Sujet Précédent Sujet Suivant

Rapport ZHPDiag

Fermé
Thib45000 Messages postés 2 Date d'inscription mercredi 9 novembre 2011 Statut Membre Dernière intervention 9 novembre 2011 - 9 nov. 2011 à 12:27
Bleuet' Messages postés 579 Date d'inscription dimanche 16 octobre 2011 Statut Membre Dernière intervention 12 octobre 2018 - 9 nov. 2011 à 14:08
Bonjour,
Depuis quelques temps on pc est beaucoup ralentis,
j'ai annalysé mon pc avec ZhpDiag et fait une restaure de host
J'ai du mal a analyser le rapport Zhp pouvez vous m donner un coup de main??

Merci



Rapport de ZHPDiag v1.28.2222 par Nicolas Coolman, Update du 07/11/2011
Run by Thibz at 08/11/2011 22:31:55
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19088 (Defaut)
MFIE: Mozilla Firefox 7.0.1 v7.0.1
GCIE: Google Chrome v15.0.874.106

---\\ Windows Product Information
Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : MQ3CQ
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3036 MB (28% free)
System Restore: Activé (Enable)
System drive C: has 83 GB (18%) free of 453 GB

---\\ Logged in mode
~ Computer Name: PC-DE-THIBZ
~ User Name: Thibz
~ All Users Names: Thibz, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Thibz\AppData\Roaming\
~ %Desktop% : C:\Users\Thibz\Desktop\
~ %Favorites% : C:\Users\Thibz\Favorites\
~ %LocalAppData% : C:\Users\Thibz\AppData\Local\
~ %StartMenu% : C:\Users\Thibz\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 83 Go of 453 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.08/11/2011 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.08/11/2011 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.08/11/2011 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.DE4685DE5130039FA63DA66C0F72F787] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/11/2011 - 07:08:58.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.08/11/2011 - 03:24:49.) -- C:\Windows\system32\Winlogon.exe [314880]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.08/11/2011 - 09:33:40.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.48EB99503533C27AC6135648E5474457] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.08/11/2011 - 14:16:42.) -- C:\Windows\system32\drivers\AFD.sys [273408]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.08/11/2011 - 03:23:00.) -- C:\Windows\system32\drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.08/11/2011 - 03:23:51.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.08/11/2011 - 03:23:02.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]
[MD5.A3E9FA213F443AC77C7746119D13FEEC] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.08/11/2011 - 15:24:14.) -- C:\Windows\system32\drivers\DfsC.sys [75264]
[MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.08/11/2011 - 03:23:22.) -- C:\Windows\system32\drivers\HDAudBus.sys [53760]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.08/11/2011 - 03:23:20.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.08/11/2011 - 03:24:25.) -- C:\Windows\system32\drivers\IpNat.sys [100864]
[MD5.5734A0F2BE7E495F7D3ED6EFD4B9F5A1] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.08/11/2011 - 13:49:35.) -- C:\Windows\system32\drivers\MRxSmb.sys [105984]
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.08/11/2011 - 03:24:59.) -- C:\Windows\system32\drivers\netBT.sys [184320]
[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.08/11/2011 - 03:23:51.) -- C:\Windows\system32\drivers\ntfs.sys [1081912]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.08/11/2011 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.08/11/2011 - 03:24:55.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.08/11/2011 - 03:23:01.) -- C:\Windows\system32\drivers\rdpdr.sys [248832]
[MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.08/11/2011 - 03:25:00.) -- C:\Windows\system32\drivers\smb.sys [66560]
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.08/11/2011 - 03:24:53.) -- C:\Windows\system32\drivers\tdx.sys [71680]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 7/400
~ Mes musiques (My Musics) : 574/3148
~ Mes Videos (My Videos) : 2/239
~ Mes Favoris (My Favorites) : 9/36
~ Mes Documents (My Documents) : 19/41558
~ Mon Bureau (My Desktop) : 18/148
~ Menu demarrer (Programs) : 6/131
~ Scan Hidden Files in 02mn 22s



---\\ Processus lancés
[MD5.C19FC4951E15BE086F44CA7F7DAF7BC1] - (.Pas de propriétaire - HControlUser.) -- C:\Program Files\ATK Hotkey\HControlUser.exe [98304] [PID.1604]
[MD5.F21A8FB31B15860C4F6021960CF723A8] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1041704] [PID.1676]
[MD5.0779469432A4F0244AB9AC1A44B7C25F] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [154136] [PID.1864]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.1972]
[MD5.86171114D84AFBD3DFCE930E320C1BBF] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6183456] [PID.2104]
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [54576] [PID.2136]
[MD5.99721F1129BD7C594CBC722992D06D0D] - (.Microsoft Corp. - Barre d'outils MSN®.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992] [PID.2148]
[MD5.52D28AE9E168BA60F2DFA00EDD101B14] - (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192] [PID.2168]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.2180]
[MD5.3CF9AEB1F63AF9E529F69C09B9E447D7] - (...) -- C:\Users\Thibz\AppData\Roaming\cacaoweb\cacaoweb.exe [395264] [PID.2216]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2224]
[MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2316]
[MD5.878C1D356C35D71C93A9153A3B7925E0] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [PID.2324]
[MD5.CB2B9EB1447D8A264E46948DF46C1212] - (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [1038136] [PID.2340]
[MD5.922320B4C3ECAACCD0D92BE23C5E5D0A] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136] [PID.2408]
[MD5.BD6F6037F9AA703B2B9C1C9FDD48498F] - (.https://tortoisesvn.net/ - TortoiseSVN status cache.) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe [613128] [PID.2504]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2916]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files\RocketDock\RocketDock.exe [495616] [PID.2964]
[MD5.C815C123B51253E3E38D44DA87656124] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATICAE.EXE [180736] [PID.3232]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856] [PID.]
[MD5.DA1A713998971CA7AB65AD9482C0FF13] - (...) -- C:\Users\Thibz\AppData\Local\Akamai\netsession_win.exe [3293784] [PID.3300]
[MD5.B614F11CB487FB97BC5FEBA24B884CBA] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [752168] [PID.3308]
[MD5.EAA666E9DD8DCDA6E075087091CB85EE] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [275072] [PID.3316]
[MD5.CCC752860FBCBFE44CA85DEE8EBFE1BD] - (.Felix 'SniperBeamer' Geyer - Thunderbird-Tray.) -- C:\Program Files\Thunderbird-Tray\TBTray.exe [38912] [PID.3352]
[MD5.AD9330B5698CCE74649AED81ECD61D9D] - (.Mozilla Messaging - Thunderbird.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe [399512] [PID.3884]
[MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152] [PID.3956]
[MD5.FD9A0982CA1DE81CD010CCEFC495A48C] - (.Pas de propriétaire - MotoHelperAgent.) -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe [673088] [PID.1204]
[MD5.046799E4276D38247FF427B3DEBC8166] - (...) -- C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe [33280] [PID.5676]
[MD5.C180E890FFE0FDED8306427D3C836AF2] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [174952] [PID.7540]
[MD5.B29A08A0CB56CD5A4B9C53A011819657] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [565096] [PID.7888]
[MD5.66BB5B07696219FA334452D6F51FD648] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [366720] [PID.6356]
[MD5.50772C721FE88F4248F9F52AB2219B0F] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528] [PID.6280]
[MD5.1EA4588169C62D46A5EF5062920D50A9] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1036344] [PID.1264]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\system32\rundll32.exe [44544] [PID.6392]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.7736]
[MD5.381B62B13224236D333B712F3DEF0D17] - (.ZaraSoft - Automatización de radios ZaraRadio.) -- C:\Program Files\ZaraSoft\ZaraRadio\ZaraRadio.exe [6269440] [PID.6632]
[MD5.5D74A1A95E34C8B132C47D2DCB88E9D1] - (.STREAMTITRE - Titreur de flux radio.) -- C:\Program Files\Streamtitre\streamtitre.exe [848203] [PID.5552]
[MD5.32FFF11A97C6447D83CDBFDBEB7C76E1] - (.STREAMTITRE - Pilote Fichier Texte pour streamtitre.) -- C:\Program Files\Streamtitre\CPT_TEXTE.exe [319682] [PID.6156]
[MD5.B6D431740CAE62436C6640CD0DC700B2] - (.STREAMTITRE - Planning pour streamtitre.) -- C:\Program Files\Streamtitre\str_planning.exe [540578] [PID.7732]
[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.6136]
[MD5.79197AB8FC20E781BA141E291866A909] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [17351304] [PID.7288]
[MD5.A2D8B679702ED75AEB11F87F466FF1AF] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [702464] [PID.7996]
[MD5.CEE56B2C1189FA1B51F4B57C5D0CB473] - (.Aeonsoft - Neuz.) -- C:\Program Files\Eflora_fun\Neuz.exe [7122944] [PID.4552]
[MD5.0BA91E1358AD25236863039BB2609A2E] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [2623488] [PID.]
[MD5.5A055A4777CBBC8845DD598CB2EEBF69] - (.Pas de propriétaire - ASLDR Service.) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208] [PID.]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]
[MD5.19CBD1F3C983A3895783C4A3FB2539B8] - (.ATK0100 - HControl.) -- C:\Program Files\ATK Hotkey\Hcontrol.exe [233472] [PID.]
[MD5.8192CC6303ACA5BE84CBB7E7B323A0E9] - (.Pas de propriétaire - MsgTranAgt.) -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe [106496] [PID.]
[MD5.0999D96B90C5E37AAB39AAE5932F97FC] - (.Packardbell - ECO button.) -- C:\Program Files\Packardbell\EcoBtn\EcoBtn.exe [307200] [PID.]
[MD5.26A0B3AD103FCA545D8FA855E8B7DD52] - (.Pas de propriétaire - ATKOSD.) -- C:\Program Files\ATK Hotkey\ATKOSD.exe [2555904] [PID.]
[MD5.D3917821614CF44F8658B74DAFC59520] - (.Pas de propriétaire - WDC Application.) -- C:\Program Files\ATK Hotkey\WDC.exe [151552] [PID.]
[MD5.E8FE4FCE23D2809BD88BCC1D0F8408CE] - (...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832] [PID.]
[MD5.018857EAD9A077A56AEDFC0E5EF7A24A] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [PID.]
[MD5.09CB316DB9D61ED9FC9A7B07A1A301F6] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [518696] [PID.]
[MD5.23112102BC2A8FE44B8AC44A05BDF4C3] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [24576] [PID.]
[MD5.A2AB198FC6414A6D406BD733CD7240AF] - (.Aladdin Knowledge Systems Ltd. - Aladdin HASP License Manager Service.) -- C:\Windows\system32\hasplms.exe [2558464] [PID.]
[MD5.8B4B572753419FE601220526205F9455] - (.https://sourceforge.net/p/libusb-win32/wiki/Home/ - LibUsb-Win32 - Generic USB Library.) -- C:\Windows\system32\libusbd-nt.exe [18944] [PID.]
[MD5.2443B978E80F8A3D1F39855AA25882AF] - (.Pas de propriétaire - MotoHelper Service.) -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [226624] [PID.]
[MD5.837608240884733792DDAE81E50B802A] - (.Microsoft Corporation - SQL Server Windows NT.) -- c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408] [PID.]
[MD5.837608240884733792DDAE81E50B802A] - (.Microsoft Corporation - SQL Server Windows NT.) -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408] [PID.]
[MD5.C1E4D8FF2F55F1C38B1295C86AAB1D9D] - (...) -- C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [6098944] [PID.]
[MD5.40D7D0A208EE863BCA8D89E299216F15] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.]
[MD5.8C02B0CC65BEE71124A565062BA77B39] - (...) -- C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [24064] [PID.]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.]
[MD5.831883B107684301F48ACE752C963984] - (...) -- C:\Windows\system32\PnkBstrA.exe [66872] [PID.]
[MD5.637A0F23F9012358E92E6F99835494D1] - (.Microsoft Corporation - SQL Server VSS Writer.) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [98840] [PID.]
[MD5.B357451A6958E2B7B506FB1D08271BE6] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2358656] [PID.]
[MD5.53EA061ECC67223A430F153C3682AD54] - (.Apache Software Foundation - Apache HTTP Server.) -- c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe [20549] [PID.]
[MD5.BFAD6C4C16379E46CDE7F50E7E4961AD] - (...) -- c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe [8133120] [PID.]
[MD5.E2466C30994D7BF8AE01E4019C677670] - (.Hide My IP - Pas de description.) -- C:\Program Files\Hide My IP\HideMyIpSrv.exe [3249512] [PID.]
[MD5.ECA9E80931FE18DB5823593090D14E04] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [700416] [PID.]
[MD5.CD4326BC339F98DE21AA07B208A305AE] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [529704] [PID.]
~ Scan Processes Running in 00mn 13s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Thibz\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [bkeidgmehkdjmpjodpjkepolokanalkm] James White v.3 (Activé)
G2 - GCE: Preference [User Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.0.900 (Activé)
G2 - GCE: Preference [User Data\Default] [pbglijbamgmlcpnnpbfjkbdeheejjloj] Shockwave Flash v.10,3,183,10 (Activé)
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Thibz\AppData\Roaming\Mozilla\Firefox\Profiles\snh86zxc.default\prefs.js
C:\Users\Thibz\AppData\Roaming\Mozilla\Firefox\Profiles\snh86zxc.default\user.js
M3 - MFPP: Plugins - [Thibz] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Thibz] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Thibz] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Thibz] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Thibz] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Thibz] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
M3 - MFPP: Plugins - [Thibz] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Thibz] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Thibz - snh86zxc.default] https://www.facebook.com/
M2 - MFEP: prefs.js [Thibz - snh86zxc.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.18 (.http://www.cacaoweb.org/
M2 - MFEP: prefs.js [Thibz - snh86zxc.default\engine@conduit.com] [] Conduit Engine v3.3.3.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Thibz - snh86zxc.default\firedownload@mozilla.org] [] FireDownload v2.0.1 (.Radical Software Ltd.)
M2 - MFEP: prefs.js [Thibz - snh86zxc.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [Thibz - snh86zxc.default\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [] DVDVideoSoftTB Community Toolbar v3.7.0.6 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Thibz - snh86zxc.default\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] [] Free YouTube Download (Free Studio) Menu v3.7.0.6 (.DVDVideoSoft Limited.)
M2 - MFEP: prefs.js [Thibz - snh86zxc.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.6 (.Michel Gutierrez.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.Nullsoft, Inc. - Winamp Application Detector.) -- C:\Program Files\Mozilla Firefox\Plugins\npwachk.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX OVS Helper,version=1.0.0] - (.DivX, LLC. - DivX OVS Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (...) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (.not file.)
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpWinExt,version=4.0] - (.Microsoft Corporation - MSN® Toolbar.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
P2 - FPN: [HKLM] [@RIM.com/WebSLLauncher,version=1.0] - (...) -- C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\Thibz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://search.speedbit.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 2, 0) -- C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 2, 0) -- C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} . (.Shareaza Development Team - Shareaza Web Download Hook.) -- C:\Program Files\Shareaza\RazaWebHook32.dll
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} . (.SFR - Aide à la navigation SFR.) -- C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files\DivX\DivX Plus We
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} . (.justDo Software - Jd2002 Module.) -- C:\Program Files\Common Files\justDo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - MSN® Toolbar.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} . (.PilotGroup LLC - SaveFlash.) -- C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation - MSN® Toolbar.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [HControlUser] . (.Pas de propriétaire - HControlUser.) -- C:\Program Files\ATK Hotkey\HcontrolUser.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [NPSStartup] Clé orpheline
O4 - HKLM\..\Run: [SmpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSN Toolbar] . (.Microsoft Corp. - Barre d'outils MSN®.) -- C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\is-U8R0T.exe
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Thibz\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SmpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [Webcamfirst] . (.Pas de propriétaire - Webcamfirst.) -- C:\Program Files\Webcamfirst\Webcamfirst.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Thibz\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (...) -- C:\Users\Thibz\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [cacaoweb] . (...) -- C:\Users\Thibz\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [SmpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [Webcamfirst] . (.Pas de propriétaire - Webcamfirst.) -- C:\Program Files\Webcamfirst\Webcamfirst.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Thibz\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-2564344754-238406800-2411737441-1000\..\Run: [Akamai NetSession Interface] . (...) -- C:\Users\Thibz\AppData\Local\Akamai\netsession_win.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS3.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\AfterFX.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jouer (EasyBits GO).lnk . (.EasyBits Software AS.) -- C:\ProgramData\Easybits GO\EasyBitsGO.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files\Spotify\spotify.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Thibz\Desktop\adsl TV.lnk . (.adsl TV / FM.) -- C:\Program Files\adslTV\adsltv.exe
O4 - Global Startup: C:\Users\Thibz\Desktop\Disque Dur.lnk . (...) -- C:\
O4 - Global Startup: C:\Users\Thibz\Desktop\Documents.lnk . (...) -- C:\Users\Thibz\Documents
O4 - Global Startup: C:\Users\Thibz\Desktop\Eflora.lnk . (...) -- C:\Program Files\Eflora_fun\Flyff.exe
O4 - Global Startup: C:\Users\Thibz\Desktop\SD Record.lnk . (.StreamDiffusion.) -- C:\Program Files\StreamDiffusion\SD Record.exe
O4 - Global Startup: C:\Users\Thibz\Desktop\StreamDiffusion.lnk . (.FHTools.) -- C:\Program Files\StreamDiffusion\StreamDiffusion.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk . (.www.motioninjoy.com.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Eflora.lnk . (...) -- C:\Program Files\Eflora_fun\Flyff.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk . (.Koyote Soft.) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hex Editor Neo.lnk . (.HHD Software Ltd..) -- C:\Users\Thibz\AppData\Local\HHD Software\Hex Editor Neo\HexFrame.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hide My IP.lnk . (.www.hidemyip.com.) -- C:\Program Files\Hide My IP\HideMyIP.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Virtual Personality.lnk . (.Triplebit.) -- C:\Program Files\Virtual Personality\VPersonality.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PSPad.lnk . (.Prog-Soft s.r.o..) -- C:\Program Files\PSPad editor\PSPad.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SAM Broadcaster.lnk . (...) -- C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SD Record.lnk . (.StreamDiffusion.) -- C:\Program Files\StreamDiffusion\SD Record.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shareaza.lnk . (.Shareaza Development Team.) -- C:\Program Files\Shareaza\Shareaza.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\StreamDiffusion.lnk . (.FHTools.) -- C:\Program Files\StreamDiffusion\StreamDiffusion.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\streamtitre.lnk . (.STREAMTITRE.) -- C:\Program Files\Streamtitre\streamtitre.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TB-Tray.lnk . (.Felix 'SniperBeamer' Geyer.) -- C:\Program Files\Thunderbird-Tray\TBTray.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Webcamfirst.lnk . (...) -- C:\Program Files\Webcamfirst\Webcamfirst.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk . (.Nullsoft, Inc..) -- C:\Program Files\Winamp\winamp.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\World of Warcraft.lnk . (.Blizzard Entertainment.) -- C:\Users\Public\Games\World of Warcraft\Launcher.exe
O4 - Global Startup: C:\Users\Thibz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe
~ Scan Global Startup in 00mn 02s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Download with &Shareaza . (.Shareaza Development Team - Shareaza Web Download Hook.) -- C:\Program Files\Shareaza\RazaWebHook32.dll
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Free YouTube Download . (...) -- C:\Users\Thibz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter . (...) -- C:\Users\Thibz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll
O8 - Extra context menu item: Save Flash with Flash Catcher . (.justDo Software - IECatcher Module.) -- C:\Program Files\Common Files\justDo\IECatcher.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} . (.justDo Software - IECatcher Module.) -- C:\Program Files\Common Files\justDo\IECatcher.dll
O9 - Extra button: Flash Catcher - {90EAE591-7E7E-434a-8E28-ECFD00071806} -- C:\Program Files\PokerStars.FR\main.ico (.not file.)
O9 - Extra button: Flash Catcher - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Flash Catcher - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{09739329-1908-49D6-BE6C-027F0949016D}: DhcpNameServer = 10.6.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0A9F5D6-C9D8-4125-BBA0-F0635F697E4C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{09739329-1908-49D6-BE6C-027F0949016D}: DhcpNameServer = 10.6.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E0A9F5D6-C9D8-4125-BBA0-F0635F697E4C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{09739329-1908-49D6-BE6C-027F0949016D}: DhcpNameServer = 10.6.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{E0A9F5D6-C9D8-4125-BBA0-F0635F697E4C}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- c:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.dll
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) . (.Pas de propriétaire - ASLDR Service.) - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: Service Google Update (gupdate1ca178dbca5e3f8) (gupdate1ca178dbca5e3f8) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HASP License Manager (hasplms) . (.Aladdin Knowledge Systems Ltd. - Aladdin HASP License Manager Service.) - C:\Windows\system32\hasplms.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) . (.https://sourceforge.net/p/libusb-win32/wiki/Home/ - LibUsb-Win32 - Generic USB Library.) - C:\Windows\system32\libusbd-nt.exe
O23 - Service: MotoHelper Service (MotoHelper) . (.Pas de propriétaire - MotoHelper Service.) - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: MySQL (MySQL) . (...) - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files\MySQL\MySQL Server 5.1\my.ini" MySQL (.not file.)
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) . (...) - C:\Program Files\OpenVPN Technologies\OpenVPN Cli

3 réponses

Réponse 1 / 3
Bleuet' Messages postés 579 Date d'inscription dimanche 16 octobre 2011 Statut Membre Dernière intervention 12 octobre 2018 32
9 nov. 2011 à 12:40
Salut,

Ton rapport est incomplet

Utilise https://www.cjoint.com/ pour héberger le rapport et mettre le lien dans ta réponse.

;)
0
Réponse 2 / 3
Thib45000 Messages postés 2 Date d'inscription mercredi 9 novembre 2011 Statut Membre Dernière intervention 9 novembre 2011
9 nov. 2011 à 12:43
Hello!

Voila le lien : http://cjoint.com/data3/3KjmRhGm6c5.htm
0
Réponse 3 / 3
Bleuet' Messages postés 579 Date d'inscription dimanche 16 octobre 2011 Statut Membre Dernière intervention 12 octobre 2018 32
9 nov. 2011 à 14:08
Re,

/!\ Tu as beaucoup de logs P2P installés/!\
/!\ Toutes les autorisations PF données font de ton PC une passoire /!\
* Il ne faut pas 2 logiciels Anti-virus sur un système. Il te faut choisir entre Avira Free Personal et Norton Internet Security. (à l'essai ? payé ? pré-installé ?).
Pour les désinfections:
* Télécharge defogger >
Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :
http://www.jpshortstuff.247fixes.com/Defogger.exe
* Lance le
* Une fenêtre apparait : clique sur "Disable"
* Fais redémarrer l'ordinateur si l'outil te le demande
* Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable".
------
* Télécharge RogueKiller >
https://www.luanagames.com/index.fr.html
[*]Renommer Roguekiller en "Winlogon.exe"
[*]Quitter tous tes programmes en cours
[*]Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur
[*]Entrer le choix 1 "Recherche" et valider par [Entrée].
[*]Un rapport (RKreport.txt)a du se créer sur le bureau.A copier/coller dans la réponse.
* Note : Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.
TUTO >
https://www.commentcamarche.net/faq/5993-modifier-son-fichier-hosts#restaurer-le-fichier-hosts-a-son-etat-d-origine
-------
* Télécharge AdwCleaner >
[*] Télécharges AdwCleaner de Xplode
compatible Windows XP/Vista/7 32 et 64 bits.
https://toolslib.net
Option "Suppression":
[*]/!\ Fermer les navigateurs /!\
[*] Lancer Adwcleaner
pour Windows 7: lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
[*]Sur la page, cliques sur le bouton Suppression
[*]Accepter l'avertissement qui suit
[*]Laisser travailler l'outil
[*] Poster le rapport qui apparait à la fin .
[*]Clic sur Quitter
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
[*] Copier/coller le rapport C:\AdwCleaner[S1].txt
-------
* Télécharge AD-Remover (de C_XX) sur le bureau >
Phase 1 Rercherche :
https://www.commentcamarche.net/telecharger/securite/2547-ad-remover/
/ ! \ Déconnecte toi et ferme toutes les applications en cours / ! \
[*]Désactive l'UAC ( si Vista, Windows 7)
[*]Désactive le Team-Timer de Spybot S&D (si installé)
[*]Double-clique sur l'icône AD-Remover
[*]Au menu principal, clique sur "Scanner"
[*]Confirme le lancement de l'analyse et laisse l'outil travailler
[*]Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-SCAN.txt )

(CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
--------
* A faire la mise à jour version et base de données de malwarebytes, lancer une analyse, accepter les suppressions demandées et copier/coller le rapport.
-------
* Copier/coller tous les rapports.
-------
du boulot donc..... ,)
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
a quoi sert vraiment ce logiciel ZHPDIAG
Utilisateur anonyme -
Utilisateur anonyme -

7 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses