plein de pub intempestives!!!
Modérateur: Modérateurs
Règles du forum
Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
Un topic par machine, chacun crée le sien. 
Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles). Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications). Un topic par machine, chacun crée le sien.
21 messages
• Page 1 sur 2 • 1, 2
plein de pub intempestives!!!
par vieillechouette » 23 Juil 2011 15:52
bonjour, sur mon netbook, j'ai des pubs qui arrivent en pagaille!!! Merci de m'aider à résoudre ce problème.
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par nardino » 23 Juil 2011 18:17
Bonjour
Pour faire un premier diagnostic, applique les deux propositions ci-dessous.
1-
Télécharge et installe Malwarebytes Anti-Malware de RubbeR DuckY
Double-clique sur le fichier mbam-setup-1.50.exe (sous Vista et 7 autorise les modifications)
A la fin de l'installation, veille à ce que les options suivantes soient cochées
Clique sur Terminer
Une fenêtre Mise à jour de Malwarebytes' Anti-Malware va s'ouvrir avec une barre de progression.
Puis une autre annonçant le succès de la mise à jour de la base de données. Clique sur OK.
Le programme s'ouvre sur l'onglet Recherche.
Coche
Exécuter un examen rapide, clique sur le bouton 
A la fin du scan, sélectionne tout et clique sur Supprimer la sélection
Poste le rapport qui s'ouvre après cette suppression.
Redémarre le pc si cela est demandé
Tu peux retrouver le rapport dans l'onglet Rapports/Logs avec la date et l'heure d'exécution.
2- Télécharge ZHPDiag de Nicolas Coolman sur ton bureau.
Explication en images
Si besoin est, nous ferons appel à d'autres outils.
@+
Pour faire un premier diagnostic, applique les deux propositions ci-dessous.
1-
Télécharge et installe Malwarebytes Anti-Malware de RubbeR DuckY Double-clique sur le fichier mbam-setup-1.50.exe (sous Vista et 7 autorise les modifications)A la fin de l'installation, veille à ce que les options suivantes soient cochées
- -Mettre à jour Malwarebytes' Anti-Malware
-Exécuter Malwarebytes' Anti-Malware
Clique sur TerminerUne fenêtre Mise à jour de Malwarebytes' Anti-Malware va s'ouvrir avec une barre de progression.
Puis une autre annonçant le succès de la mise à jour de la base de données. Clique sur OK.
Le programme s'ouvre sur l'onglet Recherche.
Coche
Exécuter un examen rapide, clique sur le bouton A la fin du scan, sélectionne tout et clique sur Supprimer la sélection Poste le rapport qui s'ouvre après cette suppression.Redémarre le pc si cela est demandé
Tu peux retrouver le rapport dans l'onglet Rapports/Logs avec la date et l'heure d'exécution.
2-
Télécharge ZHPDiag de Nicolas Coolman sur ton bureau.Explication en images
Si besoin est, nous ferons appel à d'autres outils.
@+
-
nardino - Super Libellulien
- Messages: 1100
- Inscription: 03 Avr 2009 22:02
Re: plein de pub intempestives!!!
par vieillechouette » 23 Juil 2011 19:45
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Version de la base de données: 7253
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
23/07/2011 20:43:50
mbam-log-2011-07-23 (20-43-50).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 153354
Temps écoulé: 8 minute(s), 27 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
c:\program files\PCTuto\pctutobho.dll (Trojan.Eorezo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E2ED56B6-35FC-4484-9530-EC87FB458E78} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\PCTutoBHO.PCTBHO.1 (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\PCTutoBHO.PCTBHO (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\program files\PCTuto\pctutobho.dll (Trojan.Eorezo) -> Delete on reboot.
c:\Users\rené\AppData\Local\Temp\is-65VAQ.tmp\PCTuto\inst.exe (Adware.Agent) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 7253
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
23/07/2011 20:43:50
mbam-log-2011-07-23 (20-43-50).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 153354
Temps écoulé: 8 minute(s), 27 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
c:\program files\PCTuto\pctutobho.dll (Trojan.Eorezo) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E2ED56B6-35FC-4484-9530-EC87FB458E78} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\PCTutoBHO.PCTBHO.1 (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\PCTutoBHO.PCTBHO (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423A-9845-901AC0A7EE6E} (Trojan.Eorezo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\program files\PCTuto\pctutobho.dll (Trojan.Eorezo) -> Delete on reboot.
c:\Users\rené\AppData\Local\Temp\is-65VAQ.tmp\PCTuto\inst.exe (Adware.Agent) -> Quarantined and deleted successfully.
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par vieillechouette » 23 Juil 2011 20:05
Ca y est j'ai téléchargé ZHPDiag, merci pour ton aide.
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par nardino » 23 Juil 2011 20:12
Bonsoir
Il est temps que tu lises ceci :
http://rue-du-montceau.pagesperso-orang ... to4pc.html
Envoie un rapport Zhpdiag pour contrôle.
@+
Il est temps que tu lises ceci :
http://rue-du-montceau.pagesperso-orang ... to4pc.html
Envoie un rapport Zhpdiag pour contrôle.
@+
-
nardino - Super Libellulien
- Messages: 1100
- Inscription: 03 Avr 2009 22:02
Re: plein de pub intempestives!!!
par vieillechouette » 23 Juil 2011 20:43
Rapport de ZHPDiag v1.27.2423 par Nicolas Coolman, Update du 21/07/2011
Run by rené at 23/07/2011 21:16:49
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385 (Defaut)
---\\ System Information
Windows 7 Starter Edition, 32-bit (Build 7600)
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
~ Boot mode: ~ Normal (Normal boot)
Total RAM: 1011 MB (13% free)
~ System Restore: Activé (Enable)
System drive C: has 179 GB (83%) free of 215 GB
---\\ Logged in mode
~ Computer Name: RENÉ-HP
~ User Name: rené
~ All Users Names: rené, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
~ Logged in as Administrator
---\\ Environnement Variables
~ %AppData%=C:\Users\rené\AppData\Roaming\
~ %Desktop%=C:\Users\rené\Desktop\
~ %Favorites%=C:\Users\rené\Favorites\
~ %LocalAppData%=C:\Users\rené\AppData\Local\
~ %StartMenu%=C:\Users\rené\AppData\Roaming\Microsoft\Windows\Start Menu\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 179 Go of 215 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 18 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
---\\ Recherche particulière de fichiers génériques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) (.27/04/2011 - 06:33:07.) -- C:\Windows\Explorer.exe [2614784]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 02:14:31.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.27CDAF355CCE3762C7F13719E814418B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/06/2011 - 20:31:50.) -- C:\Windows\system32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/08/2010 - 02:03:02.) -- C:\Windows\system32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]
[MD5.187002CE05693C306F43C873F821381F] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/04/2011 - 06:44:01.) -- C:\Windows\system32\drivers\ntfs.sys [1210240]
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 2/27
~ Mes Documents (My Documents) : 1/4
~ Mon Bureau (My Desktop) : 1/2
~ Menu demarrer (Programs) : 7/21
---\\ Processus lancés
[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [130008]
[MD5.27870BDDDE2BB30C134247512D8A6156] - (.PCTuto - autoupdater.) -- C:\Users\rené\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe [663168]
[MD5.285FBAB6FACA1E3166FB352C34AAC762] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848]
[MD5.DC8F297AC5D203AB8D3B70709740F29C] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592]
[MD5.D165F0D7BDCDE31BE4B1E2149E92AC2A] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552]
[MD5.41E7042F32E30363FCE1ABCCF630DDA4] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952]
[MD5.F778E8D83339B7C02EAC8B13AB83999E] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1778984]
[MD5.D1930CA970D4250D891F432419E3D6C9] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904]
[MD5.01E60FEE382DCB512ACA93D31D6BD954] - (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568]
[MD5.FDBAA6322B3B408CD275A14654EF3D6B] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [495708]
[MD5.4C8981727B06F718832DD3D42C9EB769] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168]
[MD5.3EEC83341AECDE670C2CE16EBED5D66C] - (.PCTUTO - PCTUTO.) -- C:\Program Files\PCTuto\pctuto.exe [982656]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768]
[MD5.33BFCE71F407F24E5DFDB7DD46CE2D6D] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449584]
[MD5.73E7F1D810AA3520BF15545A57B86712] - (.Zecter Inc. - HP CloudDrive.) -- C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe [154304]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.C5E25590F63DA3D4240521A02F641B10] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [828704]
[MD5.3426775825ADF252E5A7486B24A678C6] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720]
[MD5.6408547F86FE90924BDE983D79C23A93] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [2831648]
[MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040]
[MD5.745EE2C6FB0B43C9F00E017F5E5D7317] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [307376]
[MD5.0C48AFAA67B59D73567DF8EB4DD04B4A] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10s_ActiveX.exe [240288]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040]
[MD5.CB443C9D1485A3F7B21D15BE2D3CF168] - (.Hewlett-Packard Company - HP Wireless Assistant.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064]
[MD5.DDB5F8380F88EE659D519A69BE56A9D5] - (.Hewlett-Packard Development Company L.P. - hpCaslNotification.) -- C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe [309304]
[MD5.B0DA80FF42A0819D162A86612896AAF2] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [47104]
[MD5.887BAA34C1B3AB4FBC54BF6545B59B49] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658432]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50401.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R0 - HKUS\S-1-5-21-4135575750-1372082982-2780986660-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-4135575750-1372082982-2780986660-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: BHO Project - {de4e75d3-60aa-4f02-a0e4-c8a40576574c} . (.InternetEngine - Pas de description.) -- C:\Program Files\Object\bho_project.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [AmIcoSinglun] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Quick Launch] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [ZumoDrive] . (...) -- C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk
O4 - HKLM\..\Run: [HPWirelessAssistant] . (...) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
O4 - HKLM\..\Run: [PCTuto] . (.PCTUTO - PCTUTO.) -- C:\Program Files\PCTuto\pctuto.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\RunOnce: [autoupdater] . (.PCTuto - autoupdater.) -- C:\Users\rené\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-4135575750-1372082982-2780986660-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-4135575750-1372082982-2780986660-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk . (.Broadcom Corporation..) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Media Suite.lnk . (.ArcSoft Inc..) -- C:\Program Files\Hewlett-Packard\HP Media Suite\Home\ArcStart.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\rené\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\rené\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} . (.Evernote Corporation - Web Clipper extension tool for IE.) -- C:\Program Files\Evernote\Evernote3.5\enbar.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{068C6309-0704-4299-9CF8-F02EAF24CFF2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A2E2A7D-EF25-4F99-9E96-04C44BF07C6E}: DhcpNameServer = 192.168.72.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{068C6309-0704-4299-9CF8-F02EAF24CFF2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4A2E2A7D-EF25-4F99-9E96-04C44BF07C6E}: DhcpNameServer = 192.168.72.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{068C6309-0704-4299-9CF8-F02EAF24CFF2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4A2E2A7D-EF25-4F99-9E96-04C44BF07C6E}: DhcpNameServer = 192.168.72.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service (HP Wireless Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Pas de propriétaire - HPWMISVC Application.) - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: C:\Windows\system32\stlang.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [RecoveryCDWin7] (...) -- C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [Registration] (...) -- C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [ServicePlan] (...) -- C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.706C9BC93F29B54AEDB4DD5A7918D933] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.706C9BC93F29B54AEDB4DD5A7918D933] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.90CAD241DEC99A0350FB2A6AE61B63BB] [APT] [Norton Error Analyzer 18.6.0.29] (.Symantec Corporation.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\SymErr.exe
[MD5.90CAD241DEC99A0350FB2A6AE61B63BB] [APT] [Norton Error Processor 18.6.0.29] (.Symantec Corporation.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\SymErr.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (BHDrvx86) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110519.002\BHDrvx86.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (DVMIO) . (.DeviceVM, Inc. - DVMIO virtual device driver.) - C:\Windows\System32\DRIVERS\dvmio.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver: (IDSVix86) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110615.001\IDSvix86.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.sys
O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\NIS\1206000.01D\SYMNETS.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.4.5 MUI - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc.) [HKLM] -- {9ECF7817-DB11-4FBA-9DF1-296A578D513A}
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- InstallShield_{1588DD21-B959-4674-9CF0-4D13B7D75020}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT087428
O42 - Logiciel: Broadcom 2070 Bluetooth 3.0 - (.Broadcom Corporation.) [HKLM] -- {436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
O42 - Logiciel: Broadcom 802.11 Wireless LAN Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Wireless LAN Adapter
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM] -- WT087453
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM] -- WT087536
O42 - Logiciel: Dream Chronicles - (.WildTangent.) [HKLM] -- WT087467
O42 - Logiciel: ESU for Microsoft Windows 7 - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: Energy Star Digital Logo - (.Hewlett-Packard.) [HKLM] -- {BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
O42 - Logiciel: Evernote - (.Evernote Corp..) [HKLM] -- {F761359C-9CED-45AE-9A51-9D6605CD55C4}
O42 - Logiciel: FATE - (.WildTangent.) [HKLM] -- WT087361
O42 - Logiciel: Facetheme - (.facetheme.com.) [HKLM] -- facetheme
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP CloudDrive - (.Pas de propriétaire.) [HKLM] -- ZumoDrive
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM] -- {F4657EC0-BB82-47C7-ACD8-140212055852}
O42 - Logiciel: HP Game Console - (.WildTangent.) [HKLM] -- My HP Game Console
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP HomeBase - (.ArcSoft.) [HKLM] -- {4F22707C-C8E4-4BC8-881C-FAAB2EF5914B}
O42 - Logiciel: HP Power Manager - (.Hewlett-Packard Company.) [HKLM] -- {4B156358-CE9C-4E9F-8CAD-79AE86A68C60}
O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM] -- {E342D296-DB9D-4FC7-ACB0-39926C0BFA16}
O42 - Logiciel: HP QuickSync - (.Hewlett-Packard Company.) [HKLM] -- {40C19172-F700-4056-8683-2C64BE3202C8}
O42 - Logiciel: HP QuickWeb Installer - (.DeviceVM Inc..) [HKLM] -- {394FA67A-FF0A-4356-BB77-D85E5A300BDE}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM] -- {8BAC9B23-9D91-48D6-8565-BD80D2BCBD18}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {FC17E0A7-EAA9-4902-92F8-C83B9FD02246}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {48EE0E00-86DE-47A5-8D00-B5D72A70BCCD}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM] -- WT087480
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}
O42 - Logiciel: Jewel Quest - Heritage - (.WildTangent.) [HKLM] -- WT087374
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM] -- WT087485
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM] -- WT087490
O42 - Logiciel: JoJo's Fashion Show - (.WildTangent.) [HKLM] -- WT087385
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM] -- WT087495
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM] -- {95140000-0070-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- NIS
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PCTuto 2.0 - (.PCTuto.) [HKLM] -- PCTuto_is1
O42 - Logiciel: PCTuto Avast 2.0 - (.PCTuto.) [HKLM] -- PCTuto Avast_is1
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT087394
O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM] -- WT087501
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT087396
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Skip-Bo - Castaway Caper - (.WildTangent.) [HKLM] -- WT087408
O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM] -- WT087510
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Tradewinds Legends - (.WildTangent.) [HKLM] -- WT087409
O42 - Logiciel: UpdatePCTuto 2.0 - (.PCtuto.) [HKLM] -- UpdatePCTuto_is1
O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM] -- WT087513
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM] -- WT087519
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {9D6524E6-15CF-4852-BF70-04FE973A3DE1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT087533
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avira]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\PCTuto]
[HKCU\Software\Policies]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\Widcomm]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Avira]
[HKLM\Software\BcmSetup]
[HKLM\Software\Broadcom]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CXT]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DEVICEVM]
[HKLM\Software\Evernote]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Insyde]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nom de votre société]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\P2G_Upgrade]
[HKLM\Software\PCTuto]
[HKLM\Software\Policies]
[HKLM\Software\Product_Upgrade]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Widcomm]
[HKLM\Software\WildTangent]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Zecter]
O43 - CFD: 27/Files\HP Games
O43 - CFD: 03/12/2010 - 11:20:16 - [43436945] ----D- C:\Program Files\IDT
O43 - CFD: 03/12/2010 - 11:26:08 - [94764020] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 03/12/2010 - 11:08:18 - [11048089] ----D- C:\Program Files\Intel
O43 - CFD: 17/06/2011 - 23:35:22 - [4498312] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 16/08/2010 - 19:42:02 - [90561113] ----D- C:\Program Files\Java
O43 - CFD: 23/07/2011 - 20:31:34 - [6953184] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 03/12/2010 - 11:50:30 - [854520] ----D- C:\Program Files\Microsoft
O43 - CFD: 14/07/2009 - 06:52:32 - [46990135] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 16/08/2010 - 18:33:08 - [6423243] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 16/08/2010 - 19:31:04 - [38271979] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 03/12/2010 - 11:52:18 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 03/12/2010 - 11:53:26 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 22/04/2011 - 06:06:10 - [15715] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 14/07/2009 - 06:52:32 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 03/12/2010 - 11:27:02 - [202796524] ----D- C:\Program Files\Norton Internet Security
O43 - CFD: 03/12/2010 - 11:26:22 - [24382979] ----D- C:\Program Files\NortonInstaller
O43 - CFD: 23/07/2011 - 16:00:52 - [159814] ----D- C:\Program Files\Object
O43 - CFD: 19/04/2011 - 12:16:42 - [814259] R---D- C:\Program Files\Online Services
O43 - CFD: 03/12/2010 - 11:24:02 - [567838] ----D- C:\Program Files\onlineservices
O43 - CFD: 23/07/2011 - 20:48:36 - [7696043] ----D- C:\Program Files\PCTuto
O43 - CFD: 03/12/2010 - 11:03:58 - [1842843] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:52:32 - [38597377] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 12/05/2011 - 22:51:32 - [60872] ----D- C:\Program Files\Symantec
O43 - CFD: 03/12/2010 - 11:03:10 - [37790338] ----D- C:\Program Files\Synaptics
O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 03/12/2010 - 11:10:38 - [116740290] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 17/08/2010 - 02:50:44 - [3049984] ----D- C:\Program Files\Windows Defender
O43 - CFD: 03/12/2010 - 11:53:46 - [136553350] ----D- C:\Program Files\Windows Live
O43 - CFD: 03/12/2010 - 11:49:52 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 21/04/2011 - 05:50:26 - [6180864] ----D- C:\Program Files\Windows Mail
O43 - CFD: 21/04/2011 - 05:50:24 - [6607787] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 19/04/2011 - 12:14:44 - [12197556] ----D- C:\Program Files\Windows NT
O43 - CFD: 17/08/2010 - 02:50:44 - [4417800] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:52:34 - [189440] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 19/04/2011 - 12:16:40 - [10648749] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 23/07/2011 - 21:17:02 - [3931861] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 16/08/2010 - 19:05:18 - [16426975] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 16/08/2010 - 19:06:16 - [31787256] ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 16/08/2010 - 17:36:02 - [2009175] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 16/08/2010 - 19:42:20 - [1231815] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 03/12/2010 - 11:49:56 - [18598524] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 19/04/2011 - 14:30:02 - [1313000] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 17/08/2010 - 02:50:44 - [10102259] ----D- C:\Program Files\Common Files\System
O43 - CFD: 03/12/2010 - 11:45:12 - [235123779] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 20/04/2011 - 14:52:36 - [761] ----D- C:\ProgramData\Adobe
O43 - CFD: 03/12/2010 - 11:10:04 - [497] ----D- C:\ProgramData\AmUStor
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 27/04/2011 - 11:51:20 - [54024786] ----D- C:\ProgramData\Avira
O43 - CFD: 19/04/2011 - 12:14:44 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 03/12/2010 - 11:24:52 - [34406] ----D- C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 19/04/2011 - 12:14:44 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 23/07/2011 - 16:19:28 - [1219682] ----D- C:\ProgramData\Google
O43 - CFD: 03/12/2010 - 12:03:54 - [360691] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 23/07/2011 - 20:31:28 - [7080090] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 19/04/2011 - 12:14:44 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 19/04/2011 - 12:14:44 - [1291365439] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 19/04/2011 - 12:14:44 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 19/04/2011 - 12:23:40 - [378777645] ----D- C:\ProgramData\Norton
O43 - CFD: 03/12/2010 - 11:26:22 - [1255268] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 16/08/2010 - 19:42:22 - [119] ----D- C:\ProgramData\Sun
O43 - CFD: 03/12/2010 - 11:25:56 - [254094] ----D- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 03/12/2010 - 11:43:30 - [1643128018] ----D- C:\ProgramData\WildTangent
O43 - CFD: 16/08/2010 - 19:52:50 - [35356150] ----D- C:\ProgramData\{8D274659-3D84-4410-A197-C170D180BC76}
O43 - CFD: 20/04/2011 - 14:51:58 - [203056] ----D- C:\Users\rené\AppData\Roaming\Adobe
O43 - CFD: 28/04/2011 - 09:57:02 - [0] ----D- C:\Users\rené\AppData\Roaming\Avira
O43 - CFD: 23/07/2011 - 16:21:02 - [522] ----D- C:\Users\rené\AppData\Roaming\Google
O43 - CFD: 27/04/2011 - 11:44:00 - [52397] ----D- C:\Users\rené\AppData\Roaming\Hewlett-Packard
O43 - CFD: 01/06/2011 - 23:41:30 - [642] ----D- C:\Users\rené\AppData\Roaming\hpqLog
O43 - CFD: 19/04/2011 - 12:22:24 - [0] ----D- C:\Users\rené\AppData\Roaming\Identities
O43 - CFD: 19/04/2011 - 12:34:54 - [2364] ----D- C:\Users\rené\AppData\Roaming\Macromedia
O43 - CFD: 23/07/2011 - 20:31:54 - [235467] ----D- C:\Users\rené\AppData\Roaming\Malwarebytes
O43 - CFD: 22/04/2011 - 07:24:20 - [3253283] -S--D- C:\Users\rené\AppData\Roaming\Microsoft
O43 - CFD: 21/04/2011 - 15:00:22 - [2164181] ----D- C:\Users\rené\AppData\Roaming\PCtuto
O43 - CFD: 23/07/2011 - 20:50:12 - [301832] ----D- C:\Users\rené\AppData\Roaming\ZumoDrive
O43 - CFD: 20/04/2011 - 14:55:58 - [121622] ----D- C:\Users\rené\AppData\Local\Adobe
O43 - CFD: 19/04/2011 - 12:15:02 - [0] -SH-D- C:\Users\rené\AppData\Local\Application Data
O43 - CFD: 21/04/2011 - 22:49:20 - [1272141] ----D- C:\Users\rené\AppData\Local\Apps
O43 - CFD: 19/04/2011 - 12:22:56 - [0] ----D- C:\Users\rené\AppData\Local\Broadcom
O43 - CFD: 23/07/2011 - 16:18:04 - [0] ----D- C:\Users\rené\AppData\Local\Deployment
O43 - CFD: 19/04/2011 - 15:47:30 - [577877] ----D- C:\Users\rené\AppData\Local\Diagnostics
O43 - CFD: 23/07/2011 - 16:19:40 - [8047] ----D- C:\Users\rené\AppData\Local\Google
O43 - CFD: 20/04/2011 - 14:56:06 - [11255] ----D- C:\Users\rené\AppData\Local\Hewlett-Packard
O43 - CFD: 19/04/2011 - 12:15:02 - [0] -SH-D- C:\Users\rené\AppData\Local\Historique
O43 - CFD: 22/04/2011 - 07:24:22 - [304251652] ----D- C:\Users\rené\AppData\Local\Microsoft
O43 - CFD: 09/05/2011 - 06:08:12 - [428849] ----D- C:\Users\rené\AppData\Local\Microsoft Games
O43 - CFD: 21/04/2011 - 15:00:16 - [533844] ----D- C:\Users\rené\AppData\Local\PCTuto
O43 - CFD: 23/07/2011 - 21:12:58 - [78227832] ----D- C:\Users\rené\AppData\Local\Temp
O43 - CFD: 19/04/2011 - 12:15:02 - [0] -SH-D- C:\Users\rené\AppData\Local\Temporary Internet Files
O43 - CFD: 19/04/2011 - 12:15:04 - [0] ----D- C:\Users\rené\AppData\Local\VirtualStore
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8CF88AADF3B36CF63B5B9F473411B4AA] - 23/07/2011 - 19:57:02 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14128]
O44 - LFC:[MD5.8CF88AADF3B36CF63B5B9F473411B4AA] - 23/07/2011 - 19:57:02 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14128]
O44 - LFC:[MD5.AA4D605C0F5F862BF8FA7202C4AFF3EC] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.604A369D41F2D606433537E02F33EA38] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106388]
O44 - LFC:[MD5.A9218F0BE9A6964915E4908B271F48CC] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130754]
O44 - LFC:[MD5.55B934102A70C14AB65832C59421AE4C] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\perfh009.dat [616008]
O44 - LFC:[MD5.1BF1C5FC69297414AA6F850CFB72446D] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [704480]
O44 - LFC:[MD5.F8D88507B5E48CD85931194D37065078] - 23/07/2011 - 19:53:13 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1926844]
O44 - LFC:[MD5.79BA5BEF9C99E38DA4ED75D0A6E4F122] - 23/07/2011 - 19:48:58 ---A- . (...) -- C:\Windows\setupact.log [43381]
O44 - LFC:[MD5.A8350C61F48EACEE1B4950EA11A42050] - 23/07/2011 - 19:48:46 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.A4E65F8BFA150C066DCC6E2EFD44EF5C] - 23/07/2011 - 19:48:40 ---A- . (...) -- C:\Windows\PFRO.log [12912]
O44 - LFC:[MD5.6C4A09CED9B0AFD5BDFE470F9C10B583] - 23/07/2011 - 15:08:52 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [267680]
O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 07/07/2011 - 21:30:32 ---A- . (...) -- C:\Windows\System32\DOErrors.log [52]
O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 06/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [22712]
O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 06/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [41272]
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=
Run by rené at 23/07/2011 21:16:49
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385 (Defaut)
---\\ System Information
Windows 7 Starter Edition, 32-bit (Build 7600)
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
~ Boot mode: ~ Normal (Normal boot)
Total RAM: 1011 MB (13% free)
~ System Restore: Activé (Enable)
System drive C: has 179 GB (83%) free of 215 GB
---\\ Logged in mode
~ Computer Name: RENÉ-HP
~ User Name: rené
~ All Users Names: rené, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
~ Logged in as Administrator
---\\ Environnement Variables
~ %AppData%=C:\Users\rené\AppData\Roaming\
~ %Desktop%=C:\Users\rené\Desktop\
~ %Favorites%=C:\Users\rené\Favorites\
~ %LocalAppData%=C:\Users\rené\AppData\Local\
~ %StartMenu%=C:\Users\rené\AppData\Roaming\Microsoft\Windows\Start Menu\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 179 Go of 215 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 18 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
---\\ Recherche particulière de fichiers génériques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) (.27/04/2011 - 06:33:07.) -- C:\Windows\Explorer.exe [2614784]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 02:14:31.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.27CDAF355CCE3762C7F13719E814418B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/06/2011 - 20:31:50.) -- C:\Windows\system32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/08/2010 - 02:03:02.) -- C:\Windows\system32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]
[MD5.187002CE05693C306F43C873F821381F] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/04/2011 - 06:44:01.) -- C:\Windows\system32\drivers\ntfs.sys [1210240]
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 2/27
~ Mes Documents (My Documents) : 1/4
~ Mon Bureau (My Desktop) : 1/2
~ Menu demarrer (Programs) : 7/21
---\\ Processus lancés
[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [130008]
[MD5.27870BDDDE2BB30C134247512D8A6156] - (.PCTuto - autoupdater.) -- C:\Users\rené\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe [663168]
[MD5.285FBAB6FACA1E3166FB352C34AAC762] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848]
[MD5.DC8F297AC5D203AB8D3B70709740F29C] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592]
[MD5.D165F0D7BDCDE31BE4B1E2149E92AC2A] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552]
[MD5.41E7042F32E30363FCE1ABCCF630DDA4] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952]
[MD5.F778E8D83339B7C02EAC8B13AB83999E] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1778984]
[MD5.D1930CA970D4250D891F432419E3D6C9] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904]
[MD5.01E60FEE382DCB512ACA93D31D6BD954] - (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568]
[MD5.FDBAA6322B3B408CD275A14654EF3D6B] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [495708]
[MD5.4C8981727B06F718832DD3D42C9EB769] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168]
[MD5.3EEC83341AECDE670C2CE16EBED5D66C] - (.PCTUTO - PCTUTO.) -- C:\Program Files\PCTuto\pctuto.exe [982656]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768]
[MD5.33BFCE71F407F24E5DFDB7DD46CE2D6D] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449584]
[MD5.73E7F1D810AA3520BF15545A57B86712] - (.Zecter Inc. - HP CloudDrive.) -- C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe [154304]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.C5E25590F63DA3D4240521A02F641B10] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [828704]
[MD5.3426775825ADF252E5A7486B24A678C6] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720]
[MD5.6408547F86FE90924BDE983D79C23A93] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [2831648]
[MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [673040]
[MD5.745EE2C6FB0B43C9F00E017F5E5D7317] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe [307376]
[MD5.0C48AFAA67B59D73567DF8EB4DD04B4A] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10s_ActiveX.exe [240288]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040]
[MD5.CB443C9D1485A3F7B21D15BE2D3CF168] - (.Hewlett-Packard Company - HP Wireless Assistant.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064]
[MD5.DDB5F8380F88EE659D519A69BE56A9D5] - (.Hewlett-Packard Development Company L.P. - hpCaslNotification.) -- C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe [309304]
[MD5.B0DA80FF42A0819D162A86612896AAF2] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [47104]
[MD5.887BAA34C1B3AB4FBC54BF6545B59B49] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658432]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50401.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R0 - HKUS\S-1-5-21-4135575750-1372082982-2780986660-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-4135575750-1372082982-2780986660-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: BHO Project - {de4e75d3-60aa-4f02-a0e4-c8a40576574c} . (.InternetEngine - Pas de description.) -- C:\Program Files\Object\bho_project.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [AmIcoSinglun] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Quick Launch] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [ZumoDrive] . (...) -- C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk
O4 - HKLM\..\Run: [HPWirelessAssistant] . (...) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
O4 - HKLM\..\Run: [PCTuto] . (.PCTUTO - PCTUTO.) -- C:\Program Files\PCTuto\pctuto.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\RunOnce: [autoupdater] . (.PCTuto - autoupdater.) -- C:\Users\rené\AppData\Roaming\PCtuto\UpdatePCTuto\autoupdater.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-4135575750-1372082982-2780986660-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-4135575750-1372082982-2780986660-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk . (.Broadcom Corporation..) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Media Suite.lnk . (.ArcSoft Inc..) -- C:\Program Files\Hewlett-Packard\HP Media Suite\Home\ArcStart.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\rené\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\rené\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} . (.Evernote Corporation - Web Clipper extension tool for IE.) -- C:\Program Files\Evernote\Evernote3.5\enbar.dll
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{068C6309-0704-4299-9CF8-F02EAF24CFF2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{4A2E2A7D-EF25-4F99-9E96-04C44BF07C6E}: DhcpNameServer = 192.168.72.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{068C6309-0704-4299-9CF8-F02EAF24CFF2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4A2E2A7D-EF25-4F99-9E96-04C44BF07C6E}: DhcpNameServer = 192.168.72.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{068C6309-0704-4299-9CF8-F02EAF24CFF2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4A2E2A7D-EF25-4F99-9E96-04C44BF07C6E}: DhcpNameServer = 192.168.72.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service (HP Wireless Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HPWMISVC (HPWMISVC) . (.Pas de propriétaire - HPWMISVC Application.) - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: C:\Windows\system32\stlang.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [RecoveryCDWin7] (...) -- C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [Registration] (...) -- C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [ServicePlan] (...) -- C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe
[MD5.706C9BC93F29B54AEDB4DD5A7918D933] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.706C9BC93F29B54AEDB4DD5A7918D933] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.90CAD241DEC99A0350FB2A6AE61B63BB] [APT] [Norton Error Analyzer 18.6.0.29] (.Symantec Corporation.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\SymErr.exe
[MD5.90CAD241DEC99A0350FB2A6AE61B63BB] [APT] [Norton Error Processor 18.6.0.29] (.Symantec Corporation.) -- C:\Program Files\Norton Internet Security\Engine\18.6.0.29\SymErr.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (BHDrvx86) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110519.002\BHDrvx86.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (DVMIO) . (.DeviceVM, Inc. - DVMIO virtual device driver.) - C:\Windows\System32\DRIVERS\dvmio.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver: (IDSVix86) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110615.001\IDSvix86.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.sys
O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\NIS\1206000.01D\SYMNETS.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 9.4.5 MUI - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc.) [HKLM] -- {9ECF7817-DB11-4FBA-9DF1-296A578D513A}
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- InstallShield_{1588DD21-B959-4674-9CF0-4D13B7D75020}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT087428
O42 - Logiciel: Broadcom 2070 Bluetooth 3.0 - (.Broadcom Corporation.) [HKLM] -- {436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}
O42 - Logiciel: Broadcom 802.11 Wireless LAN Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Wireless LAN Adapter
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM] -- WT087453
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM] -- WT087536
O42 - Logiciel: Dream Chronicles - (.WildTangent.) [HKLM] -- WT087467
O42 - Logiciel: ESU for Microsoft Windows 7 - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: Energy Star Digital Logo - (.Hewlett-Packard.) [HKLM] -- {BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
O42 - Logiciel: Evernote - (.Evernote Corp..) [HKLM] -- {F761359C-9CED-45AE-9A51-9D6605CD55C4}
O42 - Logiciel: FATE - (.WildTangent.) [HKLM] -- WT087361
O42 - Logiciel: Facetheme - (.facetheme.com.) [HKLM] -- facetheme
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP CloudDrive - (.Pas de propriétaire.) [HKLM] -- ZumoDrive
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM] -- {F4657EC0-BB82-47C7-ACD8-140212055852}
O42 - Logiciel: HP Game Console - (.WildTangent.) [HKLM] -- My HP Game Console
O42 - Logiciel: HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall
O42 - Logiciel: HP HomeBase - (.ArcSoft.) [HKLM] -- {4F22707C-C8E4-4BC8-881C-FAAB2EF5914B}
O42 - Logiciel: HP Power Manager - (.Hewlett-Packard Company.) [HKLM] -- {4B156358-CE9C-4E9F-8CAD-79AE86A68C60}
O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM] -- {E342D296-DB9D-4FC7-ACB0-39926C0BFA16}
O42 - Logiciel: HP QuickSync - (.Hewlett-Packard Company.) [HKLM] -- {40C19172-F700-4056-8683-2C64BE3202C8}
O42 - Logiciel: HP QuickWeb Installer - (.DeviceVM Inc..) [HKLM] -- {394FA67A-FF0A-4356-BB77-D85E5A300BDE}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833}
O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM] -- {8BAC9B23-9D91-48D6-8565-BD80D2BCBD18}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {FC17E0A7-EAA9-4902-92F8-C83B9FD02246}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {48EE0E00-86DE-47A5-8D00-B5D72A70BCCD}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM] -- WT087480
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}
O42 - Logiciel: Jewel Quest - Heritage - (.WildTangent.) [HKLM] -- WT087374
O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM] -- WT087485
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM] -- WT087490
O42 - Logiciel: JoJo's Fashion Show - (.WildTangent.) [HKLM] -- WT087385
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM] -- WT087495
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM] -- {95140000-0070-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- NIS
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PCTuto 2.0 - (.PCTuto.) [HKLM] -- PCTuto_is1
O42 - Logiciel: PCTuto Avast 2.0 - (.PCTuto.) [HKLM] -- PCTuto Avast_is1
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT087394
O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM] -- WT087501
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT087396
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Skip-Bo - Castaway Caper - (.WildTangent.) [HKLM] -- WT087408
O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM] -- WT087510
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Tradewinds Legends - (.WildTangent.) [HKLM] -- WT087409
O42 - Logiciel: UpdatePCTuto 2.0 - (.PCtuto.) [HKLM] -- UpdatePCTuto_is1
O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM] -- WT087513
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM] -- WT087519
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {9D6524E6-15CF-4852-BF70-04FE973A3DE1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT087533
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avira]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\PCTuto]
[HKCU\Software\Policies]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\Widcomm]
[HKCU\Software\YahooPartnerToolbar]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Avira]
[HKLM\Software\BcmSetup]
[HKLM\Software\Broadcom]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CXT]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DEVICEVM]
[HKLM\Software\Evernote]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Insyde]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nom de votre société]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\P2G_Upgrade]
[HKLM\Software\PCTuto]
[HKLM\Software\Policies]
[HKLM\Software\Product_Upgrade]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Widcomm]
[HKLM\Software\WildTangent]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Zecter]
O43 - CFD: 27/Files\HP Games
O43 - CFD: 03/12/2010 - 11:20:16 - [43436945] ----D- C:\Program Files\IDT
O43 - CFD: 03/12/2010 - 11:26:08 - [94764020] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 03/12/2010 - 11:08:18 - [11048089] ----D- C:\Program Files\Intel
O43 - CFD: 17/06/2011 - 23:35:22 - [4498312] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 16/08/2010 - 19:42:02 - [90561113] ----D- C:\Program Files\Java
O43 - CFD: 23/07/2011 - 20:31:34 - [6953184] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 03/12/2010 - 11:50:30 - [854520] ----D- C:\Program Files\Microsoft
O43 - CFD: 14/07/2009 - 06:52:32 - [46990135] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 16/08/2010 - 18:33:08 - [6423243] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 16/08/2010 - 19:31:04 - [38271979] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 03/12/2010 - 11:52:18 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 03/12/2010 - 11:53:26 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 22/04/2011 - 06:06:10 - [15715] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 14/07/2009 - 06:52:32 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 03/12/2010 - 11:27:02 - [202796524] ----D- C:\Program Files\Norton Internet Security
O43 - CFD: 03/12/2010 - 11:26:22 - [24382979] ----D- C:\Program Files\NortonInstaller
O43 - CFD: 23/07/2011 - 16:00:52 - [159814] ----D- C:\Program Files\Object
O43 - CFD: 19/04/2011 - 12:16:42 - [814259] R---D- C:\Program Files\Online Services
O43 - CFD: 03/12/2010 - 11:24:02 - [567838] ----D- C:\Program Files\onlineservices
O43 - CFD: 23/07/2011 - 20:48:36 - [7696043] ----D- C:\Program Files\PCTuto
O43 - CFD: 03/12/2010 - 11:03:58 - [1842843] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:52:32 - [38597377] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 12/05/2011 - 22:51:32 - [60872] ----D- C:\Program Files\Symantec
O43 - CFD: 03/12/2010 - 11:03:10 - [37790338] ----D- C:\Program Files\Synaptics
O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 03/12/2010 - 11:10:38 - [116740290] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 17/08/2010 - 02:50:44 - [3049984] ----D- C:\Program Files\Windows Defender
O43 - CFD: 03/12/2010 - 11:53:46 - [136553350] ----D- C:\Program Files\Windows Live
O43 - CFD: 03/12/2010 - 11:49:52 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 21/04/2011 - 05:50:26 - [6180864] ----D- C:\Program Files\Windows Mail
O43 - CFD: 21/04/2011 - 05:50:24 - [6607787] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 19/04/2011 - 12:14:44 - [12197556] ----D- C:\Program Files\Windows NT
O43 - CFD: 17/08/2010 - 02:50:44 - [4417800] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:52:34 - [189440] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 19/04/2011 - 12:16:40 - [10648749] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 23/07/2011 - 21:17:02 - [3931861] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 16/08/2010 - 19:05:18 - [16426975] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 16/08/2010 - 19:06:16 - [31787256] ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 16/08/2010 - 17:36:02 - [2009175] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 16/08/2010 - 19:42:20 - [1231815] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 03/12/2010 - 11:49:56 - [18598524] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 19/04/2011 - 14:30:02 - [1313000] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 17/08/2010 - 02:50:44 - [10102259] ----D- C:\Program Files\Common Files\System
O43 - CFD: 03/12/2010 - 11:45:12 - [235123779] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 20/04/2011 - 14:52:36 - [761] ----D- C:\ProgramData\Adobe
O43 - CFD: 03/12/2010 - 11:10:04 - [497] ----D- C:\ProgramData\AmUStor
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 27/04/2011 - 11:51:20 - [54024786] ----D- C:\ProgramData\Avira
O43 - CFD: 19/04/2011 - 12:14:44 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 03/12/2010 - 11:24:52 - [34406] ----D- C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 19/04/2011 - 12:14:44 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 23/07/2011 - 16:19:28 - [1219682] ----D- C:\ProgramData\Google
O43 - CFD: 03/12/2010 - 12:03:54 - [360691] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 23/07/2011 - 20:31:28 - [7080090] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 19/04/2011 - 12:14:44 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 19/04/2011 - 12:14:44 - [1291365439] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 19/04/2011 - 12:14:44 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 19/04/2011 - 12:23:40 - [378777645] ----D- C:\ProgramData\Norton
O43 - CFD: 03/12/2010 - 11:26:22 - [1255268] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 16/08/2010 - 19:42:22 - [119] ----D- C:\ProgramData\Sun
O43 - CFD: 03/12/2010 - 11:25:56 - [254094] ----D- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 03/12/2010 - 11:43:30 - [1643128018] ----D- C:\ProgramData\WildTangent
O43 - CFD: 16/08/2010 - 19:52:50 - [35356150] ----D- C:\ProgramData\{8D274659-3D84-4410-A197-C170D180BC76}
O43 - CFD: 20/04/2011 - 14:51:58 - [203056] ----D- C:\Users\rené\AppData\Roaming\Adobe
O43 - CFD: 28/04/2011 - 09:57:02 - [0] ----D- C:\Users\rené\AppData\Roaming\Avira
O43 - CFD: 23/07/2011 - 16:21:02 - [522] ----D- C:\Users\rené\AppData\Roaming\Google
O43 - CFD: 27/04/2011 - 11:44:00 - [52397] ----D- C:\Users\rené\AppData\Roaming\Hewlett-Packard
O43 - CFD: 01/06/2011 - 23:41:30 - [642] ----D- C:\Users\rené\AppData\Roaming\hpqLog
O43 - CFD: 19/04/2011 - 12:22:24 - [0] ----D- C:\Users\rené\AppData\Roaming\Identities
O43 - CFD: 19/04/2011 - 12:34:54 - [2364] ----D- C:\Users\rené\AppData\Roaming\Macromedia
O43 - CFD: 23/07/2011 - 20:31:54 - [235467] ----D- C:\Users\rené\AppData\Roaming\Malwarebytes
O43 - CFD: 22/04/2011 - 07:24:20 - [3253283] -S--D- C:\Users\rené\AppData\Roaming\Microsoft
O43 - CFD: 21/04/2011 - 15:00:22 - [2164181] ----D- C:\Users\rené\AppData\Roaming\PCtuto
O43 - CFD: 23/07/2011 - 20:50:12 - [301832] ----D- C:\Users\rené\AppData\Roaming\ZumoDrive
O43 - CFD: 20/04/2011 - 14:55:58 - [121622] ----D- C:\Users\rené\AppData\Local\Adobe
O43 - CFD: 19/04/2011 - 12:15:02 - [0] -SH-D- C:\Users\rené\AppData\Local\Application Data
O43 - CFD: 21/04/2011 - 22:49:20 - [1272141] ----D- C:\Users\rené\AppData\Local\Apps
O43 - CFD: 19/04/2011 - 12:22:56 - [0] ----D- C:\Users\rené\AppData\Local\Broadcom
O43 - CFD: 23/07/2011 - 16:18:04 - [0] ----D- C:\Users\rené\AppData\Local\Deployment
O43 - CFD: 19/04/2011 - 15:47:30 - [577877] ----D- C:\Users\rené\AppData\Local\Diagnostics
O43 - CFD: 23/07/2011 - 16:19:40 - [8047] ----D- C:\Users\rené\AppData\Local\Google
O43 - CFD: 20/04/2011 - 14:56:06 - [11255] ----D- C:\Users\rené\AppData\Local\Hewlett-Packard
O43 - CFD: 19/04/2011 - 12:15:02 - [0] -SH-D- C:\Users\rené\AppData\Local\Historique
O43 - CFD: 22/04/2011 - 07:24:22 - [304251652] ----D- C:\Users\rené\AppData\Local\Microsoft
O43 - CFD: 09/05/2011 - 06:08:12 - [428849] ----D- C:\Users\rené\AppData\Local\Microsoft Games
O43 - CFD: 21/04/2011 - 15:00:16 - [533844] ----D- C:\Users\rené\AppData\Local\PCTuto
O43 - CFD: 23/07/2011 - 21:12:58 - [78227832] ----D- C:\Users\rené\AppData\Local\Temp
O43 - CFD: 19/04/2011 - 12:15:02 - [0] -SH-D- C:\Users\rené\AppData\Local\Temporary Internet Files
O43 - CFD: 19/04/2011 - 12:15:04 - [0] ----D- C:\Users\rené\AppData\Local\VirtualStore
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8CF88AADF3B36CF63B5B9F473411B4AA] - 23/07/2011 - 19:57:02 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14128]
O44 - LFC:[MD5.8CF88AADF3B36CF63B5B9F473411B4AA] - 23/07/2011 - 19:57:02 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14128]
O44 - LFC:[MD5.AA4D605C0F5F862BF8FA7202C4AFF3EC] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.604A369D41F2D606433537E02F33EA38] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106388]
O44 - LFC:[MD5.A9218F0BE9A6964915E4908B271F48CC] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130754]
O44 - LFC:[MD5.55B934102A70C14AB65832C59421AE4C] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\perfh009.dat [616008]
O44 - LFC:[MD5.1BF1C5FC69297414AA6F850CFB72446D] - 23/07/2011 - 19:54:41 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [704480]
O44 - LFC:[MD5.F8D88507B5E48CD85931194D37065078] - 23/07/2011 - 19:53:13 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1926844]
O44 - LFC:[MD5.79BA5BEF9C99E38DA4ED75D0A6E4F122] - 23/07/2011 - 19:48:58 ---A- . (...) -- C:\Windows\setupact.log [43381]
O44 - LFC:[MD5.A8350C61F48EACEE1B4950EA11A42050] - 23/07/2011 - 19:48:46 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.A4E65F8BFA150C066DCC6E2EFD44EF5C] - 23/07/2011 - 19:48:40 ---A- . (...) -- C:\Windows\PFRO.log [12912]
O44 - LFC:[MD5.6C4A09CED9B0AFD5BDFE470F9C10B583] - 23/07/2011 - 15:08:52 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [267680]
O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 07/07/2011 - 21:30:32 ---A- . (...) -- C:\Windows\System32\DOErrors.log [52]
O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 06/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [22712]
O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 06/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [41272]
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par vieillechouette » 23 Juil 2011 20:46
Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 10/06/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552]
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512]
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400]
O58 - SDL:[MD5.19CE906B4CDC11FC4FEF5745F33A63B6] - 27/04/2011 - 06:43:46 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [80256]
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 10/06/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312]
O58 - SDL:[MD5.869E67D66BE326A5A9159FBA8746FA70] - 27/04/2011 - 06:43:46 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [22400]
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368]
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608]
O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 27/04/2011 - 10:19:24 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [61960]
O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 27/04/2011 - 10:19:24 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [137656]
O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888]
O58 - SDL:[MD5.36A47E6AB1F0967C97722183E21ADB1A] - 03/12/2010 - 09:56:11 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS [2710592]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.E4E5AB603C936BAFD1A5DE1D6086221E] - 03/12/2010 - 02:22:24 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\system32\drivers\btwampfl.sys [294952]
O58 - SDL:[MD5.772994C15198818FEE2314364CD12EE9] - 03/12/2010 - 02:22:12 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys [88616]
O58 - SDL:[MD5.F6A04B6E929C4D57906C76E92025D31C] - 03/12/2010 - 02:22:12 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys [111144]
O58 - SDL:[MD5.DE53089F0678CB5F0AFEB867ACB0FB05] - 03/12/2010 - 02:22:14 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\system32\drivers\btwl2cap.sys [33320]
O58 - SDL:[MD5.BCCBC07CD5CF37F53155C31C434B4A0E] - 03/12/2010 - 02:22:14 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys [18728]
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 10/06/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080]
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952]
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 10/06/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720]
O58 - SDL:[MD5.FF7A7A1E0F9A0AB892A454FFB9D14BBE] - 03/12/2010 - 13:09:22 --HA- . (.DeviceVM, Inc. - DVMIO virtual device driver.) -- C:\Windows\system32\drivers\dvmio.sys [18136]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 10/06/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712]
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 10/06/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152]
O58 - SDL:[MD5.0BAA4115DFFFD6A6D809A89D65E1281A] - 03/12/2010 - 10:09:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [331288]
O58 - SDL:[MD5.71F1A494FEDF4B33C02C4A6A28D6D9E9] - 27/04/2011 - 06:43:55 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332160]
O58 - SDL:[MD5.D0074897C6BC132F3980EA4654BF7FB9] - 19/04/2010 - 18:12:58 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [4806144]
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040]
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824]
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168]
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864]
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848]
O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 23/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712]
O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 23/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [41272]
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 10/06/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800]
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584]
O58 - SDL:[MD5.58218EC6B61B1169CF54AAB0D00F5FE2] - 10/06/2009 - 23:02:51 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\netw5v32.sys [4231168]
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624]
O58 - SDL:[MD5.F1B0BED906F97E16F6D0C3629D2F21C6] - 27/04/2011 - 06:44:01 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117120]
O58 - SDL:[MD5.4520B63899E867F354EE012D34E11536] - 27/04/2011 - 06:44:01 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [143744]
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 10/06/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488]
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064]
O58 - SDL:[MD5.D5EDE44CA85899E0478208C8413C1C31] - 03/12/2010 - 02:10:00 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys [275048]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 10/06/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016]
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 27/04/2011 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072]
O58 - SDL:[MD5.BEE9AE78676412FE17000411F26847ED] - 03/12/2010 - 06:10:14 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\system32\drivers\stwrt.sys [431616]
O58 - SDL:[MD5.AB33C3B196197CA467CBDDA717860DBA] - 19/04/2011 - 21:51:28 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\system32\drivers\SYMEVENT.SYS [126584]
O58 - SDL:[MD5.7EF049C073AE18DD0C8634A89B5627F5] - 28/05/2010 - 05:07:32 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [1303472]
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976]
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 10/06/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904]
O58 - SDL:[MD5.E00FDFAFF025E94F9821153750C35A6D] - 14/07/2009 - 23:13:45 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [207360]
O58 - SDL:[MD5.BC0C7EA89194C299F051C24119000E17] - 14/07/2009 - 23:13:45 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [661504]
O58 - SDL:[MD5.CEB4E3B6890E1E42DCA6694D9E59E1A0] - 14/07/2009 - 23:13:46 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [980992]
O58 - SDL:[MD5.B07C5B7EFDF936FF93D4F540938725BE] - 14/07/2009 - 23:02:53 ---A- . (.Marvell - Pilote Miniport pour contrôleur Ethernet Marvell Yukon..) -- C:\Windows\system32\drivers\yk62x86.sys [311296]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {19DD3105-3A20-4733-8E3A-BB54CF705835} - (Wikipedia) - http://fr.wikipedia.org
O69 - SBI: SearchScopes [HKCU] {37A12BF3-6B45-48A6-BE89-661B6531EB83} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {8BEEDC9F-801F-48D9-B151-F174AD4E3A67} - (Yahoo) - http://fr.search.yahoo.com
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.CE5163BBB95664F60FF557DABFB09835] [SPRF][14/01/2008] (.Hewlett-Packard Company - HPQ System Information.) -- C:\Users\rené\AppData\Local\Temp\HPQSi.exe [69632]
[MD5.67DC0277321064080BAD0E9E3BC3CBAB] [SPRF][05/05/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\rené\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe [901408]
[MD5.601D794324DC11453DEBC36D8C2965A3] [SPRF][21/04/2011] (.Secure Digital Services Limited - OfferBox Browser setup.) -- C:\Users\rené\AppData\Local\Temp\OB.exe [1269632]
[MD5.ACE57B8958B20A3DC59153617A1A31CA] [SPRF][19/04/2011] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\rené\AppData\Local\Temp\swt-gdip-win32-3448.dll [77824]
[MD5.4C6CBD621A173090D8886743F1E7539F] [SPRF][19/04/2011] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\rené\AppData\Local\Temp\swt-win32-3448.dll [335872]
[MD5.D653E3687480A425A1382785D32EAE8A] [SPRF][23/07/2011] (...) -- C:\Users\rené\AppData\Local\Temp\WindowsAPI.dll [198144]
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "{4ADB4C79-9D81-4703-ABA0-08087CC856EE}" | In - None - P6 - TRUE | .(.ArcSoft Inc. - Music.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Music\HPMusic.exe
O87 - FAEL: "{83F6665D-F76A-4FF0-8827-3C7FB371D73C}" | In - None - P17 - TRUE | .(.ArcSoft Inc. - Music.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Music\HPMusic.exe
O87 - FAEL: "{944FDE7E-394B-4B82-9186-07E4460AE84B}" | In - None - P6 - TRUE | .(.ArcSoft Inc. - Photo.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Photo\HPPhoto.exe
O87 - FAEL: "{84540121-3B6A-4EF3-A39A-4B78089B0F85}" | In - None - P17 - TRUE | .(.ArcSoft Inc. - Photo.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Photo\HPPhoto.exe
O87 - FAEL: "{B7B38DDD-0156-49E5-9B9D-230D9A5CEE79}" | In - None - P6 - TRUE | .(.ArcSoft Inc. - Video.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Video\HPVideo.exe
O87 - FAEL: "{F00024D2-5039-48B3-9B39-B3F5F50177B7}" | In - None - P17 - TRUE | .(.ArcSoft Inc. - Video.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Video\HPVideo.exe
O87 - FAEL: "{55A47014-F522-4962-9412-D7C054EE262D}" | In - None - P17 - TRUE | .(.Zecter Inc. - HP CloudDrive.) -- C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe
O87 - FAEL: "{226EC8F6-F8CA-41F7-8D49-E1BE970EFAAD}" | Out - None - P17 - TRUE | .(.Zecter Inc. - HP CloudDrive.) -- C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe
O87 - FAEL: "{58B8C4F3-C90B-4D44-AD3F-6686C1C141E5}" | In - Public - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe
O87 - FAEL: "{79E8CBF7-0466-422A-9A72-CBC1AADEAA22}" | In - Public - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe
O87 - FAEL: "{941F7AF9-06A0-4DE3-9D0A-BC34A61E39A5}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O87 - FAEL: "{53A662FA-C398-4F63-B518-A92B7741EC3E}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---\\ Scan Additionnel (O88)
Database Version : 8548 - (21/07/2011)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 1
[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox
[HKCU\Software\PCTuto] =>Spyware.AgenceExclusive
[HKLM\Software\PCTuto] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCTuto Avast_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PcTuto_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdatePCTuto_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Mozilla\Firefox\Extensions]:offerboxffx@offerbox.com =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:PCTuto =>Spyware.AgenceExclusive
C:\Program Files\PCTuto =>Spyware.AgenceExclusive
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto =>Spyware.AgenceExclusive
C:\Users\rené\AppData\Roaming\PCTuto =>Spyware.AgenceExclusive
C:\Users\rené\AppData\Local\PCTuto =>Spyware.AgenceExclusive
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk =>PUP.OfferBox
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 03/12/2010 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\aestsrv.exe
SR - | Auto 27/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/04/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 03/12/2010 656672 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - | Demand 03/12/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
SS - | Auto 23/07/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/07/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/07/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 16/08/2010 121344 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 16/08/2010 103992 | (HP Wireless Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
SR - | Auto 16/08/2010 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Demand 16/08/2010 698424 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 16/08/2010 27192 | (HPWMISVC) . (...) - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 03/12/2010 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Auto 23/07/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 03/12/2010 237650 | C:\Windows\system32\stlang.dll (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by rené at 23/07/2011 21:19:43
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x81A85428] -> \Device\Harddisk0\DR0[0x84C49948]
3 CLASSPNP[0x865DC59E] -> ntkrnlpa!IofCallDriver[0x81A85428] -> \Device\Ide\IAAStorageDevice-0[0x8420C028]
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 2 !
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by rené at 23/07/2011 21:19:45
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
End of the scan (911 lines in 02mn 56s)(0)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 10/06/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552]
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512]
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400]
O58 - SDL:[MD5.19CE906B4CDC11FC4FEF5745F33A63B6] - 27/04/2011 - 06:43:46 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [80256]
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 10/06/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312]
O58 - SDL:[MD5.869E67D66BE326A5A9159FBA8746FA70] - 27/04/2011 - 06:43:46 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [22400]
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368]
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608]
O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 27/04/2011 - 10:19:24 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [61960]
O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 27/04/2011 - 10:19:24 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [137656]
O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888]
O58 - SDL:[MD5.36A47E6AB1F0967C97722183E21ADB1A] - 03/12/2010 - 09:56:11 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS [2710592]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.E4E5AB603C936BAFD1A5DE1D6086221E] - 03/12/2010 - 02:22:24 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\system32\drivers\btwampfl.sys [294952]
O58 - SDL:[MD5.772994C15198818FEE2314364CD12EE9] - 03/12/2010 - 02:22:12 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btwaudio.sys [88616]
O58 - SDL:[MD5.F6A04B6E929C4D57906C76E92025D31C] - 03/12/2010 - 02:22:12 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\system32\drivers\btwavdt.sys [111144]
O58 - SDL:[MD5.DE53089F0678CB5F0AFEB867ACB0FB05] - 03/12/2010 - 02:22:14 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\system32\drivers\btwl2cap.sys [33320]
O58 - SDL:[MD5.BCCBC07CD5CF37F53155C31C434B4A0E] - 03/12/2010 - 02:22:14 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\system32\drivers\btwrchid.sys [18728]
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 10/06/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080]
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952]
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 10/06/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720]
O58 - SDL:[MD5.FF7A7A1E0F9A0AB892A454FFB9D14BBE] - 03/12/2010 - 13:09:22 --HA- . (.DeviceVM, Inc. - DVMIO virtual device driver.) -- C:\Windows\system32\drivers\dvmio.sys [18136]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 10/06/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712]
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 10/06/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152]
O58 - SDL:[MD5.0BAA4115DFFFD6A6D809A89D65E1281A] - 03/12/2010 - 10:09:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [331288]
O58 - SDL:[MD5.71F1A494FEDF4B33C02C4A6A28D6D9E9] - 27/04/2011 - 06:43:55 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332160]
O58 - SDL:[MD5.D0074897C6BC132F3980EA4654BF7FB9] - 19/04/2010 - 18:12:58 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [4806144]
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040]
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824]
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168]
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864]
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848]
O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 23/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712]
O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 23/07/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [41272]
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 10/06/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800]
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584]
O58 - SDL:[MD5.58218EC6B61B1169CF54AAB0D00F5FE2] - 10/06/2009 - 23:02:51 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\netw5v32.sys [4231168]
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624]
O58 - SDL:[MD5.F1B0BED906F97E16F6D0C3629D2F21C6] - 27/04/2011 - 06:44:01 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117120]
O58 - SDL:[MD5.4520B63899E867F354EE012D34E11536] - 27/04/2011 - 06:44:01 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [143744]
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 10/06/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488]
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064]
O58 - SDL:[MD5.D5EDE44CA85899E0478208C8413C1C31] - 03/12/2010 - 02:10:00 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys [275048]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 10/06/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016]
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 27/04/2011 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072]
O58 - SDL:[MD5.BEE9AE78676412FE17000411F26847ED] - 03/12/2010 - 06:10:14 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\system32\drivers\stwrt.sys [431616]
O58 - SDL:[MD5.AB33C3B196197CA467CBDDA717860DBA] - 19/04/2011 - 21:51:28 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\system32\drivers\SYMEVENT.SYS [126584]
O58 - SDL:[MD5.7EF049C073AE18DD0C8634A89B5627F5] - 28/05/2010 - 05:07:32 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [1303472]
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976]
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 10/06/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904]
O58 - SDL:[MD5.E00FDFAFF025E94F9821153750C35A6D] - 14/07/2009 - 23:13:45 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [207360]
O58 - SDL:[MD5.BC0C7EA89194C299F051C24119000E17] - 14/07/2009 - 23:13:45 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [661504]
O58 - SDL:[MD5.CEB4E3B6890E1E42DCA6694D9E59E1A0] - 14/07/2009 - 23:13:46 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [980992]
O58 - SDL:[MD5.B07C5B7EFDF936FF93D4F540938725BE] - 14/07/2009 - 23:02:53 ---A- . (.Marvell - Pilote Miniport pour contrôleur Ethernet Marvell Yukon..) -- C:\Windows\system32\drivers\yk62x86.sys [311296]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {19DD3105-3A20-4733-8E3A-BB54CF705835} - (Wikipedia) - http://fr.wikipedia.org
O69 - SBI: SearchScopes [HKCU] {37A12BF3-6B45-48A6-BE89-661B6531EB83} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {8BEEDC9F-801F-48D9-B151-F174AD4E3A67} - (Yahoo) - http://fr.search.yahoo.com
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.CE5163BBB95664F60FF557DABFB09835] [SPRF][14/01/2008] (.Hewlett-Packard Company - HPQ System Information.) -- C:\Users\rené\AppData\Local\Temp\HPQSi.exe [69632]
[MD5.67DC0277321064080BAD0E9E3BC3CBAB] [SPRF][05/05/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\rené\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe [901408]
[MD5.601D794324DC11453DEBC36D8C2965A3] [SPRF][21/04/2011] (.Secure Digital Services Limited - OfferBox Browser setup.) -- C:\Users\rené\AppData\Local\Temp\OB.exe [1269632]
[MD5.ACE57B8958B20A3DC59153617A1A31CA] [SPRF][19/04/2011] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\rené\AppData\Local\Temp\swt-gdip-win32-3448.dll [77824]
[MD5.4C6CBD621A173090D8886743F1E7539F] [SPRF][19/04/2011] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\rené\AppData\Local\Temp\swt-win32-3448.dll [335872]
[MD5.D653E3687480A425A1382785D32EAE8A] [SPRF][23/07/2011] (...) -- C:\Users\rené\AppData\Local\Temp\WindowsAPI.dll [198144]
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "{4ADB4C79-9D81-4703-ABA0-08087CC856EE}" | In - None - P6 - TRUE | .(.ArcSoft Inc. - Music.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Music\HPMusic.exe
O87 - FAEL: "{83F6665D-F76A-4FF0-8827-3C7FB371D73C}" | In - None - P17 - TRUE | .(.ArcSoft Inc. - Music.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Music\HPMusic.exe
O87 - FAEL: "{944FDE7E-394B-4B82-9186-07E4460AE84B}" | In - None - P6 - TRUE | .(.ArcSoft Inc. - Photo.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Photo\HPPhoto.exe
O87 - FAEL: "{84540121-3B6A-4EF3-A39A-4B78089B0F85}" | In - None - P17 - TRUE | .(.ArcSoft Inc. - Photo.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Photo\HPPhoto.exe
O87 - FAEL: "{B7B38DDD-0156-49E5-9B9D-230D9A5CEE79}" | In - None - P6 - TRUE | .(.ArcSoft Inc. - Video.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Video\HPVideo.exe
O87 - FAEL: "{F00024D2-5039-48B3-9B39-B3F5F50177B7}" | In - None - P17 - TRUE | .(.ArcSoft Inc. - Video.) -- C:\PROGRA~1\HEWLET~1\HPMEDI~1\Video\HPVideo.exe
O87 - FAEL: "{55A47014-F522-4962-9412-D7C054EE262D}" | In - None - P17 - TRUE | .(.Zecter Inc. - HP CloudDrive.) -- C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe
O87 - FAEL: "{226EC8F6-F8CA-41F7-8D49-E1BE970EFAAD}" | Out - None - P17 - TRUE | .(.Zecter Inc. - HP CloudDrive.) -- C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe
O87 - FAEL: "{58B8C4F3-C90B-4D44-AD3F-6686C1C141E5}" | In - Public - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe
O87 - FAEL: "{79E8CBF7-0466-422A-9A72-CBC1AADEAA22}" | In - Public - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe
O87 - FAEL: "{941F7AF9-06A0-4DE3-9D0A-BC34A61E39A5}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O87 - FAEL: "{53A662FA-C398-4F63-B518-A92B7741EC3E}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
---\\ Scan Additionnel (O88)
Database Version : 8548 - (21/07/2011)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 1
[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox
[HKCU\Software\PCTuto] =>Spyware.AgenceExclusive
[HKLM\Software\PCTuto] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCTuto Avast_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PcTuto_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdatePCTuto_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Mozilla\Firefox\Extensions]:offerboxffx@offerbox.com =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:PCTuto =>Spyware.AgenceExclusive
C:\Program Files\PCTuto =>Spyware.AgenceExclusive
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCTuto =>Spyware.AgenceExclusive
C:\Users\rené\AppData\Roaming\PCTuto =>Spyware.AgenceExclusive
C:\Users\rené\AppData\Local\PCTuto =>Spyware.AgenceExclusive
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk =>PUP.OfferBox
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 03/12/2010 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\aestsrv.exe
SR - | Auto 27/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/04/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 03/12/2010 656672 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - | Demand 03/12/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
SS - | Auto 23/07/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/07/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/07/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 16/08/2010 121344 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 16/08/2010 103992 | (HP Wireless Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
SR - | Auto 16/08/2010 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Demand 16/08/2010 698424 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 16/08/2010 27192 | (HPWMISVC) . (...) - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
SR - | Auto 03/12/2010 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Auto 23/07/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 03/12/2010 237650 | C:\Windows\system32\stlang.dll (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by rené at 23/07/2011 21:19:43
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x81A85428] -> \Device\Harddisk0\DR0[0x84C49948]
3 CLASSPNP[0x865DC59E] -> ntkrnlpa!IofCallDriver[0x81A85428] -> \Device\Ide\IAAStorageDevice-0[0x8420C028]
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 2 !
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by rené at 23/07/2011 21:19:45
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
End of the scan (911 lines in 02mn 56s)(0)
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par nardino » 23 Juil 2011 21:36
Bonsoir
Merci d’héberger le rapport sur Cjoint
Merci d’héberger le rapport sur Cjoint
-
nardino - Super Libellulien
- Messages: 1100
- Inscription: 03 Avr 2009 22:02
Re: plein de pub intempestives!!!
par vieillechouette » 23 Juil 2011 22:07
ILS ME DISENT QUE C'EST TROP VOLUMINEUX DONC JE NE PEUX PAS TE L'ENVOYER, je vais me coucher merci de ta gentillesse, laisse moi des consignes je m'y remettrais demain, bonne nuit et à demain.
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par nardino » 23 Juil 2011 23:46
Bonsoir
Sur le lien que je t'ai donné il y a la solution pour bien désinstaller pctuto.Voir le troisième diaporama.
A l'aide de Revo Uninstaller.
N'oublie pas non de "killer", terminer le processus, SoftwareHP dans le gestionnaire des tâches comme c'est indiqué.
@+
Sur le lien que je t'ai donné il y a la solution pour bien désinstaller pctuto.Voir le troisième diaporama.
A l'aide de Revo Uninstaller.
N'oublie pas non de "killer", terminer le processus, SoftwareHP dans le gestionnaire des tâches comme c'est indiqué.
@+
-
nardino - Super Libellulien
- Messages: 1100
- Inscription: 03 Avr 2009 22:02
Re: plein de pub intempestives!!!
par vieillechouette » 24 Juil 2011 05:26
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par vieillechouette » 24 Juil 2011 05:27
bonjour, est ce que c'est comme ça qu'il faut faire?
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par nardino » 24 Juil 2011 10:58
Bonjour
Yes !
As-tu regardé mon message entre-temps ?
@+
Yes !
As-tu regardé mon message entre-temps ?
@+
-
nardino - Super Libellulien
- Messages: 1100
- Inscription: 03 Avr 2009 22:02
Re: plein de pub intempestives!!!
par vieillechouette » 24 Juil 2011 12:10
oui mais je comprends pas trop car avec le netbook, je n'ai visité pas grand site! J'comprends pas pourquoi il a attrappé cette cochonnerie peut être que mon anti virus est mal installé? Merci à+
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par nardino » 24 Juil 2011 12:24
Dernière édition par nardino le 24 Juil 2011 13:42, édité 1 fois.
-
nardino - Super Libellulien
- Messages: 1100
- Inscription: 03 Avr 2009 22:02
Re: plein de pub intempestives!!!
par vieillechouette » 24 Juil 2011 12:50
CE LIEN NE FONCTIONNE PAS. A +
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
-
nardino - Super Libellulien
- Messages: 1100
- Inscription: 03 Avr 2009 22:02
Re: plein de pub intempestives!!!
par vieillechouette » 24 Juil 2011 15:32
Ah oui ok c'est quand j'ai dû télécharger msn que ça m'a pourri l'ordi alors! Dois je le supprimer? Aussi, je pars demain à l'étranger, puis je emmener sans problème mon netbook? Sinon je prendrai mon pc portable mais un peu plus encombrant? Merci de ton aide et cool ton lien (je regarderai de plus prêt à mon retour).
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par vieillechouette » 24 Juil 2011 20:24
Je dois m'en aller à présent peux tu me laisser les prochaines directives? Merci encore de ton aide à demain.
- vieillechouette
- Libellulien Junior
- Messages: 224
- Inscription: 21 Avr 2010 12:57
- Localisation: Manche (50)
Re: plein de pub intempestives!!!
par nardino » 24 Juil 2011 21:25
Bonsoir
Si tu as désinstallé tuito4pc comme indiqué, plus de problèmes.
@+
Si tu as désinstallé tuito4pc comme indiqué, plus de problèmes.
@+
-
nardino - Super Libellulien
- Messages: 1100
- Inscription: 03 Avr 2009 22:02
21 messages
• Page 1 sur 2 • 1, 2
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 0 invités
Développé par phpBB® Forum Software © phpBB Group
Traduction par phpBB-fr.com
Traduction par phpBB-fr.com
phpBB Metro Theme by PixelGoose Studio