDSoftware]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\ObviousIdea]
[HKCU\Software\OpenOffice]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Sony Creative Software]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Atheros]
[HKLM\Software\Classes]
[HKLM\Software\Clearfi]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\Synaptics]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\Acer Incorporated]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Avg Secure Update]
[HKLM\Software\Wow6432Node\Avg]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Canon_Inc_IC]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clearfi]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\ObviousIdea]
[HKLM\Software\Wow6432Node\OpenOffice]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WLAN and Bluetooth Client Installation Program]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Sony Creative Software]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
~ Key Software: 255 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/09/2013 - 17:07:42 - [] ----D C:\Program Files (x86)\Acer
O43 - CFD: 18/09/2013 - 16:23:06 - [] ----D C:\Program Files (x86)\Acer Incorporated
O43 - CFD: 26/08/2014 - 19:41:02 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 18/09/2013 - 16:19:10 - [0] ----D C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 17/11/2014 - 12:02:24 - [] ----D C:\Program Files (x86)\AVG
O43 - CFD: 22/11/2014 - 17:43:30 - [0] ----D C:\Program Files (x86)\Avg Secure Update
O43 - CFD: 19/02/2014 - 01:54:41 - [] ----D C:\Program Files (x86)\Canon
O43 - CFD: 22/11/2014 - 15:25:12 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 20/06/2013 - 21:24:37 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 15/09/2014 - 20:26:55 - [] ----D C:\Program Files (x86)\FDSoftware
O43 - CFD: 15/10/2014 - 13:19:18 - [] ----D C:\Program Files (x86)\Free WAV to MP3 Converter
O43 - CFD: 20/02/2014 - 00:26:23 - [] ----D C:\Program Files (x86)\GIMP 2
O43 - CFD: 22/11/2014 - 02:37:47 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 18/09/2013 - 16:58:05 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 07/03/2014 - 23:35:38 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 14/11/2014 - 04:00:49 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 20/11/2014 - 20:12:11 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 18/09/2013 - 16:52:22 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 04/10/2014 - 22:02:53 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 09/02/2014 - 15:01:58 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 06/07/2014 - 12:19:30 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 01/08/2014 - 16:24:39 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/11/2014 - 00:03:08 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/11/2014 - 08:51:12 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 01/08/2014 - 16:42:41 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 20/06/2013 - 21:23:27 - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 01/08/2014 - 16:24:40 - [] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 01/08/2014 - 14:50:03 - [] ----D C:\Program Files (x86)\ObviousIdea
O43 - CFD: 14/04/2014 - 21:52:07 - [] ----D C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 18/09/2013 - 16:38:16 - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 18/09/2013 - 16:29:58 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 01/08/2014 - 16:42:41 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 18/09/2013 - 16:43:19 - [] ----D C:\Program Files (x86)\Spotify
O43 - CFD: 18/09/2013 - 16:31:22 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 13/03/2014 - 00:39:56 - [] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 13/03/2014 - 00:38:50 - [] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 11/09/2014 - 22:46:03 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 04/09/2014 - 23:04:38 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 26/08/2014 - 19:41:04 - [] ----D C:\Program Files (x86)\Winamax Poker
O43 - CFD: 14/11/2014 - 04:00:51 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 06/07/2014 - 12:19:26 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 18/03/2014 - 10:26:19 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 01/08/2014 - 16:24:46 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 18/03/2014 - 11:28:58 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 18/03/2014 - 10:26:19 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 18/03/2014 - 11:28:58 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 01/08/2014 - 16:24:47 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 13/07/2014 - 16:16:20 - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 22/11/2014 - 15:38:41 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 01/07/2014 - 14:56:51 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 26/08/2014 - 19:41:02 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 18/09/2013 - 16:35:45 - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 19/02/2014 - 01:49:49 - [] ----D C:\Program Files (x86)\Common Files\Canon
O43 - CFD: 19/02/2014 - 01:54:35 - [] ----D C:\Program Files (x86)\Common Files\Canon_Inc_IC
O43 - CFD: 09/02/2014 - 15:00:55 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 18/09/2013 - 16:29:55 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 01/08/2014 - 17:40:33 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 01/08/2014 - 16:24:38 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 20/06/2013 - 21:23:16 - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 18/09/2013 - 16:13:12 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 18/09/2013 - 17:18:21 - [] ----D C:\Program Files (x86)\Common Files\QCA_Bluetooth
O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 18/03/2014 - 10:26:19 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 06/07/2014 - 12:16:23 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 18/09/2013 - 17:04:47 - [] ----D C:\ProgramData\Acer
O43 - CFD: 27/10/2014 - 17:08:53 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 01/08/2014 - 17:32:52 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 17/11/2014 - 12:02:24 - [] ----D C:\ProgramData\AVG2014
O43 - CFD: 18/10/2014 - 11:14:46 - [] ----D C:\ProgramData\AVG2015
O43 - CFD: 30/05/2014 - 07:58:06 - [] ----D C:\ProgramData\Avg_Update_0414c
O43 - CFD: 26/08/2014 - 13:55:23 - [] ----D C:\ProgramData\Avg_Update_0814tb
O43 - CFD: 06/11/2014 - 20:09:37 - [] ----D C:\ProgramData\Avg_Update_1114tb
O43 - CFD: 09/02/2014 - 15:28:11 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 07/02/2014 - 05:18:15 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 19/02/2014 - 01:53:53 - [] ----D C:\ProgramData\Canon_Inc_IC
O43 - CFD: 18/09/2013 - 16:58:26 - [] ----D C:\ProgramData\CLSK
O43 - CFD: 01/08/2014 - 17:32:53 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 18/09/2013 - 16:58:26 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 18/09/2013 - 16:58:05 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 18/09/2013 - 16:14:42 - [] ----D C:\ProgramData\Intel
O43 - CFD: 14/07/2014 - 16:30:10 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 22/11/2014 - 15:25:12 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 07/02/2014 - 05:18:15 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 22/11/2014 - 10:30:24 - [] ----D C:\ProgramData\MFAData
O43 - CFD: 01/08/2014 - 16:24:57 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 09/02/2014 - 15:01:50 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 07/02/2014 - 05:18:15 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 18/02/2014 - 16:50:04 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 20/06/2013 - 21:23:16 - [] ----D C:\ProgramData\Nero
O43 - CFD: 09/02/2014 - 15:46:02 - [] ----D C:\ProgramData\Norton
O43 - CFD: 09/02/2014 - 15:28:18 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 01/08/2014 - 19:38:45 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 01/08/2014 - 16:04:17 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 18/09/2013 - 16:50:09 - [] ----D C:\ProgramData\OEM
O43 - CFD: 06/02/2014 - 23:37:04 - [] ----D C:\ProgramData\OEM_YAHOO
O43 - CFD: 01/07/2014 - 14:55:44 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 01/08/2014 - 16:24:59 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 18/09/2013 - 16:35:01 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 18/11/2014 - 14:26:15 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 14/07/2014 - 16:27:18 - [] ----D C:\ProgramData\RogueKiller
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 18/09/2013 - 16:41:31 - [] ----D C:\ProgramData\Synaptics
O43 - CFD: 18/09/2013 - 16:58:06 - [] ----D C:\ProgramData\Temp
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 13/03/2014 - 00:45:23 - [] ----D C:\ProgramData\TomTom
O43 - CFD: 04/09/2014 - 23:04:21 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 22/08/2013 - 16:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 18/03/2014 - 10:41:34 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
O43 - CFD: 18/03/2014 - 11:29:04 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 17/11/2014 - 12:02:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
O43 - CFD: 01/08/2014 - 16:24:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre Souris et Claviers Microsoft
O43 - CFD: 01/08/2014 - 16:32:35 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
O43 - CFD: 01/08/2014 - 16:24:54 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 01/08/2014 - 16:32:35 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 20/11/2014 - 20:12:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 04/10/2014 - 22:02:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 01/08/2014 - 16:24:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea
O43 - CFD: 01/08/2014 - 16:32:35 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
O43 - CFD: 22/11/2014 - 15:24:50 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 18/03/2014 - 11:29:04 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 18/03/2014 - 10:41:33 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
O43 - CFD: 11/09/2014 - 22:46:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 01/08/2014 - 16:32:35 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 22/11/2014 - 15:38:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 27/10/2014 - 17:20:39 - [] ----D C:\Users\Aurélie\AppData\Roaming\Adobe
O43 - CFD: 06/02/2014 - 23:37:30 - [] ----D C:\Users\Aurélie\AppData\Roaming\Atheros
O43 - CFD: 18/10/2014 - 11:15:44 - [] ----D C:\Users\Aurélie\AppData\Roaming\AVG2015
O43 - CFD: 19/02/2014 - 01:54:25 - [] ----D C:\Users\Aurélie\AppData\Roaming\canon
O43 - CFD: 15/09/2014 - 20:26:55 - [] ----D C:\Users\Aurélie\AppData\Roaming\FDSoftware
O43 - CFD: 25/08/2014 - 01:10:52 - [] ----D C:\Users\Aurélie\AppData\Roaming\gtk-2.0
O43 - CFD: 01/08/2014 - 17:28:49 - [] ----D C:\Users\Aurélie\AppData\Roaming\Identities
O43 - CFD: 06/02/2014 - 23:37:58 - [] ----D C:\Users\Aurélie\AppData\Roaming\Macromedia
O43 - CFD: 20/11/2014 - 20:09:52 - [] -S--D C:\Users\Aurélie\AppData\Roaming\Microsoft
O43 - CFD: 18/02/2014 - 16:50:20 - [] ----D C:\Users\Aurélie\AppData\Roaming\Mozilla
O43 - CFD: 27/10/2014 - 15:06:42 - [] ----D C:\Users\Aurélie\AppData\Roaming\ObviousIdea
O43 - CFD: 14/04/2014 - 21:52:47 - [] ----D C:\Users\Aurélie\AppData\Roaming\OpenOffice
O43 - CFD: 01/08/2014 - 14:04:57 - [] ----D C:\Users\Aurélie\AppData\Roaming\RawTherapee
O43 - CFD: 06/06/2014 - 00:34:43 - [] ----D C:\Users\Aurélie\AppData\Roaming\Sony
O43 - CFD: 04/09/2014 - 23:11:08 - [] ----D C:\Users\Aurélie\AppData\Roaming\Spotify
O43 - CFD: 06/02/2014 - 23:36:05 - [] ----D C:\Users\Aurélie\AppData\Roaming\Synaptics
O43 - CFD: 13/03/2014 - 00:40:35 - [] ----D C:\Users\Aurélie\AppData\Roaming\TomTom
O43 - CFD: 09/02/2014 - 16:06:27 - [] ----D C:\Users\Aurélie\AppData\Roaming\TuneUp Software
O43 - CFD: 21/11/2014 - 03:53:42 - [] ----D C:\Users\Aurélie\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 03/11/2014 - 11:47:53 - [] ----D C:\Users\Aurélie\AppData\Roaming\vlc
O43 - CFD: 26/08/2014 - 19:41:08 - [] ----D C:\Users\Aurélie\AppData\Roaming\wam
O43 - CFD: 26/08/2014 - 19:41:08 - [] ----D C:\Users\Aurélie\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O43 - CFD: 13/07/2014 - 16:17:00 - [] ----D C:\Users\Aurélie\AppData\Roaming\WinRAR
O43 - CFD: 22/11/2014 - 17:57:24 - [] ----D C:\Users\Aurélie\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 27/10/2014 - 17:15:58 - [] ----D C:\Users\Aurélie\AppData\Local\Adobe
O43 - CFD: 01/08/2014 - 16:18:32 - [] -SH-D C:\Users\Aurélie\AppData\Local\Application Data
O43 - CFD: 09/02/2014 - 17:09:10 - [] ----D C:\Users\Aurélie\AppData\Local\Apps
O43 - CFD: 06/08/2014 - 13:00:39 - [] ----D C:\Users\Aurélie\AppData\Local\assembly
O43 - CFD: 18/10/2014 - 13:55:49 - [] ----D C:\Users\Aurélie\AppData\Local\Avg2015
O43 - CFD: 01/08/2014 - 17:32:55 - [] ----D C:\Users\Aurélie\AppData\Local\BMExplorer
O43 - CFD: 18/02/2014 - 17:08:50 - [] ----D C:\Users\Aurélie\AppData\Local\Canal.MyCanal
O43 - CFD: 19/02/2014 - 01:56:04 - [] ----D C:\Users\Aurélie\AppData\Local\CANON_INC
O43 - CFD: 27/02/2014 - 00:21:02 - [] ----D C:\Users\Aurélie\AppData\Local\clear.fi
O43 - CFD: 21/11/2014 - 03:53:13 - [0] ----D C:\Users\Aurélie\AppData\Local\CrashDumps
O43 - CFD: 02/10/2014 - 10:10:39 - [0] ----D C:\Users\Aurélie\AppData\Local\Deployment
O43 - CFD: 17/10/2014 - 00:35:56 - [0] ----D C:\Users\Aurélie\AppData\Local\Diagnostics
O43 - CFD: 13/03/2014 - 00:38:08 - [] ----D C:\Users\Aurélie\AppData\Local\Downloaded Installations
O43 - CFD: 21/11/2014 - 02:56:37 - [] ----D C:\Users\Aurélie\AppData\Local\ElevatedDiagnostics
O43 - CFD: 22/11/2014 - 02:37:30 - [] -SH-D C:\Users\Aurélie\AppData\Local\EmieBrowserModeList
O43 - CFD: 25/08/2014 - 03:17:40 - [] -SH-D C:\Users\Aurélie\AppData\Local\EmieSiteList
O43 - CFD: 25/08/2014 - 03:17:40 - [] -SH-D C:\Users\Aurélie\AppData\Local\EmieUserList
O43 - CFD: 15/09/2014 - 21:26:40 - [] ----D C:\Users\Aurélie\AppData\Local\FDSoftware
O43 - CFD: 20/02/2014 - 00:27:32 - [] ----D C:\Users\Aurélie\AppData\Local\fontconfig
SH4 n'apparait plus dans mes programmes et je ne trouve plus de trace de Iminent/Umbrella.
Je vous remercie infiniment pour m'avoir consacré ce temps!! Heureusement qu'il existe des gens comme vous pour contrer les atteintes des personnes malveillantes.
Je poste quand même le diag que j'ai fait fait pour vérifier avec ZHP.
Je marque le sujet comme "résolu".
merci encore!!!!!!!
voici le diag:
~ Rapport de ZHPDiag v2014.11.19.165 - Nicolas Coolman (19/11/2014)
~ Lancé par Aurélie (22/11/2014 17:57:07)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17416
MFIE: Mozilla Firefox 33.1 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1, 64-bit (Build 9600)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : V2WYG
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.4335
Malwarebytes Anti-Malware version 2.0.3.1025
Windows Defender W8 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v4.19
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3971 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 187 GB (41%) free of 449 GB
---\\ Mode de connexion au système
~ Computer Name: AURELIE
~ User Name: Aurélie
~ All Users Names: UpdatusUser, Aurélie, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Aurélie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Aurélie\AppData\Roaming\
~ %Desktop% : C:\Users\Aurélie\Desktop\
~ %Favorites% : C:\Users\Aurélie\Favorites\
~ %LocalAppData% : C:\Users\Aurélie\AppData\Local\
~ %StartMenu% : C:\Users\Aurélie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 187 Go of 449 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] - (.Microsoft Corporation - Explorateur Windows.) (.23/08/2014 - 08:48:28.) -- C:\Windows\Explorer.exe [2374784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.BF1FC65A307B31939ADF7F976FDE033C] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.31/10/2014 - 04:45:17.) -- C:\Windows\System32\wininet.dll [2365440]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.18/03/2014 - 11:09:53.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.18/03/2014 - 11:09:55.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.01/08/2014 - 16:49:54.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.01/08/2014 - 16:54:33.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 12:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 11:09:57.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30/04/2014 - 07:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/07/2014 - 16:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [2009920]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.18/03/2014 - 10:41:24.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 03:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/184
~ Mes musiques (My Musics) : 1/40
~ Mes Videos (My Videos) : 1/11456
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 3/17636
~ Mon Bureau (My Desktop) : 2/716
~ Menu demarrer (Programs) : 1/52
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.F89773DFA9B8C95A3AC2AF1E7D99E483] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.3204]
[MD5.89770C53B0CE6B2D5CCCF94FEB126177] - (.Pas de propriétaire - HID Monitor MFC Application.) -- C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe [30640] [PID.3996]
[MD5.2F03C763EE0DFB4DE56176737DEFB2E2] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [21184] [PID.1276]
[MD5.0049D80BAB72557E9DD09C223FD71E58] - (...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176] [PID.6012]
[MD5.80C830207A104F6C1BDE91D0D86D8685] - (.Microsoft Corporation - Send to OneNote Tool.) -- C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.exe [195240] [PID.1228]
[MD5.4312B4DD07050FC58146756634058CE8] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136] [PID.5776]
[MD5.8180FF8E683B8A997746143F6286B668] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8129536] [PID.4492]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Aurélie\AppData\Roaming\Mozilla\Firefox\Profiles\4q3yaegz.default\prefs.js
M2 - MFEP: Extension [Aurélie - 4q3yaegz.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [Aurélie - 4q3yaegz.default] {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect_x86_64] - (.Adobe Systems - Creative Cloud Desktop Plugin.v_2_0_0_0.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
~ Firefox Browser: 5 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.Google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=acer13.msn.com&ocid=AARDHP&pc=MAARJS
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17351 (winblue_r3.140925-1500)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 16 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} Clé orpheline
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline
~ BHO: 6 Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Aurélie]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Aurélie\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Scanned in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (...) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-4095549978-381055601-3677954166-1001\..\RunOnce: [WAB Migrate] . (.Microsoft Corporation - Windows Contacts.) -- C:\Program Files (x86)\Windows Mail\wab.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C62C1B9D-1CEF-4014-A4E2-EED52EF45460}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C62C1B9D-1CEF-4014-A4E2-EED52EF45460}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (...) -- igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 327.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: CCDMonitorService (CCDMonitorService) . (.Acer Incorporated - CCD Monitor Service.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Launch Manager Service (LMSvc) . (.Acer Incorporate - LMSvc.) - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Nero Update (NAUpdate) . (.Nero AG - NeroUpdate.) - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 327.0.) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 17 Scanned in 00mn 08s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.46C65974CA912E5751905432D649BC25] [APT] [0414cUpdateInfo] (...) -- C:\ProgramData\Avg_Update_0414c\0414c_{32059411-D7D5-42B4-A606-EADC37EF2E47}.exe [2733080]
[MD5.6569176A01B351ED9E87106E6CA0C1DC] [APT] [1114tbUpdateInfo] (...) -- C:\ProgramData\Avg_Update_1114tb\1114tb_{F075F8BC-946E-4FCE-B182-3C184D24A849}.exe [2782744]
[MD5.D51145F6B0CE987850F13A61DAD5E531] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.EC309A6F5A4838243C74E58314875498] [APT] [ALU] (...) -- C:\Program Files (x86)\Acer\Live Updater\updater.exe [4149832]
[MD5.B690DE3B3D28AD45112BE310780DBE8D] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40008]
[MD5.870893F2365CA9D91D2AC7C0BD391868] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4826904]
[MD5.B05E57047FC5C0E20A342A0407848CFC] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [994880]
[MD5.EE864CD35936E4AAD8120321907DA8F5] [APT] [Dolby Selector] (.Dolby Laboratories Inc..) -- C:\Dolby PCEE4\pcee4.exe [508656]
[MD5.1A14F52DC735730CB4D683FB3F468C28] [APT] [Launch Manager] (.Acer Incorporate.) -- C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [415272]
[MD5.D7E16AB9AAB8BFA219D84C79536319E2] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5306440]
[MD5.C6CAB8F629AE677E4B5AE0D9E28241E6] [APT] [Notification] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [523848]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
~ Scheduled Task: 24 Scanned in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (Avgdiska) . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - C:\Windows\System32\DRIVERS\avgdiska.sys
O41 - Driver: (AVGIDSDriver) . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - C:\Windows\System32\DRIVERS\avgidsdrivera.sys
O41 - Driver: (Avgldx64) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx64.sys
O41 - Driver: (avgtp) . (.AVG Technologies - Pas de description.) - C:\Windows\system32\drivers\avgtpx64.sys
O41 - Driver: (Avgwfpa) . (.AVG Technologies CZ, s.r.o. - AVG Firewall driver.) - C:\Windows\system32\DRIVERS\avgwfpa.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
~ Drivers: 42 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- {7C4C5901-A58F-4018-A93B-01C93EF8D3F3}
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM][64Bits] -- AVG
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM][64Bits] -- {2B77B867-D7B9-4789-94E1-94D3BBBA642C}
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM][64Bits] -- {41357956-5B67-489C-9F7D-FABACC2CD3CB}
O42 - Logiciel: Acer Launch Manager - (.Acer Incorporated.) [HKLM][64Bits] -- {C18D55BD-1EC6-466D-B763-8EEDDDA9100E}
O42 - Logiciel: Acer Power Management - (.Acer Incorporated.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479}
O42 - Logiciel: Acer Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}
O42 - Logiciel: Acer USB Charge Manager - (.Acer Incorporated.) [HKLM][64Bits] -- {07E867C5-0C48-40FF-A013-DDAF4565AD47}
O42 - Logiciel: AcerCloud Docs - (.Acer Incorporated.) [HKLM][64Bits] -- {CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
O42 - Logiciel: AcerCloud Portal - (.Acer Incorporated.) [HKLM][64Bits] -- {A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {77D28FF5-242F-488A-8215-937D6A4D69E0}
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud
O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Lightroom 5.6 64-bit - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D19E99C2-6D9D-4075-B446-B4387EAF70A5} =>.Adobe Systems Incorporated
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Canon Utilities EOS Utility - (.Canon Inc..) [HKLM][64Bits] -- EOS Utility
O42 - Logiciel: Centre Souris et Claviers Microsoft - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center
O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: CyberLink MediaEspresso 6.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dolby Home Theater v4 - (.Dolby Laboratories Inc.) [HKLM][64Bits] -- {B26438B4-BF51-49C3-9567-7F14A5E40CB9}
O42 - Logiciel: GIMP 2.8.10 - (.The GIMP Team.) [HKLM][64Bits] -- GIMP-2_is1
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B}
O42 - Logiciel: GoodFrame - (.FDSoftware.) [HKLM][64Bits] -- GoodFrame_is1
O42 - Logiciel: HID Monitor - (.Acer Incorporated.) [HKLM][64Bits] -- {D902785C-B770-4D1E-9237-6803DE6E4CD3}
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- {3D9CB654-99AD-4301-89C6-0D12A790767C}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {5EB368A4-562A-41B6-A5B3-06054A27F5A6}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {977D1ABF-4089-4CA7-BA33-CC75808B7ACE}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79}
O42 - Logiciel: Light Image Resizer 4.6.4.0 - (.ObviousIdea.) [HKLM][64Bits] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1
O42 - Logiciel: Live Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.3.1025 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mises à jour NVIDIA 1.14.17 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mozilla Firefox 33.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 33.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.12.1031 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
O42 - Logiciel: NVIDIA Pilote graphique 327.02 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}
O42 - Logiciel: Nero BackItUp 12 Essentials OEM.a01 - (.Nero AG.) [HKLM][64Bits] -- {4CA8F973-6377-4ABF-9ED5-CC2323B3C000}
O42 - Logiciel: Nero BackItUp Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EF0D1292-8FC1-41BE-9740-DBC134F66415}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {ABC88553-8770-4B97-B43E-5A90647A5B63}
O42 - Logiciel: Nero ControlCenter Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {C994C746-C6D0-4EBA-B09E-DF7B18381B69}
O42 - Logiciel: Nero Core Components - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero Launcher - (.Nero AG.) [HKLM][64Bits] -- {0E4630AF-0AB7-440E-A978-1A78FC4F43B9}
O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}
O42 - Logiciel: Nero RescueAgent Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {0B311221-05A5-4766-8D03-7A6446794156}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: Office Addin - (.Acer.) [HKLM][64Bits] -- {6D2BBE1D-E600-4695-BA37-0B0E605542CC}
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}
O42 - Logiciel: Qualcomm Atheros WLAN and Bluetooth Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C9661090-C134-46E8-90B2-76D72355C2A6}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Spotify - (.Spotify AB.) [HKLM][64Bits] -- Spotify
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {99072AB4-D795-44D5-9D65-E3C9F8322C97}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Visual Studio 2005 Tools pour Office Second Edition Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Visual Studio 2005 Tools for Office Runtime
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Visual Studio Tools for the Office system 3.0 Runtime
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}
O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258
O42 - Logiciel: WinRAR 5.10 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Winamax Poker - (.Winamax.) [HKLM][64Bits] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O42 - Logiciel: Winamax Poker - (.Winamax.) [HKLM][64Bits] -- {4ECBD396-002E-0B72-8453-1F0EE0797C49}
O42 - Logiciel: clear.fi Media - (.Acer Incorporated.) [HKLM][64Bits] -- {E9AF1707-3F3A-49E2-8345-4F2D629D0876}
O42 - Logiciel: clear.fi Photo - (.Acer Incorporated.) [HKLM][64Bits] -- {B5AD89F2-03D3-4206-8487-018298007DD0}
O42 - Logiciel: clear.fi SDK - Video 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {EBA33CAD-E071-48d5-A168-FBA4EEB42E93}
O42 - Logiciel: clear.fi SDK- Movie 2 - (.CyberLink Corp..) [HKLM][64Bits] -- {35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}
O42 - Logiciel: myCANAL - (.player.canalplus.fr.) [HKCU][64Bits] -- 832818715.player.canalplus.fr
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
~ Logic: 51 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe Lightroom]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow]
[HKCU\Software\Atheros]
[HKCU\Software\Avg Secure Update]
[HKCU\Software\Avg]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\FDSoftware]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\ObviousIdea]
[HKCU\Software\OpenOffice]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Sony Creative Software]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Atheros]
[HKLM\Software\Classes]
[HKLM\Software\Clearfi]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\Synaptics]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\Acer Incorporated]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Avg Secure Update]
[HKLM\Software\Wow6432Node\Avg]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Canon_Inc_IC]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clearfi]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\ObviousIdea]
[HKLM\Software\Wow6432Node\OpenOffice]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WLAN and Bluetooth Client Installation Program]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Sony Creative Software]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
~ Key Software: 255 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/09/2013 - 17:07:42 - [] ----D C:\Program Files (x86)\Acer
O43 - CFD: 18/09/2013 - 16:23:06 - [] ----D C:\Program Files (x86)\Acer Incorporated
O43 - CFD: 26/08/2014 - 19:41:02 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 18/09/2013 - 16:19:10 - [0] ----D C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 17/11/2014 - 12:02:24 - [] ----D C:\Program Files (x86)\AVG
O43 - CFD: 22/11/2014 - 17:43:30 - [0] ----D C:\Program Files (x86)\Avg Secure Update
O43 - CFD: 19/02/2014 - 01:54:41 - [] ----D C:\Program Files (x86)\Canon
O43 - CFD: 22/11/2014 - 15:25:12 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 20/06/2013 - 21:24:37 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 15/09/2014 - 20:26:55 - [] ----D C:\Program Files (x86)\FDSoftware
O43 - CFD: 15/10/2014 - 13:19:18 - [] ----D C:\Program Files (x86)\Free WAV to MP3 Converter
O43 - CFD: 20/02/2014 - 00:26:23 - [] ----D C:\Program Files (x86)\GIMP 2
O43 - CFD: 22/11/2014 - 02:37:47 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 18/09/2013 - 16:58:05 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 07/03/2014 - 23:35:38 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 14/11/2014 - 04:00:49 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 20/11/2014 - 20:12:11 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 18/09/2013 - 16:52:22 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 04/10/2014 - 22:02:53 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 09/02/2014 - 15:01:58 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 06/07/2014 - 12:19:30 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 01/08/2014 - 16:24:39 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/11/2014 - 00:03:08 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/11/2014 - 08:51:12 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 01/08/2014 - 16:42:41 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 20/06/2013 - 21:23:27 - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 01/08/2014 - 16:24:40 - [] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 01/08/2014 - 14:50:03 - [] ----D C:\Program Files (x86)\ObviousIdea
O43 - CFD: 14/04/2014 - 21:52:07 - [] ----D C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 18/09/2013 - 16:38:16 - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 18/09/2013 - 16:29:58 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 01/08/2014 - 16:42:41 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 18/09/2013 - 16:43:19 - [] ----D C:\Program Files (x86)\Spotify
O43 - CFD: 18/09/2013 - 16:31:22 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 13/03/2014 - 00:39:56 - [] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 13/03/2014 - 00:38:50 - [] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 11/09/2014 - 22:46:03 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 04/09/2014 - 23:04:38 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 26/08/2014 - 19:41:04 - [] ----D C:\Program Files (x86)\Winamax Poker
O43 - CFD: 14/11/2014 - 04:00:51 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 06/07/2014 - 12:19:26 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 18/03/2014 - 10:26:19 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 01/08/2014 - 16:24:46 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 18/03/2014 - 11:28:58 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 18/03/2014 - 10:26:19 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 18/03/2014 - 11:28:58 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 01/08/2014 - 16:24:47 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 16:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 13/07/2014 - 16:16:20 - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 22/11/2014 - 15:38:41 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 01/07/2014 - 14:56:51 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 26/08/2014 - 19:41:02 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 18/09/2013 - 16:35:45 - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 19/02/2014 - 01:49:49 - [] ----D C:\Program Files (x86)\Common Files\Canon
O43 - CFD: 19/02/2014 - 01:54:35 - [] ----D C:\Program Files (x86)\Common Files\Canon_Inc_IC
O43 - CFD: 09/02/2014 - 15:00:55 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 18/09/2013 - 16:29:55 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 01/08/2014 - 17:40:33 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 01/08/2014 - 16:24:38 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 20/06/2013 - 21:23:16 - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 18/09/2013 - 16:13:12 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 18/09/2013 - 17:18:21 - [] ----D C:\Program Files (x86)\Common Files\QCA_Bluetooth
O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 18/03/2014 - 10:26:19 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 06/07/2014 - 12:16:23 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 18/09/2013 - 17:04:47 - [] ----D C:\ProgramData\Acer
O43 - CFD: 27/10/2014 - 17:08:53 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 01/08/2014 - 17:32:52 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 17/11/2014 - 12:02:24 - [] ----D C:\ProgramData\AVG2014
O43 - CFD: 18/10/2014 - 11:14:46 - [] ----D C:\ProgramData\AVG2015
O43 - CFD: 30/05/2014 - 07:58:06 - [] ----D C:\ProgramData\Avg_Update_0414c
O43 - CFD: 26/08/2014 - 13:55:23 - [] ----D C:\ProgramData\Avg_Update_0814tb
O43 - CFD: 06/11/2014 - 20:09:37 - [] ----D C:\ProgramData\Avg_Update_1114tb
O43 - CFD: 09/02/2014 - 15:28:11 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 07/02/2014 - 05:18:15 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 19/02/2014 - 01:53:53 - [] ----D C:\ProgramData\Canon_Inc_IC
O43 - CFD: 18/09/2013 - 16:58:26 - [] ----D C:\ProgramData\CLSK
O43 - CFD: 01/08/2014 - 17:32:53 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 18/09/2013 - 16:58:26 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 18/09/2013 - 16:58:05 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 18/09/2013 - 16:14:42 - [] ----D C:\ProgramData\Intel
O43 - CFD: 14/07/2014 - 16:30:10 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 22/11/2014 - 15:25:12 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 07/02/2014 - 05:18:15 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 22/11/2014 - 10:30:24 - [] ----D C:\ProgramData\MFAData
O43 - CFD: 01/08/2014 - 16:24:57 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 09/02/2014 - 15:01:50 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 07/02/2014 - 05:18:15 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 18/02/2014 - 16:50:04 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 20/06/2013 - 21:23:16 - [] ----D C:\ProgramData\Nero
O43 - CFD: 09/02/2014 - 15:46:02 - [] ----D C:\ProgramData\Norton
O43 - CFD: 09/02/2014 - 15:28:18 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 01/08/2014 - 19:38:45 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 01/08/2014 - 16:04:17 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 18/09/2013 - 16:50:09 - [] ----D C:\ProgramData\OEM
O43 - CFD: 06/02/2014 - 23:37:04 - [] ----D C:\ProgramData\OEM_YAHOO
O43 - CFD: 01/07/2014 - 14:55:44 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 01/08/2014 - 16:24:59 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 18/09/2013 - 16:35:01 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 18/11/2014 - 14:26:15 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 14/07/2014 - 16:27:18 - [] ----D C:\ProgramData\RogueKiller
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 18/09/2013 - 16:41:31 - [] ----D C:\ProgramData\Synaptics
O43 - CFD: 18/09/2013 - 16:58:06 - [] ----D C:\ProgramData\Temp
O43 - CFD: 22/08/2013 - 15:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 13/03/2014 - 00:45:23 - [] ----D C:\ProgramData\TomTom
O43 - CFD: 04/09/2014 - 23:04:21 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 22/08/2013 - 16:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 18/03/2014 - 10:41:34 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
O43 - CFD: 18/03/2014 - 11:29:04 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 17/11/2014 - 12:02:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
O43 - CFD: 01/08/2014 - 16:24:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre Souris et Claviers Microsoft
O43 - CFD: 01/08/2014 - 16:32:35 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
O43 - CFD: 01/08/2014 - 16:24:54 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 01/08/2014 - 16:32:35 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 22/08/2013 - 16:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 20/11/2014 - 20:12:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 04/10/2014 - 22:02:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 01/08/2014 - 16:24:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ObviousIdea
O43 - CFD: 01/08/2014 - 16:32:35 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
O43 - CFD: 22/11/2014 - 15:24:50 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 18/03/2014 - 11:29:04 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 18/03/2014 - 10:41:33 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 01/08/2014 - 16:32:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
O43 - CFD: 11/09/2014 - 22:46:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 01/08/2014 - 16:32:35 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 22/11/2014 - 15:38:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 27/10/2014 - 17:20:39 - [] ----D C:\Users\Aurélie\AppData\Roaming\Adobe
O43 - CFD: 06/02/2014 - 23:37:30 - [] ----D C:\Users\Aurélie\AppData\Roaming\Atheros
O43 - CFD: 18/10/2014 - 11:15:44 - [] ----D C:\Users\Aurélie\AppData\Roaming\AVG2015
O43 - CFD: 19/02/2014 - 01:54:25 - [] ----D C:\Users\Aurélie\AppData\Roaming\canon
O43 - CFD: 15/09/2014 - 20:26:55 - [] ----D C:\Users\Aurélie\AppData\Roaming\FDSoftware
O43 - CFD: 25/08/2014 - 01:10:52 - [] ----D C:\Users\Aurélie\AppData\Roaming\gtk-2.0
O43 - CFD: 01/08/2014 - 17:28:49 - [] ----D C:\Users\Aurélie\AppData\Roaming\Identities
O43 - CFD: 06/02/2014 - 23:37:58 - [] ----D C:\Users\Aurélie\AppData\Roaming\Macromedia
O43 - CFD: 20/11/2014 - 20:09:52 - [] -S--D C:\Users\Aurélie\AppData\Roaming\Microsoft
O43 - CFD: 18/02/2014 - 16:50:20 - [] ----D C:\Users\Aurélie\AppData\Roaming\Mozilla
O43 - CFD: 27/10/2014 - 15:06:42 - [] ----D C:\Users\Aurélie\AppData\Roaming\ObviousIdea
O43 - CFD: 14/04/2014 - 21:52:47 - [] ----D C:\Users\Aurélie\AppData\Roaming\OpenOffice
O43 - CFD: 01/08/2014 - 14:04:57 - [] ----D C:\Users\Aurélie\AppData\Roaming\RawTherapee
O43 - CFD: 06/06/2014 - 00:34:43 - [] ----D C:\Users\Aurélie\AppData\Roaming\Sony
O43 - CFD: 04/09/2014 - 23:11:08 - [] ----D C:\Users\Aurélie\AppData\Roaming\Spotify
O43 - CFD: 06/02/2014 - 23:36:05 - [] ----D C:\Users\Aurélie\AppData\Roaming\Synaptics
O43 - CFD: 13/03/2014 - 00:40:35 - [] ----D C:\Users\Aurélie\AppData\Roaming\TomTom
O43 - CFD: 09/02/2014 - 16:06:27 - [] ----D C:\Users\Aurélie\AppData\Roaming\TuneUp Software
O43 - CFD: 21/11/2014 - 03:53:42 - [] ----D C:\Users\Aurélie\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 03/11/2014 - 11:47:53 - [] ----D C:\Users\Aurélie\AppData\Roaming\vlc
O43 - CFD: 26/08/2014 - 19:41:08 - [] ----D C:\Users\Aurélie\AppData\Roaming\wam
O43 - CFD: 26/08/2014 - 19:41:08 - [] ----D C:\Users\Aurélie\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O43 - CFD: 13/07/2014 - 16:17:00 - [] ----D C:\Users\Aurélie\AppData\Roaming\WinRAR
O43 - CFD: 22/11/2014 - 17:57:24 - [] ----D C:\Users\Aurélie\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 27/10/2014 - 17:15:58 - [] ----D C:\Users\Aurélie\AppData\Local\Adobe
O43 - CFD: 01/08/2014 - 16:18:32 - [] -SH-D C:\Users\Aurélie\AppData\Local\Application Data
O43 - CFD: 09/02/2014 - 17:09:10 - [] ----D C:\Users\Aurélie\AppData\Local\Apps
O43 - CFD: 06/08/2014 - 13:00:39 - [] ----D C:\Users\Aurélie\AppData\Local\assembly
O43 - CFD: 18/10/2014 - 13:55:49 - [] ----D C:\Users\Aurélie\AppData\Local\Avg2015
O43 - CFD: 01/08/2014 - 17:32:55 - [] ----D C:\Users\Aurélie\AppData\Local\BMExplorer
O43 - CFD: 18/02/2014 - 17:08:50 - [] ----D C:\Users\Aurélie\AppData\Local\Canal.MyCanal
O43 - CFD: 19/02/2014 - 01:56:04 - [] ----D C:\Users\Aurélie\AppData\Local\CANON_INC
O43 - CFD: 27/02/2014 - 00:21:02 - [] ----D C:\Users\Aurélie\AppData\Local\clear.fi
O43 - CFD: 21/11/2014 - 03:53:13 - [0] ----D C:\Users\Aurélie\AppData\Local\CrashDumps
O43 - CFD: 02/10/2014 - 10:10:39 - [0] ----D C:\Users\Aurélie\AppData\Local\Deployment
O43 - CFD: 17/10/2014 - 00:35:56 - [0] ----D C:\Users\Aurélie\AppData\Local\Diagnostics
O43 - CFD: 13/03/2014 - 00:38:08 - [] ----D C:\Users\Aurélie\AppData\Local\Downloaded Installations
O43 - CFD: 21/11/2014 - 02:56:37 - [] ----D C:\Users\Aurélie\AppData\Local\ElevatedDiagnostics
O43 - CFD: 22/11/2014 - 02:37:30 - [] -SH-D C:\Users\Aurélie\AppData\Local\EmieBrowserModeList
O43 - CFD: 25/08/2014 - 03:17:40 - [] -SH-D C:\Users\Aurélie\AppData\Local\EmieSiteList
O43 - CFD: 25/08/2014 - 03:17:40 - [] -SH-D C:\Users\Aurélie\AppData\Local\EmieUserList
O43 - CFD: 15/09/2014 - 21:26:40 - [] ----D C:\Users\Aurélie\AppData\Local\FDSoftware
O43 - CFD: 20/02/2014 - 00:27:32 - [] ----D C:\Users\Aurélie\AppData\Local\fontconfig
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
22 nov. 2014 à 18:44
22 nov. 2014 à 18:44
Content que ce soit réglé ;)
Pour finir :
1/
---> Télécharge et installe CCleaner.
* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers temporaires de Windows datant de plus de 24 heures puis dans Surveillance, décoche les deux cases.
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
2/
---> Télécharge DelFix sur ton Bureau puis lance-le.
* Coche Purger la restauration système et laisse Supprimer les outils de désinfection coché.
* Clique sur Exécuter.
* Poste le rapport.
==Prévention==
Un dossier sur la prévention et sécurité sur Internet est disponible ici.
Pour finir :
1/
---> Télécharge et installe CCleaner.
* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers temporaires de Windows datant de plus de 24 heures puis dans Surveillance, décoche les deux cases.
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
2/
---> Télécharge DelFix sur ton Bureau puis lance-le.
* Coche Purger la restauration système et laisse Supprimer les outils de désinfection coché.
* Clique sur Exécuter.
* Poste le rapport.
==Prévention==
Un dossier sur la prévention et sécurité sur Internet est disponible ici.
bonne_brele
Messages postés
9
Date d'inscription
samedi 22 novembre 2014
Statut
Membre
Dernière intervention
22 novembre 2014
22 nov. 2014 à 19:20
22 nov. 2014 à 19:20
Je n'ai pas trouvé le menu Avancé dans Option mais ai effectué tout le reste.
Voici le rapport de Delfix:
# DelFix v10.8 - Rapport créé le 22/11/2014 à 19:18:10
# Mis à jour le 29/07/2014 par Xplode
# Nom d'utilisateur : Aurélie - AURELIE
# Système d'exploitation : Windows 8.1 (64 bits)
~ Suppression des outils de désinfection ...
~ Purge de la restauration système ...
Supprimé : RP #24 [Fin de désinfection | 11/22/2014 18:10:37]
Nouveau point de restauration créé !
########## - EOF - ##########
Voici le rapport de Delfix:
# DelFix v10.8 - Rapport créé le 22/11/2014 à 19:18:10
# Mis à jour le 29/07/2014 par Xplode
# Nom d'utilisateur : Aurélie - AURELIE
# Système d'exploitation : Windows 8.1 (64 bits)
~ Suppression des outils de désinfection ...
~ Purge de la restauration système ...
Supprimé : RP #24 [Fin de désinfection | 11/22/2014 18:10:37]
Nouveau point de restauration créé !
########## - EOF - ##########
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
22 nov. 2014 à 20:31
22 nov. 2014 à 20:31
Ok pour DelFix.
"Je n'ai pas trouvé le menu Avancé dans Option"
"Je n'ai pas trouvé le menu Avancé dans Option"
bonne_brele
Messages postés
9
Date d'inscription
samedi 22 novembre 2014
Statut
Membre
Dernière intervention
22 novembre 2014
>
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
22 nov. 2014 à 21:48
22 nov. 2014 à 21:48
Merci, je suis nulle en informatique mais quand même...
Ma version de CCleaner n'avait rien sous "surveillance" à part "A propos" mais plus bas. J'ai donc téléchargé la version de votre lien mais pareil, il n'y a pas "Avancé"...
Je vous ai fait une capture d'écran si vous voulez... mais je n'arrive pas à la poster ici.
Ma version de CCleaner n'avait rien sous "surveillance" à part "A propos" mais plus bas. J'ai donc téléchargé la version de votre lien mais pareil, il n'y a pas "Avancé"...
Je vous ai fait une capture d'écran si vous voulez... mais je n'arrive pas à la poster ici.
Destrio5
Messages postés
85985
Date d'inscription
dimanche 11 juillet 2010
Statut
Modérateur
Dernière intervention
17 février 2023
10 297
22 nov. 2014 à 22:06
22 nov. 2014 à 22:06
Je ne sais pas pourquoi tu n'y as pas accès.
Ce n'est pas grave.
Bonne soirée ;)
Ce n'est pas grave.
Bonne soirée ;)
bonne_brele
Messages postés
9
Date d'inscription
samedi 22 novembre 2014
Statut
Membre
Dernière intervention
22 novembre 2014
22 nov. 2014 à 22:12
22 nov. 2014 à 22:12
Je vous remercie encore une fois. J'espère ne pas avoir à revenir vous demander de l'aide de si tôt mais maintenant je sais vers qui me tourner en cas de grosse panade!
Bravo pour votre travail.
Bravo pour votre travail.
22 nov. 2014 à 15:46
1/ lien envoyé:
https://pjjoint.malekal.com/files.php?id=20141122_y15t6w8t7y13
2/ lien envoyé:
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20141122_y13q13t14z7c15
22 nov. 2014 à 15:58
Je regarde le rapport de ZHPDiag ;)
22 nov. 2014 à 16:14
# Mis à jour le 09/11/2014 par Xplode
# Database : 2014-11-16.1 [Live]
# Système d'exploitation : Windows 8.1 (64 bits)
# Nom d'utilisateur : Aurélie - AURELIE
# Exécuté depuis : C:\Users\Aurélie\Desktop\adwcleaner_4.101.exe
# Option : Scanner
***** [ Services ] *****
Service Présent : vToolbarUpdater18.1.9
***** [ Fichiers / Dossiers ] *****
Dossier Présent : C:\Program Files (x86)\AutocompletePro
Dossier Présent : C:\Program Files (x86)\AVG SafeGuard toolbar
Dossier Présent : C:\Program Files (x86)\AVG Security Toolbar
Dossier Présent : C:\Program Files (x86)\Common Files\AVG Secure Search
Dossier Présent : C:\Program Files (x86)\Common Files\IMGUpdater
Dossier Présent : C:\Program Files\AVG SafeGuard toolbar
Dossier Présent : C:\ProgramData\AVG SafeGuard toolbar
Dossier Présent : C:\ProgramData\AVG Secure Search
Dossier Présent : C:\ProgramData\AVG Security Toolbar
Dossier Présent : C:\Users\Aurélie\AppData\Local\AVG SafeGuard toolbar
Dossier Présent : C:\Users\Aurélie\AppData\LocalLow\AVG SafeGuard toolbar
Dossier Présent : C:\Users\Aurélie\AppData\Roaming\Mozilla\Firefox\Profiles\4q3yaegz.default\Extensions\support@predictad.com