cpu et ram 100% sur bureau, cause pop explorateur windows - Win 7 - Windows & Software
Marsh Posté le 20-12-2014 à 16:51:33
Citation : il semble d'après certains que c'est Windows qu'il faut "bricoler" , et pas un virus. (qqun a eu le problème meme après format/réinstall plusieurs fois) |
avec plusieurs problèmes dans malwarebytes, tu comprendras qu'il s'agit très certainement d'une infection qui est encore présente.
passes un coup de adwcleaner, répare le fichier host avec windows repair, et postes un rapport avec ZHPdiag.
Marsh Posté le 20-12-2014 à 16:52:46
Citation : et à ce propos, je comprend pas que mon C: se remplis tout seul sans rien installer |
40 Go pour windows 7 / 8, ca peut rapidement être trop juste.
Marsh Posté le 20-12-2014 à 18:22:42
salut Jgcollection
merci pour ta réponse précise et rapide,
je suis en train de faire ce que tu dit: (enfin le temps de le faire)
-adwcleaner fait (DeviceVM viré, + plein de clef)
-"répare le fichier host avec windows repair" j'ai jamais fait...
donc j'écoute Windows? http://support.microsoft.com/kb/972034/fr-fr (rien compris )
ou http://www.commentcamarche.net/faq [...] hier-hosts
ou autre?...
edit: j'en suis à l'étape 5 de Windows aide/ support:
3.Dans le menu Fichier, cliquez sur Enregistrer sous, tapez hosts dans la zone Nom de fichier, et enregistrez le fichier sur le Bureau.
4.Cliquez sur Démarrer, sur Exécuter, tapez %WinDir%\System32\Drivers\Etc, puis cliquez sur OK.
5.Sélectionnez le fichier hôtes et renommez-le « Hosts.old ».
j'ai pas de hosts, mais un lmhosts (type=fichier SAM) késkeuchfé (networks, protocol, services sont les 3 autres présents)
Spoiler : # (NetBIOS) names. Each entry should be kept on an individual line. |
au fait, là le proc/ ram c'est calme
édit 3 trouvé //www.chantal11.com/2009/04/afficher-les-fichiers-caches-systeme-windows-7-vista/
Marsh Posté le 20-12-2014 à 20:19:16
donc, zhpdiag complet:
~ Rapport de ZHPDiag v2014.12.18.175 - Nicolas Coolman (18/12/2014)
~ Lancé par moi (20/12/2014 20:12:06)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17420 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : XM76F
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v4.19
---\\ Logiciels de partage PeerToPeer
eMule
---\\ Surveillance de Logiciels
Adobe Flash Player 15 ActiveX
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8191 MB (74% free)
System Restore: Activé (Enable)
System drive C: has 4 GB (9%) free of 39 GB
---\\ Mode de connexion au système
~ Computer Name: MOI-PC
~ User Name: moi
~ All Users Names: moi, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\moi\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\moi\AppData\Roaming\
~ %Desktop% : C:\Users\moi\Desktop\
~ %Favorites% : C:\Users\moi\Favorites\
~ %LocalAppData% : C:\Users\moi\AppData\Local\
~ %StartMenu% : C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 4 Go of 39 Go)
D: Hard drive, Flash drive, Thumb drive (Free 31 Go of 518 Go)
G: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.6FC2819A4F80AAB2DADEDFC1EFEE3C3F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/11/2014 - 03:17:24.) -- C:\Windows\System32\wininet.dll [2365440]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/4
~ Mes Favoris (My Favorites) : 1/221
~ Mes Documents (My Documents) : 1/76
~ Mon Bureau (My Desktop) : 1/19
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.F3F709C2D49DD6636F4EDE5C2CAE5448] - (.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe [5758976] [PID.1716] =>P2P.eMule
[MD5.591C6FD1541BAFAEEE82B1F5831C8532] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [815280] [PID.2172]
[MD5.CC29FDF0E680C0F3531C9F2A834CA2A6] - (.VideoLAN - VLC media player 2.1.5.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [126995] [PID.23816]
[MD5.8496C528C75FFB03D5150C7C9F00984E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8141312] [PID.23472]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [ubisoft.com/uplaypc] - (...) -- D:\AAAA jeux settlers 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll (.not file.)
~ Firefox Browser: 1 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17239 (winblue_gdr.140724-2228)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 27 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (3)
~ Hosts File: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: eMule.lnk . (.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe =>P2P.eMule
O4 - GS\TaskBar [moi]: Games.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe http://socialgames.splashtop.com =>.Microsoft Corporation
~ Global Startup: 2 Scanned in 00mn 01s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKCU\..\Run: [ASRockOCTuner] Clé orpheline
O4 - HKCU\..\Run: [ASRockIES] Clé orpheline
O4 - HKCU\..\Run: [zASRockInstantBoot] Clé orpheline
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [eMuleAutoStart] . (.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe =>P2P.eMule
O4 - HKLM\..\Wow6432Node\Run: [SmartviewAgent] C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3291715198-3415740991-1127761753-1000\..\Run: [ASRockOCTuner] Clé orpheline
O4 - HKUS\S-1-5-21-3291715198-3415740991-1127761753-1000\..\Run: [ASRockIES] Clé orpheline
O4 - HKUS\S-1-5-21-3291715198-3415740991-1127761753-1000\..\Run: [zASRockInstantBoot] Clé orpheline
O4 - HKUS\S-1-5-21-3291715198-3415740991-1127761753-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-3291715198-3415740991-1127761753-1000\..\Run: [eMuleAutoStart] . (.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe =>P2P.eMule
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E10501C-6C14-4040-8AB7-539B93C604AA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF8B329B-6D94-4873-BC3F-3FE6758DBF57}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E10501C-6C14-4040-8AB7-539B93C604AA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{CF8B329B-6D94-4873-BC3F-3FE6758DBF57}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5E10501C-6C14-4040-8AB7-539B93C604AA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{CF8B329B-6D94-4873-BC3F-3FE6758DBF57}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [4506] (...) -- C:\Users\moi\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.D87E0BF2E8BB7E5C49E79F32F8FEAFC4] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4826904]
[MD5.00000000000000000000000000000000] [APT] [{EA69C370-ADAF-8221-7EDB-C5AAE9E4FB62}] (...) -- C:\Windows\system32\hgrwbrr.dll (.not file.) [0]
~ Scheduled Task: 4 Scanned in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (AsrAppCharger) . (.Windows (R) Win 7 DDK provider - ASRock App Charger Driver.) - C:\Windows\System32\DRIVERS\AsrAppCharger.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (FNETURPX) . (.FNet Co., Ltd. - FNetUrPx.sys.) - C:\Windows\System32\drivers\FNETURPX.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 66 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000}
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {504184A2-1B0E-5D93-603A-517E93E7EDB3}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F436A08B-63BB-72A2-17C0-6D8E5182CA49}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0407893F-352C-B182-E04A-A8C3333DA29B}
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A}
O42 - Logiciel: ASRock App Charger v1.0.4 - (.ASRock Inc..) [HKLM][64Bits] -- ASRock App Charger_is1
O42 - Logiciel: ASRock IES v2.1.12 - (...) [HKLM][64Bits] -- ASRock IES_is1
O42 - Logiciel: ASRock InstantBoot v1.23 - (...) [HKLM][64Bits] -- ASRock InstantBoot_is1
O42 - Logiciel: ASRock OC Tuner v2.4.31 - (...) [HKLM][64Bits] -- ASRock OC Tuner_is1
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {00203668-8170-44A0-BE44-B632FA4D780F}
O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}
O42 - Logiciel: Diablo III - (.Blizzard Entertainment.) [HKLM][64Bits] -- Diablo III
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI
O42 - Logiciel: Logitech SetPoint 6.0 - (.Logitech.) [HKLM][64Bits] -- SP6
O42 - Logiciel: SmartView for IE - (.DeviceVM, Inc..) [HKLM][64Bits] -- {C448EA30-BB7F-4D42-83BC-385EBA140AF2}
O42 - Logiciel: Sound Blaster X-Fi MB - (.Creative Technology Limited.) [HKLM][64Bits] -- {F3D9AC82-30F4-4BB9-B9AB-8697637568C1}
O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: XFastUsb - (...) [HKLM][64Bits] -- XFastUsb
O42 - Logiciel: eMule - (...) [HKLM][64Bits] -- eMule
O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM][64Bits] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
~ Logic: 50 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AMD]
[HKCU\Software\ASRock]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AdsFix]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Bugsplat]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Creative Tech]
[HKCU\Software\DT Soft]
[HKCU\Software\DeviceVM Inc.]
[HKCU\Software\Eidos]
[HKCU\Software\Electronic Arts]
[HKCU\Software\GameSpy]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\Leadertech]
[HKCU\Software\Logitech]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Qhwankkvai]
[HKCU\Software\QtProject]
[HKCU\Software\Sysinternals]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\Ubisoft]
[HKCU\Software\Valve]
[HKCU\Software\Wow6432Node]
[HKCU\Software\eMule]
[HKCU\Software\xAlT3A]
[HKLM\Software\7-Zip]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AdsFix]
[HKLM\Software\Alienware]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\QSound Labs, Inc.]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Sysinternals]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdsFix]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Aureal]
[HKLM\Software\Wow6432Node\Blizzard Entertainment]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Creative Labs]
[HKLM\Software\Wow6432Node\Creative Tech]
[HKLM\Software\Wow6432Node\DeviceVM Inc.]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\FNET]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\Matrox]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OpenAL]
[HKLM\Software\Wow6432Node\Origin Games]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Sierra OnLine]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Sysinternals]
[HKLM\Software\Wow6432Node\Ubisoft]
[HKLM\Software\Wow6432Node\VIA Technologies, Inc]
[HKLM\Software\Wow6432Node\Valve]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\rebellion]
[HKLM\Software\Wow6432Node\xAlT3A]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\xAlT3A]
~ Key Software: 190 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/11/2014 - 21:53:49 - [0] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 02/01/2013 - 16:55:50 - [] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 02/01/2013 - 18:20:24 - [] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 05/11/2012 - 00:43:47 - [] ----D C:\Program Files (x86)\ASRock Utility
O43 - CFD: 02/01/2013 - 16:46:22 - [0] ----D C:\Program Files (x86)\ATI
O43 - CFD: 02/01/2013 - 18:19:12 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 11/12/2014 - 05:31:20 - [] ----D C:\Program Files (x86)\Battle.net
O43 - CFD: 30/10/2014 - 23:13:41 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 05/11/2012 - 00:46:28 - [] ----D C:\Program Files (x86)\Creative
O43 - CFD: 05/11/2012 - 00:46:34 - [] --H-D C:\Program Files (x86)\Creative Installation Information
O43 - CFD: 30/11/2012 - 22:39:03 - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 01/12/2012 - 20:48:54 - [] ----D C:\Program Files (x86)\eMule
O43 - CFD: 21/12/2013 - 21:56:45 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 01/12/2012 - 18:11:53 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 16/11/2014 - 12:21:28 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 18/03/2013 - 18:01:58 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 02/12/2012 - 03:01:22 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/07/2009 - 06:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 18/03/2013 - 18:01:19 - [] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 31/10/2014 - 02:07:19 - [] ----D C:\Program Files (x86)\Origin
O43 - CFD: 14/07/2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 27/10/2014 - 14:57:24 - [0] ----D C:\Program Files (x86)\Ubisoft
O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 05/11/2012 - 00:40:25 - [] ----D C:\Program Files (x86)\VIA
O43 - CFD: 30/11/2012 - 18:12:41 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 07/09/2013 - 15:19:41 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 12/04/2011 - 10:16:36 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - 10:16:36 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 12/04/2011 - 10:16:36 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 04:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12/04/2011 - 10:16:36 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 05/11/2012 - 00:43:53 - [] ----D C:\Program Files (x86)\XFastUsb
O43 - CFD: 20/12/2014 - 20:11:33 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 05/11/2012 - 00:44:49 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 02/01/2013 - 18:20:20 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 05/10/2014 - 02:08:33 - [] ----D C:\Program Files (x86)\Common Files\Blizzard Entertainment
O43 - CFD: 05/11/2012 - 00:46:33 - [] ----D C:\Program Files (x86)\Common Files\Creative
O43 - CFD: 05/11/2012 - 00:45:29 - [] ----D C:\Program Files (x86)\Common Files\Creative Labs Shared
O43 - CFD: 30/03/2014 - 10:18:29 - [] --H-D C:\Program Files (x86)\Common Files\EAInstaller
O43 - CFD: 05/11/2012 - 00:45:24 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 18/02/2013 - 14:59:34 - [] ----D C:\Program Files (x86)\Common Files\LogiShrd
O43 - CFD: 18/03/2013 - 18:02:02 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 27/10/2014 - 05:09:52 - [] ----D C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 08/01/2012 - 08:18:11 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 01/12/2012 - 17:45:48 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 30/10/2014 - 23:13:40 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 02/01/2013 - 18:20:24 - [] ----D C:\ProgramData\AMD
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 02/01/2013 - 18:22:09 - [] ----D C:\ProgramData\ATI
O43 - CFD: 22/03/2013 - 13:21:20 - [] ----D C:\ProgramData\Battle.net
O43 - CFD: 22/03/2013 - 13:45:16 - [] ----D C:\ProgramData\Blizzard Entertainment
O43 - CFD: 05/11/2012 - 00:07:56 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 05/11/2012 - 00:46:51 - [] ----D C:\ProgramData\Creative
O43 - CFD: 20/03/2013 - 14:26:57 - [] ----D C:\ProgramData\Creative Labs
O43 - CFD: 05/11/2012 - 00:51:01 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 30/11/2012 - 22:37:37 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 13/01/2012 - 15:45:27 - [] ----D C:\ProgramData\EA Core
O43 - CFD: 27/10/2014 - 07:07:01 - [] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 01/12/2012 - 20:49:21 - [] ----D C:\ProgramData\eMule
O43 - CFD: 05/11/2012 - 00:07:56 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 05/11/2012 - 00:43:54 - [] ----D C:\ProgramData\FNET
O43 - CFD: 10/03/2013 - 13:30:48 - [] ----D C:\ProgramData\Google
O43 - CFD: 18/02/2013 - 14:59:24 - [] ----D C:\ProgramData\Logishrd
O43 - CFD: 30/10/2014 - 23:45:45 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 08/12/2013 - 22:35:20 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 05/11/2012 - 00:07:56 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 18/02/2013 - 10:29:22 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 05/11/2012 - 00:07:56 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 09/05/2013 - 11:20:27 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 08/01/2012 - 21:53:19 - [] ----D C:\ProgramData\Norton
O43 - CFD: 05/11/2012 - 00:51:06 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 24/10/2014 - 07:56:46 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 31/10/2014 - 02:07:18 - [] ----D C:\ProgramData\Origin
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 01/10/2014 - 17:45:27 - [] ----D C:\ProgramData\Steam
O43 - CFD: 15/09/2013 - 19:43:36 - [] ----D C:\ProgramData\Sun
O43 - CFD: 05/11/2012 - 00:49:58 - [] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 27/10/2014 - 16:48:16 - [] ----D C:\ProgramData\Windows Genuine Advantage
O43 - CFD: 05/11/2012 - 00:48:59 - [] --H-D C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
O43 - CFD: 21/12/2013 - 21:57:14 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
O43 - CFD: 13/12/2012 - 04:56:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 24/10/2014 - 08:33:34 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/07/2009 - 05:57:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 05/11/2012 - 00:43:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
O43 - CFD: 06/03/2014 - 02:10:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
O43 - CFD: 02/01/2013 - 18:20:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
O43 - CFD: 18/11/2014 - 21:18:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 10/03/2013 - 14:52:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
O43 - CFD: 05/11/2012 - 00:46:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
O43 - CFD: 30/11/2012 - 22:39:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 01/11/2013 - 09:50:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
O43 - CFD: 01/12/2012 - 20:48:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
O43 - CFD: 27/10/2014 - 07:06:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 18/02/2013 - 14:59:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
O43 - CFD: 14/07/2009 - 05:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/11/2014 - 21:48:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
O43 - CFD: 15/11/2014 - 21:54:27 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 12/04/2011 - 10:27:52 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 28/02/2014 - 13:55:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 05/11/2012 - 00:43:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast USB
O43 - CFD: 20/12/2014 - 20:11:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 15/11/2014 - 21:53:50 - [] ----D C:\Users\moi\AppData\Roaming\Adobe
O43 - CFD: 01/12/2012 - 07:06:49 - [] ----D C:\Users\moi\AppData\Roaming\ATI
O43 - CFD: 06/03/2014 - 02:41:41 - [] ----D C:\Users\moi\AppData\Roaming\Battle.net
O43 - CFD: 11/09/2013 - 11:16:20 - [] ----D C:\Users\moi\AppData\Roaming\Bioshock
O43 - CFD: 30/10/2014 - 23:57:31 - [0] ----D C:\Users\moi\AppData\Roaming\Buurxo
O43 - CFD: 18/11/2014 - 21:33:56 - [] ----D C:\Users\moi\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 30/10/2014 - 23:57:31 - [0] ----D C:\Users\moi\AppData\Roaming\Ehuspoi
O43 - CFD: 03/03/2013 - 09:50:01 - [] ----D C:\Users\moi\AppData\Roaming\Google
O43 - CFD: 30/10/2014 - 23:57:31 - [0] ----D C:\Users\moi\AppData\Roaming\Hopuby
O43 - CFD: 30/10/2014 - 23:57:31 - [0] ----D C:\Users\moi\AppData\Roaming\Hyigagp
O43 - CFD: 05/11/2012 - 00:08:13 - [] ----D C:\Users\moi\AppData\Roaming\Identities
O43 - CFD: 18/02/2013 - 14:59:35 - [] ----D C:\Users\moi\AppData\Roaming\Leadertech
O43 - CFD: 18/02/2013 - 14:57:48 - [] ----D C:\Users\moi\AppData\Roaming\Logishrd
O43 - CFD: 18/02/2013 - 14:59:47 - [] ----D C:\Users\moi\AppData\Roaming\Logitech
O43 - CFD: 05/11/2012 - 00:44:46 - [] ----D C:\Users\moi\AppData\Roaming\Macromedia
O43 - CFD: 12/04/2011 - 10:27:52 - [0] ----D C:\Users\moi\AppData\Roaming\Media Center Programs
O43 - CFD: 15/12/2013 - 15:38:49 - [] -S--D C:\Users\moi\AppData\Roaming\Microsoft
O43 - CFD: 09/05/2013 - 11:21:08 - [] ----D C:\Users\moi\AppData\Roaming\Mozilla
O43 - CFD: 30/03/2014 - 01:55:57 - [] ----D C:\Users\moi\AppData\Roaming\Origin
O43 - CFD: 30/10/2014 - 23:57:31 - [0] ----D C:\Users\moi\AppData\Roaming\Pyyhubf
O43 - CFD: 20/12/2014 - 20:01:07 - [] ----D C:\Users\moi\AppData\Roaming\vlc
O43 - CFD: 30/10/2014 - 23:57:31 - [0] ----D C:\Users\moi\AppData\Roaming\Xoytomqe
O43 - CFD: 30/10/2014 - 23:57:31 - [0] ----D C:\Users\moi\AppData\Roaming\Ygivowif
O43 - CFD: 20/12/2014 - 20:12:34 - [] ----D C:\Users\moi\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 31/10/2014 - 00:14:42 - [0] ----D C:\Users\moi\AppData\Roaming\Zuwoqyy
O43 - CFD: 18/11/2014 - 21:15:18 - [] ----D C:\Users\moi\AppData\Local\Adobe
O43 - CFD: 05/11/2012 - 00:08:01 - [] -SH-D C:\Users\moi\AppData\Local\Application Data
O43 - CFD: 07/03/2014 - 12:02:18 - [] ----D C:\Users\moi\AppData\Local\Apps
O43 - CFD: 01/12/2012 - 07:06:49 - [] ----D C:\Users\moi\AppData\Local\ATI
O43 - CFD: 18/12/2014 - 13:18:47 - [] ----D C:\Users\moi\AppData\Local\Battle.net
O43 - CFD: 28/02/2014 - 14:47:25 - [] ----D C:\Users\moi\AppData\Local\Blizzard Entertainment
O43 - CFD: 20/12/2014 - 07:14:00 - [0] ----D C:\Users\moi\AppData\Local\CrashDumps
O43 - CFD: 05/11/2012 - 00:51:00 - [] ----D C:\Users\moi\AppData\Local\Cyberlink
O43 - CFD: 19/10/2014 - 00:00:17 - [0] ----D C:\Users\moi\AppData\Local\Diagnostics
O43 - CFD: 20/02/2013 - 09:52:02 - [] ----D C:\Users\moi\AppData\Local\dxhr
O43 - CFD: 30/03/2014 - 10:18:46 - [] ----D C:\Users\moi\AppData\Local\Electronic Arts
O43 - CFD: 19/10/2014 - 00:00:17 - [0] ----D C:\Users\moi\AppData\Local\ElevatedDiagnostics
O43 - CFD: 16/11/2014 - 18:49:54 - [] -SH-D C:\Users\moi\AppData\Local\EmieBrowserModeList
O43 - CFD: 05/06/2014 - 08:46:06 - [] -SH-D C:\Users\moi\AppData\Local\EmieSiteList
O43 - CFD: 05/06/2014 - 08:46:06 - [] -SH-D C:\Users\moi\AppData\Local\EmieUserList
O43 - CFD: 01/12/2012 - 20:54:41 - [] ----D C:\Users\moi\AppData\Local\eMule
O43 - CFD: 14/04/2013 - 08:38:11 - [] ----D C:\Users\moi\AppData\Local\Google
O43 - CFD: 05/11/2012 - 00:08:01 - [] -SH-D C:\Users\moi\AppData\Local\Historique
O43 - CFD: 24/07/2013 - 06:13:51 - [] ----D C:\Users\moi\AppData\Local\Macromedia
O43 - CFD: 30/11/2014 - 00:59:46 - [] ----D C:\Users\moi\AppData\Local\Microsoft
O43 - CFD: 18/11/2014 - 21:33:48 - [0] ----D C:\Users\moi\AppData\Local\MigWiz
O43 - CFD: 21/09/2013 - 12:44:20 - [] ----D C:\Users\moi\AppData\Local\Mozilla
O43 - CFD: 15/12/2013 - 15:38:23 - [] ----D C:\Users\moi\AppData\Local\Programs
O43 - CFD: 16/11/2014 - 12:08:03 - [] ----D C:\Users\moi\AppData\Local\SKIDROW
O43 - CFD: 01/10/2014 - 17:47:02 - [] ----D C:\Users\moi\AppData\Local\Sniper3
O43 - CFD: 07/06/2014 - 10:08:18 - [] ----D C:\Users\moi\AppData\Local\SniperV2
O43 - CFD: 20/12/2014 - 20:10:49 - [] ----D C:\Users\moi\AppData\Local\Temp
O43 - CFD: 05/11/2012 - 00:08:01 - [] -SH-D C:\Users\moi\AppData\Local\Temporary Internet Files
O43 - CFD: 27/10/2014 - 14:57:07 - [0] ----D C:\Users\moi\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 11/05/2013 - 21:25:10 - [] ----D C:\Users\moi\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - 05:54:32 - [] R---D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 05/06/2014 - 00:39:32 - [] R---D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 13/05/2014 - 01:03:11 - [] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 14/07/2009 - 05:49:38 - [] R---D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 05/06/2014 - 00:39:32 - [] R---D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 168 Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.070329F21DB1A04AA96AA29BED26F555] - 09/12/2014 - 09:22:35 ---A- . (...) -- C:\AdsFix_09_12_2014_09_22_36.txt [18336]
O44 - LFC:[MD5.8A8CB073A4B9F9D97CFA8CA9C1C851CE] - 09/12/2014 - 09:33:53 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [728064]
O44 - LFC:[MD5.1306E6A1BF4D506CD687DF9F947270F2] - 09/12/2014 - 09:33:53 ---A- . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll [241152]
O44 - LFC:[MD5.8477988EFC626AB02D516B8539561A32] - 20/12/2014 - 17:46:48 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.F058F0FD5BD47A31A92AF7FA1DA303CF] - 20/12/2014 - 18:33:38 ----- . (...) -- C:\Windows\WindowsUpdate.log [1576809]
~ Files: 5 Scanned in 00mn 01s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{4f5a04a4-5297-11e2-ba31-806e6f6e6963}\AutoRun\command. (...) -- E:\SETUP.exe (.not file.)
O51 - MPSK:{ca7128e3-26d2-11e2-987b-806e6f6e6963}\AutoRun\command. (...) -- E:\CDBROWSE.exe (.not file.)
O51 - MPSK:{cd1de7e9-3b39-11e2-84d6-002522d82843}\AutoRun\command. (...) -- G:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\CTSyncService [Key] . (.Creative Technology Ltd - License Sync Service (X-Fi MB).) -- C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O53 - SMSR:HKLM\...\startupreg\eMuleAutoStart [Key] . (.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe =>P2P.eMule
O53 - SMSR:HKLM\...\startupreg\EvtMgr6 [Key] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O53 - SMSR:HKLM\...\startupreg\HDAudDeck [Key] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\RunDLLEntry [Key] . (.Creative Technology Ltd. - AmbRun Endpoints Dynamic Link Library.) -- C:\Windows\system32\AmbRunE.dll
O53 - SMSR:HKLM\...\startupreg\SmartViewAgent [Key] . (...) -- C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O53 - SMSR:HKLM\...\startupreg\UpdReg [Key] . (.Creative Technology Ltd. - Creative UpdReg.) -- C:\Windows\UpdReg.exe
O53 - SMSR:HKLM\...\startupreg\VolPanel [Key] . (.Creative Technology Ltd - VolPanlu.exe.) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
O53 - SMSR:HKLM\...\startupreg\XFastUsb [Key] . (.FNet Co., Ltd. - Pas de description.) -- C:\Program Files (x86)\XFastUsb\XFastUsb.exe
~ SMSR Keys: 15 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:11/06/2010 - 14:37:14 ---A- . (.Windows (R) Win 7 DDK provider - ASRock App Charger Driver.) -- C:\Windows\System32\Drivers\AsrAppCharger.sys [15368]
O58 - SDL:29/07/2008 - 04:47:00 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrxusb.sys [1075712]
O58 - SDL:28/01/2010 - 15:33:38 ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\AtiHdmi.sys [116736]
O58 - SDL:14/05/2012 - 07:12:30 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\AtihdW76.sys [96896]
O58 - SDL:28/09/2012 - 03:21:20 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [10697216]
O58 - SDL:28/09/2012 - 02:12:52 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [460288]
O58 - SDL:03/03/2010 - 05:23:10 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atipmdag.sys [6402560]
O58 - SDL:10/03/2013 - 14:31:11 ---A- . (...) -- C:\Windows\System32\Drivers\atksgt.sys [310728]
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:01/12/2012 - 04:13:56 ---A- . (.FNet Co., Ltd. - FNetTbos.sys.) -- C:\Windows\System32\Drivers\FNETTBOH_305.SYS [31808]
O58 - SDL:05/11/2012 - 00:43:53 ---A- . (.FNet Co., Ltd. - FNetUrPx.sys.) -- C:\Windows\System32\Drivers\FNETURPX.SYS [15936]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:21/11/2010 - 04:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:11/02/2011 - 19:16:38 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [10628640]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:24/08/2010 - 10:55:43 ---A- . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) -- C:\Windows\System32\Drivers\L1C62x64.sys [76912]
O58 - SDL:10/11/2009 - 12:53:00 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\System32\Drivers\LHidFilt.Sys [56336]
O58 - SDL:10/03/2013 - 13:46:15 ---A- . (...) -- C:\Windows\System32\Drivers\lirsgt.sys [43168]
O58 - SDL:10/11/2009 - 12:53:16 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\System32\Drivers\LMouFilt.Sys [58384]
O58 - SDL:13/10/2014 - 16:00:20 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\Windows\System32\Drivers\LNonPnP.sys [18960]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:10/11/2009 - 12:53:40 ---A- . (.Logitech, Inc. - Logitech USB Filter Driver..) -- C:\Windows\System32\Drivers\LUsbFilt.sys [40976]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14/07/2009 - 01:00:40 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\serial.sys [94208]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [834544]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:17/02/2011 - 15:51:06 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\viahduaa.sys [2153072]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:10/03/2008 - 14:50:54 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\WlanUZAG.sys [1041920]
~ Drivers: 62 Scanned in 00mn 02s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 20/12/2014 - 20:12:46 ---A- . (...) -- C:\Users\moi\Desktop\adwcleaner_4-105_fr_430277.exe [2166272]
O61 - LFC: 20/12/2014 - 20:12:46 ---A- . (.Nicolas Coolman.) -- C:\Users\moi\Desktop\ZHPDiag2.exe [6868651] =>.Nicolas Coolman
~ 20 Fichiers temporaires (Temporary files)
~ 206 Fichiers cookies (Cookies files)
~ Files: 2 Scanned in 00mn 01s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 28/09/2012 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: C
Marsh Posté le 20-12-2014 à 15:38:28
bonjour,
cpu, ram 100% et dd qui gratte 24/24
il m'est difficile de surfer simplement, a cause de l'exploreur qui me pop 13 processus (vus dans le gestionnaire des taches)
SI je kill tous les process, j'ai bien sur plus le bureau (écran noir)
je doit attendre parfois 1 journée pour que cela se calme, puis laisser le pc 24/24 pour enfin m'en servir
il semble d'après certains que c'est Windows qu'il faut "bricoler" , et pas un virus. (qqun a eu le problème meme après format/réinstall plusieurs fois)
j'ai fait:
un nettoyage par adsfix: Contact : http://www.sosvirus.net
puis malwarebytes, puis ccleaner: j'ai une centaine de problèmes virés
j'ai pas fait:
de maj Windows facultatives
de changement particulier, genre maj driver, install program... et au contrare j'ai tout viré (enfin je crois)
sauf diablo 3, mais installé sur disque D (Windows sur C)
et à ce propos, je comprend pas que mon C: se remplis tout seul sans rien installer
(j'ai 40 gigas pour C: et depuis qq mois, toujours quasi full. par ex, après tout désinstallé et nettoyé, j'avais 9 gig libre, et là j'ai du mal à en avoir 3)
je commence comme cela pour pas compliquer...a vous lire merci
édit: e8200/8 gig ram, ce problème est relativement récent
Message édité par daltonn le 20-12-2014 à 15:45:22