Sujet Précédent Sujet Suivant

Ordinateur lent

Fermé
pointeur46 Messages postés 12 Date d'inscription dimanche 1 janvier 2012 Statut Membre Dernière intervention 22 juillet 2014 - 21 juil. 2014 à 12:37
pointeur46 Messages postés 12 Date d'inscription dimanche 1 janvier 2012 Statut Membre Dernière intervention 22 juillet 2014 - 22 juil. 2014 à 13:38
Bonjour,

Mon PC présente des signes de faiblesses ! J'ai régulièrement des bugs types "ce programme ne répond plus" sur des fichiers pourtant simple (EXCEL et WORD notamment)

J'ai un rapport ZHP DIAG

Y a -t- il un problème ?
Que dois je faire ensuite ?
Merci d'avance

~ Rapport de ZHPDiag v2014.7.19.106 - Nicolas Coolman (19/07/2014)
~ Lancé par baptiste (21/07/2014 12:29:58)
~ Adresse du Site Web https://nicolascoolman.eu
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 30.0
GCIE: Google Chrome v36.0.1985.125 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Logiciels de protection du système
Sophos Anti-Virus v10.0.12

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2972 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 164 GB (70%) free of 233 GB

---\\ Mode de connexion au système
~ Computer Name: OS46-HP4510-J4Z
~ User Name: baptiste
~ All Users Names: USER2, SUPPORT_388945a0, SophosSAUOS46-HP4510, HelpAssistant, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\baptiste\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\baptiste\Application Data\
~ %Desktop% : C:\Documents and Settings\baptiste\Bureau\
~ %Favorites% : C:\Documents and Settings\baptiste\Favoris\
~ %LocalAppData% : C:\Documents and Settings\baptiste\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\baptiste\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 164 Go of 233 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 42 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.06/03/2014 - 18:58:52.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/38
~ Mes musiques (My Musics) : 20/1172
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 1/26
~ Mes Documents (My Documents) : 2/2624
~ Mon Bureau (My Desktop) : 0/70
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.FBCB7769AD007618049FBCA8F96CDB51] - (.Sophos Limited - Sophos Client Firewall management service..) -- C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe [150552] [PID.828]
[MD5.A0CA043F435BC603BCFD543D9B9A755C] - (.Sophos Limited - Sophos Client Firewall service executable.) -- C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe [89112] [PID.880]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.540]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1056]
[MD5.DAA15FD8165CE9E2423AB40D1A843FF6] - (.SEIKO EPSON CORPORATION - EPSON USB Display Ver.1.46.) -- C:\Program Files\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [104424] [PID.568]
[MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [112152] [PID.736]
[MD5.986E0F3BE701B232B8913DE59C7ADC7C] - (.IBM - wnsd.) -- C:\Program Files\lotus\notes\nsd.exe [3397000] [PID.988]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- c:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.388]
[MD5.218D58976C01C60657818ED0EAC81602] - (.IBM Corp - IBM Lotus Notes/Domino.) -- C:\Program Files\lotus\notes\ntmulti.exe [58760] [PID.1028]
[MD5.3E3AC2BE7467EB3AFE1131154A886C6C] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [777240] [PID.1176]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [185632] [PID.2156]
[MD5.987704F962C0C4FD00A6A46492F5F26A] - (.Sophos Limited - Sophos Administrator Service.) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [215848] [PID.2324]
[MD5.86AED86C7198CFC797CEEEAF936DAB14] - (.Solid Documents, LLC - Solid Spool Service.) -- C:\WINDOWS\Installer\MSI4F.tmp [189688] [PID.2352]
[MD5.3068CF091B4334B998380E9C877F5549] - (.Sophos Limited - Sophos Agent.) -- C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe [289856] [PID.2416]
[MD5.1ABE4E5F76932F78C64741272D1AD9AF] - (.Sophos Limited - Sophos AutoUpdate Service..) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe [341800] [PID.2680]
[MD5.1C3D8A4B93A97E3C46B3D01F6F321DC4] - (.Sophos Limited - Sophos Message Router.) -- C:\Program Files\Sophos\Remote Management System\RouterNT.exe [818240] [PID.2904]
[MD5.BD03374253F79CE7A716A870DC85BD84] - (.Sophos Limited - Sophos Web Control Service.) -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400] [PID.2932]
[MD5.B3379659D773BFDD3B631F5FEE2FF2B3] - (.Sophos Limited - Sophos Web Intelligence.) -- C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2869824] [PID.3884]
[MD5.0A03E85A641F2672796D34F506066594] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [93040] [PID.516]
[MD5.259FEAB3A2E562C699C7006885EC5C73] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files\TightVNC\tvnserver.exe [815704] [PID.1416]
[MD5.09D6E63083396F41B9A2B04CBFB26542] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1044480] [PID.2800]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.3908]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.2604]
[MD5.9233AF32A4BD905B1CF7F01E783496B8] - (.Sophos Limited - Sophos Endpoint Security and Control.) -- C:\Program Files\Sophos\AutoUpdate\almon.exe [1617704] [PID.3404]
[MD5.C948AC73822CA662CF44185B909EA18B] - (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe [720064] [PID.2300]
[MD5.4C4CF9220E628D1378F9807EC5175488] - (.Microsoft Corporation - ActiveSync Connection Manager.) -- C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [1289000] [PID.2888]
[MD5.3C8989CF2B59228785F16B3EB547F58C] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176] [PID.2872]
[MD5.29DAE77A8E67400A3F687AF64068ADB7] - (.Panasonic Corporation - Pas de description.) -- C:\Program Files\Fichiers communs\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe [292800] [PID.3016]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe [228552] [PID.2060]
[MD5.463790AEF94D8EAB674631257F53252E] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.328]
[MD5.DCFC84480C76D862D9BFD386EA6E8DE7] - (.Microsoft Corporation - ActiveSync RAPI Manager.) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe [199464] [PID.548]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.5236]
[MD5.795DEE08BD7076C1ED14C44FF49406D8] - (.IBM Corp - IBM Lotus Notes/Domino.) -- C:\Program Files\lotus\notes\NLNOTES.exe [1676680] [PID.5940]
[MD5.886197138C41316D83C336CAC0EB2938] - (.IBM - Lotus Notes.) -- C:\Program Files\lotus\notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.1.20090925-1604\win32\x86\notes2.exe [79120] [PID.2340]
[MD5.F483C20D3FA2E6BE480E91431413A7B7] - (.IBM Corp - IBM Lotus Notes/Domino.) -- C:\Program Files\lotus\notes\ntaskldr.exe [15752] [PID.6060]
[MD5.E5517D0908CA75EEF9633A93FF3F0408] - (.Microsoft Corporation - Microsoft Help Center Service.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe [744448] [PID.5504]
[MD5.B43E68B8A022FB00FF54360D408E871B] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [860488] [PID.4584]
[MD5.19A0A39635A48351A75D92938586FA72] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8078848] [PID.3428]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.fr/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.7 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.7.7, (Activé)
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pbmbgangfmfbhnngbdgkplhjnfoaeihd] i-beta v.0.1.8 (Désactivé) =>PUP.i-Beta
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Google Docs]
G2 - EXT: C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive]
G2 - EXT: C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube]
G2 - EXT: C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google]
G2 - EXT: C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [AdBlock]
G2 - EXT: C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd [i-beta] =>PUP.i-Beta
G2 - EXT: C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail]
~ Google Lines Browser: 27 Scanned in 00mn 03s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [baptiste - 0dei0qn8.default\youtubemp3podcaster@jeremy.d.gregorio.com] [] Youtube MP3 Podcaster v3.3.4 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.9.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 11 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.9.) (No version) -- (.not file.)
~ IE Browser: 13 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = taureaux;*.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
O1 - Hosts: 172.18.20.3 AS400
O1 - Hosts: 172.18.20.15 roulans1
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 23



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: i-beta - {ded2e6b6-d56b-4ccb-89b1-cd99f8b4fc4d} . (...) -- C:\Program Files\i-beta.com\i-beta.com extension\adxloader.dll =>PUP.i-Beta
~ BHO: 8 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HPCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [zCpqset] . (...) -- C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Client Access Service] . (.IBM Corporation - cwbsvstr.exe.) -- C:\Program Files\IBM\Client Access\cwbsvstr.exe
O4 - HKLM\..\Run: [tvncontrol] . (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files\TightVNC\tvnserver.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [EPSON_UD_START] . (.SEIKO EPSON CORPORATION - EPSON USB Display Ver.1.46.) -- C:\Program Files\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe
O4 - HKLM\..\Run: [Standby] . (.Corel - Standby service.) -- C:\Program Files\Fichiers communs\Corel\Standby\Standby.exe
O4 - HKLM\..\Run: [Synchronization Manager] . (.Microsoft Corporation - Gestionnaire de synchronisation Microsoft.) -- C:\WINDOWS\system32\mobsync.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Sophos AutoUpdate Monitor] . (.Sophos Limited - Sophos Endpoint Security and Control.) -- C:\Program Files\Sophos\AutoUpdate\almon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] . (.Microsoft Corporation - ActiveSync Connection Manager.) -- C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-2744914890-3689387504-2337509716-2125\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2744914890-3689387504-2337509716-2125\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.exe
O4 - HKUS\S-1-5-21-2744914890-3689387504-2337509716-2125\..\Run: [H/PC Connection Agent] . (.Microsoft Corporation - ActiveSync Connection Manager.) -- C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
O4 - HKUS\S-1-5-21-2744914890-3689387504-2337509716-2125\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - ActiveSync Favorite Synchronization.) -- C:\Program Files\MICROS~2\INetRepl.dll
O9 - Extra button: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Clé orpheline
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Winsock: 4 Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1254126437171
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F59DA0F7-E865-4038-807A-FD0970D5A2AE}: NameServer = 172.18.26.3,172.18.20.18
O17 - HKLM\System\CS1\Services\Tcpip\..\{F59DA0F7-E865-4038-807A-FD0970D5A2AE}: NameServer = 172.18.26.3,172.18.20.18
O17 - HKLM\System\CS3\Services\Tcpip\..\{F59DA0F7-E865-4038-807A-FD0970D5A2AE}: NameServer = 172.18.26.3,172.18.20.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = UPRADOM.local
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Sophos Limited - Sophos Buffer Overrun Protection.) - C:\Program Files\Sophos\Sophos Anti-Virus\sophos_detoured.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ SSODL: 5 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - YSLoader.exe.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EMP_UDSA (EMP_UDSA) . (.SEIKO EPSON CORPORATION - EPSON USB Display Ver.1.46.) - C:\Program Files\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Diagnostics Lotus Notes (Lotus Notes Diagnostics) . (.IBM - wnsd.) - C:\Program Files\lotus\notes\nsd.exe
O23 - Service: Multi-user Cleanup Service (Multi-user Cleanup Service) . (.IBM Corp - IBM Lotus Notes/Domino.) - C:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) . (.Sophos Limited - Sophos Administrator Service.) - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) . (.Sophos Limited - Performs virus scanning and disinfection fu.) - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: SolidConverterPDFv4ReadSpool (SCPDFV4ReadSpool) . (.Solid Documents, LLC - Solid Spool Service.) - C:\WINDOWS\Installer\MSI4F.tmp
O23 - Service: Sophos Agent (Sophos Agent) . (.Sophos Limited - Sophos Agent.) - C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
O23 - Service: Sophos AutoUpdate Service (Sophos AutoUpdate Service) . (.Sophos Limited - Sophos AutoUpdate Service..) - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Sophos Client Firewall (Sophos Client Firewall) . (.Sophos Limited - Sophos Client Firewall service executable.) - C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe
O23 - Service: Sophos Client Firewall Manager (Sophos Client Firewall Manager) . (.Sophos Limited - Sophos Client Firewall management service..) - C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe
O23 - Service: Sophos Message Router (Sophos Message Router) . (.Sophos Limited - Sophos Message Router.) - C:\Program Files\Sophos\Remote Management System\RouterNT.exe
O23 - Service: Sophos Web Control Service (Sophos Web Control Service) . (.Sophos Limited - Sophos Web Control Service.) - C:\Program Files\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
O23 - Service: Sophos Web Intelligence Service (swi_service) . (.Sophos Limited - Sophos Web Intelligence.) - C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
O23 - Service: Sophos Web Intelligence Update (swi_update) . (.Sophos Limited - Sophos Web Intelligence.) - C:\Documents and Settings\All Users\Application Data\Sophos\Web Intelligence\swi_update.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TightVNC Server (tvnserver) . (.GlavSoft LLC. - TightVNC Server for Windows.) - C:\Program Files\TightVNC\tvnserver.exe
~ Services: 22 Scanned in 00mn 04s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office14\WINWORD.exe
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\baptiste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\baptiste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.A6B6AB9502B63F43A9A56AE6AFB22078] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [262320]
[MD5.1A7C926500301EE92D7F1582C1DFFF8F] [APT] [Contr"le 12h15] (.Sophos Limited.) -- C:\Program Files\Sophos\Sophos Anti-Virus\BackgroundScanClient.exe [66344]
[MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files\GoforFiles\GFFUpdater.exe (.not file.) [0] =>P2P.GoforFiles
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.65E28D3A8E2126F5638726CCF12B3F2E] [APT] [wavepadShakeIcon] (.NCH Software.) -- C:\Program Files\NCH Swift Sound\WavePad\wavepad.exe [2025476]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Contrôle 12h15.job [530]
O39 - APT: GoforFilesUpdate - (...) -- C:\WINDOWS\Tasks\GoforFilesUpdate.job [282] =>P2P.GoforFiles
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1056]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1060]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [228]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [222]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{751C0405-193D-41F3-86A8-488F0B3FCCA4}.job [436]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D3C6F859-729D-4B2D-AD95-8F91311F26A2}.job [436]
O39 - APT: wavepadShakeIcon - (.NCH Software.) -- C:\WINDOWS\Tasks\wavepadShakeIcon.job [288]
~ Scheduled Task: 17 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Mise à jour de la version d'Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 14.0 r0.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_14_0_0_145.ocx
O40 - ASIC: Installed Component - S-1-5-21-2744914890-3689387504-2337509716-2125 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID
~ Active Setup: 19 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (SAVOnAccessControl) . (.Sophos Limited - SAV On-access and HIPS for Windows XP (x86).) - C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys
O41 - Driver: (SAVOnAccessFilter) . (.Sophos Limited - SAV On-access and HIPS for Windows XP (x86).) - C:\WINDOWS\system32\DRIVERS\savonaccessfilter.sys
O41 - Driver: (scfdriver) . (.Sophos Limited - Sophos Firewall Driver.) - C:\WINDOWS\system32\Drivers\scfdriver.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (SKMScan) . (.Sophos Plc - Sophos Kernel Memory Scanner (x86).) - C:\WINDOWS\system32\DRIVERS\skmscan.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
~ Drivers: 75 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 14 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.9) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {AAC5D43E-816D-4C2D-8E51-55FFF35BE301}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {18D47FA1-0440-48D3-A7E0-DA09537FF471}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Canon MF Toolbox 4.7.0.0.mf04 - (...) [HKLM] -- {132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}
O42 - Logiciel: CommonTime mNotes (04.03.07.03) - (.CommonTime.) [HKLM] -- {CB4B3D87-6132-493C-8910-339DCDAD2281}
O42 - Logiciel: Contents - (.Corel Corporation.) [HKLM] -- {6BCD1560-6292-4A70-A808-C0FE414A7DB4}
O42 - Logiciel: Corel VideoStudio 2010 - (.Corel Corporation.) [HKLM] -- _{CBC7FF57-42A3-414E-B8EA-D971C986BA40}
O42 - Logiciel: DVDFab HD Decrypter 4.1.2.0 - (.Fengtao Software Inc..) [HKLM] -- DVDFab HD Decrypter 4_is1
O42 - Logiciel: DeviceIO - (.Corel Corporation.) [HKLM] -- {624885E1-2458-4F12-A975-EA368C3523FA}
O42 - Logiciel: EPSON USB Display - (.SEIKO EPSON CORPORATION.) [HKLM] -- {7650F538-6274-44EA-8F50-843479073333}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HD Writer AE 5.0 - (.Panasonic Corporation.) [HKLM] -- {433E3E7F-4510-41F9-B9FB-55D8ECB30259}
O42 - Logiciel: HP Help and Support - (.HPQ.) [HKLM] -- {A93C4E94-1005-489D-BEAA-B873C1AA6CFC}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {818ABC3C-635C-4651-8183-D0E9640B7DD1}
O42 - Logiciel: HP Webcam - (.CyberLink Corp..) [HKLM] -- InstallShield_{F639E2A2-FE6B-4527-B8BE-C1C423B81844}
O42 - Logiciel: HP Webcam - (.CyberLink Corp..) [HKLM] -- {F639E2A2-FE6B-4527-B8BE-C1C423B81844}
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: IBM iSeries Access for Windows - (...) [HKLM] -- ClientAccessExpress
O42 - Logiciel: ICA - (.Corel Corporation.) [HKLM] -- {CBC7FF57-42A3-414E-B8EA-D971C986BA40}
O42 - Logiciel: IPM_V - (.Corel Corporation.) [HKLM] -- {72327FA3-281D-4BC6-AB4C-FA24BDF352D5}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}
O42 - Logiciel: Lotus Notes 8.5.1 fr - (.IBM.) [HKLM] -- {9EFC9CD8-21A3-45A8-B218-F1D74CAC81DB}
O42 - Logiciel: MLE - (.Corel Corporation.) [HKLM] -- {2DD9C2F1-CC6E-449D-935B-4111396EF19F}
O42 - Logiciel: MSN - (...) [HKLM] -- MSNINST
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E}
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94}
O42 - Logiciel: Microsoft ActiveSync - (.Microsoft Corporation.) [HKLM] -- {99052DB7-9592-4522-A558-5417BBAD48EE}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Mozilla Firefox 30.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 30.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Nokia Connectivity Cable Driver - (...) [HKLM] -- {BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}
O42 - Logiciel: PDF Complete - (.PDF Complete, Inc..) [HKLM] -- PDF Complete
O42 - Logiciel: PL-2303 USB-to-Serial - (...) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: Photo Redim 1.0 - (.Médiasphère.) [HKLM] -- PhotoRedim_is1
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: Pilotes Canon MF - (...) [HKLM] -- {01B93B3A-283F-411B-A648-69CABCACC986}
O42 - Logiciel: PureHD - (.Corel Corporation.) [HKLM] -- {20DFB114-5520-4BEE-B276-4A4204E1FBB4}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
O42 - Logiciel: Roxio Activation Module - (.Roxio.) [HKLM] -- {EC877639-07AB-495C-BFD1-D63AF9140810}
O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
O42 - Logiciel: Roxio Creator Business - (.Roxio.) [HKLM] -- {537BF16E-7412-448C-95D8-846E85A1D817}
O42 - Logiciel: Roxio Creator Business v10 - (.Roxio.) [HKLM] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB}
O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693}
O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Roxio MyDVD - (.Roxio.) [HKLM] -- {30A2A953-DEB1-466A-B660-F4399C7C6B9D}
O42 - Logiciel: SHARP MX Series PCL/PS Printer Driver - (.SHARP.) [HKLM] -- SHARP MX-2300 2700 3500 4500 Series PCL PS Printer Driver
O42 - Logiciel: SIM MAX - (.SIM MAX.) [HKLM] -- {DAC0B889-5359-4FDC-893A-2B8EF6B71B6F}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Setup - (.Corel Corporation.) [HKLM] -- {CAA96826-BDE8-4B17-97C4-45ACFCD90D5E}
O42 - Logiciel: Share - (.Corel Corporation.) [HKLM] -- {E0B7F981-EA26-491A-A975-E3AB4748E9FA}
O42 - Logiciel: Solid Converter PDF v4 - (.SolidDocuments.) [HKLM] -- {56BFAA6E-2BCC-4AED-9233-84731E66B205}
O42 - Logiciel: Sonic CinePlayer Decoder Pack - (.Sonic Solutions.) [HKLM] -- {8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}
O42 - Logiciel: Sony USB Driver - (...) [HKLM] -- {5C29CB8B-AC1E-4114-8D68-9CD080140D4A}
O42 - Logiciel: Sophos Anti-Virus - (.Sophos Limited.) [HKLM] -- {9ACB414D-9347-40B6-A453-5EFB2DB59DFA}
O42 - Logiciel: Sophos AutoUpdate - (.Sophos Limited.) [HKLM] -- {D924231F-D02D-4E0B-B511-CC4A0E3ED547}
O42 - Logiciel: Sophos Client Firewall - (.Sophos Limited.) [HKLM] -- {12C00299-B8B4-40D3-9663-66ABEA3198AB}
O42 - Logiciel: Sophos Remote Management System - (.Sophos Limited.) [HKLM] -- {FED1005D-CBC8-45D5-A288-FFC7BB304121}
O42 - Logiciel: The SAS System V8 - (...) [HKLM] -- SAS v8
O42 - Logiciel: TightVNC 2.0 - (.GlavSoft LLC..) [HKLM] -- TightVNC
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM] -- {7A2BB1C8-903D-4585-9F3B-CADD67D07D37}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: Utilitaires LAN-Fax - (...) [HKLM] -- Utilitaires LAN-Fax
O42 - Logiciel: VDS10 - (.Corel Corporation.) [HKLM] -- {652BCEE6-463A-4A8E-A6E3-FCFED88345E0}
O42 - Logiciel: VIO - (.Corel Corporation.) [HKLM] -- {F3FA8952-2C42-452A-BA22-2F7BDEC8D310}
O42 - Logiciel: VNC Personal Edition P4.2.5 - (.RealVNC Ltd..) [HKLM] -- RealVNC_is1
O42 - Logiciel: WavePad - Logiciel d'édition audio - (.NCH Software.) [HKLM] -- WavePad
O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Encoder 9 Series - (...) [HKLM] -- Windows Media Encoder 9
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: i-beta.com extension - (.i-beta.com.) [HKLM] -- {37BE563C-6020-43A7-BB6C-3BEDE8BFA1BD} =>PUP.i-Beta
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2F21564D-DE05-4C6D-B21E-08B9D313FAB3}
~ Logic: 81 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\Analog Devices]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Corel]
[HKCU\Software\CyberLink]
[HKCU\Software\DVDFab]
[HKCU\Software\DivXNetworks]
[HKCU\Software\GoforFiles] =>P2P.GoforFiles
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IBM]
[HKCU\Software\IndigoSTAR]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\Lotus]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\ORL]
[HKCU\Software\PDFComplete]
[HKCU\Software\Panasonic]
[HKCU\Software\Policies]
[HKCU\Software\RICOH]
[HKCU\Software\RealVNC]
[HKCU\Software\SHARP]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SolidDocuments]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Sophos]
[HKCU\Software\Symantec]
[HKCU\Software\Ulead Systems]
[HKCU\Software\Ulead]
[HKCU\Software\WinRAR]
[HKCU\Software\i-beta] =>PUP.i-Beta
[HKLM\Software\13fe]
[HKLM\Software\1516]
[HKLM\Software\Adobe]
[HKLM\Software\Analog Devices]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BroadCom]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CommonTime]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Corel]
[HKLM\Software\CyberLink]
[HKLM\Software\DVDFab]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IBM]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\Lake]
[HKLM\Software\Licenses]
[HKLM\Software\Lotus]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MicroVision]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\NOS]
[HKLM\Software\ODBC]
[HKLM\Software\PDFComplete]
[HKLM\Software\Panasonic]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Prolific Technology INC]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SAS Institute Inc.]
[HKLM\Software\SEIKO EPSON CORPORATION]
[HKLM\Software\SHARP]
[HKLM\Software\SONY PVC]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\SolidDocuments]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Sophos]
[HKLM\Software\Symantec]
[HKLM\Software\TUGZip]
[HKLM\Software\TomTom]
[HKLM\Software\Ulead Systems]
[HKLM\Software\WholeSecurity]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\illiminable]
[HKLM\Software\lameme]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
~ Key Software: 293 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/06/2011 - 16:50:54 - [] ----D C:\Program Files\Adobe
O43 - CFD: 28/09/2009 - 11:28:02 - [] ----D C:\Program Files\Analog Devices
O43 - CFD: 18/02/2013 - 16:34:19 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 11/02/2013 - 17:16:56 - [] ----D C:\Program Files\Bonjour
O43 - CFD: 17/11/2013 - 23:18:32 - [] ----D C:\Program Files\Bullfrog
O43 - CFD: 10/05/2010 - 19:30:17 - [] ----D C:\Program Files\Canon
O43 - CFD: 16/09/2011 - 16:26:28 - [] ----D C:\Program Files\CommonTime
O43 - CFD: 25/09/2009 - 14:01:57 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 21/05/2012 - 12:27:04 - [] ----D C:\Program Files\Corel
O43 - CFD: 04/05/2012 - 13:43:51 - [] ----D C:\Program Files\DVDFab HD Decrypter 4
O43 - CFD: 08/02/2012 - 12:29:57 - [] ----D C:\Program Files\EPSON Projector
O43 - CFD: 18/07/2014

7 réponses

Réponse 1 / 7
Bluesmoothie Messages postés 414 Date d'inscription lundi 10 février 2014 Statut Membre Dernière intervention 3 août 2017 39
21 juil. 2014 à 14:20
Poste ton raport sur cjoint.com car il est trop gros pour tenir dans un message :/
0
Réponse 2 / 7
pointeur46 Messages postés 12 Date d'inscription dimanche 1 janvier 2012 Statut Membre Dernière intervention 22 juillet 2014
21 juil. 2014 à 17:15
oups désolé, voici le lien :

https://www.cjoint.com/?3GvroWqMCdw
0
Réponse 3 / 7
pointeur46 Messages postés 12 Date d'inscription dimanche 1 janvier 2012 Statut Membre Dernière intervention 22 juillet 2014
21 juil. 2014 à 17:49
voici le rapport ADW cleaner :

# AdwCleaner v3.216 - Rapport créé le 21/07/2014 à 17:42:32
# Mis à jour le 17/07/2014 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : baptiste - OS46-HP4510-J4Z
# Exécuté depuis : C:\Documents and Settings\baptiste\Mes documents\Downloads\adwcleaner_3.216.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Program Files\goforfiles
Dossier Supprimé : C:\Program Files\i-beta.com
Dossier Supprimé : C:\Program Files\NCH Software
Dossier Supprimé : C:\Documents and Settings\baptiste\Application Data\goforfiles
Dossier Supprimé : C:\Documents and Settings\baptiste\Application Data\Mozilla\Firefox\Profiles\0dei0qn8.default\Extensions\plugin@i-beta.com
[!] Dossier Supprimé : C:\Documents and Settings\Antoine\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd
[!] Dossier Supprimé : C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd
Fichier Supprimé : C:\WINDOWS\Tasks\GoforFilesUpdate.job

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DED2E6B6-D56B-4CCB-89B1-CD99F8B4FC4D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DED2E6B6-D56B-4CCB-89B1-CD99F8B4FC4D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DED2E6B6-D56B-4CCB-89B1-CD99F8B4FC4D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DED2E6B6-D56B-4CCB-89B1-CD99F8B4FC4D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DED2E6B6-D56B-4CCB-89B1-CD99F8B4FC4D}
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\GoforFiles
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\GoforFiles
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v30.0 (fr)

[ Fichier : C:\Documents and Settings\baptiste\Application Data\Mozilla\Firefox\Profiles\0dei0qn8.default\prefs.js ]


[ Fichier : C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\p2np8dx5.default\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ Fichier : C:\Documents and Settings\Antoine\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Supprimée [Extension] : pbmbgangfmfbhnngbdgkplhjnfoaeihd

[ Fichier : C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Supprimée [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2801939
Supprimée [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={C01B8801-0E63-4A88-8BF5-64CC8BB5506E}
Supprimée [Search Provider] : hxxp://www.dalesearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=883108EDB928D2F1&affID=124844&tsp=5011
Supprimée [Search Provider] : hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=nsb1&utm_campaign=eXQ&utm_content=ds&from=nsb1&uid=TOSHIBAXMK5059GSXP_4232P2WDTXX4232P2WDT&ts=1379702866&type=default&q={searchTerms}
Supprimée [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=883108EDB928D2F1&affID=119982&tt=160913_c2&tsp=5011
Supprimée [Search Provider] : hxxp://isearch.avg.com/search?cid={9ABDD081-6EFB-4290-A633-5D8D1291C4DA}&mid=a1e58ab229e4e9cc9a3c49e2eb9c7f47-c22db8beee23a12064ce919017574c469f5b16cb&lang=fr&ds=AVG&pr=fr&d=2012-02-18 11:25:52&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Supprimée [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=65476D05-EE51-4DB3-9A56-D9A315968B79&apn_ptnrs=U3&apn_sauid=9A057AEE-16A1-4EF9-BA3B-DF2FB731A0E4&apn_dtid=OSJ000YYFR&q={searchTerms}
Supprimée [Extension] : pbmbgangfmfbhnngbdgkplhjnfoaeihd

*************************

AdwCleaner[R0].txt - [4293 octets] - [21/07/2014 17:40:47]
AdwCleaner[S0].txt - [5544 octets] - [21/07/2014 17:42:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5604 octets] ##########
0
Réponse 4 / 7
Bluesmoothie Messages postés 414 Date d'inscription lundi 10 février 2014 Statut Membre Dernière intervention 3 août 2017 39
22 juil. 2014 à 11:55
Effectivement ZHPDiag te detecte ces trois virus/malwares

http://nicolascoolman.fr/33755964-pup-i-beta
https://nicolascoolman.eu
https://nicolascoolman.eu
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
pointeur46 Messages postés 12 Date d'inscription dimanche 1 janvier 2012 Statut Membre Dernière intervention 22 juillet 2014
22 juil. 2014 à 12:34
Ok,
Que dois je faire maintenant ?
0
Réponse 6 / 7
pointeur46 Messages postés 12 Date d'inscription dimanche 1 janvier 2012 Statut Membre Dernière intervention 22 juillet 2014
22 juil. 2014 à 13:38
Ok c'est fait voici le rapport :

Et maintenant ?

merci

# AdwCleaner v3.216 - Rapport créé le 22/07/2014 à 13:33:56
# Mis à jour le 17/07/2014 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : baptiste - OS46-HP4510-J4Z
# Exécuté depuis : C:\Documents and Settings\baptiste\Mes documents\Downloads\AdwCleaner-3.216.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v30.0 (fr)

[ Fichier : C:\Documents and Settings\baptiste\Application Data\Mozilla\Firefox\Profiles\0dei0qn8.default\prefs.js ]


[ Fichier : C:\Documents and Settings\Sylvain\Application Data\Mozilla\Firefox\Profiles\p2np8dx5.default\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ Fichier : C:\Documents and Settings\Antoine\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ Fichier : C:\Documents and Settings\baptiste\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Supprimée [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2801939
Supprimée [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=18&q={searchTerms}&barid={C01B8801-0E63-4A88-8BF5-64CC8BB5506E}
Supprimée [Search Provider] : hxxp://www.dalesearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=883108EDB928D2F1&affID=124844&tsp=5011
Supprimée [Search Provider] : hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=nsb1&utm_campaign=eXQ&utm_content=ds&from=nsb1&uid=TOSHIBAXMK5059GSXP_4232P2WDTXX4232P2WDT&ts=1379702866&type=default&q={searchTerms}
Supprimée [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=883108EDB928D2F1&affID=119982&tt=160913_c2&tsp=5011
Supprimée [Search Provider] : hxxp://isearch.avg.com/search?cid={9ABDD081-6EFB-4290-A633-5D8D1291C4DA}&mid=a1e58ab229e4e9cc9a3c49e2eb9c7f47-c22db8beee23a12064ce919017574c469f5b16cb&lang=fr&ds=AVG&pr=fr&d=2012-02-18 11:25:52&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Supprimée [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=65476D05-EE51-4DB3-9A56-D9A315968B79&apn_ptnrs=U3&apn_sauid=9A057AEE-16A1-4EF9-BA3B-DF2FB731A0E4&apn_dtid=OSJ000YYFR&q={searchTerms}

*************************

AdwCleaner[R0].txt - [4293 octets] - [21/07/2014 17:40:47]
AdwCleaner[R1].txt - [2684 octets] - [22/07/2014 13:31:06]
AdwCleaner[S0].txt - [5684 octets] - [21/07/2014 17:42:32]
AdwCleaner[S1].txt - [2619 octets] - [22/07/2014 13:33:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2679 octets] ##########
0
Réponse 7 / 7
dbbb Messages postés 7 Date d'inscription jeudi 17 novembre 2011 Statut Membre Dernière intervention 22 juillet 2014
22 juil. 2014 à 12:36
Lancer adwcleaner
D'urgence
Et re démarrer la machine.
-1

Discussions similaires

Où est la touche SHIFT sur mon clavier d'ordi ?
joe! -
fernando-_ytb -

18 réponses
j'ai renversé de l'eau sur mon pc portable
sardine -
moudubulbe -

14 réponses