Depuis 2 jours, lag important sur internet !
Fermé
puzzle
-
16 juil. 2013 à 00:36
yoann090 Messages postés 9180 Date d'inscription mercredi 12 août 2009 Statut Contributeur sécurité Dernière intervention 13 avril 2016 - 17 juil. 2013 à 19:06
yoann090 Messages postés 9180 Date d'inscription mercredi 12 août 2009 Statut Contributeur sécurité Dernière intervention 13 avril 2016 - 17 juil. 2013 à 19:06
A voir également:
- Depuis 2 jours, lag important sur internet !
- Gps sans internet - Guide
- Vendre sur internet particulier - Guide
- Pc qui lag - Guide
- D'où peut venir un problème de connexion internet sur un ordinateur ? - Guide
- 35 go internet équivalent en heure ✓ - Forum Mobile
7 réponses
yoann090
Messages postés
9180
Date d'inscription
mercredi 12 août 2009
Statut
Contributeur sécurité
Dernière intervention
13 avril 2016
1 689
Modifié par yoann090 le 16/07/2013 à 01:15
Modifié par yoann090 le 16/07/2013 à 01:15
Bonjour,
On va faire un diagnostique, suis ce tutoriel et donne le lien du rapport hebergé https://www.security-helpzone.com/2013/04/14/zhpdiag-generer-un-rapport-de-diagnostic/
On va faire un diagnostique, suis ce tutoriel et donne le lien du rapport hebergé https://www.security-helpzone.com/2013/04/14/zhpdiag-generer-un-rapport-de-diagnostic/
Tout d'abord Yoann merci de prendre le temps de m'aider... je te fais ca de suite.
yoann090
Messages postés
9180
Date d'inscription
mercredi 12 août 2009
Statut
Contributeur sécurité
Dernière intervention
13 avril 2016
1 689
16 juil. 2013 à 01:31
16 juil. 2013 à 01:31
;)
Il se peut que je sois parti le temps que tu reviennes auquel cas je te repondrai un peu plus tard dans la journee.
++
Il se peut que je sois parti le temps que tu reviennes auquel cas je te repondrai un peu plus tard dans la journee.
++
yoann090
Messages postés
9180
Date d'inscription
mercredi 12 août 2009
Statut
Contributeur sécurité
Dernière intervention
13 avril 2016
1 689
16 juil. 2013 à 01:50
16 juil. 2013 à 01:50
A priori rien de particulier pour autant, je regarde ça plus en detail er vous tient au courant.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Un petit Up avec quelques infos en plus...
le pc de mon amie est connecté sur la même Bbox que moi. Nous sommes en wi-fi mais elle a gardé une connectivité satisfaisante alors que moi elle s'est dégradée. Après un rapport hijack rien en vu... J'ai fais un scan avec mon antivirus avira et rien de signaler.
La lecture de mes films en revanche fonctionne impeccablement, pas de problème de sons, pas de problèmes d'images... Je pense donc que ma carte graphique n'y est pour rien.
Ca semble donc venir de mon pc... un réglage peut-être mais il y en a tellement....et je ne suis pas un expert du tout....
Une bonne âme svp?
le pc de mon amie est connecté sur la même Bbox que moi. Nous sommes en wi-fi mais elle a gardé une connectivité satisfaisante alors que moi elle s'est dégradée. Après un rapport hijack rien en vu... J'ai fais un scan avec mon antivirus avira et rien de signaler.
La lecture de mes films en revanche fonctionne impeccablement, pas de problème de sons, pas de problèmes d'images... Je pense donc que ma carte graphique n'y est pour rien.
Ca semble donc venir de mon pc... un réglage peut-être mais il y en a tellement....et je ne suis pas un expert du tout....
Une bonne âme svp?
yoann090
Messages postés
9180
Date d'inscription
mercredi 12 août 2009
Statut
Contributeur sécurité
Dernière intervention
13 avril 2016
1 689
16 juil. 2013 à 22:21
16 juil. 2013 à 22:21
Fais voir un ZHPDiag de ton pc aussi ;)
Salut Yohann... Je te le renvois alors?!
Rapport de ZHPDiag v2013.7.13.25 par Nicolas Coolman, Update du 14/07/2013
Run by doud at 16/07/2013 23:15:13
WebSite: http://nicolascoolman.webs.com
State : Problème connexion internet
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 22.0 (Defaut)
OPIE: Opera v12.15
---\\ Windows Product Information
~ Langage: Français
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
Avira AntiVir Personal - Free Antivirus v10.2.0.1950
Malwarebytes Anti-Malware version 1.75.0.1300
---\\ System Optimizer
CCleaner v4.03 =>Piriform Ltd
---\\ Peer To Peer (P2P)
µTorrent v3.3.0.29625 =>P2P.µTorrent
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 25
---\\ System Information
~ Processor: x86 Family 6 Model 14 Stepping 8, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 44 GB (39%) free of 112 GB
---\\ Logged in mode
~ Computer Name: DAVID
~ User Name: doud
~ All Users Names: SUPPORT_388945a0, HelpAssistant, doud, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\doud\Application Data\
~ %Desktop% : C:\Documents and Settings\doud\Bureau\
~ %Favorites% : C:\Documents and Settings\doud\Favoris\
~ %LocalAppData% : C:\Documents and Settings\doud\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\doud\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 112 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
~ Security Center: 30 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.08125B740C62E6DEA9483A15043AD0D5] - (.Microsoft Corporation - Internet Extensions for Win32.) (.07/06/2013 - 22:48:38.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/4
~ Mes musiques (My Musics) : 1/205
~ Mes Videos (My Videos) : 2/68
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 1/5784
~ Mon Bureau (My Desktop) : 0/13
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.BAAB0EECD33888E7BEF52A75B6D6EC30] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [405504] [PID.1088]
[MD5.56DED3ADE453272E6A0AD582D945D1A4] - (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753] [PID.1328]
[MD5.6C5155CC0E805C7BE6028BFF7AC14524] - (.Intel Corporation - Wireless Management Service.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745] [PID.1360]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.1832]
[MD5.41EE3D758BD1B7ACD04136A58B753342] - (.Pas de propriétaire - Philips CamSuite service.) -- C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe [687104] [PID.292]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.432]
[MD5.3CB0CC8879956C187E87E18634EE5164] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960] [PID.460]
[MD5.4F4D4AA1E0849FECC0CF5AACD59030B5] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182184] [PID.536]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.560]
[MD5.1B2857EF12D79A9F9ADBA14B0637CBF8] - (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164] [PID.604]
[MD5.90861642FD6D8FAFB1408EE26FA93CB4] - (.TOSHIBA Corp. - TOSHIBA TAPPSRV.) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe [35328] [PID.688]
[MD5.53DCD7CEF78CC06692400B339336233B] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761945] [PID.1464]
[MD5.DEA4AC5B44F5A7E4E3DA071D0CDB0740] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [15691264] [PID.1704]
[MD5.33FBA26946FB3BF16294561C97B35E76] - (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe [184320] [PID.1736]
[MD5.F2B869D0B4B765F573BB7B7F80B09DC3] - (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe [88203] [PID.1744]
[MD5.2C0970FBC5A9FB5633B8D80671B3B5C9] - (.TOSHIBA - Hotkey Utility.) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [352256] [PID.1824]
[MD5.E799A7B4431303AAAA11E077DEB379E3] - (.TOSHIBA Corporation - Pas de description.) -- C:\WINDOWS\system32\TPSMain.exe [266240] [PID.1620]
[MD5.74387D88985987ACDF294CCA1622640E] - (.TOSHIBA Corporation - TOSHIBA Virtual Sound Taskbar Module.) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [73728] [PID.1956]
[MD5.5C9A55D801ACCEFA5A6C4F3340BD5623] - (.TOSHIBA Corporation - TFncKy.) -- C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe [184320] [PID.1972]
[MD5.47AF6F1C5BB854376B164C574CCEF481] - (.Synaptics, Inc. - Toshiba Custom PlugIn Application.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe [151552] [PID.1928]
[MD5.57DF8F5D690EB782C532AC4A944145AE] - (.TOSHIBA Corporation - TDispVol.) -- C:\WINDOWS\system32\TDispVol.exe [73728] [PID.2008]
[MD5.E3A9C76AD9192C82F80326ECDDA21C34] - (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLACTRLW.exe [122940] [PID.2024]
[MD5.5A6ACFF04D39D4C16F1FF52682C3B1B0] - (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718] [PID.2060]
[MD5.D4830448B45CDD45F4285DC6E152764F] - (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182] [PID.2068]
[MD5.D1FB260EE5C88B26BF798810130C9590] - (.Sonix - CameraMonitor Application.) -- C:\WINDOWS\vspc1300.exe [675840] [PID.2080]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.2104]
[MD5.FEBC1591E5C0DC87EF9CF3D657B65FC2] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536] [PID.2124]
[MD5.547DE23D8D36FD1BBA618EE6A179674C] - (.TOSHIBA - Bluetooth Monitor 2.0.) -- C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe [65536] [PID.2172]
[MD5.1E3FD037E2D137CE1AB7D34950A552D6] - (.TOSHIBA Corporation - Pas de description.) -- C:\WINDOWS\system32\TPSBattM.exe [40960] [PID.2316]
[MD5.3F4313DC74BC851EFEB1094A954ED6F5] - (.Pas de propriétaire - Philips CamSuite GUI module.) -- C:\Program Files\Philips\CamSuite\2.0.15.0\ACPGUI.dll [765952] [PID.4076]
[MD5.0335FD5493864EAC41785FA92C3D5E1D] - (.Intel Corporation - Intel 802.1x Server.) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe [397381] [PID.3476]
[MD5.69C494AE77EC2CFC31FD4B0D7AB6F24A] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [1777488] [PID.3444]
[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120] [PID.1144]
[MD5.C8D28F8B498CADBB9445AC4545BD41B7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [920472] [PID.6068]
[MD5.E9349A03FD81B4806714A16796B5E20A] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.4804]
[MD5.864F3E37BCF2F9BB998414673F1C215A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7711232] [PID.4724]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2196]
[MD5.8648D670AE0D95C95E7BBB5B80661796] - (.Microsoft Corporation - MS DTC console program.) -- C:\WINDOWS\system32\msdtc.exe [6144] [PID.3996]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] . (.TOSHIBA - Hotkey Utility.) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] . (.TOSHIBA Corporation - Pas de description.) -- C:\WINDOWS\system32\TPSMain.exe
O4 - HKLM\..\Run: [Tvs] . (.TOSHIBA Corporation - TOSHIBA Virtual Sound Taskbar Module.) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] . (.TOSHIBA Corporation - TDispVol.) -- C:\WINDOWS\system32\TDispVol.exe
O4 - HKLM\..\Run: [DLA] . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLACTRLW.exe
O4 - HKLM\..\Run: [IntelZeroConfig] . (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] . (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
O4 - HKLM\..\Run: [spc1300] . (.Sonix - CameraMonitor Application.) -- C:\WINDOWS\vspc1300.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-3283455342-2650556114-3303121774-1006\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-3283455342-2650556114-3303121774-1006\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Programs: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1302648429724
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363432584876
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE73419-96B5-4197-AA37-5F00DD5031F1}: DhcpNameServer = 194.158.122.10 194.158.122.15
O17 - HKLM\System\CS1\Services\Tcpip\..\{7FE73419-96B5-4197-AA37-5F00DD5031F1}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{7FE73419-96B5-4197-AA37-5F00DD5031F1}: DhcpNameServer = 194.158.122.10 194.158.122.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.158.122.10 194.158.122.15
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ACPService (ACPService) . (.Pas de propriétaire - Philips CamSuite service.) - C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) . (.TOSHIBA Corp. - TOSHIBA TAPPSRV.) - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
~ Services: 12 Legitimates Filtered in 00mn 03s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\doud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\doud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: SplitCam - (.SplitCam Co.) [HKLM] -- SplitCam
~ Logic: 135 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\SplitCam]
[HKCU\Software\flv2avi]
[HKCU\Software\vfcC]
[HKLM\Software\vfcC]
~ Key Software: 191 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/03/2013 - 05:50:19 - [185,898] ----D C:\Program Files\SplitCam
O43 - CFD: 15/08/2011 - 23:22:45 - [7,271] ----D C:\Program Files\Fichiers communs\wsm
O43 - CFD: 20/03/2013 - 03:46:01 - [0,000] ----D C:\Documents and Settings\doud\Application Data\Nuclear Coffee
O43 - CFD: 16/04/2011 - 01:10:13 - [0,003] ----D C:\Documents and Settings\doud\Menu Démarrer\Programmes\SplitCam
~ Program Folder: 148 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9BF07C2013ECEC0FBE3E02C5BFF2D6E0] - 15/07/2013 - 13:33:26 ----- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.1C6FEE2B9B54622096CFA8CC4A2E3E9E] - 15/07/2013 - 13:33:26 ----- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6BEEA36145ADB71EB7362C2757887EBE] - 07/07/2013 - 23:28:59 ---A- . (...) -- C:\WINDOWS\SplitCam.INI [1431]
~ Files: 19 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.8C01C6B591514E3AEB1B974E628880C7] - 14/07/2013 - 20:53:59 ---A- - C:\WINDOWS\Prefetch\ATFCLEANER.EXE-03EC7580.pf
O45 - LFCP:[MD5.E73A94F95E8BD09B04825A8408EFE559] - 14/07/2013 - 21:59:01 ---A- - C:\WINDOWS\Prefetch\ACPGUI.DLL-12A2162D.pf
O45 - LFCP:[MD5.2BED428D720E990B04034EB98E043903] - 15/07/2013 - 14:24:59 ---A- - C:\WINDOWS\Prefetch\NS3A.TMP-07EE7DAA.pf
O45 - LFCP:[MD5.9212FF0C3D4B4A5A7F52DCCA4F0E1254] - 15/07/2013 - 14:25:00 ---A- - C:\WINDOWS\Prefetch\NS37.TMP-00C17418.pf
O45 - LFCP:[MD5.D138DF0A4EF76FF521E80B1308951032] - 15/07/2013 - 14:45:47 ---A- - C:\WINDOWS\Prefetch\DOT1XCFG.EXE-32C52055.pf
O45 - LFCP:[MD5.766FEF08F3D2B69D47DB5BF98378A3A9] - 15/07/2013 - 15:02:15 ---A- - C:\WINDOWS\Prefetch\TINTOUCH.EXE-20FAB6BA.pf
O45 - LFCP:[MD5.160BE98DE1D24AF9064D6199CA1DF50B] - 15/07/2013 - 15:02:52 ---A- - C:\WINDOWS\Prefetch\CFVIEW.EXE-39EF647D.pf
O45 - LFCP:[MD5.EAD81A8BA07659AB0F36998C8C137AF3] - 15/07/2013 - 15:02:57 ---A- - C:\WINDOWS\Prefetch\CFMAIN.EXE-248234AF.pf
O45 - LFCP:[MD5.843588C3D93CFF4662E2C2429D9B6651] - 16/07/2013 - 20:59:13 ---A- - C:\WINDOWS\Prefetch\MSSWCHX.EXE-2F766758.pf
O45 - LFCP:[MD5.BB8D83ADF31723E91988E3DE8402B88B] - 16/07/2013 - 21:48:30 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-14A9A798.pf
~ Prefetcher: 105 Legitimates Filtered in 00mn 00s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\muzapp.exe" [Enabled] .(...) -- C:\WINDOWS\system32\muzapp.exe (.not file.)
~ Keys Export: 8 Legitimates Filtered in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\IS CfgWiz [Key] . (...) -- C:\Program Files\Norton Internet Security\cfgwiz.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.)
~ SMSR Keys: 12 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.12DAFD934641DCF61E446313BC261EC2] - 13/04/2011 - 00:16:28 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\Drivers\AegisP.sys [21275]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 13/07/2013 - 01:21:39 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\mimeTypes.rdf [7884]
O61 - LFC: 13/07/2013 - 01:29:22 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\bookmarkbackups\bookmarks-2013-07-13.json [208887]
O61 - LFC: 13/07/2013 - 02:32:40 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Stretch - Why did you do it (12_ Maxi-CD) [FLAC]\01 - Why did you do it (One two jazz mix).flac [51654350]
O61 - LFC: 13/07/2013 - 11:54:36 -S-A- C:\Documents and Settings\doud\Application Data\Microsoft\Crypto\RSA\S-1-5-21-3283455342-2650556114-3303121774-1006\00c3b72bbe03013f1ab8615bba1e6f21_25bdc736-ea55-4f21-b60f-6958f24c4c39 [1305]
O61 - LFC: 13/07/2013 - 12:39:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\03 - Stella By Starlight.flac [33838461]
O61 - LFC: 13/07/2013 - 12:49:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\01 - You Don't Know What Love Is.flac [36637262]
O61 - LFC: 13/07/2013 - 13:04:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\05 - Rouse's Point.flac [32699290]
O61 - LFC: 13/07/2013 - 13:19:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\08 - Quarter Moon.flac [32933283]
O61 - LFC: 13/07/2013 - 13:44:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\07 - When Sunny Gets Blue.flac [31381216]
O61 - LFC: 13/07/2013 - 13:54:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\04 - Billy's Blues.flac [51340936]
O61 - LFC: 13/07/2013 - 13:59:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\06 - (There Is) No Greater Love.flac [35509821]
O61 - LFC: 13/07/2013 - 13:59:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\09 - I Should Care.flac [38987747]
O61 - LFC: 13/07/2013 - 14:06:52 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\02 - Lil Rousin'.flac [38743236]
O61 - LFC: 14/07/2013 - 01:25:58 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\adblockplus-rules.json [365283]
O61 - LFC: 14/07/2013 - 01:33:06 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\bookmarkbackups\bookmarks-2013-07-14.json [211050]
O61 - LFC: 14/07/2013 - 20:34:25 ---A- C:\Documents and Settings\doud\Mes documents\registre Ccleaner\cc_20130714_213422.reg [16068] =>Piriform Ltd
O61 - LFC: 14/07/2013 - 20:47:20 ---A- C:\Documents and Settings\doud\Bureau\adwcleaner.exe [662345]
O61 - LFC: 15/07/2013 - 01:27:02 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\bookmarkbackups\bookmarks-2013-07-15.json [212761]
O61 - LFC: 15/07/2013 - 01:56:36 ---A- C:\Documents and Settings\doud\Mes documents\Mon bloc-notes\Classes\knock\susan sarandon\07.jpeg [172624]
O61 - LFC: 15/07/2013 - 01:57:01 ---A- C:\Documents and Settings\doud\Mes documents\Mon bloc-notes\Classes\knock\susan sarandon\02.jpeg [150838]
O61 - LFC: 15/07/2013 - 14:13:16 ---A- C:\Documents and Settings\doud\Mes documents\registre Ccleaner\cc_20130715_151313.reg [3626] =>Piriform Ltd
O61 - LFC: 15/07/2013 - 14:22:11 ---A- C:\Documents and Settings\doud\Mes documents\Téléchargements\Firefox Setup 22.0.exe [22004592]
O61 - LFC: 15/07/2013 - 14:25:00 ---A- C:\Documents and Settings\doud\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [742]
O61 - LFC: 15/07/2013 - 14:25:05 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\extensions.sqlite [524288]
O61 - LFC: 15/07/2013 - 14:25:09 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\search.json [10529]
O61 - LFC: 15/07/2013 - 14:51:05 ---A- C:\Documents and Settings\doud\Mes documents\Téléchargements\MaConfig_win.exe [255856]
O61 - LFC: 15/07/2013 - 22:13:30 ---A- C:\Documents and Settings\doud\UserData\index.dat [32768]
O61 - LFC: 15/07/2013 - 23:48:22 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\bookmarkbackups\bookmarks-2013-07-16.json [213710]
O61 - LFC: 15/07/2013 - 23:48:26 -SHA- C:\Documents and Settings\doud\PrivacIE\index.dat [163840]
O61 - LFC: 16/07/2013 - 00:42:37 ---A- C:\Documents and Settings\doud\Recent\ZHPDiag.txt.lnk [468]
O61 - LFC: 16/07/2013 - 01:22:47 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\healthreport\state.json [89]
O61 - LFC: 16/07/2013 - 01:27:28 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\addons.sqlite [524288]
O61 - LFC: 16/07/2013 - 01:35:48 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\blocklist.xml [73413]
O61 - LFC: 16/07/2013 - 01:52:49 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\localstore-safe.rdf [1170]
O61 - LFC: 16/07/2013 - 01:53:49 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\content-prefs.sqlite [229376]
O61 - LFC: 16/07/2013 - 17:47:55 ---A- C:\Documents and Settings\doud\Recent\Mes vidéos.lnk [462]
O61 - LFC: 16/07/2013 - 17:48:18 ---A- C:\Documents and Settings\doud\Application Data\vlc\ml.xspf [304]
O61 - LFC: 16/07/2013 - 20:56:32 -SHA- C:\Documents and Settings\doud\IETldCache\index.dat [262144]
O61 - LFC: 16/07/2013 - 21:50:58 ---A- C:\Documents and Settings\doud\Mes documents\Téléchargements\ZHPDiag2(1).exe [5003740]
O61 - LFC: 16/07/2013 - 21:55:46 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\pluginreg.dat [5578]
O61 - LFC: 16/07/2013 - 21:58:12 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\webappsstore.sqlite [1146880]
O61 - LFC: 16/07/2013 - 21:58:29 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\dh-media-lists.rdf [520]
O61 - LFC: 16/07/2013 - 21:58:29 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\dh-smart-names.rdf [86012]
O61 - LFC: 16/07/2013 - 21:58:29 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\sessionstore.bak [53193]
O61 - LFC: 16/07/2013 - 21:58:30 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\downloads.sqlite [98304]
O61 - LFC: 16/07/2013 - 21:58:30 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\healthreport.sqlite [1146880]
O61 - LFC: 16/07/2013 - 21:58:33 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\localstore.rdf [18706]
O61 - LFC: 16/07/2013 - 21:58:35 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\cert8.db [229376]
O61 - LFC: 16/07/2013 - 21:58:35 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\key3.db [16384]
O61 - LFC: 16/07/2013 - 21:58:37 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\permissions.sqlite [65536]
O61 - LFC: 16/07/2013 - 21:59:42 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\places.sqlite-shm [32768]
O61 - LFC: 16/07/2013 - 21:59:43 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\webapps\webapps.json [2]
O61 - LFC: 16/07/2013 - 21:59:47 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\adblockplus\elemhide.css [2467433]
O61 - LFC: 16/07/2013 - 21:59:47 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\webappsstore.sqlite-shm [32768]
O61 - LFC: 16/07/2013 - 21:59:47 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\webappsstore.sqlite-wal [0]
O61 - LFC: 16/07/2013 - 21:59:48 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\cookies.sqlite-shm [32768]
O61 - LFC: 16/07/2013 - 21:59:48 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\urlclassifierkey3.txt [154]
O61 - LFC: 16/07/2013 - 21:59:56 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\healthreport.sqlite-shm [32768]
O61 - LFC: 16/07/2013 - 22:00:16 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\prefs.js [18281]
O61 - LFC: 16/07/2013 - 22:00:39 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\cookies.sqlite-wal [590288]
O61 - LFC: 16/07/2013 - 22:01:07 ---A- C:\Documents and Settings\doud\Local Settings\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\startupCache\startupCache.4.little [1325409]
O61 - LFC: 16/07/2013 - 22:05:08 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\formhistory.sqlite [196608]
O61 - LFC: 16/07/2013 - 22:05:09 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\healthreport.sqlite-wal [262368]
O61 - LFC: 16/07/2013 - 22:14:46 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\jetpack\jid0-5zkqw0l5jBWPCHzR9mnB6h7y1tn@jetpack\simple-storage\store.json [80]
O61 - LFC: 16/07/2013 - 22:14:56 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\places.sqlite [10485760]
O61 - LFC: 16/07/2013 - 22:14:57 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\cookies.sqlite [524288]
O61 - LFC: 16/07/2013 - 22:15:01 ---A- C:\Documents and Settings\doud\Local Settings\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\_CACHE_CLEAN_ [1]
O61 - LFC: 16/07/2013 - 22:15:06 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\places.sqlite-wal [98408]
O61 - LFC: 16/07/2013 - 22:15:07 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\sessionstore.js [63958]
~ 3 Fichiers temporaires (Temporary files)
~ 19 Fichiers cookies (Cookies files)
~ Files: 804 Legitimates Filtered in 00mn 32s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 26/08/2010 - C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe (ACPService) .(.Pas de propriétaire - Philips CamSuite service.) - LEGACY_ACPSERVICE
O64 - Services: CurCS - 20/12/2005 - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TAPPSRV) .(.TOSHIBA Corp. - TOSHIBA TAPPSRV.) - LEGACY_TAPPSRV
~ Legacy: 142 Legitimates Filtered in 00mn 01s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.ED400014AF5455974AF5963B7865EF5F] [SPRF][13/04/2011] (...) -- C:\Documents and Settings\doud\Local Settings\Application Data\fusioncache.dat [127]
[MD5.CC198634BCAEF99C50277CC81B14AB27] [SPRF][14/07/2013] (...) -- C:\Documents and Settings\doud\Bureau\adwcleaner.exe [662345]
[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [SPRF][21/04/2011] (.Atribune.org - ATF Cleaner.exe.) -- C:\Documents and Settings\doud\Bureau\ATFCleaner.exe [50688]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.12771 - (14/07/2013)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0
C:\Documents and Settings\doud\Local Settings\Application Data\eSupport.com =>Rogue.RegistryWizard
~ Additionnel Scan: 162047 Items scanned in 00mn 16s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "FD377C6E4C14F4A46B5C8703FF0143F2" . (.Philips CamSuite.) -- C:\WINDOWS\Installer\{E6C773DF-41C4-4A4F-B6C5-7830FF10342F}\ARPPRODUCTICON.exe
~ Update Products: 38 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 687104 | (ACPService) . (...) - C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe
SS - | Demand 14/07/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 28/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 31/08/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/12/2005 405504 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SR - | Auto 18/01/2005 40960 | (CFSvcs) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 28/11/2005 114753 | (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
SS - | Auto 03/05/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 03/05/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 12/06/2013 182184 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 09/06/2013 1777488 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SS - | Demand 02/07/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 28/11/2005 217164 | (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
SR - | Auto 28/11/2005 540745 | (S24EventMonitor) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
SR - | Auto 20/12/2005 35328 | (TAPPSRV) . (.TOSHIBA Corp..) - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
~ Services: Scanned in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by doud at 16/07/2013 23:17:05
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E1311] >> \Device\Harddisk0\DR0[0x8A62BAB8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 13 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by doud at 16/07/2013 23:17:07
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
---\\ Malicius Software Information
~ MSI: 0 link(s) detected in 00mn 04s
~ 1787 Legitimates filtered by white list
End of the scan (543 lines in 01mn 54s)(0)
Run by doud at 16/07/2013 23:15:13
WebSite: http://nicolascoolman.webs.com
State : Problème connexion internet
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 22.0 (Defaut)
OPIE: Opera v12.15
---\\ Windows Product Information
~ Langage: Français
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
Avira AntiVir Personal - Free Antivirus v10.2.0.1950
Malwarebytes Anti-Malware version 1.75.0.1300
---\\ System Optimizer
CCleaner v4.03 =>Piriform Ltd
---\\ Peer To Peer (P2P)
µTorrent v3.3.0.29625 =>P2P.µTorrent
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 25
---\\ System Information
~ Processor: x86 Family 6 Model 14 Stepping 8, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 44 GB (39%) free of 112 GB
---\\ Logged in mode
~ Computer Name: DAVID
~ User Name: doud
~ All Users Names: SUPPORT_388945a0, HelpAssistant, doud, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\doud\Application Data\
~ %Desktop% : C:\Documents and Settings\doud\Bureau\
~ %Favorites% : C:\Documents and Settings\doud\Favoris\
~ %LocalAppData% : C:\Documents and Settings\doud\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\doud\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 112 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
~ Security Center: 30 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.08125B740C62E6DEA9483A15043AD0D5] - (.Microsoft Corporation - Internet Extensions for Win32.) (.07/06/2013 - 22:48:38.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/4
~ Mes musiques (My Musics) : 1/205
~ Mes Videos (My Videos) : 2/68
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 1/5784
~ Mon Bureau (My Desktop) : 0/13
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.BAAB0EECD33888E7BEF52A75B6D6EC30] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [405504] [PID.1088]
[MD5.56DED3ADE453272E6A0AD582D945D1A4] - (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753] [PID.1328]
[MD5.6C5155CC0E805C7BE6028BFF7AC14524] - (.Intel Corporation - Wireless Management Service.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745] [PID.1360]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.1832]
[MD5.41EE3D758BD1B7ACD04136A58B753342] - (.Pas de propriétaire - Philips CamSuite service.) -- C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe [687104] [PID.292]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.432]
[MD5.3CB0CC8879956C187E87E18634EE5164] - (.TOSHIBA CORPORATION - Service of ConfigFree..) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960] [PID.460]
[MD5.4F4D4AA1E0849FECC0CF5AACD59030B5] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182184] [PID.536]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.560]
[MD5.1B2857EF12D79A9F9ADBA14B0637CBF8] - (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164] [PID.604]
[MD5.90861642FD6D8FAFB1408EE26FA93CB4] - (.TOSHIBA Corp. - TOSHIBA TAPPSRV.) -- C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe [35328] [PID.688]
[MD5.53DCD7CEF78CC06692400B339336233B] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761945] [PID.1464]
[MD5.DEA4AC5B44F5A7E4E3DA071D0CDB0740] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [15691264] [PID.1704]
[MD5.33FBA26946FB3BF16294561C97B35E76] - (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe [184320] [PID.1736]
[MD5.F2B869D0B4B765F573BB7B7F80B09DC3] - (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe [88203] [PID.1744]
[MD5.2C0970FBC5A9FB5633B8D80671B3B5C9] - (.TOSHIBA - Hotkey Utility.) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [352256] [PID.1824]
[MD5.E799A7B4431303AAAA11E077DEB379E3] - (.TOSHIBA Corporation - Pas de description.) -- C:\WINDOWS\system32\TPSMain.exe [266240] [PID.1620]
[MD5.74387D88985987ACDF294CCA1622640E] - (.TOSHIBA Corporation - TOSHIBA Virtual Sound Taskbar Module.) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [73728] [PID.1956]
[MD5.5C9A55D801ACCEFA5A6C4F3340BD5623] - (.TOSHIBA Corporation - TFncKy.) -- C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe [184320] [PID.1972]
[MD5.47AF6F1C5BB854376B164C574CCEF481] - (.Synaptics, Inc. - Toshiba Custom PlugIn Application.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe [151552] [PID.1928]
[MD5.57DF8F5D690EB782C532AC4A944145AE] - (.TOSHIBA Corporation - TDispVol.) -- C:\WINDOWS\system32\TDispVol.exe [73728] [PID.2008]
[MD5.E3A9C76AD9192C82F80326ECDDA21C34] - (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLACTRLW.exe [122940] [PID.2024]
[MD5.5A6ACFF04D39D4C16F1FF52682C3B1B0] - (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718] [PID.2060]
[MD5.D4830448B45CDD45F4285DC6E152764F] - (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182] [PID.2068]
[MD5.D1FB260EE5C88B26BF798810130C9590] - (.Sonix - CameraMonitor Application.) -- C:\WINDOWS\vspc1300.exe [675840] [PID.2080]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.2104]
[MD5.FEBC1591E5C0DC87EF9CF3D657B65FC2] - (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536] [PID.2124]
[MD5.547DE23D8D36FD1BBA618EE6A179674C] - (.TOSHIBA - Bluetooth Monitor 2.0.) -- C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe [65536] [PID.2172]
[MD5.1E3FD037E2D137CE1AB7D34950A552D6] - (.TOSHIBA Corporation - Pas de description.) -- C:\WINDOWS\system32\TPSBattM.exe [40960] [PID.2316]
[MD5.3F4313DC74BC851EFEB1094A954ED6F5] - (.Pas de propriétaire - Philips CamSuite GUI module.) -- C:\Program Files\Philips\CamSuite\2.0.15.0\ACPGUI.dll [765952] [PID.4076]
[MD5.0335FD5493864EAC41785FA92C3D5E1D] - (.Intel Corporation - Intel 802.1x Server.) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe [397381] [PID.3476]
[MD5.69C494AE77EC2CFC31FD4B0D7AB6F24A] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [1777488] [PID.3444]
[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120] [PID.1144]
[MD5.C8D28F8B498CADBB9445AC4545BD41B7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [920472] [PID.6068]
[MD5.E9349A03FD81B4806714A16796B5E20A] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.4804]
[MD5.864F3E37BCF2F9BB998414673F1C215A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7711232] [PID.4724]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2196]
[MD5.8648D670AE0D95C95E7BBB5B80661796] - (.Microsoft Corporation - MS DTC console program.) -- C:\WINDOWS\system32\msdtc.exe [6144] [PID.3996]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] . (.TOSHIBA - Hotkey Utility.) -- C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] . (.TOSHIBA Corporation - Pas de description.) -- C:\WINDOWS\system32\TPSMain.exe
O4 - HKLM\..\Run: [Tvs] . (.TOSHIBA Corporation - TOSHIBA Virtual Sound Taskbar Module.) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] . (.TOSHIBA Corporation - TDispVol.) -- C:\WINDOWS\system32\TDispVol.exe
O4 - HKLM\..\Run: [DLA] . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\System32\DLA\DLACTRLW.exe
O4 - HKLM\..\Run: [IntelZeroConfig] . (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] . (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
O4 - HKLM\..\Run: [spc1300] . (.Sonix - CameraMonitor Application.) -- C:\WINDOWS\vspc1300.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-3283455342-2650556114-3303121774-1006\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-3283455342-2650556114-3303121774-1006\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Programs: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1302648429724
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363432584876
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE73419-96B5-4197-AA37-5F00DD5031F1}: DhcpNameServer = 194.158.122.10 194.158.122.15
O17 - HKLM\System\CS1\Services\Tcpip\..\{7FE73419-96B5-4197-AA37-5F00DD5031F1}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{7FE73419-96B5-4197-AA37-5F00DD5031F1}: DhcpNameServer = 194.158.122.10 194.158.122.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.158.122.10 194.158.122.15
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ACPService (ACPService) . (.Pas de propriétaire - Philips CamSuite service.) - C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) . (.TOSHIBA Corp. - TOSHIBA TAPPSRV.) - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
~ Services: 12 Legitimates Filtered in 00mn 03s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\doud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\doud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: SplitCam - (.SplitCam Co.) [HKLM] -- SplitCam
~ Logic: 135 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\SplitCam]
[HKCU\Software\flv2avi]
[HKCU\Software\vfcC]
[HKLM\Software\vfcC]
~ Key Software: 191 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/03/2013 - 05:50:19 - [185,898] ----D C:\Program Files\SplitCam
O43 - CFD: 15/08/2011 - 23:22:45 - [7,271] ----D C:\Program Files\Fichiers communs\wsm
O43 - CFD: 20/03/2013 - 03:46:01 - [0,000] ----D C:\Documents and Settings\doud\Application Data\Nuclear Coffee
O43 - CFD: 16/04/2011 - 01:10:13 - [0,003] ----D C:\Documents and Settings\doud\Menu Démarrer\Programmes\SplitCam
~ Program Folder: 148 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9BF07C2013ECEC0FBE3E02C5BFF2D6E0] - 15/07/2013 - 13:33:26 ----- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.1C6FEE2B9B54622096CFA8CC4A2E3E9E] - 15/07/2013 - 13:33:26 ----- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6BEEA36145ADB71EB7362C2757887EBE] - 07/07/2013 - 23:28:59 ---A- . (...) -- C:\WINDOWS\SplitCam.INI [1431]
~ Files: 19 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.8C01C6B591514E3AEB1B974E628880C7] - 14/07/2013 - 20:53:59 ---A- - C:\WINDOWS\Prefetch\ATFCLEANER.EXE-03EC7580.pf
O45 - LFCP:[MD5.E73A94F95E8BD09B04825A8408EFE559] - 14/07/2013 - 21:59:01 ---A- - C:\WINDOWS\Prefetch\ACPGUI.DLL-12A2162D.pf
O45 - LFCP:[MD5.2BED428D720E990B04034EB98E043903] - 15/07/2013 - 14:24:59 ---A- - C:\WINDOWS\Prefetch\NS3A.TMP-07EE7DAA.pf
O45 - LFCP:[MD5.9212FF0C3D4B4A5A7F52DCCA4F0E1254] - 15/07/2013 - 14:25:00 ---A- - C:\WINDOWS\Prefetch\NS37.TMP-00C17418.pf
O45 - LFCP:[MD5.D138DF0A4EF76FF521E80B1308951032] - 15/07/2013 - 14:45:47 ---A- - C:\WINDOWS\Prefetch\DOT1XCFG.EXE-32C52055.pf
O45 - LFCP:[MD5.766FEF08F3D2B69D47DB5BF98378A3A9] - 15/07/2013 - 15:02:15 ---A- - C:\WINDOWS\Prefetch\TINTOUCH.EXE-20FAB6BA.pf
O45 - LFCP:[MD5.160BE98DE1D24AF9064D6199CA1DF50B] - 15/07/2013 - 15:02:52 ---A- - C:\WINDOWS\Prefetch\CFVIEW.EXE-39EF647D.pf
O45 - LFCP:[MD5.EAD81A8BA07659AB0F36998C8C137AF3] - 15/07/2013 - 15:02:57 ---A- - C:\WINDOWS\Prefetch\CFMAIN.EXE-248234AF.pf
O45 - LFCP:[MD5.843588C3D93CFF4662E2C2429D9B6651] - 16/07/2013 - 20:59:13 ---A- - C:\WINDOWS\Prefetch\MSSWCHX.EXE-2F766758.pf
O45 - LFCP:[MD5.BB8D83ADF31723E91988E3DE8402B88B] - 16/07/2013 - 21:48:30 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-14A9A798.pf
~ Prefetcher: 105 Legitimates Filtered in 00mn 00s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\muzapp.exe" [Enabled] .(...) -- C:\WINDOWS\system32\muzapp.exe (.not file.)
~ Keys Export: 8 Legitimates Filtered in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\IS CfgWiz [Key] . (...) -- C:\Program Files\Norton Internet Security\cfgwiz.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.)
~ SMSR Keys: 12 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.12DAFD934641DCF61E446313BC261EC2] - 13/04/2011 - 00:16:28 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\Drivers\AegisP.sys [21275]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 13/07/2013 - 01:21:39 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\mimeTypes.rdf [7884]
O61 - LFC: 13/07/2013 - 01:29:22 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\bookmarkbackups\bookmarks-2013-07-13.json [208887]
O61 - LFC: 13/07/2013 - 02:32:40 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Stretch - Why did you do it (12_ Maxi-CD) [FLAC]\01 - Why did you do it (One two jazz mix).flac [51654350]
O61 - LFC: 13/07/2013 - 11:54:36 -S-A- C:\Documents and Settings\doud\Application Data\Microsoft\Crypto\RSA\S-1-5-21-3283455342-2650556114-3303121774-1006\00c3b72bbe03013f1ab8615bba1e6f21_25bdc736-ea55-4f21-b60f-6958f24c4c39 [1305]
O61 - LFC: 13/07/2013 - 12:39:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\03 - Stella By Starlight.flac [33838461]
O61 - LFC: 13/07/2013 - 12:49:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\01 - You Don't Know What Love Is.flac [36637262]
O61 - LFC: 13/07/2013 - 13:04:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\05 - Rouse's Point.flac [32699290]
O61 - LFC: 13/07/2013 - 13:19:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\08 - Quarter Moon.flac [32933283]
O61 - LFC: 13/07/2013 - 13:44:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\07 - When Sunny Gets Blue.flac [31381216]
O61 - LFC: 13/07/2013 - 13:54:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\04 - Billy's Blues.flac [51340936]
O61 - LFC: 13/07/2013 - 13:59:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\06 - (There Is) No Greater Love.flac [35509821]
O61 - LFC: 13/07/2013 - 13:59:45 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\09 - I Should Care.flac [38987747]
O61 - LFC: 13/07/2013 - 14:06:52 ---A- C:\Documents and Settings\doud\Mes documents\Ma musique\Charlie Rouse Quartet - Yeah! (2007 Remaster) (FLAC)\02 - Lil Rousin'.flac [38743236]
O61 - LFC: 14/07/2013 - 01:25:58 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\adblockplus-rules.json [365283]
O61 - LFC: 14/07/2013 - 01:33:06 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\bookmarkbackups\bookmarks-2013-07-14.json [211050]
O61 - LFC: 14/07/2013 - 20:34:25 ---A- C:\Documents and Settings\doud\Mes documents\registre Ccleaner\cc_20130714_213422.reg [16068] =>Piriform Ltd
O61 - LFC: 14/07/2013 - 20:47:20 ---A- C:\Documents and Settings\doud\Bureau\adwcleaner.exe [662345]
O61 - LFC: 15/07/2013 - 01:27:02 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\bookmarkbackups\bookmarks-2013-07-15.json [212761]
O61 - LFC: 15/07/2013 - 01:56:36 ---A- C:\Documents and Settings\doud\Mes documents\Mon bloc-notes\Classes\knock\susan sarandon\07.jpeg [172624]
O61 - LFC: 15/07/2013 - 01:57:01 ---A- C:\Documents and Settings\doud\Mes documents\Mon bloc-notes\Classes\knock\susan sarandon\02.jpeg [150838]
O61 - LFC: 15/07/2013 - 14:13:16 ---A- C:\Documents and Settings\doud\Mes documents\registre Ccleaner\cc_20130715_151313.reg [3626] =>Piriform Ltd
O61 - LFC: 15/07/2013 - 14:22:11 ---A- C:\Documents and Settings\doud\Mes documents\Téléchargements\Firefox Setup 22.0.exe [22004592]
O61 - LFC: 15/07/2013 - 14:25:00 ---A- C:\Documents and Settings\doud\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [742]
O61 - LFC: 15/07/2013 - 14:25:05 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\extensions.sqlite [524288]
O61 - LFC: 15/07/2013 - 14:25:09 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\search.json [10529]
O61 - LFC: 15/07/2013 - 14:51:05 ---A- C:\Documents and Settings\doud\Mes documents\Téléchargements\MaConfig_win.exe [255856]
O61 - LFC: 15/07/2013 - 22:13:30 ---A- C:\Documents and Settings\doud\UserData\index.dat [32768]
O61 - LFC: 15/07/2013 - 23:48:22 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\bookmarkbackups\bookmarks-2013-07-16.json [213710]
O61 - LFC: 15/07/2013 - 23:48:26 -SHA- C:\Documents and Settings\doud\PrivacIE\index.dat [163840]
O61 - LFC: 16/07/2013 - 00:42:37 ---A- C:\Documents and Settings\doud\Recent\ZHPDiag.txt.lnk [468]
O61 - LFC: 16/07/2013 - 01:22:47 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\healthreport\state.json [89]
O61 - LFC: 16/07/2013 - 01:27:28 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\addons.sqlite [524288]
O61 - LFC: 16/07/2013 - 01:35:48 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\blocklist.xml [73413]
O61 - LFC: 16/07/2013 - 01:52:49 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\localstore-safe.rdf [1170]
O61 - LFC: 16/07/2013 - 01:53:49 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\content-prefs.sqlite [229376]
O61 - LFC: 16/07/2013 - 17:47:55 ---A- C:\Documents and Settings\doud\Recent\Mes vidéos.lnk [462]
O61 - LFC: 16/07/2013 - 17:48:18 ---A- C:\Documents and Settings\doud\Application Data\vlc\ml.xspf [304]
O61 - LFC: 16/07/2013 - 20:56:32 -SHA- C:\Documents and Settings\doud\IETldCache\index.dat [262144]
O61 - LFC: 16/07/2013 - 21:50:58 ---A- C:\Documents and Settings\doud\Mes documents\Téléchargements\ZHPDiag2(1).exe [5003740]
O61 - LFC: 16/07/2013 - 21:55:46 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\pluginreg.dat [5578]
O61 - LFC: 16/07/2013 - 21:58:12 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\webappsstore.sqlite [1146880]
O61 - LFC: 16/07/2013 - 21:58:29 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\dh-media-lists.rdf [520]
O61 - LFC: 16/07/2013 - 21:58:29 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\dh-smart-names.rdf [86012]
O61 - LFC: 16/07/2013 - 21:58:29 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\sessionstore.bak [53193]
O61 - LFC: 16/07/2013 - 21:58:30 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\downloads.sqlite [98304]
O61 - LFC: 16/07/2013 - 21:58:30 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\healthreport.sqlite [1146880]
O61 - LFC: 16/07/2013 - 21:58:33 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\localstore.rdf [18706]
O61 - LFC: 16/07/2013 - 21:58:35 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\cert8.db [229376]
O61 - LFC: 16/07/2013 - 21:58:35 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\key3.db [16384]
O61 - LFC: 16/07/2013 - 21:58:37 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\permissions.sqlite [65536]
O61 - LFC: 16/07/2013 - 21:59:42 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\places.sqlite-shm [32768]
O61 - LFC: 16/07/2013 - 21:59:43 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\webapps\webapps.json [2]
O61 - LFC: 16/07/2013 - 21:59:47 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\adblockplus\elemhide.css [2467433]
O61 - LFC: 16/07/2013 - 21:59:47 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\webappsstore.sqlite-shm [32768]
O61 - LFC: 16/07/2013 - 21:59:47 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\webappsstore.sqlite-wal [0]
O61 - LFC: 16/07/2013 - 21:59:48 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\cookies.sqlite-shm [32768]
O61 - LFC: 16/07/2013 - 21:59:48 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\urlclassifierkey3.txt [154]
O61 - LFC: 16/07/2013 - 21:59:56 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\healthreport.sqlite-shm [32768]
O61 - LFC: 16/07/2013 - 22:00:16 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\prefs.js [18281]
O61 - LFC: 16/07/2013 - 22:00:39 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\cookies.sqlite-wal [590288]
O61 - LFC: 16/07/2013 - 22:01:07 ---A- C:\Documents and Settings\doud\Local Settings\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\startupCache\startupCache.4.little [1325409]
O61 - LFC: 16/07/2013 - 22:05:08 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\formhistory.sqlite [196608]
O61 - LFC: 16/07/2013 - 22:05:09 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\healthreport.sqlite-wal [262368]
O61 - LFC: 16/07/2013 - 22:14:46 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\jetpack\jid0-5zkqw0l5jBWPCHzR9mnB6h7y1tn@jetpack\simple-storage\store.json [80]
O61 - LFC: 16/07/2013 - 22:14:56 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\places.sqlite [10485760]
O61 - LFC: 16/07/2013 - 22:14:57 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\cookies.sqlite [524288]
O61 - LFC: 16/07/2013 - 22:15:01 ---A- C:\Documents and Settings\doud\Local Settings\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\_CACHE_CLEAN_ [1]
O61 - LFC: 16/07/2013 - 22:15:06 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\places.sqlite-wal [98408]
O61 - LFC: 16/07/2013 - 22:15:07 ---A- C:\Documents and Settings\doud\Application Data\Mozilla\Firefox\Profiles\8pa53wdj.default\sessionstore.js [63958]
~ 3 Fichiers temporaires (Temporary files)
~ 19 Fichiers cookies (Cookies files)
~ Files: 804 Legitimates Filtered in 00mn 32s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 26/08/2010 - C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe (ACPService) .(.Pas de propriétaire - Philips CamSuite service.) - LEGACY_ACPSERVICE
O64 - Services: CurCS - 20/12/2005 - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe (TAPPSRV) .(.TOSHIBA Corp. - TOSHIBA TAPPSRV.) - LEGACY_TAPPSRV
~ Legacy: 142 Legitimates Filtered in 00mn 01s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.ED400014AF5455974AF5963B7865EF5F] [SPRF][13/04/2011] (...) -- C:\Documents and Settings\doud\Local Settings\Application Data\fusioncache.dat [127]
[MD5.CC198634BCAEF99C50277CC81B14AB27] [SPRF][14/07/2013] (...) -- C:\Documents and Settings\doud\Bureau\adwcleaner.exe [662345]
[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [SPRF][21/04/2011] (.Atribune.org - ATF Cleaner.exe.) -- C:\Documents and Settings\doud\Bureau\ATFCleaner.exe [50688]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.12771 - (14/07/2013)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0
C:\Documents and Settings\doud\Local Settings\Application Data\eSupport.com =>Rogue.RegistryWizard
~ Additionnel Scan: 162047 Items scanned in 00mn 16s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "FD377C6E4C14F4A46B5C8703FF0143F2" . (.Philips CamSuite.) -- C:\WINDOWS\Installer\{E6C773DF-41C4-4A4F-B6C5-7830FF10342F}\ARPPRODUCTICON.exe
~ Update Products: 38 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 687104 | (ACPService) . (...) - C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe
SS - | Demand 14/07/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 28/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 31/08/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/12/2005 405504 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SR - | Auto 18/01/2005 40960 | (CFSvcs) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 28/11/2005 114753 | (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
SS - | Auto 03/05/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 03/05/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 12/06/2013 182184 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 09/06/2013 1777488 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SS - | Demand 02/07/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 28/11/2005 217164 | (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
SR - | Auto 28/11/2005 540745 | (S24EventMonitor) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
SR - | Auto 20/12/2005 35328 | (TAPPSRV) . (.TOSHIBA Corp..) - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
~ Services: Scanned in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by doud at 16/07/2013 23:17:05
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E1311] >> \Device\Harddisk0\DR0[0x8A62BAB8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 13 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by doud at 16/07/2013 23:17:07
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
---\\ Malicius Software Information
~ MSI: 0 link(s) detected in 00mn 04s
~ 1787 Legitimates filtered by white list
End of the scan (543 lines in 01mn 54s)(0)
yoann090
Messages postés
9180
Date d'inscription
mercredi 12 août 2009
Statut
Contributeur sécurité
Dernière intervention
13 avril 2016
1 689
Modifié par yoann090 le 17/07/2013 à 19:04
Modifié par yoann090 le 17/07/2013 à 19:04
Ben non celui là je l'avais déja c'est celui de votre pc à vous que je demandais .
Edit : Autant pour moi j'ai confondu 2 discussions et je croyais que vous parliez du pc de votre amie qui avait un problème alors que vous faisiez juste une comparaison
Edit : Autant pour moi j'ai confondu 2 discussions et je croyais que vous parliez du pc de votre amie qui avait un problème alors que vous faisiez juste une comparaison
yoann090
Messages postés
9180
Date d'inscription
mercredi 12 août 2009
Statut
Contributeur sécurité
Dernière intervention
13 avril 2016
1 689
17 juil. 2013 à 19:06
17 juil. 2013 à 19:06
Re,
Non je ne vois vraiment rien de particulier,
Supprimez ce fichier si vous le trouvé : C:\Documents and Settings\doud\Local Settings\Application Data\eSupport.com
Non je ne vois vraiment rien de particulier,
Supprimez ce fichier si vous le trouvé : C:\Documents and Settings\doud\Local Settings\Application Data\eSupport.com