Virus? Mon disque dur se remplit tout seul
Rougeours
Messages postés
41
Statut
Membre
-
Malekal_morte- Messages postés 178136 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 178136 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
depuis quelques semaines je constate que mon disque dur vois son espace libre diminuer. Environs 2go tout les deux jours. En effectuant des recherches, j'ai pu avoir plusieurs pistes:
J'ai nettoyé tout mon disque dur, éliminé les points de sauvegardes trop ancien, effectuée plusieurs analyses (Malwarebytes, avast, avant/après démarrage, etc), toutes négatives.
Je crains que mon système ai été touché par un virus. Mon ordinateur étant partagé entre plusieurs personnes je n'ai hélas aucune idée d'où cela peut venir, malgré mes recherches
j'ai téléchargé ZHP diag et effectué un diagnostique. Quelqu'un peut il analyser cela (déjà où puis je le poster?) Je ne voudrai pas tout casser.
Merci pour votre aide
depuis quelques semaines je constate que mon disque dur vois son espace libre diminuer. Environs 2go tout les deux jours. En effectuant des recherches, j'ai pu avoir plusieurs pistes:
J'ai nettoyé tout mon disque dur, éliminé les points de sauvegardes trop ancien, effectuée plusieurs analyses (Malwarebytes, avast, avant/après démarrage, etc), toutes négatives.
Je crains que mon système ai été touché par un virus. Mon ordinateur étant partagé entre plusieurs personnes je n'ai hélas aucune idée d'où cela peut venir, malgré mes recherches
j'ai téléchargé ZHP diag et effectué un diagnostique. Quelqu'un peut il analyser cela (déjà où puis je le poster?) Je ne voudrai pas tout casser.
Merci pour votre aide
2 réponses
-
voila le rapport de ZHP diag.
~ Rapport de ZHPDiag v2015.2.11.18 - Nicolas Coolman (11/02/2015)
~ Lancé par Nicolas (16/02/2015 00:57:52)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v7.0.6001.18000 (Defaut)
MFIE: Mozilla Firefox 34.0
GCIE: Google Chrome v40.0.2214.111
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 6CJ97
Windows License : OK
Windows Automatic Updates : OK
Windows Vista (TM) Home Premium, 32-bit Service Pack 1 (Build 6001)
---\\ Logiciels de protection du système
Avast Free Antivirus v10.0.2208
Malwarebytes Anti-Malware version 2.0.4.1028
---\\ Logiciels d'optimisation du système
CCleaner v3.03
---\\ Logiciels de partage PeerToPeer
Vuze v4.6 =>P2P.Azureus
---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 55
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3000 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 124 GB (42%) free of 288 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-NICOLAS
~ User Name: Nicolas
~ All Users Names: Nicolas, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Nicolas\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Nicolas\AppData\Roaming\
~ %Desktop% : C:\Users\Nicolas\Desktop\
~ %Favorites% : C:\Users\Nicolas\Favorites\
~ %LocalAppData% : C:\Users\Nicolas\AppData\Local\
~ %StartMenu% : C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 124 Go of 288 Go)
D: Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.29/10/2008 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.DA5A72211661C7F162B332FEA4F09A69] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2011 - 16:00:34.) -- C:\Windows\System32\wininet.dll [833024]
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/01/2008 - 03:24:49.) -- C:\Windows\System32\Winlogon.exe [314880]
[MD5.48EB99503533C27AC6135648E5474457] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:16:42.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/01/2008 - 03:23:02.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.A3E9FA213F443AC77C7746119D13FEEC] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:24:14.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/01/2008 - 03:23:22.) -- C:\Windows\system32\Drivers\HDAudBus.sys [53760]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.5734A0F2BE7E495F7D3ED6EFD4B9F5A1] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 13:49:35.) -- C:\Windows\system32\Drivers\MRxSmb.sys [105984]
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.21/01/2008 - 03:24:59.) -- C:\Windows\system32\Drivers\netBT.sys [184320]
[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\ntfs.sys [1081912]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.21/01/2008 - 03:25:00.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.21/01/2008 - 03:24:53.) -- C:\Windows\system32\Drivers\tdx.sys [71680]
[MD5.D8B4A53DD2769F226B3EB374374987C9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/01/2008 - 03:23:21.) -- C:\Windows\system32\Drivers\volsnap.sys [227896]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1307
~ Mes musiques (My Musics) : 25/371
~ Mes Videos (My Videos) : 1/74
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 5/1457
~ Mon Bureau (My Desktop) : 28/18976
~ Menu demarrer (Programs) : 1/51
~ Hidden Files: Scanned in 00mn 27s
---\\ Processus lancés
[MD5.D91F16AA4A6ED9FE00D1BF99D224932C] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [694584] [PID.2792]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3200]
[MD5.3BE8C00F8834FB2EC5D00DED729C2061] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.3208]
[MD5.77FA27D99D23F457879FFD13C163DE5B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7399968] [PID.3228]
[MD5.1ABF80D4F4941ECEE600AEC768173523] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1430824] [PID.3256]
[MD5.175DCB28BE4AC0E5C6F7AB4073AF574E] - (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe [1071624] [PID.3588]
[MD5.0D3DFFA8BA3E63592FC2C652CF3B0E9C] - (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe [200704] [PID.3604]
[MD5.CFFE32FE04C171ED21808D3B3FEADA4C] - (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600] [PID.3616]
[MD5.ABF2D789623C780F3CC30649E9F3E395] - (.Acer Incorporated - ODDPWR.) -- C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe [176128] [PID.3648]
[MD5.2B2D8EF4BE4648FC0BB91DE59D395574] - (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [199464] [PID.3656]
[MD5.B9AA850CDA55097EB13E03698C8F5828] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [266776] [PID.3676]
[MD5.3CD5BBDA19A1AB4EBA359E0A14FDF0F0] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.3868]
[MD5.3142195521FEE436088EE8A5748DE1B1] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [170520] [PID.3900]
[MD5.B63E5C7807334A3A8F731062F15462CC] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008] [PID.3912]
[MD5.25173C73A8E66BDCE0991643B3810BC8] - (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [346672] [PID.3940]
[MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastui.exe [5227112] [PID.840]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2384]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.3388]
[MD5.F2F3617C63B87AA2DE139DC9E37420B5] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [179224] [PID.972]
[MD5.0B0D331B8662C0E630D807E4B6A4C90B] - (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe [707104] [PID.2040]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2604]
[MD5.F92871A389230747AC6348C64D41AD57] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.4592]
[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.1736]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.3044]
[MD5.FF1AC73491E703FB01E2952455F20AAB] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [843592] [PID.4224]
[MD5.BEDBAAE1658ED5CBD8AF0B514774F7DD] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8166912] [PID.2480]
[MD5.0BA91E1358AD25236863039BB2609A2E] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [2623488] [PID.1256]
[MD5.E3F7EC811923F3F1A77B185F22638E5E] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1544]
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.1916]
[MD5.D8ECF13E587619CDF716B2AE8E12DDBB] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files\Launch Manager\dsiwmis.exe [117256] [PID.1948]
[MD5.6D49242536F8397AE9AF2A2A360E2EDD] - (.Acer Incorporated - ePowerSvc.) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [703008] [PID.2024]
[MD5.FDF0D78147DA8B2A93FE42D9A14C1B0B] - (.Motorola Mobility LLC - MotoHelper Service.) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [121144] [PID.408]
[MD5.77F8AD024059A9A8E17E654B887D1EF0] - (.EgisTec Inc. - MyWinLocker Service.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe [306736] [PID.520]
[MD5.453A4AA289CA08DFDD7B34C3064D0B05] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [54528] [PID.544]
[MD5.58751F9248D50BCE1053976C9E2F0859] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632] [PID.860]
[MD5.69316583D4CC032B3E4E72FD86C2FFA8] - (.Acer Incorporated - ODDPwr service.) -- C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [118784] [PID.1128]
[MD5.EA735BF6DF13A857A83C99BF27A422AD] - (.Motorola - ForwardDemon.) -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657] [PID.1368]
[MD5.8E250687E5F020CD337CC9D8252C0B56] - (.Acer Incorporated - Raw Socket Service.) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568] [PID.868]
[MD5.52E8A3CC8269ADB27D25182284C5E650] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2160]
[MD5.84B40786E4F94E2D05A4E323C1CA888D] - (.Acer Incorporated - ePowerEvent.) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe [453152] [PID.4932]
~ Processes Running: Scanned in 00mn 04s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 13s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0o8g9r3r.default\prefs.js
M3 - MFPP: Plugins - [Nicolas] -- C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0o8g9r3r.default\searchplugins\askcom.xml
M0 - MFSP: prefs.js [Nicolas - 0o8g9r3r.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [Nicolas - 0o8g9r3r.default\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}] [] Flash and Video Download v1.65 (..)
M2 - MFEP: Extension [Nicolas - 0o8g9r3r.default] {20a82645-c095-46ed-80e3-08825760534b}.xpi
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 12.0.2.122.) -- C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll
P2 - FPN: [HKLM] [@idsoftware.com/QuakeLive] - (.id Software Inc. - QUAKE LIVE.) -- C:\ProgramData\id Software\QuakeLive\npquakezero.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.55.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.55.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.55.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\Nicolas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Firefox Browser: 18 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.sfr.fr/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://ww12.cherche.us
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Skype Limited - Facebook Video Calling Plugin.) (No version) -- (.not file.)
~ IE Browser: 13 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;192.168.*.*
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 12 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Vuze.lnk . (.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O4 - GS\Program [Public]: Vuze.lnk . (.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
O4 - GS\QuickLaunch [Nicolas]: Vuze.lnk . (.Vuze Inc. - Pas de description.) -- C:\Program Files\Vuze\Azureus.exe =>P2P.Azureus
~ Global Startup: 3 Scanned in 00mn 04s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [PLFSetI] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTrayLauncher.) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [ODDPwr] . (.Acer Incorporated - ODDPWR.) -- C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe
O4 - HKLM\..\Run: [EgisTecLiveUpdate] . (.EgisTec Inc. - EgisUpdate Release Application.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
O4 - HKLM\..\Run: [OPSE reminder] C:\Program Files\ScanSoft\OmniPageSE2.0\EregFre\Ereg.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [mwlDaemon] . (.EgisTec Inc. - mwlDaemon Application.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Nicolas\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-21-2456941707-3665756491-2835564594-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2456941707-3665756491-2835564594-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Nicolas\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.chat-land.org =>Hijacker.ChercheUS
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{10FAFB6D-C08D-4BF5-AC21-787996885DD4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C15EE945-C7A6-4F40-A42B-09A50798352C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C15EE945-C7A6-4F40-A42B-09A50798352C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{10FAFB6D-C08D-4BF5-AC21-787996885DD4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C15EE945-C7A6-4F40-A42B-09A50798352C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) . (.Motorola Mobility LLC - MotoHelper Service.) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: MyWinLocker Service (MWLService) . (.EgisTec Inc. - MyWinLocker Service.) - C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) . (.Acer Incorporated - ODDPwr service.) - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: PST Service (PST Service) . (.Motorola - ForwardDemon.) - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: Raw Socket Service (RS_Service) . (.Acer Incorporated - Raw Socket Service.) - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 14 Scanned in 00mn 16s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [857888]
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000Core] (.Facebook Inc..) -- C:\Users\Nicolas\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000UA] (.Facebook Inc..) -- C:\Users\Nicolas\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.D9D67CF63305A7B01962BB5D252BBF05] [APT] [Game_Booster_Startup] (.IObit.) -- C:\Program Files\IObit\Game Booster 3\gbtray.exe [632664]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Engine] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Initial Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
[MD5.3102F06AE7F530BA7A1ED79E1CF5A03D] [APT] [Motorola Device Manager Update] (...) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196504]
[MD5.00000000000000000000000000000000] [APT] [reveil] (...) -- C:\Users\Nicolas\Desktop\let me in _demo_.mp3" (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3686D07D-E432-426D-A854-F04845BF6923}] (...) -- C:\Users\Nicolas\Downloads\super_taxi_driver_2006_demo_anglais.exe (.not file.) [0]
[MD5.30D17877295E6E9116FE7C10ED3E3ABF] [APT] [{49892873-EF93-4169-A60C-19E5D3F8C26B}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe [337520]
[MD5.30D17877295E6E9116FE7C10ED3E3ABF] [APT] [{B0EEDB01-1AC6-4A34-B7CD-3734F87C96E4}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe [337520]
[MD5.9B4A565AA43CBC1FB8F97A063A5B883A] [APT] [{BFFF944C-BECA-4E54-89DA-ACC0ED3893DE}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [30522472]
[MD5.739010F8DB22E8EECB8B7AE2DA51435F] [APT] [Burn Notification] (.Acer.) -- C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [667648]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000Core.job [1082]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000Core [1082]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000UA.job [1104]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2456941707-3665756491-2835564594-1000UA [1104]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1056]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056]
~ Scheduled Task: 22 Scanned in 00mn 07s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.1 r102.) -- C:\Windows\system32\Macromed\Flash\Flash11e.ocx
~ Active Setup: 13 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\Windows\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\Windows\system32\drivers\aswTdi.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Drivers: 72 Scanned in 00mn 08s
---\\ Logiciels installés (O42)
O42 - Logiciel: Acer Backup Manager - (.NewTech Infosystems.) [HKLM] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: Acer Crystal Eye webcam Ver:1.1.85.525 - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {D0ACE89D-EC7F-470F-80BE-4C98ED366B32}
O42 - Logiciel: Acer GameZone\GameConsole - (.Oberon Media, Inc..) [HKLM] -- {71C2828F-2678-4675-BDEC-895424861262}_is1
O42 - Logiciel: Acer GridVista - (.Acer Inc..) [HKLM] -- GridVista
O42 - Logiciel: Acer PowerSmart Manager - (.Acer Incorporated.) [HKLM] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}
O42 - Logiciel: Acer ScreenSaver - (.Acer.) [HKLM] -- Acer Screensaver
O42 - Logiciel: Acer VCM - (.Acer Incorporated.) [HKLM] -- {047F790A-7A2A-4B6A-AD02-38092BA63DAC}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Adobe Bridge 1.0 - (.Adobe Systems.) [HKLM] -- {B74D4E10-6884-0000-0000-000000000101} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] -- {8EDBA74D-0686-4C99-BFDD-F894678E5101}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Help Center 1.0 - (.Adobe Systems.) [HKLM] -- {E9787678-119F-4D52-B551-6739B2B22101}
O42 - Logiciel: Adobe Illustrator CS2 - (.Adobe Systems Inc..) [HKLM] -- Adobe Illustrator CS2 =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] -- {786C5747-0C40-4930-9AFE-113BCE553101}
O42 - Logiciel: Airport Mania First Flight - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}
O42 - Logiciel: ArcSoft PhotoStudio 5.5 - (.ArcSoft.) [HKLM] -- {85309D89-7BE9-4094-BB17-24999C6118FC}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: Battle Realms - (.Liquid Entertainment.) [HKLM] -- {9AA761E6-CA51-4FF2-A552-D51638BF0595}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Cake Mania 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113297350}
O42 - Logiciel: Castaldi catalogue 01 / 2011 - (.Castaldi.) [HKLM] -- {F26FFABC-6C74-4BC7-96EF-5698B457FA3C}
O42 - Logiciel: Clean Virus MSN - (.AxBx.) [HKLM] -- Clean Virus MSN_is1
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine =>Toolbar.Conduit
O42 - Logiciel: Cooking Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}
O42 - Logiciel: Cradle of Rome - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11219217}
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite =>.DT Soft Ltd
O42 - Logiciel: DIAL Communication Framework - (.DIAL GmbH.) [HKLM] -- {562D0D31-FBAF-4505-8B27-4EC92EEA91D6}
O42 - Logiciel: Dawn of War - Dark Crusade - (.THQ.) [HKLM] -- {FF39FC01-819B-42E4-AE49-1968AF12DDD4}
O42 - Logiciel: Dawn of War - Soulstorm - (.THQ.) [HKLM] -- {20533183-D42D-4261-A125-956736FBEA8C}
O42 - Logiciel: Dream Day Honeymoon - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113056167}
O42 - Logiciel: Dream Day Wedding - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112270203}
O42 - Logiciel: Dune CD version beta 1 - (.Abandonware-France.) [HKLM] -- {418B4151-997A-4237-BC20-669924C76DD4}_is1
O42 - Logiciel: Emulator Starter - (.Free Game Empire.) [HKCU] -- 32bce9526e87661e
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Fallout Collection - (...) [HKLM] -- Fallout Collection
O42 - Logiciel: FileZilla Client 3.7.0.1 - (.FileZilla Project.) [HKLM] -- FileZilla Client
O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}
O42 - Logiciel: Game Booster 3 - (.IObit.) [HKLM] -- Game Booster_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 55 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217055FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Jewel Quest Solitaire - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM] -- LManager
O42 - Logiciel: Logiciel d'archivage WinRAR - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: Luxor 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: Mahjong Escape Ancient China - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}
O42 - Logiciel: Malwarebytes Anti-Malware version 2.0.4.1028 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Manual CanoScan LiDE 25 - (...) [HKLM] -- {838BC0FB-4F8F-47B9-847F-06AE4CCE4181}
O42 - Logiciel: ManyCam 2.6.25 (remove only) - (.ManyCam LLC.) [HKLM] -- ManyCam
O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM] -- {C0698BDA-0D29-40EE-8570-A31106DF9AB1}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Motorola Device Manager - (.Motorola Mobility.) [HKLM] -- {28DB8373-C1BB-444F-A427-A55585A12ED7}
O42 - Logiciel: Motorola Device Software Update - (.Motorola Mobility.) [HKLM] -- {DEAD13D3-BC70-4AAE-AEF9-BE6297E106D1}
O42 - Logiciel: Motorola Mobile Drivers Installation 6.0.0 - (.Motorola Inc..) [HKLM] -- {D732E36A-B0C2-4DFF-8C60-4AC06233B2BC} =>.Motorola
O42 - Logiciel: Mozilla Firefox 34.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 34.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: MyWinLocker - (.EgisTec.) [HKLM] -- {68301905-2DEA-41CE-A4D4-E8B443B099BA}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: Ocean Express - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}
O42 - Logiciel: Optical Drive Power Management - (.Acer Incorporated.) [HKLM] -- {AE09C972-EEB2-4DA5-8090-0FCF54576854}
O42 - Logiciel: Orion - (.Convesoft.) [HKLM] -- {5B63A470-9334-44D1-AF61-6CE2DB565AE9}
O42 - Logiciel: POV-Ray for Windows v3.6.0 - (.Persistence of Vision Raytracer Pty. Ltd..) [HKLM] -- POV-Ray for Windows v3.6
O42 - Logiciel: Parking Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}
O42 - Logiciel: Philips_Lamp - (.Philips.) [HKLM] -- Philips_Lamp1.0.0.2
O42 - Logiciel: PhotoFiltre - (...) [HKCU] -- PhotoFiltre
O42 - Logiciel: Pleiades+Comfie 2.8.1.0 - (.Izuba Energies.) [HKLM] -- Pleiades+Comfie 2008_is1
O42 - Logiciel: PowerDVD - (.CyberLink Corp..) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: Puzzle Express - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}
O42 - Logiciel: Quake Live Mozilla Plugin - (.id Software.) [HKLM] -- {B42A6552-1A83-4D79-9137-AB0C9036249A}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
O42 - Logiciel: Rome - Total War - Gold Edition - (.The Creative Assembly.) [HKLM] -- {2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}
O42 - Logiciel: Rosetta Stone Version 3 - (.Rosetta Stone Ltd..) [HKLM] -- {80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}
O42 - Logiciel: SCHEMAPLIC 3.0 - (...) [HKLM] -- SCHEMAPLIC 3.0
O42 - Logiciel: SFR - Kit de connexion - (.SFR.) [HKLM] -- SFR_Kit
O42 - Logiciel: SimCity 2000 version beta1 - (.Abandonware-France.) [HKLM] -- {A7938DC7-97A4-463A-9E97-6D5AAF864263}_is1
O42 - Logiciel: SimCity 4 - (...) [HKLM] -- {01339AE5-04D4-43F8-008E-13AD788DC4F7}
O42 - Logiciel: Skype(TM) 6.22 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Sweet Home 3D version 3.7 - (.eTeks.) [HKLM] -- Sweet Home 3D_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Tradewinds 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}
O42 - Logiciel: Tri-Peaks Solitaire To Go - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}
O42 - Logiciel: Turbo Pizza - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}
O42 - Logiciel: UltraSnap Trial 1.8 - (.MediaChance.) [HKLM] -- UltraSnap Trial_is1
O42 - Logiciel: Update Service - (.Sony Ericsson Mobile Communications AB.) [HKLM] -- Update Service
O42 - Logiciel: VLC media player 0.9.9 - (.VideoLAN Team.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 =>P2P.Azureus
O42 - Logiciel: WampServer 2.0 - (.Romain Bourdon (Roms).) [HKLM] -- WampServer 2_is1
O42 - Logiciel: Warhammer 40,000: Dawn Of War - Gold Edition - (.THQ.) [HKLM] -- {D0B36BAF-3E9D-423E-8821-ED238C18DB0A}
O42 - Logiciel: Wedding Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}
O42 - Logiciel: Wondershare PDF Editor(Build 3.1.0) - (.Wondershare Software Co.,Ltd..) [HKLM] -- {75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1
O42 - Logiciel: XMind - (.XMind Ltd..) [HKLM] -- XMind
O42 - Logiciel: XRELAIS 3.0 ( Complet ) - (.Micrelec.) [HKLM] -- {EF5FAA0E-E272-408F-BA32-091F4782F2B4}
O42 - Logiciel: Zuma Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}
O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 57 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Amyuni Document Converter]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Vuze_Remote] =>P2P.Azureus
[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow]
[HKCU\Software\Azureus] =>P2P.Azureus
[HKCU\Software\Canon]
[HKCU\Software\Chicony]
[HKCU\Software\City Interactive]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Convesoft]
[HKCU\Software\CyberLink]
[HKCU\Software\DIALux PDF Printer]
[HKCU\Software\DT Soft]
[HKCU\Software\Emulators]
[HKCU\Software\Eraser]
[HKCU\Software\Facebook]
[HKCU\Software\GameSpy]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Izuba Energies]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Liquid Entertainment]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\ManyCam]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\POV-Ray]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Scr]
[HKCU\Software\Seifert]
[HKCU\Software\SkypeRS]
[HKCU\Software\Skype]
[HKCU\Software\Sonix]
[HKCU\Software\Sony Ericsson]
[HKCU\Software\Synaptics]
[HKCU\Software\TheCreativeAssembly]
[HKCU\Software\Trolltech]
[HKCU\Software\UltraSnap]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wistron]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\eSobi]
[HKCU\Software\ej-technologies]
[HKCU\Software\fwc]
[HKLM\Software\14 Degrees East]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVAST Software]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe Systems]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\ArcSoft]
[HKLM\Software\Atheros Communications Inc.]
[HKLM\Software\Azureus] =>P2P.Azureus
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Castaldi]
[HKLM\Software\Chicony Electronics Co.,Ltd.]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\CyberLink]
[HKLM\Software\DEMFITEC]
[HKLM\Software\DT Soft]
[HKLM\Software\Digital River]
[HKLM\Software\EgisTec Egis Software Update]
[HKLM\Software\EgisTec]
[HKLM\Software\Electronic Arts]
[HKLM\Software\FileZilla 3]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Interplay]
[HKLM\Software\Izuba Energies]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Maxis]
[HKLM\Software\McAfee]
[HKLM\Software\Motorola Mobility]
[HKLM\Software\Motorola]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Neuf]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OemSetup]
[HKLM\Software\Oracle]
[HKLM\Software\POV-Ray]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SEGA]
[HKLM\Software\SRS Labs]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\THQ]
[HKLM\Software\The Creative Assembly]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wistron]
[HKLM\Software\Wondershare]
[HKLM\Software\ej-technologies]
[HKLM\Software\magnet]
[HKLM\Software\mozilla.org]
[HKLM\Software\nSplitter]
~ Key Software: 328 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/12/2009 - 14:25:04 - [] ----D C:\Program Files\Acer
O43 - CFD: 15/01/2015 - 22:50:22 - [] ----D C:\Program Files\Acer GameZone
O43 - CFD: 12/06/2009 - 23:48:04 - [] ----D C:\Program Files\Acer Inc
O43 - CFD: 27/11/2012 - 14:14:37 - [] ----D C:\Program Files\Activision
O43 - CFD: 10/05/2013 - 08:31:37 - [] ----D C:\Program Files\Adobe
O43 - CFD: 03/02/2010 - 16:18:17 - [] ----D C:\Program Files\Alwil Software
O43 - CFD: 21/04/2010 - 21:44:06 - [] ----D C:\Program Files\ArcSoft
O43 - CFD: 24/05/2010 - 21:05:47 - [] ----D C:\Program Files\AxBx
O43 - CFD: 21/04/2010 - 21:59:57 - [] ----D C:\Program Files\Canon
O43 - CFD: 09/02/2011 - 09:42:05 - [] ----D C:\Program Files\CCleaner
O43 - CFD: 12/04/2010 - 22:32:08 - [0] ----D C:\Program Files\City Interactive
O43 - CFD: 26/09/2014 - 11:53:33 - [] ----D C:\Program Files\Common Files
O43 - CFD: 25/02/2011 - 19:49:48 - [] ----D C:\Program Files\Conduit
O43 - CFD: 09/07/2014 - 07:51:19 - [] ----D C:\Program Files\ConduitEngine =>Toolbar.Conduit
O43 - CFD: 12/06/2009 - 23:24:48 - [] ----D C:\Program Files\Convesoft
O43 - CFD: 12/06/2009 - 23:32:58 - [] ----D C:\Program Files\CyberLink
O43 - CFD: 27/11/2012 - 14:08:31 - [] ----D C:\Program Files\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 10/10/2011 - 08:10:12 - [] ----D C:\Program Files\DIAL GmbH
O43 - CFD: 23/09/2012 - 18:38:54 - [] ----D C:\Program Files\DIALux
O43 - CFD: 08/08/2010 - 00:50:57 - [] ----D C:\Program Files\DOSBox-0.74
O43 - CFD: 12/06/2009 - 23:46:09 - [] ----D C:\Program Files\EgisTec
O43 - CFD: 12/06/2009 - 23:46:11 - [] ----D C:\Program Files\EgisTec Egis Software Update
O43 - CFD: 10/12/2014 - 01:04:01 - [0] ----D C:\Program Files\Eraser
O43 - CFD: 12/06/2009 - 23:47:39 - [] ----D C:\Program Files\eSobi
O43 - CFD: 29/12/2009 - 14:22:55 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 15/05/2013 - 08:18:33 - [] ----D C:\Program Files\FileZilla FTP Client
O43 - CFD: 28/12/2013 - 16:01:30 - [] ----D C:\Program Files\Free PDF to Word Converter
O43 - CFD: 23/01/2015 - 18:33:22 - [] ----D C:\Program Files\Google
O43 - CFD: 23/01/2015 - 17:50:56 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 01/04/2009 - 00:57:28 - [] ----D C:\Program Files\Intel
O43 - CFD: 17/06/2011 - 18:57:37 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 12/12/2011 - 09:18:41 - [] ----D C:\Program Files\Interplay
O43 - CFD: 02/03/2012 - 19:58:03 - [] ----D C:\Program Files\IObit
O43 - CFD: 03/10/2011 - 07:44:32 - [] ----D C:\Program Files\Izuba Energies
O43 - CFD: 01/05/2014 - 16:35:09 - [] ----D C:\Program Files\Java
O43 - CFD: 12/06/2009 - 23:30:21 - [] ----D C:\Program Files\Launch Manager
O43 - CFD: 30/03/2011 - 12:28:59 - [] ----D C:\Program Files\Liquid Entertainment
O43 - CFD: 11/12/2014 - 18:53:02 - [] ----D C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 26/06/2014 - 18:16:41 - [0] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 19/11/2012 - 17:19:59 - [] ----D C:\Program Files\ManyCam
O43 - CFD: 26/11/2012 - 13:01:07 - [] ----D C:\Program Files\Maxis
O43 - CFD: 29/12/2009 - 15:49:12 - [] ----D C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 13:37:34 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 24/04/2012 - 15:21:49 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 09/04/2009 - 03:30:43 - [] ----D C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 12/08/2014 - 07:27:18 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 09/04/2009 - 04:00:44 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 08/12/2010 - 18:54:14 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 08/12/2010 - 18:49:10 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 11/10/2012 - 06:38:41 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 26/06/2010 - 02:02:17 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 12/04/2013 - 23:31:31 - [] ----D C:\Program Files\Motorola
O43 - CFD: 12/04/2013 - 23:31:48 - [] ----D C:\Program Files\Motorola Mobility
O43 - CFD: 12/08/2010 - 06:16:46 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 08/12/2014 - 18:33:07 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 23/01/2015 - 17:50:56 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 08/12/2010 - 18:54:43 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 12/04/2013 - 23:31:03 - [] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 12/06/2009 - 23:31:47 - [] ----D C:\Program Files\NewTech Infosystems
O43 - CFD: 21/07/2012 - 01:04:36 - [] ----D C:\Program Files\Oracle
O43 - CFD: 29/08/2010 - 22:01:29 - [] ----D C:\Program Files\PhotoFiltre
O43 - CFD: 10/10/2011 - 08:14:33 - [] ----D C:\Program Files\POV-Ray for Windows v3.6
O43 - CFD: 12/06/2009 - 23:25:59 - [] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:34 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 04/12/2012 - 12:53:40 - [] ----D C:\Program Files\Rosetta Stone
O43 - CFD: 21/04/2010 - 21:46:52 - [] ----D C:\Program Files\ScanSoft
O43 - CFD: 16/02/2012 - 11:15:39 - [] ----D C:\Program Files\SEGA
O43 - CFD: 29/12/2009 - 14:35:55 - [] ----D C:\Program Files\SFR
O43 - CFD: 08/12/2014 - 21:09:23 - [] R---D C:\Program Files\Skype
O43 - CFD: 02/05/2010 - 16:58:33 - [] ----D C:\Program Files\Sony Ericsson
O43 - CFD: 16/01/2013 - 13:43:59 - [] ----D C:\Program Files\Sweet Home 3D
O43 - CFD: 12/06/2009 - 23:27:45 - [] ----D C:\Program Files\Synaptics
O43 - CFD: 12/06/2009 - 23:27:06 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 28/04/2011 - 17:56:42 - [] ----D C:\Program Files\The Creative Assembly
O43 - CFD: 24/03/2011 - 13:17:20 - [] ----D C:\Program Files\THQ
O43 - CFD: 05/10/2010 - 18:47:25 - [] ----D C:\Program Files\UltraSnap
O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 31/12/2009 - 00:10:39 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 22/06/2012 - 20:02:15 - [] ----D C:\Program Files\Vuze =>P2P.Azureus
O43 - CFD: 30/01/2015 - 22:34:37 - [] ----D C:\Program Files\windirstat
O43 - CFD: 13/06/2009 - 09:07:53 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 09/04/2009 - 17:20:33 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 09/04/2009 - 17:20:33 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 09/04/2009 - 17:20:34 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 14/05/2013 - 22:11:54 - [] ----D C:\Program Files\Windows Live
O43 - CFD: -
Salut,
Surement la restauration du système comme sur ces sujets :
https://forum.malekal.com/viewtopic.php?t=50750&start=
https://forums.commentcamarche.net/forum/affich-31558499-virus-system-volume-information
