PC qui rame
Fermé
elnino
-
15 déc. 2012 à 10:58
mackmick Messages postés 48 Date d'inscription samedi 15 décembre 2012 Statut Membre Dernière intervention 5 août 2014 - 15 déc. 2012 à 11:01
mackmick Messages postés 48 Date d'inscription samedi 15 décembre 2012 Statut Membre Dernière intervention 5 août 2014 - 15 déc. 2012 à 11:01
Bonjour,
Mon PC rame sans raison apparente. J'ai suivi une procédure de désinfection et utilisé ZHPDiag. Quelqu'un a t'il un avis sur le Diagnostic suivant :
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {1E76CEDF-A505-4EF1-A8DD-CB51601E23F9} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {2B7B7EFC-C234-4532-822B-A8D74D7EF7EB} - (Durable.com) - http://www.durable.com
~ Scan Keys in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d'application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d'accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d'interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d'événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d'application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d'ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [68096]
~ Scan Services in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.2CE79F050950CF866122C4BBCEA384F8] [SPRF][06/03/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.2F7E72D1E6EC4A0F2979F018F36CB856] [SPRF][06/02/2012] (...) -- C:\Users\Arnaud\AppData\Local\d3d9caps.dat [680]
[MD5.CEB2FDCC7DE00128862188F5C6534E51] [SPRF][23/02/2010] (.Yahoo! Inc. - BrowserPlus Uninstaller.) -- C:\Users\Arnaud\AppData\Local\Temp\bpuninstall.exe [401920]
[MD5.F5B0386BB3D574AC73FA49F911180CA4] [SPRF][13/11/2012] (.Solid State Networks - Adobe Flash Player Installer.) -- C:\Users\Arnaud\AppData\Local\Temp\install_flashplayer11x32au_gtbd_chrd_dn_aih.exe [998624]
[MD5.612E0D35B33BC1AFCE1D563F01398F5D] [SPRF][06/04/2007] (.Direction Générale des Impôts - Module de délivrance de certificat MINEFI.) -- C:\Windows\Downloaded Program Files\CERTDGI1.dll [117288]
[MD5.2E23F4EEDEE6125FF2FEA8BC56DC3419] [SPRF][01/12/2008] (...) -- C:\Windows\Downloaded Program Files\installer.exe [140360]
[MD5.DC38B1B71CB7FF8F4241333B9EC84F03] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfbmp13n.dll [57344]
[MD5.6CBA9ECE3186ADEAE144A79E3AC769FE] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfcmp13n.dll [401408]
[MD5.BDD316D6479220B8FA2A911262898640] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfeps13n.dll [65536]
[MD5.8B83DC9053B8164731B15AF455CBD9A9] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lffax13n.dll [98304]
[MD5.A63B94BB949D5E836F144A0A754E5451] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfgif13n.dll [69632]
[MD5.1E1FDE2FF4B0197EF8A36259244CF142] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcd13n.dll [49152]
[MD5.9D9CA493D0864DF83D282E2393FE5825] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcx13n.dll [53248]
[MD5.AD6D6FAC370748775FB9FB33A398BFF9] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpng13n.dll [159744]
[MD5.4A3A0CE4ED63580116A7354E06B42CDF] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpsd13n.dll [55808]
[MD5.BBBE68D622945FF8BC9CE847975B2389] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftga13n.dll [53248]
[MD5.333F810C00745C05EDF17D6580A4601E] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftif13n.dll [155648]
[MD5.9788C72C2EC7011E6CC40CFDD5CE2251] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltclr13n.dll [1693696]
[MD5.55D16BEB62D0B6C54CE315F7063FA7A1] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltdis13n.dll [299008]
[MD5.F56BA445D7D36EB4DDBFE4477BAD594D] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltefx13n.dll [206336]
[MD5.BF1727ED495670881E18E346D162CA3D] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltfil13n.dll [163840]
[MD5.209B65395E75CD957E14B8EC3C742A7B] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltimg13n.dll [450560]
[MD5.CEFC7E62D25BDC3A4501062718D0A65F] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltkrn13n.dll [462848]
[MD5.A0F541D9D2CACEEC7A4A378CD0C31626] [SPRF][20/11/2006] (.Microsoft® Corporation - MSN Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [543544]
[MD5.4690A678A1EC998100506D9A5809181A] [SPRF][20/11/2006] (.Eastman Kodak - PCDLIB32.) -- C:\Windows\Downloaded Program Files\pcdlib32.dll [212480]
[MD5.732CACA8E848F6E721B093E51FC50B1D] [SPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\Windows\Downloaded Program Files\PURfr-fr.dll [110592]
~ Scan Files in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{0B98020A-4119-458B-BF5B-2C1C62AA4AE9}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\livecall.exe (.not file.)
O87 - FAEL: "{8A10F6FE-4017-4A65-B0C9-507AD0DCD5CF}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\livecall.exe (.not file.)
O87 - FAEL: "TCP Query User{4471BA3C-9CBF-4606-A339-70CB2649CC54}C:\program files\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{6E606D2E-DAB0-42AC-B498-E2C339AFF0E6}C:\program files\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "{295333AA-1FC9-44DB-A739-8BB330F39C03}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{DCBEDEFD-5ACC-4E45-A609-51C3D8BCEFEA}C:\program files\real\realplayer\realplay.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\real\realplayer\realplay.exe (.not file.)
O87 - FAEL: "UDP Query User{53BFF086-579E-4C23-9310-50CBF385FFF4}C:\program files\real\realplayer\realplay.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\real\realplayer\realplay.exe (.not file.)
O87 - FAEL: "TCP Query User{F9EF4EC5-6E41-4B25-9962-1B0D49E83EC8}C:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{E68B8C73-11CE-427D-AFE7-9DA64C960997}C:\program files\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "{8AC53D65-1EDD-41BF-AE89-FC4BE8EBF0BD}" |In - Public - P6 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.)
O87 - FAEL: "{26AC567A-529F-4B03-B277-911842BA7986}" |In - Public - P17 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.)
O87 - FAEL: "{B4C312D5-E7A8-4363-8052-2C65FB07288F}" | In - Private - P6 - TRUE | .(.Teleperformance France - eSKernel.) -- C:\Program Files\Bbox\eSKernel.exe
O87 - FAEL: "{C9F8A565-B6DB-451A-A908-B1FC03FCACC1}" | In - Private - P17 - TRUE | .(.Teleperformance France - eSKernel.) -- C:\Program Files\Bbox\eSKernel.exe
O87 - FAEL: "{B9200E2E-E47E-41C5-89E8-8AC0DE466FD1}" | In - Private - P6 - TRUE | .(.TechCity Solutions France - BTLiveUpdate.) -- C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O87 - FAEL: "{B972666B-AEF8-4064-8ADA-4A2A4FA58D89}" | In - Private - P17 - TRUE | .(.TechCity Solutions France - BTLiveUpdate.) -- C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O87 - FAEL: "{A9414579-A40C-4BD2-8523-066D39D5A078}" | In - Private - P6 - TRUE | .(.Research In Motion - BlackBerry Desktop Software.) -- C:\Program Files\Research In Motion\BlackBerry desktop\Rim.desktop.exe
O87 - FAEL: "{79BAC659-9815-4734-904D-9C7FF504A7EA}" | In - Private - P17 - TRUE | .(.Research In Motion - BlackBerry Desktop Software.) -- C:\Program Files\Research In Motion\BlackBerry desktop\Rim.desktop.exe
~ Scan Firewall in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : 10014 - ()
Clés trouvées (Keys found) : 11
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 12
Fichiers trouvés (Files found) : 0
[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}] =>Spyware.Soft2PC
[HKLM\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph] =>PUP.SpecialSavings
[HKCU\Software\BrowserMngr] =>Toolbar.Babylon
[HKLM\Software\BrowserMngr] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\FE42DAC9] =>Toolbar.Agent
C:\Program Files\Minibar =>Toolbar.Minibar
C:\Program Files\OfferBox =>PUP.OfferBox
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\Browser Manager =>Toolbar.Babylon
C:\Users\Arnaud\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\Arnaud\AppData\Roaming\OfferBox =>PUP.OfferBox
C:\Users\Arnaud\AppData\Roaming\WebPlayerBdd =>Adware.SocialSkinz
C:\Users\Arnaud\AppData\Local\Minibar =>Toolbar.Minibar
C:\Users\Arnaud\AppData\LocalLow\PriceGong =>Adware.PriceGong
~ Scan Additionnel in 00mn 13s
---\\ Recherche détournement de DNS routeur (O89) (None)
---\\ Product Upgrade Codes (O90)
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "0A72DDEF603BFE54FB855B7204B6248C" . (.TOSHIBA Value Added Package.) -- C:\Windows\Installer\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\ARPPRODUCTICON.exe
O90 - PUC: "0D00C83EB86A81348A6A7F4D5B1BFDE0" . (.Codeur Windows Media Série 9.) -- C:\Windows\Installer\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}\ARPIcon
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "1B14B0BEF48EC38419FFBB3810E91E72" . (.TOSHIBA Hardware Setup.) -- C:\Windows\Installer\{EB0B41B1-E84F-483C-91FF-BB83019EE127}\ARPPRODUCTICON.exe
O90 - PUC: "1C4235E6CF4867F4A9A36CE5708FE06E" . (.Complément Messenger.) -- C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype(TM) 5.10.) -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
O90 - PUC: "3933DAC50CEEEC44F939CBAA63B577BF" . (.Nikon Movie Editor.) -- C:\Windows\Installer\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}\ARPPRODUCTICON.exe
O90 - PUC: "3E4D6AE6D43111A4FAA297686FB12B6F" . (.ImageRescue3.) -- C:\Windows\Installer\{6EA6D4E3-134D-4A11-AF2A-7986F61BB2F6}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "44EE410B791931546931176EBEB115E4" . (.Nikon Message Center 2.) -- C:\Windows\Installer\{B014EE44-9197-4513-9613-71E6EB1B514E}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA746454382090000000040" . (.Spelling Dictionaries Support For Adobe Reader 9.) -- C:\Windows\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B7449A0500000010" . (.Adobe Reader 9.5.2 - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A95000000001}\SC_Reader.ico
O90 - PUC: "68E807891E64D9748B7989205E197E26" . (.TOSHIBA Volume Indicator.) -- C:\Windows\Installer\{98708E86-46E1-479D-B897-9802E591E762}\ARPPRODUCTICON.exe
O90 - PUC: "72B17402207D8EF4D8CE7020CCC8A058" . (.WinDVD.) -- C:\Windows\Installer\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\ARPPRODUCTICON.exe
O90 - PUC: "79D3E6D2FDF13994CA57275FE94C545C" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}\fssicon.ico
O90 - PUC: "99F899EBBEC446E47B7194A3E279794F" . (.TOSHIBA Supervisor Password.) -- C:\Windows\Installer\{BE998F99-4CEB-4E64-B717-493A2E9797F4}\ARPPRODUCTICON.exe
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico
O90 - PUC: "B1BB909F1CF3ADE4FAF1F8A198615319" . (.BlackBerry Desktop Software 6.1.) -- C:\Windows\Installer\{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}\ARPPRODUCTICON.exe
O90 - PUC: "B5CD061465C43C0D5CDF5FDBDAC388B2" . (.ATI Catalyst Install Manager.) -- C:\Windows\Installer\{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}\ARPPRODUCTICON.exe
O90 - PUC: "C2417E1D3CB6BE947AA15E7DDACA5799" . (.Nikon File Uploader 2.) -- C:\Windows\Installer\{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}\ARPPRODUCTICON.exe
O90 - PUC: "C731C46E7B0DA7644BF764A0BA030F3A" . (.ViewNX 2.) -- C:\Windows\Installer\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}\ARPPRODUCTICON.exe
O90 - PUC: "C8ABEF4498C29A2E4132EAE5A5244F27" . (.ATI Catalyst Control Center Ex.) -- C:\Windows\Installer\{44FEBA8C-2C89-E2A9-1423-AE5E5A42F472}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DCCF8FA3A15F410409201F591EBC8C67" . (.Logitech QuickCam.) -- C:\Windows\Installer\{3AF8FCCD-F51A-4014-9002-F195E1CBC876}\ARPPRODUCTICON.exe
O90 - PUC: "DF63C716EBC00064482B44C1BE21AFFD" . (.TOSHIBA Extended Tiles for Windows Mobility Center.) -- C:\Windows\Installer\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\ARPPRODUCTICON.exe
O90 - PUC: "ECE53735164E0DF47B24323A2534D6A3" . (.Logitech Updater.) -- C:\Windows\Installer\{53735ECE-E461-4FD0-B742-23A352436D3A}\ARPPRODUCTICON.exe
O90 - PUC: "EE8A868315050BD4D86FF4B4A8890D38" . (.QuickTime.) -- C:\Windows\Installer\{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}\ARPPRODUCTICON.exe
O90 - PUC: "F20E0AD5B079B424FB1415A305814E0C" . (.TOSHIBA Disc Creator.) -- C:\Windows\Installer\{5DA0E02F-970B-424B-BF41-513A5018E4C0}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s
---\\ Export de clés aléatoires (O91)
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:dllName="browsemngr.dll"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:exeName="browsemngr.exe"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:folderName="Browser Manager"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:serviceName="Browser Manager"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:version="2.2.643.41"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:dllName="browsemngr.dll"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:exeName="browsemngr.exe"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:folderName="Browser Manager"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:serviceName="Browser Manager"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43"
[HKLM\Software\5c2d6d1bc6fef45] ==> Clé orpheline
~ Scan Export Key Software in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 12/09/2006 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe
SR - | Auto 24/11/2006 557056 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/11/2006 40960 | (CFSvcs) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
SS - | Auto 0 | (CLTNetCnService) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SR - | Auto 29/04/2008 20480 | (eStantLaunchService) . (.TechCity Solutions France.) - C:\Program Files\BboxUpdate\eSRunService.exe
SS - | Demand 27/10/2009 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Auto 26/07/2008 186904 | (LVCOMSer) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
SR - | Auto 26/07/2008 150040 | (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
SR - | Auto 29/09/2012 399432 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 29/09/2012 676936 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 12/12/2012 115168 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 25/05/2006 114688 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 14/12/2006 428152 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SR - | Auto 23/08/2006 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SS - | Disabled 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ Scan MBR in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Arnaud at 15/12/2012 10:49:34
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s
End of the scan (2790 lines in 42mn 19s)(0)
Mon PC rame sans raison apparente. J'ai suivi une procédure de désinfection et utilisé ZHPDiag. Quelqu'un a t'il un avis sur le Diagnostic suivant :
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {1E76CEDF-A505-4EF1-A8DD-CB51601E23F9} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {2B7B7EFC-C234-4532-822B-A8D74D7EF7EB} - (Durable.com) - http://www.durable.com
~ Scan Keys in 00mn 00s
---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d'application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d'accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d'interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d'événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d'application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d'ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [68096]
~ Scan Services in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.2CE79F050950CF866122C4BBCEA384F8] [SPRF][06/03/2009] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.2F7E72D1E6EC4A0F2979F018F36CB856] [SPRF][06/02/2012] (...) -- C:\Users\Arnaud\AppData\Local\d3d9caps.dat [680]
[MD5.CEB2FDCC7DE00128862188F5C6534E51] [SPRF][23/02/2010] (.Yahoo! Inc. - BrowserPlus Uninstaller.) -- C:\Users\Arnaud\AppData\Local\Temp\bpuninstall.exe [401920]
[MD5.F5B0386BB3D574AC73FA49F911180CA4] [SPRF][13/11/2012] (.Solid State Networks - Adobe Flash Player Installer.) -- C:\Users\Arnaud\AppData\Local\Temp\install_flashplayer11x32au_gtbd_chrd_dn_aih.exe [998624]
[MD5.612E0D35B33BC1AFCE1D563F01398F5D] [SPRF][06/04/2007] (.Direction Générale des Impôts - Module de délivrance de certificat MINEFI.) -- C:\Windows\Downloaded Program Files\CERTDGI1.dll [117288]
[MD5.2E23F4EEDEE6125FF2FEA8BC56DC3419] [SPRF][01/12/2008] (...) -- C:\Windows\Downloaded Program Files\installer.exe [140360]
[MD5.DC38B1B71CB7FF8F4241333B9EC84F03] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfbmp13n.dll [57344]
[MD5.6CBA9ECE3186ADEAE144A79E3AC769FE] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfcmp13n.dll [401408]
[MD5.BDD316D6479220B8FA2A911262898640] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfeps13n.dll [65536]
[MD5.8B83DC9053B8164731B15AF455CBD9A9] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lffax13n.dll [98304]
[MD5.A63B94BB949D5E836F144A0A754E5451] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfgif13n.dll [69632]
[MD5.1E1FDE2FF4B0197EF8A36259244CF142] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcd13n.dll [49152]
[MD5.9D9CA493D0864DF83D282E2393FE5825] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpcx13n.dll [53248]
[MD5.AD6D6FAC370748775FB9FB33A398BFF9] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpng13n.dll [159744]
[MD5.4A3A0CE4ED63580116A7354E06B42CDF] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lfpsd13n.dll [55808]
[MD5.BBBE68D622945FF8BC9CE847975B2389] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftga13n.dll [53248]
[MD5.333F810C00745C05EDF17D6580A4601E] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\lftif13n.dll [155648]
[MD5.9788C72C2EC7011E6CC40CFDD5CE2251] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltclr13n.dll [1693696]
[MD5.55D16BEB62D0B6C54CE315F7063FA7A1] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltdis13n.dll [299008]
[MD5.F56BA445D7D36EB4DDBFE4477BAD594D] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltefx13n.dll [206336]
[MD5.BF1727ED495670881E18E346D162CA3D] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltfil13n.dll [163840]
[MD5.209B65395E75CD957E14B8EC3C742A7B] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltimg13n.dll [450560]
[MD5.CEFC7E62D25BDC3A4501062718D0A65F] [SPRF][20/11/2006] (.LEAD Technologies, Inc. - LEADTOOLS(r) DLL for Win32.) -- C:\Windows\Downloaded Program Files\ltkrn13n.dll [462848]
[MD5.A0F541D9D2CACEEC7A4A378CD0C31626] [SPRF][20/11/2006] (.Microsoft® Corporation - MSN Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [543544]
[MD5.4690A678A1EC998100506D9A5809181A] [SPRF][20/11/2006] (.Eastman Kodak - PCDLIB32.) -- C:\Windows\Downloaded Program Files\pcdlib32.dll [212480]
[MD5.732CACA8E848F6E721B093E51FC50B1D] [SPRF][09/01/2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\Windows\Downloaded Program Files\PURfr-fr.dll [110592]
~ Scan Files in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{0B98020A-4119-458B-BF5B-2C1C62AA4AE9}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\livecall.exe (.not file.)
O87 - FAEL: "{8A10F6FE-4017-4A65-B0C9-507AD0DCD5CF}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\livecall.exe (.not file.)
O87 - FAEL: "TCP Query User{4471BA3C-9CBF-4606-A339-70CB2649CC54}C:\program files\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{6E606D2E-DAB0-42AC-B498-E2C339AFF0E6}C:\program files\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "{295333AA-1FC9-44DB-A739-8BB330F39C03}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{DCBEDEFD-5ACC-4E45-A609-51C3D8BCEFEA}C:\program files\real\realplayer\realplay.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\real\realplayer\realplay.exe (.not file.)
O87 - FAEL: "UDP Query User{53BFF086-579E-4C23-9310-50CBF385FFF4}C:\program files\real\realplayer\realplay.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\real\realplayer\realplay.exe (.not file.)
O87 - FAEL: "TCP Query User{F9EF4EC5-6E41-4B25-9962-1B0D49E83EC8}C:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{E68B8C73-11CE-427D-AFE7-9DA64C960997}C:\program files\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "{8AC53D65-1EDD-41BF-AE89-FC4BE8EBF0BD}" |In - Public - P6 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.)
O87 - FAEL: "{26AC567A-529F-4B03-B277-911842BA7986}" |In - Public - P17 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.)
O87 - FAEL: "{B4C312D5-E7A8-4363-8052-2C65FB07288F}" | In - Private - P6 - TRUE | .(.Teleperformance France - eSKernel.) -- C:\Program Files\Bbox\eSKernel.exe
O87 - FAEL: "{C9F8A565-B6DB-451A-A908-B1FC03FCACC1}" | In - Private - P17 - TRUE | .(.Teleperformance France - eSKernel.) -- C:\Program Files\Bbox\eSKernel.exe
O87 - FAEL: "{B9200E2E-E47E-41C5-89E8-8AC0DE466FD1}" | In - Private - P6 - TRUE | .(.TechCity Solutions France - BTLiveUpdate.) -- C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O87 - FAEL: "{B972666B-AEF8-4064-8ADA-4A2A4FA58D89}" | In - Private - P17 - TRUE | .(.TechCity Solutions France - BTLiveUpdate.) -- C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O87 - FAEL: "{A9414579-A40C-4BD2-8523-066D39D5A078}" | In - Private - P6 - TRUE | .(.Research In Motion - BlackBerry Desktop Software.) -- C:\Program Files\Research In Motion\BlackBerry desktop\Rim.desktop.exe
O87 - FAEL: "{79BAC659-9815-4734-904D-9C7FF504A7EA}" | In - Private - P17 - TRUE | .(.Research In Motion - BlackBerry Desktop Software.) -- C:\Program Files\Research In Motion\BlackBerry desktop\Rim.desktop.exe
~ Scan Firewall in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : 10014 - ()
Clés trouvées (Keys found) : 11
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 12
Fichiers trouvés (Files found) : 0
[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}] =>Spyware.Soft2PC
[HKLM\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph] =>PUP.SpecialSavings
[HKCU\Software\BrowserMngr] =>Toolbar.Babylon
[HKLM\Software\BrowserMngr] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\FE42DAC9] =>Toolbar.Agent
C:\Program Files\Minibar =>Toolbar.Minibar
C:\Program Files\OfferBox =>PUP.OfferBox
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\Browser Manager =>Toolbar.Babylon
C:\Users\Arnaud\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\Arnaud\AppData\Roaming\OfferBox =>PUP.OfferBox
C:\Users\Arnaud\AppData\Roaming\WebPlayerBdd =>Adware.SocialSkinz
C:\Users\Arnaud\AppData\Local\Minibar =>Toolbar.Minibar
C:\Users\Arnaud\AppData\LocalLow\PriceGong =>Adware.PriceGong
~ Scan Additionnel in 00mn 13s
---\\ Recherche détournement de DNS routeur (O89) (None)
---\\ Product Upgrade Codes (O90)
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "0A72DDEF603BFE54FB855B7204B6248C" . (.TOSHIBA Value Added Package.) -- C:\Windows\Installer\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\ARPPRODUCTICON.exe
O90 - PUC: "0D00C83EB86A81348A6A7F4D5B1BFDE0" . (.Codeur Windows Media Série 9.) -- C:\Windows\Installer\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}\ARPIcon
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "1B14B0BEF48EC38419FFBB3810E91E72" . (.TOSHIBA Hardware Setup.) -- C:\Windows\Installer\{EB0B41B1-E84F-483C-91FF-BB83019EE127}\ARPPRODUCTICON.exe
O90 - PUC: "1C4235E6CF4867F4A9A36CE5708FE06E" . (.Complément Messenger.) -- C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype(TM) 5.10.) -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
O90 - PUC: "3933DAC50CEEEC44F939CBAA63B577BF" . (.Nikon Movie Editor.) -- C:\Windows\Installer\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}\ARPPRODUCTICON.exe
O90 - PUC: "3E4D6AE6D43111A4FAA297686FB12B6F" . (.ImageRescue3.) -- C:\Windows\Installer\{6EA6D4E3-134D-4A11-AF2A-7986F61BB2F6}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "44EE410B791931546931176EBEB115E4" . (.Nikon Message Center 2.) -- C:\Windows\Installer\{B014EE44-9197-4513-9613-71E6EB1B514E}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA746454382090000000040" . (.Spelling Dictionaries Support For Adobe Reader 9.) -- C:\Windows\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B7449A0500000010" . (.Adobe Reader 9.5.2 - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A95000000001}\SC_Reader.ico
O90 - PUC: "68E807891E64D9748B7989205E197E26" . (.TOSHIBA Volume Indicator.) -- C:\Windows\Installer\{98708E86-46E1-479D-B897-9802E591E762}\ARPPRODUCTICON.exe
O90 - PUC: "72B17402207D8EF4D8CE7020CCC8A058" . (.WinDVD.) -- C:\Windows\Installer\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\ARPPRODUCTICON.exe
O90 - PUC: "79D3E6D2FDF13994CA57275FE94C545C" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}\fssicon.ico
O90 - PUC: "99F899EBBEC446E47B7194A3E279794F" . (.TOSHIBA Supervisor Password.) -- C:\Windows\Installer\{BE998F99-4CEB-4E64-B717-493A2E9797F4}\ARPPRODUCTICON.exe
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico
O90 - PUC: "B1BB909F1CF3ADE4FAF1F8A198615319" . (.BlackBerry Desktop Software 6.1.) -- C:\Windows\Installer\{F909BB1B-3FC1-4EDA-AF1F-8F1A89163591}\ARPPRODUCTICON.exe
O90 - PUC: "B5CD061465C43C0D5CDF5FDBDAC388B2" . (.ATI Catalyst Install Manager.) -- C:\Windows\Installer\{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}\ARPPRODUCTICON.exe
O90 - PUC: "C2417E1D3CB6BE947AA15E7DDACA5799" . (.Nikon File Uploader 2.) -- C:\Windows\Installer\{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}\ARPPRODUCTICON.exe
O90 - PUC: "C731C46E7B0DA7644BF764A0BA030F3A" . (.ViewNX 2.) -- C:\Windows\Installer\{E64C137C-D0B7-467A-B47F-460AAB30F0A3}\ARPPRODUCTICON.exe
O90 - PUC: "C8ABEF4498C29A2E4132EAE5A5244F27" . (.ATI Catalyst Control Center Ex.) -- C:\Windows\Installer\{44FEBA8C-2C89-E2A9-1423-AE5E5A42F472}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DCCF8FA3A15F410409201F591EBC8C67" . (.Logitech QuickCam.) -- C:\Windows\Installer\{3AF8FCCD-F51A-4014-9002-F195E1CBC876}\ARPPRODUCTICON.exe
O90 - PUC: "DF63C716EBC00064482B44C1BE21AFFD" . (.TOSHIBA Extended Tiles for Windows Mobility Center.) -- C:\Windows\Installer\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\ARPPRODUCTICON.exe
O90 - PUC: "ECE53735164E0DF47B24323A2534D6A3" . (.Logitech Updater.) -- C:\Windows\Installer\{53735ECE-E461-4FD0-B742-23A352436D3A}\ARPPRODUCTICON.exe
O90 - PUC: "EE8A868315050BD4D86FF4B4A8890D38" . (.QuickTime.) -- C:\Windows\Installer\{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083}\ARPPRODUCTICON.exe
O90 - PUC: "F20E0AD5B079B424FB1415A305814E0C" . (.TOSHIBA Disc Creator.) -- C:\Windows\Installer\{5DA0E02F-970B-424B-BF41-513A5018E4C0}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s
---\\ Export de clés aléatoires (O91)
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:dllName="browsemngr.dll"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:exeName="browsemngr.exe"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:folderName="Browser Manager"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:serviceName="Browser Manager"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:version="2.2.643.41"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:dllName="browsemngr.dll"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:exeName="browsemngr.exe"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:folderName="Browser Manager"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:serviceName="Browser Manager"
[HKCU\Software\5c2d6d1bc6fef45\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43"
[HKLM\Software\5c2d6d1bc6fef45] ==> Clé orpheline
~ Scan Export Key Software in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 12/09/2006 9216 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe
SR - | Auto 24/11/2006 557056 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 14/11/2006 40960 | (CFSvcs) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
SS - | Auto 0 | (CLTNetCnService) . (...) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SR - | Auto 29/04/2008 20480 | (eStantLaunchService) . (.TechCity Solutions France.) - C:\Program Files\BboxUpdate\eSRunService.exe
SS - | Demand 27/10/2009 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Auto 26/07/2008 186904 | (LVCOMSer) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
SR - | Auto 26/07/2008 150040 | (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
SR - | Auto 29/09/2012 399432 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 29/09/2012 676936 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 12/12/2012 115168 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 25/05/2006 114688 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 14/12/2006 428152 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SR - | Auto 23/08/2006 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SS - | Disabled 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ Scan MBR in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Arnaud at 15/12/2012 10:49:34
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s
End of the scan (2790 lines in 42mn 19s)(0)
A voir également:
- PC qui rame
- Pc qui rame - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Pc qui freeze - Guide
- Whatsapp pc - Télécharger - Messagerie
1 réponse
mackmick
Messages postés
48
Date d'inscription
samedi 15 décembre 2012
Statut
Membre
Dernière intervention
5 août 2014
6
15 déc. 2012 à 11:01
15 déc. 2012 à 11:01
Passe un coup avec CCleaner c'est rapide et ca marche assez bien
( enfin ... souvent )
( enfin ... souvent )