Espace de mon disque dur qui se remplit sans raison

Bonsoir à tous,
Je suis nouvelle ici, j’espère avoir choisi le bon forum… sinon, je vous prie de m’excuser.
Voici mon problème.
Mon disque dur, se remplit de jour en jour…
j’ai passé Avast, Ccleaner… tout semble correct.
Pourtant, à chaque fois que je l’allume, la capacité à changer…
Jusqu’à hier, où on m’indiquait 2Go de libre sur les 195Go que représente mon C:
Je ne sais pas quoi faire…
Peut être pourriez vous m’aider ?
Merci d’avance.

:hello:

Quel est la version de Windows ?

Sinon, tu as déjà fais un nettoyage de disque et une défragmentation ?

Tu peux aussi supprimer tous les points de restauration système créer par Windows.

Bonsoir,

Je suis sous Windows 7…
J’ai fait un nettoyage de disque, defragmenter, etc…

Je pensais plus à une infection… car, ce qui se passe est vraiment très bizarre, je passe de 16Go de libre à 2Go dans la journée… en laissant juste mon PC allumé… ???

Je désespère un peu :frowning:

Je ne voulais rien dire au début, mais je pense effectivement a une voir des “cochonnerie/s”.

Fais un HijackThis et mets nous le rapport.

Je ne sais pas pourquoi, mais je sens que c’est Avast lui meme qui cause tout ça.

Merci… donc voici le rapport : j’espère que j’ai bien fait ce qu’il fallait :frowning:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:15, on 17/04/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
C:Program Files (x86)BelkinF7D4101V1PBN.exe
C:Program Files (x86)Western DigitalUSB 3.0 Host Controller DriverApplicationnusb3mon.exe
C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe
C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe
C:Program FilesAVAST SoftwareAvastAvastUI.exe
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)Trend MicroHiJackThisHiJackThis.exe

R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL = scruter.net
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = go.microsoft.com…
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = go.microsoft.com…
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = go.microsoft.com…
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = go.microsoft.com…
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = www.google.com…
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = go.microsoft.com…
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = go.microsoft.com…
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,Default_Search_URL = go.microsoft.com…
R1 - HKLMSoftwareMicrosoftInternet ExplorerSearch,Default_Search_URL = go.microsoft.com…
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKLMSoftwareMicrosoftInternet ExplorerSearch,Default_Page_URL = go.microsoft.com…
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:WindowsSysWOW64userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:Program FilesAVAST SoftwareAvastaswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O4 - HKLM…Run: [NUSB3MON] “C:Program Files (x86)Western DigitalUSB 3.0 Host Controller DriverApplicationnusb3mon.exe”
O4 - HKLM…Run: [IAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe
O4 - HKLM…Run: [AdobeCS5.5ServiceManager] “C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe” -launchedbylogin
O4 - HKLM…Run: [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
O4 - HKLM…Run: [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
O4 - HKLM…Run: [APSDaemon] “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
O4 - HKLM…Run: [QuickTime Task] “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
O4 - HKLM…Run: [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
O4 - HKLM…Run: [SunJavaUpdateSched] “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
O4 - HKCU…Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] “C:Program Files (x86)GoogleChromeApplicationchrome.exe” --no-startup-window
O4 - HKUSS-1-5-19…Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User ‘SERVICE LOCAL’)
O4 - HKUSS-1-5-19…RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User ‘SERVICE LOCAL’)
O4 - HKUSS-1-5-20…Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User ‘SERVICE RÉSEAU’)
O4 - HKUSS-1-5-20…RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User ‘SERVICE RÉSEAU’)
O4 - HKUSS-1-5-21-1512062048-473663673-1420936699-1006…Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User ‘UpdatusUser’)
O4 - HKUSS-1-5-21-1512062048-473663673-1420936699-1006…RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User ‘UpdatusUser’)
O4 - Global Startup: Play Wireless USB Adapter Utility.lnk = C:Program Files (x86)BelkinF7D4101V1PBN.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:Windowssystem32GPhotos.scr…
O8 - Extra context menu item: Google Sidewiki… - C:Program… Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: @C:Program Files (x86)Windows LiveCompanioncompanionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:Program Files (x86)Windows LiveCompanioncompanioncore.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll
O9 - Extra ‘Tools’ menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll
O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - copainsdavant.linternaute.com…
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - fichiers.touslesdrivers.com…
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - platformdl.adobe.com…
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
O23 - Service: @%SystemRoot%system32aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:Program FilesSamsungAllShare Framework DMS1.3.21AllShareFrameworkManagerDMS.exe
O23 - Service: @%systemroot%system32appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32appinfo.dll,-100 (Appinfo) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:Program Files (x86)Bluetooth Suiteadminservice.exe
O23 - Service: @%SystemRoot%system32audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:Program FilesAVAST SoftwareAvastAvastSvc.exe
O23 - Service: @%SystemRoot%system32AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32bdesvc.dll,-100 (BDESVC) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32bfe.dll,-1001 (BFE) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32qmgr.dll,-1000 (BITS) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:Program Files (x86)BonjourmDNSResponder.exe
O23 - Service: @%systemroot%system32browser.dll,-100 (Browser) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32bthserv.dll,-101 (bthserv) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%System32certprop.dll,-11 (CertPropSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32defragsvc.dll,-101 (defragsvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%System32dnsapi.dll,-101 (Dnscache) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32dps.dll,-500 (DPS) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%systemroot%system32eapsvc.dll,-1 (EapHost) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WindowsSystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%ehomeehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:WindowsehomeehRecvr.exe
O23 - Service: @%SystemRoot%ehomeehsched.exe,-101 (ehSched) - Unknown owner - C:Windowsehomeehsched.exe
O23 - Service: @%SystemRoot%system32wevtsvc.dll,-200 (eventlog) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:Windowssystem32fxssvc.exe (file missing)
O23 - Service: @%systemroot%system32fdPHost.dll,-100 (fdPHost) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32fdrespub.dll,-100 (FDResPub) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32FntCache.dll,-100 (FontCache) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: @%SystemRoot%System32hidserv.dll,-101 (hidserv) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: @%SystemRoot%system32ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:Windowssystem32IEEtwCollector.exe (file missing)
O23 - Service: @%SystemRoot%system32ikeext.dll,-501 (IKEEXT) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%systemroot%system32srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32lltdres.dll,-1 (lltdsvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:Program Files (x86)ma-config.commaconfservice.exe
O23 - Service: @%systemroot%system32mmcss.dll,-100 (MMCSS) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: @%SystemRoot%system32iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32msimsg.dll,-27 (msiserver) - Unknown owner - C:Windowssystem32msiexec.exe
O23 - Service: @%SystemRoot%system32qagentrt.dll,-6 (napagent) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32netman.dll,-109 (Netman) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32netprofm.dll,-202 (netprofm) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32nsisvc.dll,-200 (nsi) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:Windowssystem32nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
O23 - Service: @%SystemRoot%system32pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%sysWow64perfhost.exe,-2 (PerfHost) - Unknown owner - C:WindowsSysWow64perfhost.exe
O23 - Service: @%systemroot%system32pla.dll,-500 (pla) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe
O23 - Service: @%SystemRoot%system32pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32umpo.dll,-100 (Power) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32profsvc.dll,-300 (ProfSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:Program Files (x86)Common FilesProtexisLicense ServicePsiService_2.exe
O23 - Service: @%SystemRoot%system32qwave.dll,-1 (QWAVE) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%Systemroot%system32rasauto.dll,-200 (RasAuto) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%Systemroot%system32rasmans.dll,-200 (RasMan) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%windir%system32RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:Program FilesSamsungSamsung LinkSamsung Link.exe
O23 - Service: @%SystemRoot%System32SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32schedsvc.dll,-100 (Schedule) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%System32certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32seclogon.dll,-7001 (seclogon) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32Sens.dll,-200 (SENS) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%System32sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%System32SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:Windowssystem32sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
O23 - Service: @%SystemRoot%system32wiaservc.dll,-9 (stisvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
O23 - Service: @%SystemRoot%System32swprv.dll,-103 (swprv) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32sysmain.dll,-1000 (SysMain) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32tbssvc.dll,-100 (TBS) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32termsrv.dll,-268 (TermService) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32themeservice.dll,-8192 (Themes) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%systemroot%system32mmcss.dll,-102 (THREADORDER) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32trkwks.dll,-1 (TrkWks) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%servicingTrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:WindowsservicingTrustedInstaller.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%systemroot%system32upnphost.dll,-213 (upnphost) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32dwm.exe,-2000 (UxSms) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: @%SystemRoot%system32w32time.dll,-200 (W32Time) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:Windowssystem32WatWatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing)
O23 - Service: @%systemroot%system32wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%systemroot%system32wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%systemroot%system32wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%systemroot%system32webclnt.dll,-100 (WebClient) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%System32wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%System32wersvc.dll,-100 (WerSvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%ProgramFiles%Windows DefenderMsMpRes.dll,-103 (WinDefend) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%SystemRoot%system32winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%Systemroot%system32wbemwmisvc.dll,-205 (Winmgmt) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%Systemroot%system32wsmsvc.dll,-101 (WinRM) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: Belkin WLAN service (WLANBelkinService) - Unknown owner - C:Program Files (x86)BelkinF7D4101V1wlansrv.exe
O23 - Service: @%SystemRoot%System32wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%system32wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%System32wscsvc.dll,-200 (wscsvc) - Unknown owner - C:WindowsSystem32svchost.exe
O23 - Service: @%systemroot%system32SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:Windowssystem32SearchIndexer.exe
O23 - Service: @%systemroot%system32wuaueng.dll,-105 (wuauserv) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%system32wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:Windowssystem32svchost.exe
O23 - Service: @%SystemRoot%System32wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:Windowssystem32svchost.exe


End of file - 26588 bytes

Bon, bah vas pour ça alors :jap:

Faut dire que j’y connais quedalle dans ces logiciels et que je ne suis pas capable d’interpréter ces données :ane:

ah d’accord… pourquoi me le faire faire alors ?
:etonne2:


[quote="Compte supprimé"] hijackthis est dépassé, aujourd'hui c'est ZHPdiag ou OTL [/quote]

Donc voici le rapport ZHPdiag :

~ Rapport de ZHPDiag v2014.4.17.28 - Nicolas Coolman (17/04/2014)
~ Lancé par Admin (17/04/2014 20:27:23)
~ Adresse du Site Web nicolascoolman.webs.com…
~ Forums gratuits d’Assistance à la désinfection : nicolascoolman.webs.com…
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user

—\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16659
GCIE: Google Chrome v34.0.1847.116

—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows® 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : 3FVK2
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ Logiciels de protection du système
avast! Free Antivirus v9.0.2011
Windows Defender W7

—\ Logiciels d’optimisation du système
CCleaner v4.12 =>.Piriform Ltd

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 51

—\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8172 MB (70% free)
System Restore: Activé (Enable)
System drive C: has 2 GB (0%) free of 195 GB

—\ Mode de connexion au système
~ Computer Name: ADMIN-PC
~ User Name: Admin
~ All Users Names: UpdatusUser, HomeGroupUser$, ASPNET, Administrateur, Admin, 723FFAEE9E604979BAC8,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:UsersAdminAppDataRoamingZHP
~ %AppData% : C:UsersAdminAppDataRoaming
~ %Desktop% : F:UsersAdminDesktop
~ %Favorites% : F:UsersAdminFavorites
~ %LocalAppData% : C:UsersAdminAppDataLocal
~ %StartMenu% : C:UsersAdminAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 2 Go of 195 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Free 4 Go of 7 Go)
F: Hard drive, Flash drive, Thumb drive (Free 90 Go of 736 Go)
H: Hard drive, Flash drive, Thumb drive (Free 22 Go of 298 Go)

—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) – C:WindowsExplorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) – C:WindowsSystem32Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) – C:WindowsSystem32wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d?ouverture de session Windows.) (.21/11/2010 - 04:24:29.) – C:WindowsSystem32Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) – C:WindowsSystem32sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) – C:Windowssystem32DriversAFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) – C:Windowssystem32Driversatapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) – C:Windowssystem32DriversCdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) – C:Windowssystem32DriversCdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) – C:Windowssystem32DriversDfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) – C:Windowssystem32DriversHDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) – C:Windowssystem32Driversi8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) – C:Windowssystem32DriversIpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) – C:Windowssystem32DriversMRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) – C:Windowssystem32DriversnetBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) – C:Windowssystem32Driversntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) – C:Windowssystem32DriversParport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) – C:Windowssystem32DriversRasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) – C:Windowssystem32Driverssmb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) – C:Windowssystem32Driverstdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) – C:Windowssystem32Driversvolsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 6/18347
~ Mes musiques (My Musics) : 97/182
~ Mes Videos (My Videos) : 21/16417
~ Mes Favoris (My Favorites) : 1/171
~ Mes Documents (My Documents) : 1/9014
~ Mon Bureau (My Desktop) : 1/55
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 00s

—\ Processus lancés
[MD5.4F46EA70C7579052F764D0F9B81D23C2] - (.NVIDIA Corporation - NVIDIA Update Backend.) – C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe [1797064] [PID.2080]
[MD5.75338E8E254069D4EA019675C07DDE67] - (.Pas de propriétaire - VistaBroadcomPBN Module.) – C:Program Files (x86)BelkinF7D4101V1PBN.exe [110592] [PID.2092]
[MD5.087A06DB98D0E84C0DE90EE308707E63] - (.NEC Electronics Corporation - USB 3.0 Monitor.) – C:Program Files (x86)Western DigitalUSB 3.0 Host Controller DriverApplicationnusb3mon.exe [106496] [PID.1348]
[MD5.4A73AB8412D3AA6CFAD24051FF9DBFA7] - (.Intel Corporation - IAStorIcon.) – C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe [283160] [PID.3544]
[MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) – C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [958576] [PID.4476]
[MD5.AFEBF9E0B223FF04709F747C172D3540] - (.AVAST Software - avast! Antivirus.) – C:Program FilesAVAST SoftwareAvastAvastUI.exe [3764024] [PID.4576]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java™ Update Scheduler.) – C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [254336] [PID.4592]
[MD5.738CB65FF16ED1F23C585EFFDE41AE5C] - (.Nicolas Coolman - ZHPDiag.) – C:Program Files (x86)ZHPDiagZHPDiag.exe [8215040] [PID.7544]
[MD5.CDA9313E34887A111B8309B55BCDCD82] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [411936] [PID.900]
[MD5.D74884939D53612FD84AC82C59CCFE27] - (.AVAST Software - avast! Service.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344] [PID.1388]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [65640] [PID.1492]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe [37664] [PID.2152]
[MD5.8E4EB311788939F8FCB4209C4CF35509] - (.Samsung - AllShareFrameworkDMS.) – C:Program FilesSamsungAllShare Framework DMS1.3.21AllShareFrameworkDMS.exe [755080] [PID.2228]
[MD5.1C87705CCB2F60172B0FC86B5D82F00D] - (.Apple Inc. - Bonjour Service.) – C:Program Files (x86)BonjourmDNSResponder.exe [387944] [PID.2268]
[MD5.205E1B699FD3F2F9B036EEA2EC30C620] - (…) – C:WindowsSysWOW64PnkBstrA.exe [76888] [PID.2588]
[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) – C:Program Files (x86)Common FilesProtexisLicense ServicePsiService_2.exe [189728] [PID.2636]
[MD5.0F695800783C3F9E577B94BF1E71D95A] - (…) – C:Program Files (x86)BelkinF7D4101V1wlansrv.exe [36864] [PID.2880]
[MD5.8FFF9083252C16FE3960173722605E9E] - (.Intel Corporation - IAStorDataSvc.) – C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [13336] [PID.5952]
[MD5.3F2800AD31A64853AE0A0389AA8CFB6E] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe [1364256] [PID.6060]
~ Processes Running: Scanned in 00mn 00s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersAdminAppDataLocalGoogleChromeUser DataDefaultPreferences
G2 - GCE: Preference [User DataDefault] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User DataDefault] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User DataDefault] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)

—\ Liste des dossiers d’extension Google Chrome

~ Google Lines Browser: 11 Legitimates Filtered in 00mn 00s

—\ Internet Explorer, Proxy Management (R5)
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 - REG:system.ini: Shell=C:Windowsexplorer.exe
F2 - REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) – C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) – C:Program FilesAVAST SoftwareAvastaswWebRepIE64.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) – C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll =>Toolbar.Google
O3 - ToolbarWebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 - GSDesktop [Public]: ALDI Service Photo.lnk . (…) – F:ALDI Service PhotoALDI Service Photo.exe
O4 - GSDesktop [Public]: CrazyTalk Animator PRO.lnk . (.Reallusion Inc. - CrazyTalk Animator.) – C:Program Files (x86)ReallusionCrazyTalk AnimatorCTApp.exe
O4 - GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) – C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 - GSDesktop [Public]: MAGIX Vidéo easy SOS Cassettes vidéo 4.lnk . (.MAGIX AG - Video Easy RYVT Edition 4.) – C:Program Files (x86)MAGIXVidéo_easy_SOS_Cassettes_vidéo_4VideoEasy.exe
O4 - GSDesktop [Public]: ProShow Producer.lnk . (.Photodex - ProShow.) – C:Program Files (x86)PhotodexProShowProducerproshow.exe
O4 - GSQuickLaunch [Admin]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) – C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 - GSQuickLaunch [Admin]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) – C:Program FilesInternet Exploreriexplore.exe
O4 - GSQuickLaunch [Admin]: ProShow Producer.lnk . (.Photodex - ProShow.) – C:Program Files (x86)PhotodexProShowProducerproshow.exe
O4 - GSTaskBar [Admin]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) – C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 - GSTaskBar [Admin]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) – C:Program FilesInternet Exploreriexplore.exe
O4 - GSTaskBar [Admin]: Lanceur d’applications Google Chrome.lnk . (.Google Inc. - Google Chrome.) – C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 - GSProgram [Admin]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) – C:Program Files (x86)Internet Exploreriexplore.exe
O4 - GSSystemTools [Admin]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) – C:Program Files (x86)Internet Exploreriexplore.exe
O4 - GSDesktop [Admin]: AD-R.lnk . (…) – C:Program Files (x86)Ad-Removermain.exe (.not file.)
~ Global Startup: 81 Legitimates Filtered in 00mn 00s

—\ Applications lancées au démarrage du système (O4)
O4 - GSStartup [Public]: Play Wireless USB Adapter Utility.lnk . (…) – C:Program Files (x86)BelkinF7D4101V1PBN.exe
O4 - HKLM…Run: [AtherosBtStack] . (.Atheros Communications - Serveur Stack Bluetooth.) – C:Program Files (x86)Bluetooth SuiteBtvStack.exe
O4 - HKLM…Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) – C:Program Files (x86)Bluetooth SuiteAthBtTray.exe
O4 - HKLM…Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) – C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM…Run: [Samsung Link] . (.Copyright 2013 SAMSUNG - Samsung Link Tray Agent.) – C:Program FilesSamsungSamsung LinkSamsung Link Tray Agent.exe
O4 - HKLM…Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Update Backend.) – C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe
O4 - HKCU…Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] . (.Google Inc. - Google Chrome.) – C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 - HKLM…Wow6432NodeRun: [NUSB3MON] . (.NEC Electronics Corporation - USB 3.0 Monitor.) – C:Program Files (x86)Western DigitalUSB 3.0 Host Controller DriverApplicationnusb3mon.exe
O4 - HKLM…Wow6432NodeRun: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) – C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe
O4 - HKLM…Wow6432NodeRun: [AdobeCS5.5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5.5 Service Manager.) – C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe
O4 - HKLM…Wow6432NodeRun: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
O4 - HKLM…Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) – C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM…Wow6432NodeRun: [APSDaemon] . (.Apple Inc. - Apple Push.) – C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
O4 - HKLM…Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) – C:Program Files (x86)QuickTimeQTTask.exe
O4 - HKLM…Wow6432NodeRun: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) – C:Program FilesAVAST SoftwareAvastAvastUI.exe
O4 - HKLM…Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation - Java™ Update Scheduler.) – C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
O4 - HKUSS-1-5-19…Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) – C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 - HKUSS-1-5-20…Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) – C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 - HKUSS-1-5-19…RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 - HKUSS-1-5-20…RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 - HKUSS-1-5-21-1512062048-473663673-1420936699-1000…Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] . (.Google Inc. - Google Chrome.) – C:Program Files (x86)GoogleChromeApplicationchrome.exe
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} – Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 - HKLMSystemCCSServicesTcpip…{1F8A1110-1586-457B-881A-7EA6270ED1C0}: DhcpNameServer = 192.168.1.254
O17 - HKLMSystemCCSServicesTcpip…{EB23A41E-7612-42C1-AABB-D64E5C147C1C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLMSystemCS1ServicesTcpip…{1F8A1110-1586-457B-881A-7EA6270ED1C0}: DhcpNameServer = 192.168.1.254
O17 - HKLMSystemCS1ServicesTcpip…{EB23A41E-7612-42C1-AABB-D64E5C147C1C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLMSystemCS2ServicesTcpip…{1F8A1110-1586-457B-881A-7EA6270ED1C0}: DhcpNameServer = 192.168.1.254
O17 - HKLMSystemCS2ServicesTcpip…{EB23A41E-7612-42C1-AABB-D64E5C147C1C}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) –
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Belkin WLAN service (WLANBelkinService) . (…) - C:Program Files (x86)BelkinF7D4101V1wlansrv.exe
~ Services: 15 Legitimates Filtered in 00mn 02s

—\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:WindowsTasksAd-Aware Antivirus Scheduled Scan.job [1084]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (…) – C:Program Files (x86)AD-AWA~1AdAwareLauncher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (…) – C:Program Files (x86)LavasoftAd-AwareAd-AwareAdmin.exe (.not file.) [0]
[MD5.C726150BB8482706E9306AD365258326] [APT] [Red Giant Link] (…) – C:Program Files (x86)Red Giant LinkCommonRed Giant Link.exe [116736]
[MD5.DDE2DF65144DA58B03EC6182F0FA4B30] [APT] [{2EAADE67-A8F5-4A0B-BF18-32EE8A333C5B}] (…) – C:Program Files (x86)DVD Shrinkunins000.exe [80376]
[MD5.C6685D5A256DF7C2E9AE62993C21501A] [APT] [{43EFA90D-3A9F-4890-9CC6-CBB6169138F9}] (…) – C:Program Files (x86)PhotodexProShowProducerremove.exe [116040]
[MD5.00000000000000000000000000000000] [APT] [{5BC13D51-8CC0-438D-A14A-54178A1A4E0C}] (…) – D:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{74A0A01E-2CF4-4C34-8311-44190B058D6C}] (…) – C:UsersAdminAppDataLocalTempTemp2_BluffTitler_DX9_7.6.5-mediabladi.com-cromax.zipBluffTitler DX9 7.6.5-mediabladi.com-cromaxBluffTitler DX9 7.6.5BluffTitlerSetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F5581042-F1A9-4D6D-9413-30745C18BC99}] (…) – F:UsersAdminDownloadsAdobeAIRInstaller.exe (.not file.) [0]
~ Scheduled Task: 24 Legitimates Filtered in 00mn 01s

—\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (hqpxwygy) . (. - .) - C:Windowssystem32drivershqpxwygy.sys (.not file.)
~ Drivers: 84 Legitimates Filtered in 00mn 00s

—\ Logiciels installés (O42)
O42 - Logiciel: HitFilm 2 Ultimate - (.FXhome.) [HKLM][64Bits] – {CC428850-E9FC-4C86-9ADB-CF3086C6BF50}
O42 - Logiciel: ShaderTFX version 1.1 - (…) [HKLM][64Bits] – ShaderTFX_is1
~ Logic: 23 Legitimates Filtered in 00mn 00s

—\ HKCU & HKLM Software Keys
[HKCUSoftwareArtichoke]
[HKCUSoftwareFlute]
[HKCUSoftwarePowerCDGPlayer]
[HKCUSoftwareSavevid] =>Adware.Bandoo
[HKCUSoftwareSingular Inversions]
[HKCUSoftwareVASST]
[HKCUSoftwareinVIBES]
[HKLMSoftwareVASST]
[HKLMSoftwareWow6432NodeIncrediMail]
[HKLMSoftwareWow6432NodeShortcut_Module]
[HKLMSoftwareWow6432NodeVASST]
[HKLMSoftwareWow6432Nodeeasyslideshowmaker]
~ Key Software: 454 Legitimates Filtered in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/12/2011 - 20:32:07 - [0,002] ----D C:ProgramDataclp
O43 - CFD: 03/12/2011 - 21:29:48 - [0,012] ----D C:UsersAdminAppDataRoaming3D-Album
O43 - CFD: 29/07/2013 - 21:12:24 - [0] ----D C:UsersAdminAppDataRoamingmain
O43 - CFD: 10/12/2011 - 15:13:27 - [0,103] ----D C:UsersAdminAppDataRoamingmyTV
O43 - CFD: 03/12/2011 - 21:28:26 - [0,007] ----D C:UsersAdminAppDataRoamingvisviva
O43 - CFD: 29/07/2011 - 19:47:35 - [0] ----D C:UsersAdminAppDataLocalAuthor_Gary_Mincy
O43 - CFD: 17/03/2013 - 17:14:25 - [0,003] ----D C:UsersAdminAppDataLocalLocalStorage
O43 - CFD: 04/05/2011 - 20:54:46 - [1,331] ----D C:UsersAdminAppDataLocalLphant
O43 - CFD: 17/08/2011 - 17:53:50 - [0,001] --H-D C:UsersAdminAppDataLocalPyodjwIqvlV7M
~ 1 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 315 Legitimates Filtered in 00mn 01s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B7204F409A25B988F580B72FFD1F2C91] - 08/04/2014 - 19:24:29 —A- . (…) – C:Shortcut_Module_08_04_2014_20_24_29.txt [40393]
O44 - LFC:[MD5.AF26B87815F3CDCB1A821A2F1CB78402] - 16/04/2014 - 21:46:14 —A- . (…) – C:Shortcut_Module_16_04_2014_22_46_14.txt [18567]
~ Files: 42 Legitimates Filtered in 00mn 00s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.83E6A2F89ADAF6C643E3D7B527C22916] - 17/04/2014 - 14:31:28 —A- - C:WindowsPrefetchTREESIZEFREE.EXE-CBDF8646.pf
O45 - LFCP:[MD5.1252DDFB25082DF57F02C6ECA3EC48F8] - 17/04/2014 - 15:45:20 —A- - C:WindowsPrefetchNVBACKEND.EXE-00368064.pf
O45 - LFCP:[MD5.A4DD13D86C3A77D6CBC0193B03D8FFF9] - 17/04/2014 - 16:41:22 —A- - C:WindowsPrefetchNACL64.EXE-14986499.pf
O45 - LFCP:[MD5.554DEA6B8C322030D2FCBE4E9BCD1BA9] - 17/04/2014 - 18:53:12 —A- - C:WindowsPrefetchINSTUP.EXE-7E543EAF.pf
~ Prefetcher: 4 Legitimates Filtered in 00mn 00s

—\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{6d20275d-6062-11e0-bc27-0026831392e0}AutoRuncommand. (…) – E:LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s

—\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM…startupregCANAL+ CANALSAT A LA DEMANDE [Key] . (…) – C:Program Files (x86)Canal+CANAL+ CANALSAT A LA DEMANDELauncher.exe (.not file.)
~ SMSR Keys: 3 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM…PoliciesSystem] - “EnableLUA”=0
O55 - MWPS:[HKLM…PoliciesSystem] - “EnableUIADesktopToggle”=0
O55 - MWPS:[HKLM…PoliciesSystem] - “PromptOnSecureDesktop”=0
O55 - MWPS:[HKLM…PoliciesSystem] - “FilterAdministratorToken”=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM…policiesExplorer] - “NoActiveDesktopChanges”=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 18/12/2013 - 17:33:01 —A- . (…) – C:WindowsSystem32DriversaswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 18/12/2013 - 17:33:01 —A- . (…) – C:WindowsSystem32DriversaswVmm.sys [207904]
O58 - SDL:[MD5.4ECC791539F23982411864037D1AC8FC] - 27/10/2010 - 14:50:28 —A- . (.Windows ® Win 7 DDK provider - BulkUsb Driver.) – C:WindowsSystem32DriversAthDfu.sys [55336]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 —A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) – C:WindowsSystem32Driverselxstor.sys [530496]
O58 - SDL:[MD5.C669DE449D5D399037EF9FF77C03C23C] - 01/09/2009 - 14:31:42 —A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) – C:WindowsSystem32DriversemBDA64.sys [649984]
O58 - SDL:[MD5.46C0FB27F28531D9D19573FD97EBCF90] - 02/09/2009 - 10:29:06 —A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) – C:WindowsSystem32DriversemOEM64.sys [626688]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 —A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) – C:WindowsSystem32Drivershcw85cir.sys [31232]
O58 - SDL:[MD5.2AE002A2C43547C30A0208E2BE76155C] - 30/09/2010 - 12:55:26 —A- . (.Pas de propriétaire - iLok Kernel Driver.) – C:WindowsSystem32DriversiLokDrvr.sys [25720]
O58 - SDL:[MD5.E428DFFA96FAD07D8CA3C9082563A225] - 20/08/2013 - 06:02:12 —A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) – C:WindowsSystem32Driversssudbus.sys [103576]
O58 - SDL:[MD5.AAF6F247F1DC370C593B4430974EAD9C] - 20/08/2013 - 06:02:12 —A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) – C:WindowsSystem32Driversssudmdm.sys [204568]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 —A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) – C:WindowsSystem32Driversstexstor.sys [24656]
O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 13:30:14 —A- . (…) – C:WindowsSysWOW64driversASUSHWIO.SYS [10296]
~ Drivers: 18 Legitimates Filtered in 00mn 00s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 17/04/2014 - 20:27:36 —A- . (…) – C:UsersAdminAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [299896]
O61 - LFC: 17/04/2014 - 20:27:36 —A- . (…) – C:UsersAdminAppDataLocalGoogleChromeUser DataLocal State [68313]
O61 - LFC: 17/04/2014 - 20:27:36 —A- . (…) – C:UsersAdminAppDataLocalGoogleChromeUser Datachrome_shutdown_ms.txt [4]
O61 - LFC: 17/04/2014 - 20:27:36 —A- . (…) – C:UsersAdminAppDataLocalGoogleChromeUser Datanacl_validation_cache.bin [128]
~ Files: 88 Legitimates Filtered in 00mn 20s

—\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] – ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] – {45A66726-69BC-466B-A7A4-12FCBA4883D7}
~ ADS: Scanned in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM…ShellopenCommand] (.Google Inc. - Google Chrome.) – C:Program Files (x86)GoogleChromeApplicationchrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM…ShellopenCommand] (.Microsoft Corporation - Internet Explorer.) – C:Program Files (x86)Internet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - search.live.com…
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - www.bing.com…
O69 - SBI: SearchScopes [HKCU] {28D3F4DB-0B9F-4DE0-8C27-C792A0D39588} - (http://www.google.com) - www.google.com…
O69 - SBI: SearchScopes [HKCU] {EF46CBD1-CCE6-47AF-A644-50FB21D35F78} - (Google) - www.google.com…
~ Keys: Scanned in 00mn 00s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.BB8609A761B33D2EB677C8267CD663C9] [SPRF][15/03/2012] (…) – C:ProgramDataD7000E42DC.sys [168]
[MD5.2F615ABD63B9AC7156C4FEE6D773F21C] [SPRF][15/03/2012] (…) – C:ProgramDataKGyGaAvL.sys [7520]
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF][19/08/2011] (…) – C:UsersAdminAppDataRoaminginst.exe [99384]
~ Files: 8 Legitimates Filtered in 00mn 00s

—\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: “TCP Query User{D87B328D-71B2-4FC9-9148-C5B0ACA80530}F:usersadmindocumentslphantelephantclient.exe” | In - Private - P6 - TRUE | .(.www.lphant.com - lphant Client.) – F:usersadmindocumentslphantelephantclient.exe
O87 - FAEL: “UDP Query User{94C23F11-1843-4C74-903E-8C968108E285}F:usersadmindocumentslphantelephantclient.exe” | In - Private - P17 - TRUE | .(.www.lphant.com - lphant Client.) – F:usersadmindocumentslphantelephantclient.exe
O87 - FAEL: “TCP Query User{B27EFC53-18AA-4144-A650-BBC53C625327}F:usersadmindocumentslphantelephantclient.exe” | In - Public - P6 - TRUE | .(.www.lphant.com - lphant Client.) – F:usersadmindocumentslphantelephantclient.exe
O87 - FAEL: “UDP Query User{485AD869-47D3-4174-8814-D8B68AAB881A}F:usersadmindocumentslphantelephantclient.exe” | In - Public - P17 - TRUE | .(.www.lphant.com - lphant Client.) – F:usersadmindocumentslphantelephantclient.exe
~ Firewall: 283 Legitimates Filtered in 00mn 01s

—\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: “058824CCCF9E68C4A9BDFC03686CFB05” . (.HitFilm 2 Ultimate.) – C:WindowsInstaller{CC428850-E9FC-4C86-9ADB-CF3086C6BF50}Uninstall.ico
O90 - PUC: “5AFB34BFE8804B9459CEE7F3246BD0D6” . (.MetaSync.) – C:WindowsInstaller{FB43BFA5-088E-49B4-95EC-7E3F42B60D6D}ARPPRODUCTICON.exe
~ Update Products: 150 Legitimates Filtered in 00mn 00s

—\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.0FC285C5FA92875AFBEFE3BD92E0C591] [WIS][16/04/2014] (.FXhome - HitFilm 2 Ultimate Installer.) – C:WindowsInstaller8f0d3f.msi [165195776]
~ WIS: 156 Legitimates Filtered in 00mn 20s

—\ Recherche de clés de registre Tracing (O100)
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarInstaller_en32_signed_RASAPI32 =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarInstaller_en32_signed_RASMANCS =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarNotifier_RASMANCS =>Toolbar.Google
~ BTK: 527 Legitimates Filtered in 00mn 00s

—\ Recherche de clés de registre CLSID (O101)
[HKCRCLSID{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCRCLSID{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4364 Legitimates Filtered in 00mn 02s

—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 09/04/2011 136176 | (gupdate) . (.Google Inc…) - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS - | Demand 09/04/2011 136176 | (gupdatem) . (.Google Inc…) - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS - | Demand 27/08/2012 194032 | (gusvc) . (.Google.) - C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
SS - | Demand 10/03/2011 311744 | (maconfservice) . (.CybelSoft.) - C:Program Files (x86)ma-config.commaconfservice.exe
SS - | Demand 25/02/2014 568512 | (Steam Client Service) . (.Valve Corporation.) - C:Program Files (x86)Common FilesSteamSteamService.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe

SR - | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
SR - | Auto 11/10/2013 404360 | (AllShare Framework DMS) . (.Samsung.) - C:Program FilesSamsungAllShare Framework DMS1.3.21AllShareFrameworkManagerDMS.exe
SR - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc…) - C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
SR - | Auto 27/10/2010 52896 | (AtherosSvc) . (.Atheros Commnucations.) - C:Program Files (x86)Bluetooth Suiteadminservice.exe
SR - | Auto 18/12/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:Program FilesAVAST SoftwareAvastAvastSvc.exe
SR - | Auto 12/07/2011 387944 | (Bonjour Service) . (.Apple Inc…) - C:Program Files (x86)BonjourmDNSResponder.exe
SR - | Auto 05/11/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe
SR - | Auto 04/03/2014 922968 | (NVSvc) . (.NVIDIA Corporation.) - C:Windowssystem32nvvsvc.exe
SR - | Auto 17/09/2013 1364256 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
SR - | Auto 10/07/1658 0 | (PnkBstrA) . (…) - C:Windowssystem32PnkBstrA.exe
SR - | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc…) - C:Program Files (x86)Common FilesProtexisLicense ServicePsiService_2.exe
SR - | Auto 30/10/2013 605768 | (Samsung Link Service) . (.Copyright 2013 SAMSUNG.) - C:Program FilesSamsungSamsung LinkSamsung Link.exe
SR - | Auto 04/03/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
SR - | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:WindowsSystem32svchost.exe
SR - | Auto 28/12/2009 36864 | (WLANBelkinService) . (…) - C:Program Files (x86)BelkinF7D4101V1wlansrv.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) - C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:WindowsSystem32svchost.exe

~ Services: Scanned in 00mn 03s

—\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
Run by Admin at 17/04/2014 20:28:47
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s

—\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, ad13.geekstog…
Run by Admin at 17/04/2014 20:28:49

********* Dump file Name *********
C:PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s

—\ Scan Additionnel (O88)
Database Version : 13044 - (17/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 3

[HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCUSoftwareSavevid] =>Adware.Bandoo^
[HKCRCLSID{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCRCLSID{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
~ Additionnel Scan: 419697 Items scanned in 00mn 12s

—\ Récapitulatif des détections trouvées sur votre station
nicolascoolman.webs.com… =>Adware.Bandoo
~ MSI: 1 link(s) detected in 00mn 00s

~ 1610 Legitimates filtered by white list
End of the scan (539 lines in 01mn 39s)(0)

Pour que d’autres le voient et l’interprètent ^^
Edité le 17/04/2014 à 20:32

Merci :slight_smile:

Voila :jap:

Je ne donne jamais de conseils dans le vent :o

Sinon, “je passe de 16Go de libre à 2Go dans la journée”. Tu fais quoi pour récupérer les 14 go ?

Désolée, je ne voulais pas te vexer…
et bien pour te répondre au niveau du changement de ma capacité… je ne fais rien justement, c’est ça qui est bizarre :frowning:


[quote="Compte supprimé"] adware bandoo, c'est un malware. désinstalles le et passes un coup de malwarebytes, gmer, tdsskiller, adwcleaner
si ton disque dur se remplit, possible que ton pc soit infecté et qu'il serve de machine zombie avec hébergement de fichiers illégaux..... pas très bon..... :peur: [/quote]

Euh… pourrais tu me dire où as tu vu que j’avais “adware bandoo” stp ?

et malheureusement j’ai essayé adwcleaner et malwarebytes, ça ne change rien… :frowning: je vais essayer les autres que tu me proposes…

— Récapitulatif des détections trouvées sur votre station
nicolascoolman.webs.com… =>Adware.Bandoo
~ MSI: 1 link(s) detected in 00mn 00s

ah… d’accord. merci :slight_smile: