Mon google browser plante
Fermé
kenkwam
Messages postés
2
Date d'inscription
vendredi 16 août 2013
Statut
Membre
Dernière intervention
17 août 2013
-
16 août 2013 à 17:57
kenkwam Messages postés 2 Date d'inscription vendredi 16 août 2013 Statut Membre Dernière intervention 17 août 2013 - 17 août 2013 à 03:26
kenkwam Messages postés 2 Date d'inscription vendredi 16 août 2013 Statut Membre Dernière intervention 17 août 2013 - 17 août 2013 à 03:26
bjr, j'apprécierais grandement que l'on m'aide pour trouver ce qui fait planter google browser et redémarrer mon ordi----j'ajoute ici le fichier ===Rapport de ZHPDiag pour donner les précisions -------
~ Rapport de ZHPDiag v2013.8.14.22 - Nicolas Coolman (2013-08-14)
~ Lancé par kendon (2013-08-16 09:32:08)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v28.0.1500.95 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Logiciels de protection du système
COMODO Firewall v6.2.23257.2860
---\\ Logiciels d'optimisation du système
CCleaner v4.00 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 2 Stepping 4, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1535 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 5 GB (27%) free of 19 GB
---\\ Mode de connexion au système
~ Computer Name: KENDON-O8KWOUYZ
~ User Name: kendon
~ All Users Names: SUPPORT_388945a0, kendon, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\kendon\Application Data\
~ %Desktop% : C:\Documents and Settings\kendon\Bureau\
~ %Favorites% : C:\Documents and Settings\kendon\Favoris\
~ %LocalAppData% : C:\Documents and Settings\kendon\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\kendon\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 19 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 38 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.2008-04-13 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.D0E5BB7F1F2B2A86CE809CC8EA9CB5B5] - (.Microsoft Corporation - Internet Extensions for Win32.) (.2012-08-28 - 10:05:00.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.2008-04-13 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2011-08-17 - 08:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.2008-04-13 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2008-04-13 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2008-04-13 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.2008-04-13 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.2008-04-13 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.2008-04-13 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.2008-04-13 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.2008-04-13 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.2008-04-13 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-07-15 - 08:29:32.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.2008-04-13 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.2008-04-13 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.2008-04-13 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2008-04-13 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.2008-04-13 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.2008-04-13 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2008-04-13 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/668
~ Mes Documents (My Documents) : 1/2394
~ Mon Bureau (My Desktop) : 0/3
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés au démarrage su système
[MD5.3B854A0EEAFBFDF2C6430A43C360B91E] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4801304] [PID.1104]
[MD5.1BADD123CB09581E22DAE86F66C4AEAC] - (.Immunet Corporation - Immunet Protect Agent.) -- C:\Program Files\Immunet Protect\2.0.17\agent.exe [756680] [PID.1104]
[MD5.948C21C77FAD271CC6F851FC46029DD4] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 93.81.) -- C:\WINDOWS\system32\nvsvc32.exe [159811] [PID.932]
[MD5.9D999266CA10549B7E0117C35CE91EDA] - (.Glarysoft Ltd - Glary Utilities 3.) -- C:\Program Files\Glary Utilities 3\Integrator.exe [470816] [PID.1456]
[MD5.27ED4A760504866CF95A619510018B09] - (.Immunet - Immunet Protect Tray Client.) -- C:\Program Files\Immunet Protect\2.0.17\iptray.exe [2615624] [PID.1832]
[MD5.43722D15C8A955A8130ACD3151178CE5] - (.Creative Technology Ltd. - DevLdr32.) -- C:\WINDOWS\system32\devldr32.exe [24064] [PID.1940]
[MD5.DF15765A1421FE1E91E2823A690C2E55] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1464536] [PID.1956]
[MD5.14A8DF31A994CAA14FC088F210FD4854] - (.GlarySoft Ltd - Memory Defrager.) -- C:\Program Files\Glary Utilities 3\memdefrag.exe [117536] [PID.588]
[MD5.C675BFC4516BD1BB90CD9B07D6096DA5] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cis.exe [9044696] [PID.3428]
[MD5.2C6DECF93001B29C2023FFD4988FF05C] - (.Nenad Hrg (SoftwareOK.com) - Q-Dir 5.64.) -- C:\Q-Dir\Q-Dir.exe [739840] [PID.3708]
[MD5.ECCA7F72A24C7CF43131946C076689D1] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [846288] [PID.3540]
[MD5.B74F4307C4D3C0312BE615A9AB1BCE19] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7820288] [PID.240]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.2224]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2512]
[MD5.E5B9A7A4AFFE085B2C559BB7BF90C976] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe [1839832] [PID.2944]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [PID.3608]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe [61440] [PID.0]
~ Processes Running: Scanned in 01mn 51s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\kendon\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [bldhdgmdcapejkiachfemldghohinccn] Weather Scanner v.1.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [fgfdppaelgdcfommlnfgoofdemjednjo] Yuki Nakano v.3 (Activé)
G2 - GCE: Preference [User Data\Default] [pjejbgheonogbpfkkjigbmahaljipoej] Weather Underground v.1.6 (Activé)
~ Google Browser: 21 Legitimates Filtered in 00mn 18s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} . (.LastPass - LastPass Toolbar.) -- C:\Program Files\LastPass\LPToolbar.dll
~ BHO: 4 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: LastPass Toolbar - [HKLM]{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} . (.LastPass - LastPass Toolbar.) -- C:\Program Files\LastPass\LPToolbar.dll
O3 - Toolbar: &RoboForm - [HKLM]{724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe
O4 - HKLM\..\Run: [Immunet Protect] . (.Immunet - Immunet Protect Tray Client.) -- C:\Program Files\Immunet Protect\2.0.17\iptray.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Glary Memory Optimizer] . (.GlarySoft Ltd - Memory Defrager.) -- C:\Program Files\Glary Utilities 3\memdefrag.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-725345543-616249376-839522115-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-725345543-616249376-839522115-1004\..\Run: [Glary Memory Optimizer] . (.GlarySoft Ltd - Memory Defrager.) -- C:\Program Files\Glary Utilities 3\memdefrag.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: MSN Explorer.lnk . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe
O4 - GS\Programs: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Programs: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - GS\Programs: Glary Utilities 3.lnk . (.Glarysoft Ltd - Glary Utilities 3.) -- C:\Program Files\Glary Utilities 3\Integrator.exe
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} . (.LastPass - LastPass Toolbar.) -- C:\Program Files\LastPass\LPToolbar.dll
O9 - Extra button: &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: DirectAnimation Java Classes - (DirectAnimation Java Classes) - (.not file.) - file:\\C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s
---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\System32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Immunet Protect (ImmunetProtect) . (.Immunet Corporation - Immunet Protect Agent.) - C:\Program Files\Immunet Protect\2.0.17\agent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 93.81.) - C:\WINDOWS\system32\nvsvc32.exe
~ Services: 4 Legitimates Filtered in 05mn 19s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\kendon\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\kendon\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Driver Booster Update.job [272]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Driver Booster Scan.job [272]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Clean System Memory.job [258]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job [440]
[MD5.501E64612A8013ABBB528DF83B8C97E6] [APT] [Clean System Memory] (.PcWinTech.com.) -- C:\WINDOWS\system32\CleanMem.exe [61440]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 32s
---\\ Logiciels installés (O42)
O42 - Logiciel: Generic - HCF PCI Modem - (...) [HKLM] -- CXT1033
O42 - Logiciel: Immunet Protect - (.Immunet Corporation.) [HKLM] -- Immunet Protect
O42 - Logiciel: Intel Application Accelerator - (...) [HKLM] -- {9984DF60-1C5B-11D3-ACA1-908A4FC10801}
O42 - Logiciel: Visualizer Photo Resize - (.Visualizer Image Group.) [HKLM] -- {838F0053-8744-4B63-8819-CC44C06308AC}
O42 - Logiciel: idoo Video Editor Pro 1.6.0 - (.idoo International LLC..) [HKLM] -- {3908B421-EF03-3489-A38C-DBAF6252E312}_is1
O42 - Logiciel: runtime - (.immunet.) [HKLM] -- {D88C3E7C-1DA6-4AD7-97FC-75BC8705B266}
~ Logic: 48 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
~ Key Software: 92 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2013-08-12 - 18:41:20 - [11,354] ----D C:\Program Files\Visualizer Photo Resize
O43 - CFD: 2013-08-15 - 12:14:04 - [19,961] ----D C:\Program Files\Immunet Protect
O43 - CFD: 2013-08-16 - 09:05:32 - [86,213] ----D C:\Program Files\idoo
O43 - CFD: 2013-08-16 - 05:22:00 - [0] ----D C:\Documents and Settings\kendon\Application Data\Immunet
O43 - CFD: 2013-08-16 - 09:07:06 - [0,000] ----D C:\Documents and Settings\kendon\Application Data\idoo
O43 - CFD: 2013-08-12 - 18:35:36 - [0,002] ----D C:\Documents and Settings\kendon\Menu Démarrer\Programmes\Free Registry Cleaner
~ Program Folder: 87 Legitimates Filtered in 00mn 04s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] - 2013-08-04 - 17:09:42 ---A- . (.Atribune.org - ATF Cleaner.exe.) -- C:\ATF-Cleaner.exe [50688]
O44 - LFC:[MD5.3EDDD09FA97D3542F92C9A5B1C28E7F2] - 2013-08-06 - 21:31:16 ---A- . (.Glarysoft Ltd - BootDefrag.exe.) -- C:\WINDOWS\system32\BootDefrag.exe [101664]
O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 2013-08-10 - 20:49:46 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP [3072]
O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 2013-08-10 - 20:49:46 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT [1896]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 2013-08-10 - 20:49:47 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls [66082]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS [66082]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls [66594]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls [66594]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS [66082]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls [66082]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls [66594]
O44 - LFC:[MD5.E6C4B22323B13F0ADAC3A118D2C03E61] - 2013-08-10 - 20:51:08 ---A- . (...) -- C:\WINDOWS\system32\Drivers\2gmgsmt.sf2 [2104298]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:53:34 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt [0]
O44 - LFC:[MD5.2CE7B1EEB99C14032C0E2201B004F80E] - 2013-08-10 - 20:54:50 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc [63488]
O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 2013-08-10 - 20:54:53 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h [768]
O44 - LFC:[MD5.FDA18F513403E67CAE9BF0D2DD948B28] - 2013-08-10 - 20:54:53 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini [3914]
O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Bulles de savon.bmp [65978]
O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Granit vert.bmp [26582]
O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Jour de pêche.bmp [17336]
O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Mur de Santa Fe.bmp [65832]
O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Plume.bmp [16730]
O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Rhododendron.bmp [17362]
O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Rivière Sumida.bmp [26680]
O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Rosace bleue 16.bmp [1272]
O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Tasse à café.bmp [17062]
O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Vent de prairie.bmp [65954]
O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Zapotec.bmp [9522]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce [24006]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce [8484]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\korean.uce [12876]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce [93702]
O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h [3286]
O44 - LFC:[MD5.F9A14C7B36E10052A1B0F071BC3C1C65] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini [27768]
O44 - LFC:[MD5.9F27B27C8405FEAF7DFC4DA3751DEF22] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd [1263]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 2013-08-10 - 20:55:42 ---A- . (...) -- C:\WINDOWS\vb.ini [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 2013-08-10 - 20:55:42 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37]
O44 - LFC:[MD5.A96D8F6949EB86B0BC4CEEF48EF7AF6E] - 2013-08-10 - 20:55:56 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [21892]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 2013-08-10 - 20:56:15 ---A- . (...) -- C:\WINDOWS\desktop.ini [2]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 2013-08-10 - 20:56:15 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini [2]
O44 - LFC:[MD5.CE45BE933AA8CF23B3469FE761C27A32] - 2013-08-10 - 20:56:15 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [49102]
O44 - LFC:[MD5.CE45BE933AA8CF23B3469FE761C27A32] - 2013-08-10 - 20:56:15 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [49102]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2013-08-10 - 20:56:48 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2013-08-10 - 20:56:48 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488]
O44 - LFC:[MD5.E4CF20EB892520497CF7F8BBAFC032BC] - 2013-08-10 - 20:57:40 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4207]
O44 - LFC:[MD5.94940A5C4D5219EE0F4F9D5355C6C1E8] - 2013-08-10 - 20:57:48 ---A- . (...) -- C:\WINDOWS\WMSysPrx.prx [299552]
O44 - LFC:[MD5.A3CCB3485B71C8F7AD06E4B82755DF50] - 2013-08-10 - 20:57:50 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.89293A243DEB6DC3CCFCE54C0F00D87D] - 2013-08-10 - 20:57:50 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 ---A- . (...) -- C:\AUTOEXEC.BAT [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 ---A- . (...) -- C:\CONFIG.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 ---A- . (...) -- C:\WINDOWS\control.ini [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 RSHA- . (...) -- C:\IO.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 RSHA- . (...) -- C:\MSDOS.SYS [0]
O44 - LFC:[MD5.C75E799924A5737A84920DD416E9D2E3] - 2013-08-10 - 21:00:42 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [321]
O44 - LFC:[MD5.97AFD184B6E2A1EF2BE2C523A22C461B] - 2013-08-10 - 21:01:34 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.F9F53D8752A1AD1991B897A44B10106D] - 2013-08-10 - 21:02:48 ---A- . (...) -- C:\WINDOWS\system32\wmpscheme.xml [25065]
O44 - LFC:[MD5.CBD2270DD42D8207D68D3500EE83F9BC] - 2013-08-10 - 21:49:46 ---A- . (...) -- C:\WINDOWS\.NET Framework 2.0Readme.rtf [130499]
O44 - LFC:[MD5.F109997BD5928F22D0EA96E6DEC16C81] - 2013-08-10 - 21:51:00 ---A- . (...) -- C:\WINDOWS\system32\nvdisp.nvu [17056]
O44 - LFC:[MD5.DC801056C6EB1FE72DFDAA96FBABAF13] - 2013-08-12 - 09:31:14 ---A- . (...) -- C:\WINDOWS\002019_.tmp [19528]
O44 - LFC:[MD5.B2DE3452DE03674C6CEC68B8C8CE7C78] - 2013-08-12 - 09:32:22 RSHA- . (...) -- C:\NTDETECT.COM [47564]
O44 - LFC:[MD5.C0C641371193A3460604D4A2A2A735B6] - 2013-08-12 - 09:35:00 ----- . (...) -- C:\WINDOWS\system32\mpeg2data.ax [118272]
O44 - LFC:[MD5.8E59F9BE251C8AE32A1CEB068B3F96B1] - 2013-08-12 - 09:35:03 ----- . (...) -- C:\WINDOWS\system32\Drivers\ativmc20.cod [64352]
O44 - LFC:[MD5.3194C32E8A2403073B812183355E25C6] - 2013-08-12 - 09:35:03 ----- . (...) -- C:\WINDOWS\system32\Drivers\cxthsfs2.cty [129045]
O44 - LFC:[MD5.905CB655E93D39C97E078A3C4C884F31] - 2013-08-12 - 09:35:03 ----- . (...) -- C:\WINDOWS\system32\Drivers\netwlan5.img [67866]
O44 - LFC:[MD5.DC801056C6EB1FE72DFDAA96FBABAF13] - 2013-08-12 - 11:10:48 ---A- . (...) -- C:\WINDOWS\000001_.tmp [19528]
O44 - LFC:[MD5.8737F6F4C8EC1E2A9EA5516F1B3AE1AD] - 2013-08-12 - 11:17:44 ---A- . (...) -- C:\WINDOWS\004802_.tmp [19569]
O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 2013-08-12 - 11:18:16 RSHA- . (...) -- C:\ntldr [252240]
O44 - LFC:[MD5.573C7D0A32852B48F3058CFD8026F511] - 2013-08-12 - 11:18:29 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O44 - LFC:[MD5.5C174F8108BAB900D3AB1DF1A29A58E5] - 2013-08-12 - 11:32:36 ---A- . (...) -- C:\WINDOWS\system32\spupdwxp.log [90]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 2013-08-12 - 11:33:06 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.10C05C6CF98942452DC5E4612F2B3015] - 2013-08-13 - 21:16:14 ---A- . (...) -- C:\WINDOWS\system32\CleanMem.ini [187]
O44 - LFC:[MD5.DECCDB8BC897F501BE90FC490F828F0E] - 2013-08-13 - 21:16:28 ---A- . (...) -- C:\WINDOWS\cmm.dat [22]
O44 - LFC:[MD5.B073E39AC258E2AF10D7105DA2125CBC] - 2013-08-15 - 10:30:30 ---A- . (.Pas de propriétaire - About Page.) -- C:\WINDOWS\system32\RtNicProp32.dll [73728]
O44 - LFC:[MD5.99B4CDBF416FFAEA3D58DC9976026566] - 2013-08-15 - 13:57:30 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [6098]
O44 - LFC:[MD5.8D60638406D1BBFDA41252DF8C2863EC] - 2013-08-15 - 13:57:53 ---A- . (...) -- C:\WINDOWS\system32\genHCF.cty [311023]
O44 - LFC:[MD5.BB47824F9B42B7EF93E4F7129782A48E] - 2013-08-15 - 14:08:54 ---A- . (.Pas de propriétaire - RtlCPAPI Module.) -- C:\WINDOWS\system32\RtlCPAPI.dll [147456]
O44 - LFC:[MD5.C99E22EFE74C8B3EFF93E227472FE247] - 2013-08-15 - 14:08:57 ---A- . (...) -- C:\WINDOWS\system32\alsndmgr.wav [141016]
O44 - LFC:[MD5.9964A0DF2A7661DD912F4879E5E83851] - 2013-08-15 - 14:09:24 ---A- . (...) -- C:\WINDOWS\system32\Drivers\SET90E.tmp [163840]
O44 - LFC:[MD5.304E4CBE5EA27FAABCEA8DC6F1E7CA09] - 2013-08-15 - 14:09:25 ---A- . (...) -- C:\WINDOWS\system32\SET913.tmp [129536]
O44 - LFC:[MD5.132E72F80488B1642172F881325A4DC7] - 2013-08-15 - 14:16:06 ---A- . (...) -- C:\WINDOWS\system32\wpa.bak [13744]
O44 - LFC:[MD5.FE3D01ED269372AE9490C71567EAA404] - 2013-08-15 - 14:25:20 ---A- . (...) -- C:\WINDOWS\MyDrivers.ini [187]
O44 - LFC:[MD5.43C3571EADA5BC1EDEAD7CA22AD66F30] - 2013-08-15 - 16:26:38 ---A- . (...) -- C:\WINDOWS\system32\ChCfg.exe [49152]
O44 - LFC:[MD5.A71AD0EB2FDC1710E465E13B8C2C39C9] - 2013-08-15 - 16:44:37 ---A- . (.COMPAL ELECTRONIC INC. - LPCFilter.) -- C:\WINDOWS\system32\Drivers\LPCFilter.sys [28464]
O44 - LFC:[MD5.0A116A4762D78FDE8C48E4901E94352B] - 2013-08-15 - 23:11:16 ---A- . (...) -- C:\DiskDefrag.log [75]
O44 - LFC:[MD5.FAF48DDDD8A3F61FBF1850A8E29EFEC6] - 2013-08-15 - 23:30:42 ---A- . (...) -- C:\WINDOWS\system32\Drivers\fvstore.dat [5220]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 2013-08-16 - 04:50:52 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.8089021F36A889F6D620D75391BFB601] - 2013-08-16 - 04:50:52 ---A- . (...) -- C:\WINDOWS\win.ini [487]
O44 - LFC:[MD5.02EEB5656B7CDDF8219D33A5D3A505EC] - 2013-08-16 - 05:18:18 ---A- . (...) -- C:\WINDOWS\system32\nvapps.xml [88224]
~ Files: 564 Legitimates Filtered in 00mn 26s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"aux1"="ctwdm32.dll" . (.Creative Technology Ltd. - Creative WDM Driver.) -- C:\WINDOWS\system32\ctwdm32.dll
O52 - TDSD: \drivers.desc\"ctwdm32.dll"="Creative inf(WDM)" . (.Creative Technology Ltd. - Creative WDM Driver.) -- C:\WINDOWS\system32\ctwdm32.dll
~ TDSD: 10 Legitimates Filtered in 00mn 01s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 2002-08-30 - 08:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 2002-08-30 - 08:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 1899-12-30 - Pas de propriétaire (BootDefragDriver) .(...) - LEGACY_BOOTDEFRAGDRIVER
O64 - Services: CurCS - 2013-06-18 - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (cmdvirth) .(.COMODO - COMODO Internet Security.) - LEGACY_CMDVIRTH
O64 - Services: CurCS - 2013-08-15 - C:\Program Files\Immunet Protect\2.0.17\agent.exe (ImmunetProtect) .(.Immunet Corporation - Immunet Protect Agent.) - LEGACY_IMMUNETPROTECT
O64 - Services: CurCS - 2013-08-15 - C:\WINDOWS\system32\DRIVERS\ImmunetProtect.sys (ImmunetProtectDriver) .(.Windows (R) Codename Longhorn DDK provider - Immunet Protect Driver.) - LEGACY_IMMUNETPROTECTDRIVER
O64 - Services: CurCS - 2013-08-15 - C:\WINDOWS\system32\DRIVERS\ImmunetSelfProtect.sys (ImmunetSelfProtectDriver) .(.Windows (R) Codename Longhorn DDK provider - Immunet Self Protect Driver.) - LEGACY_IMMUNETSELFPROTECTDRIVER
O64 - Services: CurCS - 2013-08-06 - C:\Program Files\Glary Utilities 3\ProcObsrv.sys (ProcObsrv) .(.Glarysoft Ltd - ProcObsrv Driver.) - LEGACY_PROCOBSRV
~ Legacy: 117 Legitimates Filtered in 00mn 02s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 01s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {CE3A0959-0E7F-4349-8A0F-C1C0D0A36691} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0550FFAE48E09DCF04B891BAFC47F8EE] [SPRF][2013-08-12] (...) -- C:\Documents and Settings\kendon\Local Settings\Application Data\fusioncache.dat [129]
~ Files: Scanned in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "3500F838447836B48891CC440C3680CA" . (.Visualizer Photo Resize.) -- C:\WINDOWS\Installer\{838F0053-8744-4B63-8819-CC44C06308AC}\ARPPRODUCTICON.exe
~ Update Products: 9 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.C39870B3E1A9A392BED504A9E739397D] [WIS][2013-08-12] (.Visualizer Image Group - Visualizer Photo Resize.) -- C:\Windows\Installer\24110b.msi [359424]
[MD5.6C8793FFF9112813F885EB2C78ABA373] [WIS][2013-08-15] (.immunet - .) -- C:\Windows\Installer\e33bd88.msi [129536]
[MD5.D681B82576AB5E5796A73BB0E4595256] [WIS][2013-08-15] (.Cybelsoft - Hardware Detection Ma-Config.com.) -- C:\Windows\Installer\e33bdb2.msi [675840]
~ WIS: 13 Legitimates Filtered in 00mn 01s
---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 2013-07-08 4801304 | (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SS - | Demand 2013-06-18 127192 | (cmdvirth) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
SS - | Demand 2008-04-13 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 2013-08-15 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 2013-08-15 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 2011-05-09 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 2013-08-15 756680 | (ImmunetProtect) . (.Immunet Corporation.) - C:\Program Files\Immunet Protect\2.0.17\agent.exe
SR - | Auto 2006-11-16 159811 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SS - | Demand 2009-02-04 68760 | (SandraAgentSrv) . (.SiSoftware.) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\RpcAgentSrv.exe
SS - | Demand 2008-04-13 14336 | C:\Program Files\Immunet Protect\tetra\scan.dll (scan) . (.Immunet.) - C:\WINDOWS\system32\svchost.exe
~ Services: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : v2.12855 - (2013-08-14)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKLM\Software\Classes\RoboForm.ToolBand.1] =>Toolbar.Agent
~ Additionnel Scan: 95896 Items scanned in 00mn 59s
---\\ Récapitulatif des détections trouvées sur votre station
~ MSI: 0 link(s) detected in 00mn 59s
~ 1158 Legitimates filtered by white list
End of the scan (568 lines in 10mn 00s)(0)
~ Rapport de ZHPDiag v2013.8.14.22 - Nicolas Coolman (2013-08-14)
~ Lancé par kendon (2013-08-16 09:32:08)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v28.0.1500.95 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Logiciels de protection du système
COMODO Firewall v6.2.23257.2860
---\\ Logiciels d'optimisation du système
CCleaner v4.00 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 2 Stepping 4, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1535 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 5 GB (27%) free of 19 GB
---\\ Mode de connexion au système
~ Computer Name: KENDON-O8KWOUYZ
~ User Name: kendon
~ All Users Names: SUPPORT_388945a0, kendon, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\kendon\Application Data\
~ %Desktop% : C:\Documents and Settings\kendon\Bureau\
~ %Favorites% : C:\Documents and Settings\kendon\Favoris\
~ %LocalAppData% : C:\Documents and Settings\kendon\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\kendon\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 19 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 38 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.2008-04-13 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.D0E5BB7F1F2B2A86CE809CC8EA9CB5B5] - (.Microsoft Corporation - Internet Extensions for Win32.) (.2012-08-28 - 10:05:00.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.2008-04-13 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2011-08-17 - 08:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.2008-04-13 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2008-04-13 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2008-04-13 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.2008-04-13 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.2008-04-13 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.2008-04-13 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.2008-04-13 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.2008-04-13 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.2008-04-13 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-07-15 - 08:29:32.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.2008-04-13 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.2008-04-13 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.2008-04-13 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2008-04-13 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.2008-04-13 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.2008-04-13 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2008-04-13 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/668
~ Mes Documents (My Documents) : 1/2394
~ Mon Bureau (My Desktop) : 0/3
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés au démarrage su système
[MD5.3B854A0EEAFBFDF2C6430A43C360B91E] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4801304] [PID.1104]
[MD5.1BADD123CB09581E22DAE86F66C4AEAC] - (.Immunet Corporation - Immunet Protect Agent.) -- C:\Program Files\Immunet Protect\2.0.17\agent.exe [756680] [PID.1104]
[MD5.948C21C77FAD271CC6F851FC46029DD4] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 93.81.) -- C:\WINDOWS\system32\nvsvc32.exe [159811] [PID.932]
[MD5.9D999266CA10549B7E0117C35CE91EDA] - (.Glarysoft Ltd - Glary Utilities 3.) -- C:\Program Files\Glary Utilities 3\Integrator.exe [470816] [PID.1456]
[MD5.27ED4A760504866CF95A619510018B09] - (.Immunet - Immunet Protect Tray Client.) -- C:\Program Files\Immunet Protect\2.0.17\iptray.exe [2615624] [PID.1832]
[MD5.43722D15C8A955A8130ACD3151178CE5] - (.Creative Technology Ltd. - DevLdr32.) -- C:\WINDOWS\system32\devldr32.exe [24064] [PID.1940]
[MD5.DF15765A1421FE1E91E2823A690C2E55] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1464536] [PID.1956]
[MD5.14A8DF31A994CAA14FC088F210FD4854] - (.GlarySoft Ltd - Memory Defrager.) -- C:\Program Files\Glary Utilities 3\memdefrag.exe [117536] [PID.588]
[MD5.C675BFC4516BD1BB90CD9B07D6096DA5] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cis.exe [9044696] [PID.3428]
[MD5.2C6DECF93001B29C2023FFD4988FF05C] - (.Nenad Hrg (SoftwareOK.com) - Q-Dir 5.64.) -- C:\Q-Dir\Q-Dir.exe [739840] [PID.3708]
[MD5.ECCA7F72A24C7CF43131946C076689D1] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [846288] [PID.3540]
[MD5.B74F4307C4D3C0312BE615A9AB1BCE19] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7820288] [PID.240]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.2224]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2512]
[MD5.E5B9A7A4AFFE085B2C559BB7BF90C976] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe [1839832] [PID.2944]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [PID.3608]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe [61440] [PID.0]
~ Processes Running: Scanned in 01mn 51s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\kendon\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [bldhdgmdcapejkiachfemldghohinccn] Weather Scanner v.1.0.0 (Activé)
G2 - GCE: Preference [User Data\Default] [fgfdppaelgdcfommlnfgoofdemjednjo] Yuki Nakano v.3 (Activé)
G2 - GCE: Preference [User Data\Default] [pjejbgheonogbpfkkjigbmahaljipoej] Weather Underground v.1.6 (Activé)
~ Google Browser: 21 Legitimates Filtered in 00mn 18s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} . (.LastPass - LastPass Toolbar.) -- C:\Program Files\LastPass\LPToolbar.dll
~ BHO: 4 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: LastPass Toolbar - [HKLM]{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} . (.LastPass - LastPass Toolbar.) -- C:\Program Files\LastPass\LPToolbar.dll
O3 - Toolbar: &RoboForm - [HKLM]{724d43a0-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe
O4 - HKLM\..\Run: [Immunet Protect] . (.Immunet - Immunet Protect Tray Client.) -- C:\Program Files\Immunet Protect\2.0.17\iptray.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Glary Memory Optimizer] . (.GlarySoft Ltd - Memory Defrager.) -- C:\Program Files\Glary Utilities 3\memdefrag.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-725345543-616249376-839522115-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-725345543-616249376-839522115-1004\..\Run: [Glary Memory Optimizer] . (.GlarySoft Ltd - Memory Defrager.) -- C:\Program Files\Glary Utilities 3\memdefrag.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: MSN Explorer.lnk . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe
O4 - GS\Programs: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Programs: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - GS\Programs: Glary Utilities 3.lnk . (.Glarysoft Ltd - Glary Utilities 3.) -- C:\Program Files\Glary Utilities 3\Integrator.exe
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} . (.LastPass - LastPass Toolbar.) -- C:\Program Files\LastPass\LPToolbar.dll
O9 - Extra button: &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} . (.Siber Systems - RoboForm Main Module.) -- C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: DirectAnimation Java Classes - (DirectAnimation Java Classes) - (.not file.) - file:\\C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{506A6E01-4AC1-4874-9294-AC1A5C345DE2}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s
---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\System32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Immunet Protect (ImmunetProtect) . (.Immunet Corporation - Immunet Protect Agent.) - C:\Program Files\Immunet Protect\2.0.17\agent.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 93.81.) - C:\WINDOWS\system32\nvsvc32.exe
~ Services: 4 Legitimates Filtered in 05mn 19s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\kendon\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\kendon\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Driver Booster Update.job [272]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Driver Booster Scan.job [272]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Clean System Memory.job [258]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job [440]
[MD5.501E64612A8013ABBB528DF83B8C97E6] [APT] [Clean System Memory] (.PcWinTech.com.) -- C:\WINDOWS\system32\CleanMem.exe [61440]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 32s
---\\ Logiciels installés (O42)
O42 - Logiciel: Generic - HCF PCI Modem - (...) [HKLM] -- CXT1033
O42 - Logiciel: Immunet Protect - (.Immunet Corporation.) [HKLM] -- Immunet Protect
O42 - Logiciel: Intel Application Accelerator - (...) [HKLM] -- {9984DF60-1C5B-11D3-ACA1-908A4FC10801}
O42 - Logiciel: Visualizer Photo Resize - (.Visualizer Image Group.) [HKLM] -- {838F0053-8744-4B63-8819-CC44C06308AC}
O42 - Logiciel: idoo Video Editor Pro 1.6.0 - (.idoo International LLC..) [HKLM] -- {3908B421-EF03-3489-A38C-DBAF6252E312}_is1
O42 - Logiciel: runtime - (.immunet.) [HKLM] -- {D88C3E7C-1DA6-4AD7-97FC-75BC8705B266}
~ Logic: 48 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
~ Key Software: 92 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2013-08-12 - 18:41:20 - [11,354] ----D C:\Program Files\Visualizer Photo Resize
O43 - CFD: 2013-08-15 - 12:14:04 - [19,961] ----D C:\Program Files\Immunet Protect
O43 - CFD: 2013-08-16 - 09:05:32 - [86,213] ----D C:\Program Files\idoo
O43 - CFD: 2013-08-16 - 05:22:00 - [0] ----D C:\Documents and Settings\kendon\Application Data\Immunet
O43 - CFD: 2013-08-16 - 09:07:06 - [0,000] ----D C:\Documents and Settings\kendon\Application Data\idoo
O43 - CFD: 2013-08-12 - 18:35:36 - [0,002] ----D C:\Documents and Settings\kendon\Menu Démarrer\Programmes\Free Registry Cleaner
~ Program Folder: 87 Legitimates Filtered in 00mn 04s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] - 2013-08-04 - 17:09:42 ---A- . (.Atribune.org - ATF Cleaner.exe.) -- C:\ATF-Cleaner.exe [50688]
O44 - LFC:[MD5.3EDDD09FA97D3542F92C9A5B1C28E7F2] - 2013-08-06 - 21:31:16 ---A- . (.Glarysoft Ltd - BootDefrag.exe.) -- C:\WINDOWS\system32\BootDefrag.exe [101664]
O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 2013-08-10 - 20:49:46 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP [3072]
O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 2013-08-10 - 20:49:46 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT [1896]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 2013-08-10 - 20:49:47 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls [66082]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS [66082]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls [66082]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls [66594]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls [66594]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 2013-08-10 - 20:49:48 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS [66082]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls [66082]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 2013-08-10 - 20:49:49 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls [66594]
O44 - LFC:[MD5.E6C4B22323B13F0ADAC3A118D2C03E61] - 2013-08-10 - 20:51:08 ---A- . (...) -- C:\WINDOWS\system32\Drivers\2gmgsmt.sf2 [2104298]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:53:34 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt [0]
O44 - LFC:[MD5.2CE7B1EEB99C14032C0E2201B004F80E] - 2013-08-10 - 20:54:50 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc [63488]
O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 2013-08-10 - 20:54:53 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h [768]
O44 - LFC:[MD5.FDA18F513403E67CAE9BF0D2DD948B28] - 2013-08-10 - 20:54:53 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini [3914]
O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Bulles de savon.bmp [65978]
O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Granit vert.bmp [26582]
O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Jour de pêche.bmp [17336]
O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Mur de Santa Fe.bmp [65832]
O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Plume.bmp [16730]
O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Rhododendron.bmp [17362]
O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Rivière Sumida.bmp [26680]
O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Rosace bleue 16.bmp [1272]
O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Tasse à café.bmp [17062]
O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Vent de prairie.bmp [65954]
O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\Zapotec.bmp [9522]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce [24006]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce [8484]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\korean.uce [12876]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce [93702]
O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h [3286]
O44 - LFC:[MD5.F9A14C7B36E10052A1B0F071BC3C1C65] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini [27768]
O44 - LFC:[MD5.9F27B27C8405FEAF7DFC4DA3751DEF22] - 2013-08-10 - 20:54:54 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd [1263]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 2013-08-10 - 20:55:42 ---A- . (...) -- C:\WINDOWS\vb.ini [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 2013-08-10 - 20:55:42 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37]
O44 - LFC:[MD5.A96D8F6949EB86B0BC4CEEF48EF7AF6E] - 2013-08-10 - 20:55:56 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [21892]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 2013-08-10 - 20:56:15 ---A- . (...) -- C:\WINDOWS\desktop.ini [2]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 2013-08-10 - 20:56:15 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini [2]
O44 - LFC:[MD5.CE45BE933AA8CF23B3469FE761C27A32] - 2013-08-10 - 20:56:15 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [49102]
O44 - LFC:[MD5.CE45BE933AA8CF23B3469FE761C27A32] - 2013-08-10 - 20:56:15 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [49102]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2013-08-10 - 20:56:40 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2013-08-10 - 20:56:48 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2013-08-10 - 20:56:48 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488]
O44 - LFC:[MD5.E4CF20EB892520497CF7F8BBAFC032BC] - 2013-08-10 - 20:57:40 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4207]
O44 - LFC:[MD5.94940A5C4D5219EE0F4F9D5355C6C1E8] - 2013-08-10 - 20:57:48 ---A- . (...) -- C:\WINDOWS\WMSysPrx.prx [299552]
O44 - LFC:[MD5.A3CCB3485B71C8F7AD06E4B82755DF50] - 2013-08-10 - 20:57:50 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.89293A243DEB6DC3CCFCE54C0F00D87D] - 2013-08-10 - 20:57:50 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 ---A- . (...) -- C:\AUTOEXEC.BAT [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 ---A- . (...) -- C:\CONFIG.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 ---A- . (...) -- C:\WINDOWS\control.ini [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 RSHA- . (...) -- C:\IO.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2013-08-10 - 20:57:52 RSHA- . (...) -- C:\MSDOS.SYS [0]
O44 - LFC:[MD5.C75E799924A5737A84920DD416E9D2E3] - 2013-08-10 - 21:00:42 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [321]
O44 - LFC:[MD5.97AFD184B6E2A1EF2BE2C523A22C461B] - 2013-08-10 - 21:01:34 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.F9F53D8752A1AD1991B897A44B10106D] - 2013-08-10 - 21:02:48 ---A- . (...) -- C:\WINDOWS\system32\wmpscheme.xml [25065]
O44 - LFC:[MD5.CBD2270DD42D8207D68D3500EE83F9BC] - 2013-08-10 - 21:49:46 ---A- . (...) -- C:\WINDOWS\.NET Framework 2.0Readme.rtf [130499]
O44 - LFC:[MD5.F109997BD5928F22D0EA96E6DEC16C81] - 2013-08-10 - 21:51:00 ---A- . (...) -- C:\WINDOWS\system32\nvdisp.nvu [17056]
O44 - LFC:[MD5.DC801056C6EB1FE72DFDAA96FBABAF13] - 2013-08-12 - 09:31:14 ---A- . (...) -- C:\WINDOWS\002019_.tmp [19528]
O44 - LFC:[MD5.B2DE3452DE03674C6CEC68B8C8CE7C78] - 2013-08-12 - 09:32:22 RSHA- . (...) -- C:\NTDETECT.COM [47564]
O44 - LFC:[MD5.C0C641371193A3460604D4A2A2A735B6] - 2013-08-12 - 09:35:00 ----- . (...) -- C:\WINDOWS\system32\mpeg2data.ax [118272]
O44 - LFC:[MD5.8E59F9BE251C8AE32A1CEB068B3F96B1] - 2013-08-12 - 09:35:03 ----- . (...) -- C:\WINDOWS\system32\Drivers\ativmc20.cod [64352]
O44 - LFC:[MD5.3194C32E8A2403073B812183355E25C6] - 2013-08-12 - 09:35:03 ----- . (...) -- C:\WINDOWS\system32\Drivers\cxthsfs2.cty [129045]
O44 - LFC:[MD5.905CB655E93D39C97E078A3C4C884F31] - 2013-08-12 - 09:35:03 ----- . (...) -- C:\WINDOWS\system32\Drivers\netwlan5.img [67866]
O44 - LFC:[MD5.DC801056C6EB1FE72DFDAA96FBABAF13] - 2013-08-12 - 11:10:48 ---A- . (...) -- C:\WINDOWS\000001_.tmp [19528]
O44 - LFC:[MD5.8737F6F4C8EC1E2A9EA5516F1B3AE1AD] - 2013-08-12 - 11:17:44 ---A- . (...) -- C:\WINDOWS\004802_.tmp [19569]
O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 2013-08-12 - 11:18:16 RSHA- . (...) -- C:\ntldr [252240]
O44 - LFC:[MD5.573C7D0A32852B48F3058CFD8026F511] - 2013-08-12 - 11:18:29 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O44 - LFC:[MD5.5C174F8108BAB900D3AB1DF1A29A58E5] - 2013-08-12 - 11:32:36 ---A- . (...) -- C:\WINDOWS\system32\spupdwxp.log [90]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 2013-08-12 - 11:33:06 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.10C05C6CF98942452DC5E4612F2B3015] - 2013-08-13 - 21:16:14 ---A- . (...) -- C:\WINDOWS\system32\CleanMem.ini [187]
O44 - LFC:[MD5.DECCDB8BC897F501BE90FC490F828F0E] - 2013-08-13 - 21:16:28 ---A- . (...) -- C:\WINDOWS\cmm.dat [22]
O44 - LFC:[MD5.B073E39AC258E2AF10D7105DA2125CBC] - 2013-08-15 - 10:30:30 ---A- . (.Pas de propriétaire - About Page.) -- C:\WINDOWS\system32\RtNicProp32.dll [73728]
O44 - LFC:[MD5.99B4CDBF416FFAEA3D58DC9976026566] - 2013-08-15 - 13:57:30 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [6098]
O44 - LFC:[MD5.8D60638406D1BBFDA41252DF8C2863EC] - 2013-08-15 - 13:57:53 ---A- . (...) -- C:\WINDOWS\system32\genHCF.cty [311023]
O44 - LFC:[MD5.BB47824F9B42B7EF93E4F7129782A48E] - 2013-08-15 - 14:08:54 ---A- . (.Pas de propriétaire - RtlCPAPI Module.) -- C:\WINDOWS\system32\RtlCPAPI.dll [147456]
O44 - LFC:[MD5.C99E22EFE74C8B3EFF93E227472FE247] - 2013-08-15 - 14:08:57 ---A- . (...) -- C:\WINDOWS\system32\alsndmgr.wav [141016]
O44 - LFC:[MD5.9964A0DF2A7661DD912F4879E5E83851] - 2013-08-15 - 14:09:24 ---A- . (...) -- C:\WINDOWS\system32\Drivers\SET90E.tmp [163840]
O44 - LFC:[MD5.304E4CBE5EA27FAABCEA8DC6F1E7CA09] - 2013-08-15 - 14:09:25 ---A- . (...) -- C:\WINDOWS\system32\SET913.tmp [129536]
O44 - LFC:[MD5.132E72F80488B1642172F881325A4DC7] - 2013-08-15 - 14:16:06 ---A- . (...) -- C:\WINDOWS\system32\wpa.bak [13744]
O44 - LFC:[MD5.FE3D01ED269372AE9490C71567EAA404] - 2013-08-15 - 14:25:20 ---A- . (...) -- C:\WINDOWS\MyDrivers.ini [187]
O44 - LFC:[MD5.43C3571EADA5BC1EDEAD7CA22AD66F30] - 2013-08-15 - 16:26:38 ---A- . (...) -- C:\WINDOWS\system32\ChCfg.exe [49152]
O44 - LFC:[MD5.A71AD0EB2FDC1710E465E13B8C2C39C9] - 2013-08-15 - 16:44:37 ---A- . (.COMPAL ELECTRONIC INC. - LPCFilter.) -- C:\WINDOWS\system32\Drivers\LPCFilter.sys [28464]
O44 - LFC:[MD5.0A116A4762D78FDE8C48E4901E94352B] - 2013-08-15 - 23:11:16 ---A- . (...) -- C:\DiskDefrag.log [75]
O44 - LFC:[MD5.FAF48DDDD8A3F61FBF1850A8E29EFEC6] - 2013-08-15 - 23:30:42 ---A- . (...) -- C:\WINDOWS\system32\Drivers\fvstore.dat [5220]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 2013-08-16 - 04:50:52 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.8089021F36A889F6D620D75391BFB601] - 2013-08-16 - 04:50:52 ---A- . (...) -- C:\WINDOWS\win.ini [487]
O44 - LFC:[MD5.02EEB5656B7CDDF8219D33A5D3A505EC] - 2013-08-16 - 05:18:18 ---A- . (...) -- C:\WINDOWS\system32\nvapps.xml [88224]
~ Files: 564 Legitimates Filtered in 00mn 26s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"aux1"="ctwdm32.dll" . (.Creative Technology Ltd. - Creative WDM Driver.) -- C:\WINDOWS\system32\ctwdm32.dll
O52 - TDSD: \drivers.desc\"ctwdm32.dll"="Creative inf(WDM)" . (.Creative Technology Ltd. - Creative WDM Driver.) -- C:\WINDOWS\system32\ctwdm32.dll
~ TDSD: 10 Legitimates Filtered in 00mn 01s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 2002-08-30 - 08:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 2002-08-30 - 08:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 1899-12-30 - Pas de propriétaire (BootDefragDriver) .(...) - LEGACY_BOOTDEFRAGDRIVER
O64 - Services: CurCS - 2013-06-18 - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (cmdvirth) .(.COMODO - COMODO Internet Security.) - LEGACY_CMDVIRTH
O64 - Services: CurCS - 2013-08-15 - C:\Program Files\Immunet Protect\2.0.17\agent.exe (ImmunetProtect) .(.Immunet Corporation - Immunet Protect Agent.) - LEGACY_IMMUNETPROTECT
O64 - Services: CurCS - 2013-08-15 - C:\WINDOWS\system32\DRIVERS\ImmunetProtect.sys (ImmunetProtectDriver) .(.Windows (R) Codename Longhorn DDK provider - Immunet Protect Driver.) - LEGACY_IMMUNETPROTECTDRIVER
O64 - Services: CurCS - 2013-08-15 - C:\WINDOWS\system32\DRIVERS\ImmunetSelfProtect.sys (ImmunetSelfProtectDriver) .(.Windows (R) Codename Longhorn DDK provider - Immunet Self Protect Driver.) - LEGACY_IMMUNETSELFPROTECTDRIVER
O64 - Services: CurCS - 2013-08-06 - C:\Program Files\Glary Utilities 3\ProcObsrv.sys (ProcObsrv) .(.Glarysoft Ltd - ProcObsrv Driver.) - LEGACY_PROCOBSRV
~ Legacy: 117 Legitimates Filtered in 00mn 02s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 01s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <MSN Explorer> <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {CE3A0959-0E7F-4349-8A0F-C1C0D0A36691} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.0550FFAE48E09DCF04B891BAFC47F8EE] [SPRF][2013-08-12] (...) -- C:\Documents and Settings\kendon\Local Settings\Application Data\fusioncache.dat [129]
~ Files: Scanned in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "3500F838447836B48891CC440C3680CA" . (.Visualizer Photo Resize.) -- C:\WINDOWS\Installer\{838F0053-8744-4B63-8819-CC44C06308AC}\ARPPRODUCTICON.exe
~ Update Products: 9 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.C39870B3E1A9A392BED504A9E739397D] [WIS][2013-08-12] (.Visualizer Image Group - Visualizer Photo Resize.) -- C:\Windows\Installer\24110b.msi [359424]
[MD5.6C8793FFF9112813F885EB2C78ABA373] [WIS][2013-08-15] (.immunet - .) -- C:\Windows\Installer\e33bd88.msi [129536]
[MD5.D681B82576AB5E5796A73BB0E4595256] [WIS][2013-08-15] (.Cybelsoft - Hardware Detection Ma-Config.com.) -- C:\Windows\Installer\e33bdb2.msi [675840]
~ WIS: 13 Legitimates Filtered in 00mn 01s
---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 2013-07-08 4801304 | (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SS - | Demand 2013-06-18 127192 | (cmdvirth) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
SS - | Demand 2008-04-13 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 2013-08-15 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 2013-08-15 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 2011-05-09 136120 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 2013-08-15 756680 | (ImmunetProtect) . (.Immunet Corporation.) - C:\Program Files\Immunet Protect\2.0.17\agent.exe
SR - | Auto 2006-11-16 159811 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SS - | Demand 2009-02-04 68760 | (SandraAgentSrv) . (.SiSoftware.) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\RpcAgentSrv.exe
SS - | Demand 2008-04-13 14336 | C:\Program Files\Immunet Protect\tetra\scan.dll (scan) . (.Immunet.) - C:\WINDOWS\system32\svchost.exe
~ Services: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : v2.12855 - (2013-08-14)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKLM\Software\Classes\RoboForm.ToolBand.1] =>Toolbar.Agent
~ Additionnel Scan: 95896 Items scanned in 00mn 59s
---\\ Récapitulatif des détections trouvées sur votre station
~ MSI: 0 link(s) detected in 00mn 59s
~ 1158 Legitimates filtered by white list
End of the scan (568 lines in 10mn 00s)(0)
A voir également:
- Mon google browser plante
- Dns google - Guide
- Google maps satellite - Guide
- Google earth - Télécharger - 3D
- Créer un compte google - Guide
- Google meet pour pc - Télécharger - Messagerie
2 réponses
oakconsult
Messages postés
8
Date d'inscription
vendredi 16 août 2013
Statut
Membre
Dernière intervention
28 août 2013
4
16 août 2013 à 18:18
16 août 2013 à 18:18
La première étape serait de réinitialiser chrome.
Voici un exemple de procédure
https://www.security-helpzone.com/2013/06/15/reinitialiser-google-chrome/?google_seo_thread=Google-Chrome-Comment-reinitialiser-le-navigateur
Si tu n'as pas de compte gmail, la réinitialisation fera disparaître les favoris, je te conseil donc de les sauvegarder avant.
Voici un exemple de procédure
https://www.security-helpzone.com/2013/06/15/reinitialiser-google-chrome/?google_seo_thread=Google-Chrome-Comment-reinitialiser-le-navigateur
Si tu n'as pas de compte gmail, la réinitialisation fera disparaître les favoris, je te conseil donc de les sauvegarder avant.
kenkwam
Messages postés
2
Date d'inscription
vendredi 16 août 2013
Statut
Membre
Dernière intervention
17 août 2013
17 août 2013 à 03:26
17 août 2013 à 03:26
mci bien a toi,je m'occupe de ca demain, il est tard ce soir, te donne le suivi ensuite, apres quelques heures d'usage pour voir si le probleme est corrigé................. mci
