A voir également:
- Comment supprimer SvcHost ..
- Comment supprimer une page sur word - Guide
- Supprimer compte instagram - Guide
- Supprimer pub youtube - Accueil - Streaming
- Comment recuperer un message supprimé sur whatsapp - Guide
- Impossible de supprimer un fichier - Guide
2 réponses
choucaldia
Messages postés
3294
Date d'inscription
lundi 5 septembre 2011
Statut
Membre
Dernière intervention
23 août 2017
515
19 avril 2012 à 20:22
19 avril 2012 à 20:22
bonjour,
Svchost est un élement de windows, il peut être utilisé par des infections !
il faut voir s'ou vient le problème :
* Télécharge ZHPDiag sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
https://www.cjoint.com/
ou :
http://dl.free.fr
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Svchost est un élement de windows, il peut être utilisé par des infections !
il faut voir s'ou vient le problème :
* Télécharge ZHPDiag sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cijoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
https://www.cjoint.com/
ou :
http://dl.free.fr
ou :
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.terafiles.net/
tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Et maintenant .. Je fais quoi ?
Le rapport :
http://cjoint.com/12av/BDtuHP8vjco.htm
Le rapport :
http://cjoint.com/12av/BDtuHP8vjco.htm
choucaldia
Messages postés
3294
Date d'inscription
lundi 5 septembre 2011
Statut
Membre
Dernière intervention
23 août 2017
515
19 avril 2012 à 20:43
19 avril 2012 à 20:43
re ,
tu as du oublier quelque chose avec le lien que tu donne ,il n'apparait pas en vert deja et internet dis impossible d'ouvrire la page .
tu as du oublier quelque chose avec le lien que tu donne ,il n'apparait pas en vert deja et internet dis impossible d'ouvrire la page .
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
19 avril 2012 à 20:46
19 avril 2012 à 20:46
Choucaldia
Il suffit de faire un copier coller de l'adresse chez moi ça marche!
Il suffit de faire un copier coller de l'adresse chez moi ça marche!
kalimusic
Messages postés
14014
Date d'inscription
samedi 7 novembre 2009
Statut
Contributeur sécurité
Dernière intervention
20 novembre 2015
3 027
19 avril 2012 à 20:46
19 avril 2012 à 20:46
Bonsoir,
C'est parce que Mathilde n'est pas inscrite mais son lien est valide.
http://cjoint.com/12av/BDtuHP8vjco.htm
:)
C'est parce que Mathilde n'est pas inscrite mais son lien est valide.
http://cjoint.com/12av/BDtuHP8vjco.htm
:)
Modifié par Mathilde le 19/04/2012 à 21:23
Rapport de ZHPDiag v1.30.13 par Nicolas Coolman, Update du 19/04/2012
Run by Mathilde at 19/04/2012 20:26:51
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
OPIE: Opera v11.62 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : K6RWB
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3002 MB (58% free)
System Restore: Désactivé (Disabled)
System drive C: has 171 GB (87%) free of 195 GB
---\\ Logged in mode
~ Computer Name: MATHILDE-PC
~ User Name: Mathilde
~ All Users Names: Mathilde, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Mathilde\AppData\Roaming\
~ %Desktop% : C:\Users\Mathilde\Desktop\
~ %Favorites% : C:\Users\Mathilde\Favorites\
~ %LocalAppData% : C:\Users\Mathilde\AppData\Local\
~ %StartMenu% : C:\Users\Mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 171 Go of 195 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 256 Go of 256 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 14 Go)
F:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
G:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.228443FF3A1FB0B974D278F7C6403FAD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/02/2012 - 07:49:56.) -- C:\Windows\System32\wininet.dll [1390080]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : Non accessible (Not found)
~ Mes Videos (My Videos) : Non accessible (Not found)
~ Mes Favoris (My Favorites) : 3/26
~ Mon Bureau (My Desktop) : 1/5
~ Menu demarrer (Programs) : 8/24
~ Scan Hidden Files in 00mn 00s
---\\ Processus lancés
[MD5.896A1DB9A972AD2339C2E8569EC926D1] - (.Safer Networking Limited - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088] [PID.]
[MD5.D4C073DB0B506852B35197069A1892C7] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe [949104] [PID.]
[MD5.4C94AA41D8136726E07113780D90B887] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [4506624] [PID.]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.]
~ Scan Processes Running in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 08s
~ Nombre de lignes (Lines number): 15237
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} Clé orpheline
~ Scan BHO in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1786590910-3728962301-833778739-1000\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1786590910-3728962301-833778739-1000\..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Mathilde\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Mathilde\Desktop\Opera.lnk . (.Opera Software.) -- C:\Program Files (x86)\Opera\opera.exe
O4 - Global Startup: C:\Users\Mathilde\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\Mathilde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Mathilde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url . (.Microsoft Corporation.) -- C:\Users\Mathilde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
O4 - Global Startup: C:\Users\Mathilde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
~ Scan Global Startup in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A21B167-6222-4059-9B20-905104454739}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{7A21B167-6222-4059-9B20-905104454739}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{7A21B167-6222-4059-9B20-905104454739}: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Windows\system32\guard64.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
[MD5.459AC130C6AB892B1CD5D7544626EFC5] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.00000000000000000000000000000000] [APT] [{881C449F-8A26-4B16-B89C-5118E81ADA8F}] (...) -- I:\sp46673.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{A6043C58-928F-4239-BEC5-7E404D33911D}] (...) -- I:\netsetup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{EF75F158-9EA3-4E4A-98B7-91BC45B4E44F}] (...) -- C:\3Com\3CRDAG675B\Master\Master.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{FA9CCEDE-324B-4EB6-8E13-59BC26C54F8C}] (...) -- C:\3Com\3CRDAG675B\Setup.exe (.not file.)
~ Scan Scheduled Task in 00mn 02s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\System32\wmp.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (cmderd) . (.COMODO - COMODO Internet Security Eradication Driver.) - C:\Windows\System32\DRIVERS\cmderd.sys
O41 - Driver: (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\Windows\System32\DRIVERS\cmdguard.sys
O41 - Driver: (cmdHlp) . (.COMODO - COMODO Internet Security Helper Driver.) - C:\Windows\System32\DRIVERS\cmdhlp.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (inspect) . (.COMODO - COMODO Internet Security Firewall Driver.) - C:\Windows\System32\DRIVERS\inspect.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: COMODO Internet Security - (.COMODO Security Solutions Inc..) [HKLM] -- {D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Opera 11.62 - (.Opera Software ASA.) [HKLM] -- Opera 11.62.1347
O42 - Logiciel: REALTEK Wireless LAN Software - (.REALTEK Semiconductor Corp..) [HKLM] -- {901F0D4C-009D-1112-8DE4-03599E7B0C5C}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ComodoGroup]
[HKCU\Software\Google]
[HKCU\Software\Headlight]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Nosibay]
[HKCU\Software\OfferBox]
[HKCU\Software\Opera Software]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Synaptics]
[HKCU\Software\SysInternals]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Wow6432Node]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Babylon]
[HKLM\Software\BcmSetup]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\ComodoGroup]
[HKLM\Software\DriverTuner]
[HKLM\Software\DriverTuner_Init]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Netscape]
[HKLM\Software\ODBC]
[HKLM\Software\OfferBox]
[HKLM\Software\Opera Software]
[HKLM\Software\Pando Networks]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\REALTEK Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Set8191SEVA]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/04/2012 - 18:09:39 - [3,432] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 17/04/2012 - 12:29:20 - [65,567] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 09/04/2012 - 14:46:34 - [0] ----D C:\Program Files (x86)\Comodo
O43 - CFD: 09/04/2012 - 18:06:04 - [2,749] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/04/2012 - 22:52:52 - [0,905] ----D C:\Program Files (x86)\Intel
O43 - CFD: 12/04/2012 - 16:10:29 - [4,915] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 11/04/2012 - 09:50:42 - [36,634] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 10/04/2012 - 10:16:37 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 11/04/2012 - 14:38:38 - [34,180] ----D C:\Program Files (x86)\Opera
O43 - CFD: 19/04/2012 - 18:53:19 - [7,756] ----D C:\Program Files (x86)\PhotoFiltre 7
O43 - CFD: 09/04/2012 - 18:07:38 - [2,291] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,345] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 09/04/2012 - 20:20:34 - [52,604] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 12/04/2011 - 11:16:36 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 12/04/2011 - 11:16:36 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 12/04/2011 - 11:16:36 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 12/04/2011 - 11:16:36 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12/04/2011 - 11:16:36 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 19/04/2012 - 20:27:04 - [11,403] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 09/04/2012 - 11:10:43 - [1,102] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 19/04/2012 - 19:39:43 - [15,492] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 09/04/2012 - 23:22:57 - [9,771] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 10/04/2012 - 12:54:20 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 17/04/2012 - 12:29:19 - [0] ----D C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 05/04/2012 - 21:06:17 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 09/04/2012 - 15:20:36 - [35,771] ----D C:\ProgramData\Comodo
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 05/04/2012 - 21:06:17 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 05/04/2012 - 21:06:17 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 19/04/2012 - 19:50:59 - [124,935] -S--D C:\ProgramData\Microsoft
O43 - CFD: 05/04/2012 - 21:06:17 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 17/04/2012 - 23:07:49 - [0,033] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 14/07/2009 - 07:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 16/04/2012 - 20:24:50 - [1,594] ----D C:\Users\Mathilde\AppData\Roaming\Adobe
O43 - CFD: 16/04/2012 - 20:16:18 - [0,011] ----D C:\Users\Mathilde\AppData\Roaming\Babylon
O43 - CFD: 15/04/2012 - 13:44:41 - [0,011] ----D C:\Users\Mathilde\AppData\Roaming\BatteryBar
O43 - CFD: 09/04/2012 - 19:50:39 - [0,002] ----D C:\Users\Mathilde\AppData\Roaming\GetRightToGo
O43 - CFD: 05/04/2012 - 21:06:35 - [0] ----D C:\Users\Mathilde\AppData\Roaming\Identities
O43 - CFD: 09/04/2012 - 18:44:37 - [0,001] ----D C:\Users\Mathilde\AppData\Roaming\Macromedia
O43 - CFD: 12/04/2011 - 11:27:52 - [0] ----D C:\Users\Mathilde\AppData\Roaming\Media Center Programs
O43 - CFD: 16/04/2012 - 20:24:50 - [2,902] -S--D C:\Users\Mathilde\AppData\Roaming\Microsoft
O43 - CFD: 11/04/2012 - 19:41:08 - [0] ----D C:\Users\Mathilde\AppData\Roaming\Nosibay
O43 - CFD: 11/04/2012 - 19:32:04 - [0,333] ----D C:\Users\Mathilde\AppData\Roaming\OfferBox
O43 - CFD: 11/04/2012 - 14:38:38 - [0,407] ----D C:\Users\Mathilde\AppData\Roaming\Opera
O43 - CFD: 10/04/2012 - 18:07:40 - [0,003] ----D C:\Users\Mathilde\AppData\Roaming\PhotoFiltre 7
O43 - CFD: 05/04/2012 - 21:06:24 - [0] ----D C:\Users\Mathilde\AppData\Local\Application Data
O43 - CFD: 05/04/2012 - 21:06:24 - [0] ----D C:\Users\Mathilde\AppData\Local\Historique
O43 - CFD: 16/04/2012 - 20:24:50 - [85,924] ----D C:\Users\Mathilde\AppData\Local\Microsoft
O43 - CFD: 11/04/2012 - 14:38:38 - [29,458] ----D C:\Users\Mathilde\AppData\Local\Opera
O43 - CFD: 19/04/2012 - 20:27:13 - [2,237] ----D C:\Users\Mathilde\AppData\Local\Temp
O43 - CFD: 05/04/2012 - 21:06:24 - [0] ----D C:\Users\Mathilde\AppData\Local\Temporary Internet Files
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 09/04/2012 - 23:26:11 - [0,000] R---D C:\Users\Mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09/04/2012 - 23:26:11 - [0,000] R---D C:\Users\Mathilde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 09/04/2012 - 18:09:39 - [3,432] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 17/04/2012 - 12:29:20 - [65,567] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 09/04/2012 - 14:46:34 - [0] ----D C:\Program Files (x86)\Comodo
O43 - CFD: 09/04/2012 - 18:06:04 - [2,749] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 17/04/2012 - 22:52:52 - [0,905] ----D C:\Program Files (x86)\Intel
O43 - CFD: 12/04/2012 - 16:10:29 - [4,915] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 11/04/2012 - 09:50:42 - [36,634] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 10/04/2012 - 10:16:37 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 11/04/2012 - 14:38:38 - [34,180] ----D C:\Program Files (x86)\Opera
O43 - CFD: 19/04/2012 - 18:53:19 - [7,756] ----D C:\Program Files (x86)\PhotoFiltre 7
O43 - CFD: 09/04/2012 - 18:07:38 - [2,291] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [37,345] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 09/04/2012 - 20:20:34 - [52,604] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 12/04/2011 - 11:16:36 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 12/04/2011 - 11:16:36 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 12/04/2011 - 11:16:36 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 12/04/2011 - 11:16:36 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12/04/2011 - 11:16:36 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 19/04/2012 - 20:27:04 - [11,403] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 09/04/2012 - 11:10:43 - [1,102] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 19/04/2012 - 19:39:43 - [15,492] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 09/04/2012 - 23:22:57 - [9,771] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 10/04/2012 - 12:54:20 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2945B170D0D1E753540D46A9EB85EF1D] - 19/04/2012 - 19:21:55 ---A- . (...) -- C:\Windows\WindowsUpdate.log [6484]
O44 - LFC:[MD5.F82E35A32EB9F0FAA3F08CDBBD7CBC26] - 19/04/2012 - 18:52:39 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/04/2012 - 21:51:38 . (...) -- C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf [0]
O44 - LFC:[MD5.AE6B0F53B9956915F15F3E641AF8D321] - 16/04/2012 - 16:05:32 . (...) -- C:\Windows\System32\PerfStringBackup.INI [1629432]
O44 - LFC:[MD5.5CB6E13E7785A2F28280C43C34205DDC] - 16/04/2012 - 16:05:32 . (...) -- C:\Windows\System32\perfc009.dat [113752]
O44 - LFC:[MD5.179074A68ABFE4C0384BCC4AE3EB555E] - 16/04/2012 - 16:05:32 . (...) -- C:\Windows\System32\perfc00C.dat [140490]
O44 - LFC:[MD5.CC332372F7FB8D611AD0CA31C4ED1A18] - 16/04/2012 - 16:05:32 . (...) -- C:\Windows\System32\perfh009.dat [644068]
O44 - LFC:[MD5.101E673CED21EC3A9658EE7C84518125] - 16/04/2012 - 16:05:32 . (...) -- C:\Windows\System32\perfh00C.dat [737852]
O44 - LFC:[MD5.AE6B0F53B9956915F15F3E641AF8D321] - 16/04/2012 - 16:05:32 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1629432]
O44 - LFC:[MD5.5CB6E13E7785A2F28280C43C34205DDC] - 16/04/2012 - 16:05:32 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [113752]
O44 - LFC:[MD5.179074A68ABFE4C0384BCC4AE3EB555E] - 16/04/2012 - 16:05:32 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [140490]
O44 - LFC:[MD5.CC332372F7FB8D611AD0CA31C4ED1A18] - 16/04/2012 - 16:05:32 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [644068]
O44 - LFC:[MD5.101E673CED21EC3A9658EE7C84518125] - 16/04/2012 - 16:05:32 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [737852]
O44 - LFC:[MD5.1D32E13D60BD28D8F1A52E7A43475DF9] - 11/04/2012 - 13:23:11 ---A- . (...) -- C:\Windows\system.ini [232]
O44 - LFC:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 10/04/2012 - 17:44:28 . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O44 - LFC:[MD5.540DAF1CEA6094886D72126FD7C33048] - 10/04/2012 - 17:44:28 . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O44 - LFC:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 10/04/2012 - 17:44:28 . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O44 - LFC:[MD5.0A92CB65770442ED0DC44834632F66AD] - 10/04/2012 - 17:44:28 . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O44 - LFC:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 10/04/2012 - 17:44:28 . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 10/04/2012 - 08:26:39 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [72822]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 10/04/2012 - 08:26:39 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822]
O44 - LFC:[MD5.A0D533E1C33312ECAD518C8C2F0BC116] - 09/04/2012 - 18:59:36 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080]
O44 - LFC:[MD5.A0D533E1C33312ECAD518C8C2F0BC116] - 09/04/2012 - 18:59:36 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [46080]
O44 - LFC:[MD5.4AC74A462F3A0506B929F599B5E1B1FB] - 09/04/2012 - 18:59:36 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367616]
O44 - LFC:[MD5.4AC74A462F3A0506B929F599B5E1B1FB] - 09/04/2012 - 18:59:36 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [367616]
O44 - LFC:[MD5.DA256F9F53336B560201CDEFEAE35320] - 09/04/2012 - 17:06:05 . (.Realtek - CCX Diagnostics.) -- C:\Windows\System32\RtlUI2.exe [380928]
O44 - LFC:[MD5.9FCED27FC13C71D6DB2E1CE56BBAA30C] - 09/04/2012 - 17:06:05 . (.Realtek Semiconductor Corp. - Realtek CCX IHV UI Extensions DLL.) -- C:\Windows\System32\RTLExtUI.dll [188416]
O44 - LFC:[MD5.00D8BA2934C8B2EC7137C88B8C96F122] - 09/04/2012 - 17:06:05 . (.Realtek Semiconductor Corp. - Realtek CCX SDK IHV Service.) -- C:\Windows\System32\Rtlihvs.dll [614400]
O44 - LFC:[MD5.DA256F9F53336B560201CDEFEAE35320] - 09/04/2012 - 17:06:05 ---A- . (.Realtek - CCX Diagnostics.) -- C:\Windows\RtlUI2.exe [380928]
O44 - LFC:[MD5.DA256F9F53336B560201CDEFEAE35320] - 09/04/2012 - 17:06:05 ---A- . (.Realtek - CCX Diagnostics.) -- C:\Windows\SysNative\RtlUI2.exe [380928]
O44 - LFC:[MD5.9FCED27FC13C71D6DB2E1CE56BBAA30C] - 09/04/2012 - 17:06:05 ---A- . (.Realtek Semiconductor Corp. - Realtek CCX IHV UI Extensions DLL.) -- C:\Windows\RTLExtUI.dll [188416]
O44 - LFC:[MD5.9FCED27FC13C71D6DB2E1CE56BBAA30C] - 09/04/2012 - 17:06:05 ---A- . (.Realtek Semiconductor Corp. - Realtek CCX IHV UI Extensions DLL.) -- C:\Windows\SysNative\RTLExtUI.dll [188416]
O44 - LFC:[MD5.00D8BA2934C8B2EC7137C88B8C96F122] - 09/04/2012 - 17:06:05 ---A- . (.Realtek Semiconductor Corp. - Realtek CCX SDK IHV Service.) -- C:\Windows\Rtlihvs.dll [614400]
O44 - LFC:[MD5.00D8BA2934C8B2EC7137C88B8C96F122] - 09/04/2012 - 17:06:05 ---A- . (.Realtek Semiconductor Corp. - Realtek CCX SDK IHV Service.) -- C:\Windows\SysNative\Rtlihvs.dll [614400]
O44 - LFC:[MD5.1897C1046721A671513A14F066AEDD9C] - 07/04/2012 - 12:17:31 . (...) -- C:\Windows\System32\umstartup.etl [21504]
O44 - LFC:[MD5.1897C1046721A671513A14F066AEDD9C] - 07/04/2012 - 12:17:31 ---A- . (...) -- C:\Windows\SysNative\umstartup.etl [21504]
O44 - LFC:[MD5.AAA1E4835A6F2E576EDD6EA9A99C6AD5] - 05/04/2012 - 03:53:51 RSHA- . (...) -- C:\BOOTSECT.BAK [8192]
O44 - LFC:[MD5.EAE84F4158A0E7485099BE1DDC78EEE0] - 05/04/2012 - 02:58:52 ---A- . (...) -- C:\Windows\SysNative\license.rtf [212125]
O44 - LFC:[MD5.EAE84F4158A0E7485099BE1DDC78EEE0] - 05/04/2012 - 02:58:52 ---A- . (...) -- C:\Windows\System32\license.rtf [212125]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/04/2012 - 02:57:03 . (...) -- C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf [0]
O44 - LFC:[MD5.02C5D5E5683FB50323E236A5ECAC428E] - 22/03/2012 - 10:08:16 RSH-- . (...) -- C:\grldr [204528]
O44 - LFC:[MD5.259525CFB422E6AC8E87BC9777B1DF73] - 21/11/2010 - 04:23:51 RSHA- . (...) -- C:\bootmgr [383786]
~ Scan Files in 00mn 16s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"wdmaud.drv"="Pilote de fonction UAA 1.1 Microsoft pour High Definition Audio" . (...) -- (.not file.)
~ Scan Keys in 00mn 01s
---\\ ShareTools MSconfig StartupReg (O53) (None)
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 07:41:12 . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 07:41:12 . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:[MD5.7EAC5E62F0B93262984D450E0D497B61] - 11/03/2012 - 20:13:40 . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\Windows\System32\Drivers\cmderd.sys [22696]
O58 - SDL:[MD5.0599D5A458D4E0E37AB84E9D1C5C73E5] - 11/03/2012 - 20:13:42 . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\Windows\System32\Drivers\cmdGuard.sys [577824]
O58 - SDL:[MD5.2D3E08C7106F748F9EFF3DEC14142D3E] - 11/03/2012 - 20:13:42 . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\Windows\System32\Drivers\cmdhlp.sys [43248]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 21/11/2010 - 04:23:47 . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 07:41:26 . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:[MD5.C6238C6ABD6AC99F5D152DA4E9439A3D] - 11/02/2011 - 18:16:38 . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [10628640]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:[MD5.EFFF0AFD27CC97BF0E5E0BAB78419DE7] - 03/02/2012 - 18:27:48 . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\Windows\System32\Drivers\inspect.sys [93200]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 200
Modifié par Mathilde le 19/04/2012 à 21:38