MON PC RAME
steph42vert
Messages postés
117
Statut
Membre
-
freezer master Messages postés 265 Statut Membre -
freezer master Messages postés 265 Statut Membre -
Bonjour,
Voila depuis quelques temps mon ordi rame enormement au demarrage et egalement parfois par la suite (blocage complet)
j ai fait un scan avec ZHP voici le resultat :
Rapport de ZHPDiag v2013.6.10.15 par Nicolas Coolman, Update du 10/06/2013
Run by PC1 at 02/09/2013 09:51:47
WebSite: https://nicolascoolman.webs.com/
State : Nouvelle version disponible
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 23.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
Avira Free Antivirus v13.0.0.3885
---\\ System Optimizer
CCleaner v3.23 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 25
---\\ System Information
~ Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 511 MB (5% free)
System Restore: Activé (Enable)
System drive C: has 12 GB (30%) free of 38 GB
---\\ Logged in mode
~ Computer Name: PC1-FA27360137D
~ User Name: PC1
~ All Users Names: SUPPORT_388945a0, PC1, pain d'épice joyeux, mylène, HelpAssistant, clément, carine, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\PC1\Application Data\
~ %Desktop% : C:\Documents and Settings\PC1\Bureau\
~ %Favorites% : C:\Documents and Settings\PC1\Favoris\
~ %LocalAppData% : C:\Documents and Settings\PC1\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\PC1\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 38 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
~ Security Center: 33 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.E1948293F7CBC38987270432935D8D05] - (.Microsoft Corporation - Internet Extensions for Win32.) (.26/07/2013 - 03:47:15.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 40s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1836
~ Mes musiques (My Musics) : 1/43
~ Mes Videos (My Videos) : 2/45
~ Mes Favoris (My Favorites) : 1/51
~ Mes Documents (My Documents) : 6/5086
~ Mon Bureau (My Desktop) : 1/64
~ Menu demarrer (Programs) : 0/30
~ Hidden Files: Scanned in 04mn 00s
---\\ Processus lancés
[MD5.99387251353598C939592FAF40DF8AA9] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024] [PID.1188]
[MD5.5C9B1D83755B36237B70F95DF3D46A52] - (.Microsoft Corporation - DDE Réseau - Communication DDE.) -- C:\WINDOWS\system32\netdde.exe [114176] [PID.1292]
[MD5.8491FDA93507F2F27FFBA11372764086] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088] [PID.1328]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1360]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1384]
[MD5.9ECF00E19736054E019C532AED8228FC] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182184] [PID.1560]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.1648]
[MD5.0FEBE37DB6650FAA5965C00545009D1D] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 93.71.) -- C:\WINDOWS\system32\nvsvc32.exe [159810] [PID.1696]
[MD5.D31F88C5F19EEFA366A415D6BC5F2ABC] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.1728]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.356]
[MD5.68C105908A54D734D2B154DB546F562E] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76856] [PID.420]
[MD5.04BDC34F8E4191009CE66851CAE8B5D3] - (.Avira Operations GmbH & Co. KG - Avira Updater.) -- C:\Program Files\Avira\AntiVir Desktop\update.exe [598584] [PID.2980]
[MD5.FC100C146D4E1F3D6F0EB3476EEBC61B] - (.Avira Operations GmbH & Co. KG - Avira Updater remote GUI.) -- C:\Program Files\Avira\AntiVir Desktop\updrgui.exe [44088] [PID.3008]
[MD5.7E52CC3AE4C554DABDAB096157F367FF] - (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe [60416] [PID.3424]
[MD5.4631FF0EE2964CCDC646AF807CB778F5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144] [PID.3460]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.3500]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.3660]
[MD5.3A32FAFEEE290E6E6C058DE59EC4EC88] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7478272] [PID.1920]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [276376] [PID.2292]
~ Processes Running: Scanned in 01mn 19s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\PC1\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [mamnihopcnbfnbfnnneplcohmnkkpipb] Illimitux v.1.0 (Activé)
~ Google Browser: 6 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\PC1\Application Data\Mozilla\Firefox\Profiles\fj8lv7c5.default\prefs.js
M2 - MFEP: prefs.js [PC1 - fj8lv7c5.default\fireform@mozilla.org] [] fireform v0.7.4 (..)
M2 - MFEP: prefs.js [PC1 - fj8lv7c5.default\zigboom@hotmail.com] [] BlackFox V2 v2.0.8 (..)
M2 - MFEP: prefs.js [PC1 - fj8lv7c5.default\{5c8c1470-d247-11e0-9572-0800200c9a66}(2)] [] FT Evo v2.0.4.3 (..)
M2 - MFEP: prefs.js [PC1 - fj8lv7c5.default\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}] [] Tamper Data v11.0.1 (..)
~ Firefox Browser: 20 Legitimates Filtered in 00mn 12s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 1
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
~ BHO: 7 Legitimates Filtered in 00mn 03s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [UserFaultCheck] Clé orpheline
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Documents and Settings\PC1\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1993962763-920026266-682003330-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1993962763-920026266-682003330-1003\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Documents and Settings\PC1\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 02s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: NSSstub.lnk . (...) -- C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe (.not file.)
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Lecteur Windows Media.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 13s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 07s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/hardwaredetection/hardwaredetection_3_1_2_0.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C687F06-01D9-4BF7-B0EF-82EAE19A9BD0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8C687F06-01D9-4BF7-B0EF-82EAE19A9BD0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8C687F06-01D9-4BF7-B0EF-82EAE19A9BD0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 01s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 01s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (...) -- WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 01s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 9 Legitimates Filtered in 00mn 42s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: (no name) - file:C:\Documents and Settings\clément\Mes documents\Pink Waves.html
~ Desktop Component: 4 Legitimates Filtered in 00mn 02s
---\\ Logiciels installés (O42)
O42 - Logiciel: Dino Island - (...) [HKLM] -- {1A96B1A9-3D8B-4E41-ADB8-8CACCD14CA14}
~ Logic: 109 Legitimates Filtered in 01mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\3DFA]
[HKCU\Software\AAS]
[HKCU\Software\Stoff]
[HKCU\Software\softpop23]
[HKLM\Software\InfinityProject]
~ Key Software: 222 Legitimates Filtered in 01mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/02/2012 - 13:20:26 - [2,782] ----D C:\Program Files\RealWorld Cursor Editor
O43 - CFD: 19/11/2012 - 11:57:02 - [0] ----D C:\Program Files\yes
O43 - CFD: 11/02/2012 - 19:01:33 - [1,103] ----D C:\Documents and Settings\PC1\Application Data\RealWorld
O43 - CFD: 13/08/2013 - 17:47:07 - [0] ----D C:\Documents and Settings\PC1\Application Data\wam
O43 - CFD: 22/01/2012 - 11:31:47 - [0,030] ----D C:\Documents and Settings\PC1\Local Settings\Application Data\Livingston_Technologies
O43 - CFD: 07/02/2010 - 15:26:05 - [0] ----D C:\Documents and Settings\PC1\Menu Démarrer\Programmes\Jeux
~ Program Folder: 186 Legitimates Filtered in 07mn 40s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.846B48B93D641D83793B6F240B195E9B] - 02/09/2013 - 08:42:04 ---A- . (...) -- C:\WINDOWS\system32\nvapps.xml [88566]
O44 - LFC:[MD5.A51D09E5C5FAE12F5E08AE63508D70CF] - 02/09/2013 - 08:34:03 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.B6B7E6A0E1AFDC20378468E30658F984] - 02/09/2013 - 08:31:47 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.FC428CE959E5237E67F1459BDD6CABFB] - 31/08/2013 - 11:53:31 ---A- . (...) -- C:\WINDOWS\comsetup.log [18800]
O44 - LFC:[MD5.85CD398F7A81A9951B7C0B3BD65E638C] - 31/08/2013 - 11:53:31 ---A- . (...) -- C:\WINDOWS\iis6.log [60384]
O44 - LFC:[MD5.14F3F2577CE3910F49E33E512C96495B] - 31/08/2013 - 11:53:31 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [11359]
O44 - LFC:[MD5.FCADC8B4C82165C365B010574BE87A77] - 31/08/2013 - 11:53:30 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.D68C85CB62849AAAC4C7D155C16977F8] - 31/08/2013 - 11:53:30 ---A- . (...) -- C:\WINDOWS\ocmsn.log [3078]
O44 - LFC:[MD5.2FC52CAFA809331E21209672A629E65D] - 31/08/2013 - 11:53:30 ---A- . (...) -- C:\WINDOWS\tabletoc.log [2799]
O44 - LFC:[MD5.AFC179204372149987F2B7A8EDCB2FE0] - 31/08/2013 - 11:53:30 ---A- . (...) -- C:\WINDOWS\tsoc.log [25389]
O44 - LFC:[MD5.B577C87F78F5FA4616514F8A42441033] - 31/08/2013 - 11:53:29 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [3825]
O44 - LFC:[MD5.BED53882C2658FBA44E616E628A4A1E3] - 31/08/2013 - 11:53:29 ---A- . (...) -- C:\WINDOWS\msgsocm.log [2781]
O44 - LFC:[MD5.F1CD27F8AE7369E5BBDE934318CEE82D] - 31/08/2013 - 11:53:29 ---A- . (...) -- C:\WINDOWS\netfxocm.log [9747]
O44 - LFC:[MD5.A89687A18904863C9634056BD020A97E] - 31/08/2013 - 11:53:29 ---A- . (...) -- C:\WINDOWS\ocgen.log [26604]
O44 - LFC:[MD5.63B312B65CCFF40ECDA1ACD356B8323D] - 31/08/2013 - 11:53:27 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [55646]
O44 - LFC:[MD5.E78DF5B1B0B8B563474098F9CEF652A0] - 31/08/2013 - 11:53:20 ---A- . (...) -- C:\WINDOWS\msmqinst.log [17286]
O44 - LFC:[MD5.268E1F8ED226E0CB8AE8C8C8EF7D4D22] - 31/08/2013 - 11:52:52 ---A- . (...) -- C:\WINDOWS\updspapi.log [4459]
O44 - LFC:[MD5.3CA900EE0B69A80CF21F8BC43483BC64] - 31/08/2013 - 11:51:27 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.564B3C6E2CAD5F64B44FA1A286F1E8AE] - 31/08/2013 - 11:22:30 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [250118]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 27/08/2013 - 10:29:58 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.57159B5E89F2DEBA768C4A1DF6387AEE] - 23/08/2013 - 18:19:55 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver Resource DLL.) -- C:\WINDOWS\system32\usbaaplrc.dll [6112864]
O44 - LFC:[MD5.6E421CCC57059B0186C6259CA3B6DFC9] - 23/08/2013 - 18:19:55 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\Drivers\usbaapl.sys [45056]
~ Files: 48 Legitimates Filtered in 12mn 10s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Ares\Ares.exe" [Enabled] .(...) -- C:\Program Files\Ares\Ares.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\DOCUME~1\PC1\LOCALS~1\Temp\bot.exe" [Enabled] .(...) -- C:\DOCUME~1\PC1\LOCALS~1\Temp\bot.exe (.not file.)
~ Keys Export: 34 Legitimates Filtered in 00mn 36s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 02s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
~ MWPS: 9 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=
~ MWPE Keys: 9 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.8525B88D8E902E7B587FCA034B298693] - 08/12/2003 - 10:53:38 ---A- . (.THOMSON - Helper.) -- C:\WINDOWS\system32\Drivers\alcacr.sys [3968]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: OTL - (.OldTimer.)
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 15/01/2007 - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (NBService) .(.Nero AG - Nero BackItUp.) - LEGACY_NBSERVICE
O64 - Services: CurCS - 17/10/2002 - C:\WINDOWS\system32\drivers\sisidex.sys (sisidex) .(.Windows (R) 2000 DDK provider - SISIDEX Driver.) - LEGACY_SISIDEX
~ Legacy: 158 Legitimates Filtered in 00mn 18s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [PC1 - fj8lv7c5.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {E809FC30-B94E-48D5-A5CF-236BD9AE4723} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {676813F4-0045-4FFE-8E37-86236F923B69} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {676813F4-0045-4FFE-8E37-86236F923B69} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
~ Keys: Scanned in 00mn 01s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.4754539F6D178B84DE28DBCBE7CDA23A] [SPRF][08/04/2013] (...) -- C:\Documents and Settings\PC1\Bureau\avira_free_antivirus.exe [2092792]
[MD5.4ADCFEE16EE9978F06157634669D36FB] [SPRF][08/07/2013] (.OldTimer Tools - Pas de description.) -- C:\Documents and Settings\PC1\Bureau\OTL.exe [602112]
~ Files: Scanned in 00mn 03s
---\\ Scan Additionnel (O88)
Database Version : v2.12437 - (10/06/2013)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange
~ Additionnel Scan: 260851 Items scanned in 07mn 09s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "79407899D9A1CF9449F9CE4F89A6ABF1" . (.ForceDownload.) -- C:\WINDOWS\Installer\{99870497-1A9D-49FC-949F-ECF4986ABA1F}\ARPPRODUCTICON.exe
~ Update Products: 96 Legitimates Filtered in 00mn 04s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 01/07/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 01/07/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 06/10/2009 133104 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 06/10/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 16/08/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 23/06/2013 182184 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SS - | Demand 17/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 15/01/2007 774144 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Disabled 15/01/2007 266240 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
SR - | Auto 22/10/2006 159810 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 03/03/2006 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: Scanned in 00mn 30s
~ 1077 Legitimates filtered by white list
End of the scan (453 lines in 38mn 49s)(0)
Voila depuis quelques temps mon ordi rame enormement au demarrage et egalement parfois par la suite (blocage complet)
j ai fait un scan avec ZHP voici le resultat :
Rapport de ZHPDiag v2013.6.10.15 par Nicolas Coolman, Update du 10/06/2013
Run by PC1 at 02/09/2013 09:51:47
WebSite: https://nicolascoolman.webs.com/
State : Nouvelle version disponible
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 23.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
Avira Free Antivirus v13.0.0.3885
---\\ System Optimizer
CCleaner v3.23 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 25
---\\ System Information
~ Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 511 MB (5% free)
System Restore: Activé (Enable)
System drive C: has 12 GB (30%) free of 38 GB
---\\ Logged in mode
~ Computer Name: PC1-FA27360137D
~ User Name: PC1
~ All Users Names: SUPPORT_388945a0, PC1, pain d'épice joyeux, mylène, HelpAssistant, clément, carine, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\PC1\Application Data\
~ %Desktop% : C:\Documents and Settings\PC1\Bureau\
~ %Favorites% : C:\Documents and Settings\PC1\Favoris\
~ %LocalAppData% : C:\Documents and Settings\PC1\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\PC1\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 38 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
~ Security Center: 33 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.E1948293F7CBC38987270432935D8D05] - (.Microsoft Corporation - Internet Extensions for Win32.) (.26/07/2013 - 03:47:15.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 40s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1836
~ Mes musiques (My Musics) : 1/43
~ Mes Videos (My Videos) : 2/45
~ Mes Favoris (My Favorites) : 1/51
~ Mes Documents (My Documents) : 6/5086
~ Mon Bureau (My Desktop) : 1/64
~ Menu demarrer (Programs) : 0/30
~ Hidden Files: Scanned in 04mn 00s
---\\ Processus lancés
[MD5.99387251353598C939592FAF40DF8AA9] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024] [PID.1188]
[MD5.5C9B1D83755B36237B70F95DF3D46A52] - (.Microsoft Corporation - DDE Réseau - Communication DDE.) -- C:\WINDOWS\system32\netdde.exe [114176] [PID.1292]
[MD5.8491FDA93507F2F27FFBA11372764086] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088] [PID.1328]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1360]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1384]
[MD5.9ECF00E19736054E019C532AED8228FC] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182184] [PID.1560]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.1648]
[MD5.0FEBE37DB6650FAA5965C00545009D1D] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 93.71.) -- C:\WINDOWS\system32\nvsvc32.exe [159810] [PID.1696]
[MD5.D31F88C5F19EEFA366A415D6BC5F2ABC] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.1728]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.356]
[MD5.68C105908A54D734D2B154DB546F562E] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76856] [PID.420]
[MD5.04BDC34F8E4191009CE66851CAE8B5D3] - (.Avira Operations GmbH & Co. KG - Avira Updater.) -- C:\Program Files\Avira\AntiVir Desktop\update.exe [598584] [PID.2980]
[MD5.FC100C146D4E1F3D6F0EB3476EEBC61B] - (.Avira Operations GmbH & Co. KG - Avira Updater remote GUI.) -- C:\Program Files\Avira\AntiVir Desktop\updrgui.exe [44088] [PID.3008]
[MD5.7E52CC3AE4C554DABDAB096157F367FF] - (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe [60416] [PID.3424]
[MD5.4631FF0EE2964CCDC646AF807CB778F5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144] [PID.3460]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.3500]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.3660]
[MD5.3A32FAFEEE290E6E6C058DE59EC4EC88] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7478272] [PID.1920]
[MD5.B4CF3FB7E9B8EA69757541DCE6CA20ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [276376] [PID.2292]
~ Processes Running: Scanned in 01mn 19s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\PC1\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [mamnihopcnbfnbfnnneplcohmnkkpipb] Illimitux v.1.0 (Activé)
~ Google Browser: 6 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\PC1\Application Data\Mozilla\Firefox\Profiles\fj8lv7c5.default\prefs.js
M2 - MFEP: prefs.js [PC1 - fj8lv7c5.default\fireform@mozilla.org] [] fireform v0.7.4 (..)
M2 - MFEP: prefs.js [PC1 - fj8lv7c5.default\zigboom@hotmail.com] [] BlackFox V2 v2.0.8 (..)
M2 - MFEP: prefs.js [PC1 - fj8lv7c5.default\{5c8c1470-d247-11e0-9572-0800200c9a66}(2)] [] FT Evo v2.0.4.3 (..)
M2 - MFEP: prefs.js [PC1 - fj8lv7c5.default\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}] [] Tamper Data v11.0.1 (..)
~ Firefox Browser: 20 Legitimates Filtered in 00mn 12s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 1
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
~ BHO: 7 Legitimates Filtered in 00mn 03s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [UserFaultCheck] Clé orpheline
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Documents and Settings\PC1\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1993962763-920026266-682003330-1003\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1993962763-920026266-682003330-1003\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Documents and Settings\PC1\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn 02s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: NSSstub.lnk . (...) -- C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe (.not file.)
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Lecteur Windows Media.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 13s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 07s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/hardwaredetection/hardwaredetection_3_1_2_0.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C687F06-01D9-4BF7-B0EF-82EAE19A9BD0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8C687F06-01D9-4BF7-B0EF-82EAE19A9BD0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{8C687F06-01D9-4BF7-B0EF-82EAE19A9BD0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 01s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 01s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (...) -- WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 01s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 9 Legitimates Filtered in 00mn 42s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: (no name) - file:C:\Documents and Settings\clément\Mes documents\Pink Waves.html
~ Desktop Component: 4 Legitimates Filtered in 00mn 02s
---\\ Logiciels installés (O42)
O42 - Logiciel: Dino Island - (...) [HKLM] -- {1A96B1A9-3D8B-4E41-ADB8-8CACCD14CA14}
~ Logic: 109 Legitimates Filtered in 01mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\3DFA]
[HKCU\Software\AAS]
[HKCU\Software\Stoff]
[HKCU\Software\softpop23]
[HKLM\Software\InfinityProject]
~ Key Software: 222 Legitimates Filtered in 01mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/02/2012 - 13:20:26 - [2,782] ----D C:\Program Files\RealWorld Cursor Editor
O43 - CFD: 19/11/2012 - 11:57:02 - [0] ----D C:\Program Files\yes
O43 - CFD: 11/02/2012 - 19:01:33 - [1,103] ----D C:\Documents and Settings\PC1\Application Data\RealWorld
O43 - CFD: 13/08/2013 - 17:47:07 - [0] ----D C:\Documents and Settings\PC1\Application Data\wam
O43 - CFD: 22/01/2012 - 11:31:47 - [0,030] ----D C:\Documents and Settings\PC1\Local Settings\Application Data\Livingston_Technologies
O43 - CFD: 07/02/2010 - 15:26:05 - [0] ----D C:\Documents and Settings\PC1\Menu Démarrer\Programmes\Jeux
~ Program Folder: 186 Legitimates Filtered in 07mn 40s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.846B48B93D641D83793B6F240B195E9B] - 02/09/2013 - 08:42:04 ---A- . (...) -- C:\WINDOWS\system32\nvapps.xml [88566]
O44 - LFC:[MD5.A51D09E5C5FAE12F5E08AE63508D70CF] - 02/09/2013 - 08:34:03 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.B6B7E6A0E1AFDC20378468E30658F984] - 02/09/2013 - 08:31:47 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.FC428CE959E5237E67F1459BDD6CABFB] - 31/08/2013 - 11:53:31 ---A- . (...) -- C:\WINDOWS\comsetup.log [18800]
O44 - LFC:[MD5.85CD398F7A81A9951B7C0B3BD65E638C] - 31/08/2013 - 11:53:31 ---A- . (...) -- C:\WINDOWS\iis6.log [60384]
O44 - LFC:[MD5.14F3F2577CE3910F49E33E512C96495B] - 31/08/2013 - 11:53:31 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [11359]
O44 - LFC:[MD5.FCADC8B4C82165C365B010574BE87A77] - 31/08/2013 - 11:53:30 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.D68C85CB62849AAAC4C7D155C16977F8] - 31/08/2013 - 11:53:30 ---A- . (...) -- C:\WINDOWS\ocmsn.log [3078]
O44 - LFC:[MD5.2FC52CAFA809331E21209672A629E65D] - 31/08/2013 - 11:53:30 ---A- . (...) -- C:\WINDOWS\tabletoc.log [2799]
O44 - LFC:[MD5.AFC179204372149987F2B7A8EDCB2FE0] - 31/08/2013 - 11:53:30 ---A- . (...) -- C:\WINDOWS\tsoc.log [25389]
O44 - LFC:[MD5.B577C87F78F5FA4616514F8A42441033] - 31/08/2013 - 11:53:29 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [3825]
O44 - LFC:[MD5.BED53882C2658FBA44E616E628A4A1E3] - 31/08/2013 - 11:53:29 ---A- . (...) -- C:\WINDOWS\msgsocm.log [2781]
O44 - LFC:[MD5.F1CD27F8AE7369E5BBDE934318CEE82D] - 31/08/2013 - 11:53:29 ---A- . (...) -- C:\WINDOWS\netfxocm.log [9747]
O44 - LFC:[MD5.A89687A18904863C9634056BD020A97E] - 31/08/2013 - 11:53:29 ---A- . (...) -- C:\WINDOWS\ocgen.log [26604]
O44 - LFC:[MD5.63B312B65CCFF40ECDA1ACD356B8323D] - 31/08/2013 - 11:53:27 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [55646]
O44 - LFC:[MD5.E78DF5B1B0B8B563474098F9CEF652A0] - 31/08/2013 - 11:53:20 ---A- . (...) -- C:\WINDOWS\msmqinst.log [17286]
O44 - LFC:[MD5.268E1F8ED226E0CB8AE8C8C8EF7D4D22] - 31/08/2013 - 11:52:52 ---A- . (...) -- C:\WINDOWS\updspapi.log [4459]
O44 - LFC:[MD5.3CA900EE0B69A80CF21F8BC43483BC64] - 31/08/2013 - 11:51:27 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.564B3C6E2CAD5F64B44FA1A286F1E8AE] - 31/08/2013 - 11:22:30 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [250118]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 27/08/2013 - 10:29:58 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.57159B5E89F2DEBA768C4A1DF6387AEE] - 23/08/2013 - 18:19:55 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver Resource DLL.) -- C:\WINDOWS\system32\usbaaplrc.dll [6112864]
O44 - LFC:[MD5.6E421CCC57059B0186C6259CA3B6DFC9] - 23/08/2013 - 18:19:55 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\Drivers\usbaapl.sys [45056]
~ Files: 48 Legitimates Filtered in 12mn 10s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Ares\Ares.exe" [Enabled] .(...) -- C:\Program Files\Ares\Ares.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\DOCUME~1\PC1\LOCALS~1\Temp\bot.exe" [Enabled] .(...) -- C:\DOCUME~1\PC1\LOCALS~1\Temp\bot.exe (.not file.)
~ Keys Export: 34 Legitimates Filtered in 00mn 36s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 02s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
~ MWPS: 9 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=
~ MWPE Keys: 9 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.8525B88D8E902E7B587FCA034B298693] - 08/12/2003 - 10:53:38 ---A- . (.THOMSON - Helper.) -- C:\WINDOWS\system32\Drivers\alcacr.sys [3968]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: OTL - (.OldTimer.)
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 15/01/2007 - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (NBService) .(.Nero AG - Nero BackItUp.) - LEGACY_NBSERVICE
O64 - Services: CurCS - 17/10/2002 - C:\WINDOWS\system32\drivers\sisidex.sys (sisidex) .(.Windows (R) 2000 DDK provider - SISIDEX Driver.) - LEGACY_SISIDEX
~ Legacy: 158 Legitimates Filtered in 00mn 18s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [PC1 - fj8lv7c5.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {E809FC30-B94E-48D5-A5CF-236BD9AE4723} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {676813F4-0045-4FFE-8E37-86236F923B69} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {676813F4-0045-4FFE-8E37-86236F923B69} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis
~ Keys: Scanned in 00mn 01s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.4754539F6D178B84DE28DBCBE7CDA23A] [SPRF][08/04/2013] (...) -- C:\Documents and Settings\PC1\Bureau\avira_free_antivirus.exe [2092792]
[MD5.4ADCFEE16EE9978F06157634669D36FB] [SPRF][08/07/2013] (.OldTimer Tools - Pas de description.) -- C:\Documents and Settings\PC1\Bureau\OTL.exe [602112]
~ Files: Scanned in 00mn 03s
---\\ Scan Additionnel (O88)
Database Version : v2.12437 - (10/06/2013)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange
~ Additionnel Scan: 260851 Items scanned in 07mn 09s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "79407899D9A1CF9449F9CE4F89A6ABF1" . (.ForceDownload.) -- C:\WINDOWS\Installer\{99870497-1A9D-49FC-949F-ECF4986ABA1F}\ARPPRODUCTICON.exe
~ Update Products: 96 Legitimates Filtered in 00mn 04s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 01/07/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 01/07/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 06/10/2009 133104 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 06/10/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 16/08/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 23/06/2013 182184 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SS - | Demand 17/08/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 15/01/2007 774144 | (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Disabled 15/01/2007 266240 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
SR - | Auto 22/10/2006 159810 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 03/03/2006 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: Scanned in 00mn 30s
~ 1077 Legitimates filtered by white list
End of the scan (453 lines in 38mn 49s)(0)
A voir également:
- MON PC RAME
- Pc qui rame - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Plus de son sur mon pc - Guide
- Double ecran pc - Guide
8 réponses
microsoft windows xp
professionnal
version 2002
version pack 3
ordi/INTEL (R)
pentium(r) 4cpu
2.60ghz
2.59ghz 512 mo de ram
ca te va ??
professionnal
version 2002
version pack 3
ordi/INTEL (R)
pentium(r) 4cpu
2.60ghz
2.59ghz 512 mo de ram
ca te va ??
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question