cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.27.104 Par Nicolas Coolman (2015/07/27)
~ Démarré par reali (Administrator) (2015/07/27 18:36:05)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Documents and Settings\reali\Bureau\ZHPDiag.txt
~ Rapport: C:\Documents and Settings\reali\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
~ Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Navigateurs Internet (3) - 0s
MFIE: Mozilla Firefox 39.0 (x86 fr) v39.0
OPIE: Opera 30.0.1835.125 v30.0.1835.125
MSIE: Internet Explorer v8.0.6001.18702

---\\ Logiciels de protection (1) - 2s
Malwarebytes Anti-Malware version 2.1.8.1057

---\\ Surveillance de Logiciels (1) - 2s
Adobe Flash Player 18 NPAPI

---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 6 Model 15 Stepping 2, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 1018.088 MB (23% free)
~ System Restore: Activé (Enable)
~ System drive C: has 32 GB free of 65 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: -
~ User Name: reali
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 32 GB free of 65 GB (System)
~ Drive D: has 3 GB free of 10 GB

---\\ Etat du Centre de Sécurité Windows (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Recherche particulière de fichiers génériques (22) - 6s
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) () -- C:\WINDOWS\System32\rundll32.exe [33792]
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) () -- C:\WINDOWS\System32\drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) () -- C:\WINDOWS\System32\drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [53376]

---\\ Processus lancés (19) - 8s
[MD5.388C628031C1460AB050247324F73E69] - (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- c:\Program Files\AVG\AVG2015\avgrsx.exe [901032] [PID.1028]
[MD5.C8877109118C256E6B9CCF2E7B070FFD] - (.AVG Technologies CZ, s.r.o. - AVG Scanning Core Module - Server Part.) -- C:\Program Files\AVG\AVG2015\avgcsrvx.exe [743848] [PID.1060]
[MD5.FC4A9F237444993FC2E732C3E20C2787] - (.Copyright (C) 2015 - WtuSyste Application.) -- C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1195920] [PID.1564] =>Toolbar.AVGSafeGuard
[MD5.2870CE9BFD6BA66FB0FFC6D11C9E41A7] - (.Arcai.com - Arp Intelligent Protection Service.) -- C:\Program Files\netcut\services\aips.exe [262144] [PID.1864]
[MD5.BAA40C8AC63AB0497842BDAA9B43C0B6] - (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) -- C:\Program Files\AVG\AVG2015\avgfws.exe [1528432] [PID.784]
[MD5.E7FAE655001C18A7ECBD58B3BA971BF9] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files\AVG\AVG2015\avgidsagent.exe [3518376] [PID.800]
[MD5.FE9742B20DD5FCF12D245D08BF5AAF98] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe [314304] [PID.916]
[MD5.CEDA82048C4958171674D0E9373B1A68] - (.Intel - Local Manageability Service.) -- C:\Program Files\Intel\AMT\LMS.exe [102400] [PID.1764]
[MD5.F57ED8FE5D9990CCFC699063C8CCE46F] - (.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files\AVG\AVG2015\avgnsx.exe [1197480] [PID.2120]
[MD5.0D898F6BFBAF5788D5525BCD22DB7CE5] - (.AVG Technologies CZ, s.r.o. - AVG E-mail Scanner.) -- C:\Program Files\AVG\AVG2015\avgemcx.exe [682408] [PID.2128]
[MD5.641572746179865BA2AFD8FE2987541A] - (.Intel - User Notification Service.) -- C:\Program Files\Intel\AMT\UNS.exe [2519040] [PID.2548]
[MD5.38E739B52CBAEFE78CC31DAACA541DBF] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe [1874320] [PID.2636] =>Toolbar.AVGSearch
[MD5.0ACCB81916A1C1A1925A7FAFFE77275D] - (.Copyright (C) 2013 - loggings Application.) -- C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe [168336] [PID.2676] =>Toolbar.AVGSearch
[MD5.054E022EFFB77DB202A85E5B29A56508] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2015\avgui.exe [3730344] [PID.3516]
[MD5.C912F917394CD1ECBC82309E2572C480] - (...) -- C:\Program Files\Modem Samsung SCH-U209\sysctrlU.exe [311296] [PID.3532]
[MD5.869D2F046AA1CB4230C4FEA3F3FE61CB] - (...) -- C:\Program Files\Modem Samsung SCH-U209\SamsungPnPServiceManager.exe [176128] [PID.3572]
[MD5.3FC34B8291AFA03C1F82A8F974018FE0] - (.TODO: (c) . All rights reserved. - Samsung USB Modem Manager.) -- C:\Program Files\Modem Samsung SCH-U209\ModemLauncher.exe [339968] [PID.2004]
[MD5.CB8BD8B031E5B1EE936EC66C73D47C14] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3907152] [PID.2492]
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.2728]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (20) - 10s
M0 - MFSP: prefs.js [reali - ka644f0l.default] https://mysearch.avg.com?pid=wtu&sg=&cid=%7B803b5133-6322-4327-9982-16578e09fa3c%7D&mid=572c4317cf1847cd969015bc8339ad5a-a7e804e33377cd07ee8184056fd5170fe051f2de&cmpid=0715avi&ds=AVG&v=4.1.5.143&lang=en&pr=fr&d=2015-07-23%2017%3A33%3A37&sap=hp&form=QBLH&pc=AVG2
P2 - EXT FILE: (...) -- C:\Documents and Settings\reali\Application Data\Mozilla\Firefox\Profiles\ka644f0l.default\searchplugins\avg-secure-search.xml
P2 - EXT FILE: (...) -- C:\Documents and Settings\reali\Application Data\Mozilla\Firefox\Profiles\ka644f0l.default\searchplugins\yahoo-1.xml
P2 - EXT FILE: (...) -- C:\Documents and Settings\reali\Application Data\Mozilla\Firefox\Profiles\ka644f0l.default\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (.AVG Technologies - AVG Web TuneUp.) -- C:\Documents and Settings\reali\Application Data\Mozilla\Firefox\Profiles\ka644f0l.default\extensions\avg@toolbar
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (...) -- C:\Program Files\Fichiers communs\AVG Secure Search\SiteSafetyInstaller\18.8.0\\npsitesafety.dll =>Toolbar.AVGSearch
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.45.2] - (.Oracle Corporation.) -- C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.45.2] - (.Oracle Corporation.) -- C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (11) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = www.google.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)

---\\ Browser Helper Object de navigateur (BHO) (O2) (4) - 2s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG - AVG Web TuneUp.dll.) -- C:\Program Files\AVG Web TuneUp\4.1.5.143\AVG Web TuneUp.dll =>Toolbar.AVGSafeGuard
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll

---\\ Internet Explorer Toolbars (O3) (1) - 0s
O3 - Toolbar: 0x00 - [HKLM]{C8A7CDED-43BD-4D23-84C8-65060ED89B34} . (...) -- (.not file.)

---\\ Applications lancées au démarrage du sytème (O4) (13) - 1s
O4 - HKLM\..\Run: [MSConfig] . (.Microsoft Corporation - Utilitaire de configuration système.) -- C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
O4 - HKLM\..\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2015\avgui.exe
O4 - HKLM\..\RunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue
O4 - HKCU\..\Run: [Z810SysStart] . (...) -- C:\Program Files\Modem Samsung SCH-U209\sysctrlU.exe
O4 - HKCU\..\Run: [Z810PNP] . (...) -- C:\Program Files\Modem Samsung SCH-U209\SamsungPnPServiceManager.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-746137067-179605362-725345543-1003\..\Run: [Z810SysStart] . (...) -- C:\Program Files\Modem Samsung SCH-U209\sysctrlU.exe
O4 - HKUS\S-1-5-21-746137067-179605362-725345543-1003\..\Run: [Z810PNP] . (...) -- C:\Program Files\Modem Samsung SCH-U209\SamsungPnPServiceManager.exe
O4 - HKUS\S-1-5-21-746137067-179605362-725345543-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe

---\\ Modification Domaine/Adresses DNS (O17) (5) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 192.168.50.58 192.168.60.55
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.217.0.12 212.217.1.12
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 192.168.50.58 192.168.60.55
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 212.217.0.12 212.217.1.12
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: DhcpNameServer = 212.217.0.12 212.217.1.12

---\\ Liste des services NT non Microsoft et non désactivés (O23) (19) - 1s
O23 - Service: Arp Intelligent Protection Service (AIPS) . (.Arcai.com - Arp Intelligent Protection Service.) - C:\Program Files\netcut\services\aips.exe
O23 - Service: AntiNetCut3 (AntiNetCut3) . (...) - C:\Program Files\Tools4Free\Anti NetCut 3\AntiNetCut3.exe (.not file.)
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) . (.Intel Corporation - Displays state of Intel® Active Management.) - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: AVG Firewall (avgfws) . (.AVG Technologies CZ, s.r.o. - AVG Firewall Service.) - C:\Program Files\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) . (.Intel Corporation - Intel® PROSet Monitoring Service.) - C:\WINDOWS\system32\IProsetMonitor.exe
O23 - Service: Intel(R) Active Management Technology Local Management Serv (LMS) . (.Intel - Local Manageability Service.) - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Fichiers communs\logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Active Management Technology User Notification Ser (UNS) . (.Intel - User Notification Service.) - C:\Program Files\Intel\AMT\UNS.exe
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files\Fichiers communs\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\WINDOWS\system32\vmnat.exe
O23 - Service: (vToolbarUpdater18.8.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
O23 - Service: WtuSystemSupport (WtuSystemSupport) . (.Copyright (C) 2015 - WtuSyste Application.) - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe =>Toolbar.AVGSafeGuard

---\\ Enumère les données de BootExecute (BEX) (O34) (2) - 0s
O34 - HKLM BootExecute: (sh4native Sh4Removal) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart) (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- C:\Program Files\AVG\AVG2015\avgrsx.exe

---\\ Tâches planifiées en automatique (O39) (7) - 2s
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [222]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [216]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Opera N Saturday.job [226]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Opera N Sunday.job [226]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1437150409.job [396]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\WGASetup.job [260]

---\\ Logiciels installés (O42) (41) - 9s
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM] -- AVG
O42 - Logiciel: AVG Web TuneUp - (.AVG Technologies.) [HKLM] -- AVG Web TuneUp =>Toolbar.AVGSafeGuard
O42 - Logiciel: Command and Conquer - Generals - (.R.G. Mechanics, Panky.) [HKLM] -- Command and Conquer - Generals_R.G. Mechanics_is1
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel(R) Management Engine Interface - (.Intel Corporation.) [HKLM] -- HECI
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Modem Samsung SCH-U209 - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{B3FC8A36-14FB-43C9-BAAF-246A34003DEA}
O42 - Logiciel: InstaTrader - (.MetaQuotes Software Corp..) [HKLM] -- InstaTrader
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager
O42 - Logiciel: Internet Mobile - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Internet Mobile
O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Technologie d’administration active Intel® - (.Intel Corporation.) [HKLM] -- MESOL
O42 - Logiciel: Mozilla Firefox 39.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 39.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Opera Stable 30.0.1835.125 - (.Opera Software.) [HKLM] -- Opera 30.0.1835.125
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: Technitium MAC Address Changer v6.0 - (.Technitium.) [HKLM] -- TMACv6.0
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: VMware Player - (.VMware, Inc.) [HKLM] -- VMware_Player
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
O42 - Logiciel: Skype™ 7.7 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0}
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM] -- {2E63F1A2-7232-45D4-B798-B92E5526C877}
O42 - Logiciel: Logitech Vid - (.Logitech Inc..) [HKLM] -- {4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}
O42 - Logiciel: AVG 2015 - (.AVG Technologies.) [HKLM] -- {514D1AB9-90BE-4159-AB90-5CAFB21B8D52}
O42 - Logiciel: DriverUpdate - (.SlimWare Utilities, Inc..) [HKLM] -- {5BD0BA57-A852-4FE8-89ED-BEFB4C5B3C86}
O42 - Logiciel: MagicCamera 8.8.4 - (.ShiningMorning Inc..) [HKLM] -- {70376A8D-C6E7-4A61-9E30-42AD268CD45D}_is1
O42 - Logiciel: VC_CRT_x86 - (.Intel Corporation.) [HKLM] -- {8054D734-39C7-463D-B764-9C883982B8F9}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: Modem Samsung SCH-U209 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {B3FC8A36-14FB-43C9-BAAF-246A34003DEA}
O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {C27BC2A2-30DD-4014-B22E-63EB0DB572F9}
O42 - Logiciel: Intel(R) Network Connections 18.0.1.0 - (.Intel.) [HKLM] -- {C791C00B-639F-4D7C-9196-8A02CBCFC1FA}
O42 - Logiciel: VMware Player - (.VMware, Inc..) [HKLM] -- {E452E727-86B8-4233-8CC3-41FD817AFAFF}
O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C}
O42 - Logiciel: GameRanger - (.GameRanger Technologies.) [HKCU] -- GameRanger
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent

---\\ HKCU & HKLM Software Keys (107) - 9s
HKLM\SOFTWARE\AIM Toolbar
HKLM\SOFTWARE\Analog Devices
HKLM\SOFTWARE\Andrea Electronics
HKLM\SOFTWARE\Arcai
HKLM\SOFTWARE\Atheros
HKLM\SOFTWARE\Avg
HKLM\SOFTWARE\AVG Tuneup
HKLM\SOFTWARE\AVG Web TuneUp =>Toolbar.AVGSafeGuard
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\CyberGhost
HKLM\SOFTWARE\Dell
HKLM\SOFTWARE\Electronic Arts
HKLM\SOFTWARE\EnigmaSoftwareGroup
HKLM\SOFTWARE\Foxit Software
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\Infineon
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\LogiShrd
HKLM\SOFTWARE\Logitech
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\MCCI
HKLM\SOFTWARE\MetaQuotes Software
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\PowerISO
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\Propellerhead Software
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Samsung USB Modem Manager
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\SlimWare Utilities Inc
HKLM\SOFTWARE\SlimWare Utilities, Inc.
HKLM\SOFTWARE\SpeedBit
HKLM\SOFTWARE\Staccato
HKLM\SOFTWARE\TENCENT =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\The Silicon Realms Toolworks
HKLM\SOFTWARE\ThinPrint
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\VMware, Inc.
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\wtu
HKLM\SOFTWARE\ZSMC
HKCU\SOFTWARE\Analog Devices
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\AOL
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\Arcai.com
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\Avg
HKCU\SOFTWARE\Avg Secure Update
HKCU\SOFTWARE\AVG Web TuneUp =>Toolbar.AVGSafeGuard
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Clubic
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\GameRanger
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Kromtech
HKCU\SOFTWARE\Leadertech
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\LogiShrd
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MetaQuotes Software
HKCU\SOFTWARE\Mikrotik
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Nero
HKCU\SOFTWARE\NeroDigital
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Paltalk
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore
HKCU\SOFTWARE\ProxyShell
HKCU\SOFTWARE\pth264
HKCU\SOFTWARE\Samsung USB Modem Manager
HKCU\SOFTWARE\ShiningMorning
HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SlimWare Utilities Inc
HKCU\SOFTWARE\ThinPrint
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VideoLAN
HKCU\SOFTWARE\VMware, Inc.
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) (177) - 11s
O43 - CFD: 2014/11/09 20:02:45 - [] D -- C:\Program Files\Analog Devices
O43 - CFD: 2014/11/08 18:28:13 - [] D -- C:\Program Files\ATI
O43 - CFD: 2014/11/08 18:28:20 - [0] D -- C:\Program Files\ATI Technologies
O43 - CFD: 2014/11/08 19:33:36 - [] D -- C:\Program Files\AVG
O43 - CFD: 2015/07/23 17:33:24 - [] D -- C:\Program Files\AVG Web TuneUp =>Toolbar.AVGSafeGuard
O43 - CFD: 2014/11/08 17:38:35 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2014/11/08 14:43:43 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 2015/04/20 00:58:11 - [] D -- C:\Program Files\directx
O43 - CFD: 2015/07/23 17:33:27 - [] D -- C:\Program Files\Fichiers communs
O43 - CFD: 2015/02/22 20:28:21 - [] D -- C:\Program Files\Hewlett-Packard
O43 - CFD: 2014/11/08 19:00:55 - [] D -- C:\Program Files\Infineon
O43 - CFD: 2015/06/03 16:09:40 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2015/07/16 03:48:04 - [] D -- C:\Program Files\InstaTrader
O43 - CFD: 2015/05/05 17:51:23 - [] D -- C:\Program Files\Intel
O43 - CFD: 2015/07/18 00:15:06 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2015/07/16 21:19:00 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/04/28 18:33:30 - [] D -- C:\Program Files\Internet Mobile
O43 - CFD: 2015/04/20 01:28:55 - [] D -- C:\Program Files\Java
O43 - CFD: 2015/02/22 20:16:06 - [] D -- C:\Program Files\Logitech
O43 - CFD: 2015/07/15 00:44:33 - [] D -- C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 2015/02/21 04:10:44 - [] D -- C:\Program Files\Messenger
O43 - CFD: 2015/05/05 02:53:04 - [0] D -- C:\Program Files\Microsoft
O43 - CFD: 2014/11/08 14:46:29 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 2014/11/10 19:29:59 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2015/05/02 02:28:16 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2015/06/03 16:09:36 - [] D -- C:\Program Files\Modem Samsung SCH-U209
O43 - CFD: 2015/02/21 04:02:13 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 2015/07/23 17:33:51 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2015/07/07 20:09:01 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2015/06/02 15:08:30 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2014/11/08 14:42:56 - [] D -- C:\Program Files\MSN
O43 - CFD: 2014/11/08 14:43:25 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 2015/06/11 02:48:32 - [] D -- C:\Program Files\netcut
O43 - CFD: 2015/02/19 17:31:51 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 2014/11/08 14:43:32 - [] D -- C:\Program Files\Online Services
O43 - CFD: 2015/07/27 18:27:10 - [] D -- C:\Program Files\Opera
O43 - CFD: 2015/02/21 04:02:34 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 2015/07/15 02:16:03 - [] D -- C:\Program Files\PowerISO
O43 - CFD: 2015/05/05 01:07:01 - [] D -- C:\Program Files\R.G. Mechanics
O43 - CFD: 2015/06/02 15:08:21 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/04/16 16:15:40 - [] D -- C:\Program Files\SecurityXploded
O43 - CFD: 2014/11/08 14:45:21 - [] D -- C:\Program Files\Services en ligne
O43 - CFD: 2015/06/13 19:04:51 - [] D -- C:\Program Files\ShiningMorning
O43 - CFD: 2015/07/25 17:28:53 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2015/05/20 16:27:10 - [] D -- C:\Program Files\Technitium
O43 - CFD: 2015/05/02 07:43:07 - [] D -- C:\Program Files\Tools4Free
O43 - CFD: 2014/11/08 14:51:46 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2014/11/08 22:06:36 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2015/04/18 23:36:56 - [] D -- C:\Program Files\VMware
O43 - CFD: 2015/02/19 17:34:54 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2015/02/19 17:31:48 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2014/11/08 14:45:23 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 2015/02/21 06:50:48 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2014/11/08 14:46:29 - [] D -- C:\Program Files\xerox
O43 - CFD: 2015/02/22 19:51:41 - [] RD -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 2015/07/15 05:49:56 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\AVG
O43 - CFD: 2015/02/21 04:40:05 - [] RD -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 2015/07/16 03:45:40 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\InstaTrader
O43 - CFD: 2015/07/17 17:04:19 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Internet Download Manager
O43 - CFD: 2015/04/28 18:33:07 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Internet Mobile
O43 - CFD: 2015/04/15 18:46:17 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Java
O43 - CFD: 2015/02/19 15:31:41 - [] RD -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Jeux
O43 - CFD: 2015/02/22 20:16:15 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Logitech
O43 - CFD: 2015/06/13 19:05:09 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\MagicCamera
O43 - CFD: 2015/07/15 00:44:34 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Malwarebytes Anti-Malware
O43 - CFD: 2015/06/03 16:09:42 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Modem Samsung SCH-U209
O43 - CFD: 2015/02/19 15:34:33 - [] RD -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 2015/05/31 14:31:16 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\PowerISO
O43 - CFD: 2015/05/05 01:36:18 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\R.G. Mechanics
O43 - CFD: 2015/07/25 17:28:56 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Skype
O43 - CFD: 2015/06/11 04:47:06 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Technitium MAC Address Changer v6
O43 - CFD: 2015/02/19 17:10:07 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 2015/04/18 23:37:30 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\VMware
O43 - CFD: 2015/02/21 06:50:49 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 2015/04/20 04:42:34 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\10909690735813993061
O43 - CFD: 2015/04/15 21:01:35 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Atheros
O43 - CFD: 2015/06/28 00:48:33 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AutoHideIP
O43 - CFD: 2015/07/23 17:33:30 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search =>Toolbar.AVGSearch
O43 - CFD: 2015/07/23 17:33:57 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Security Toolbar =>Toolbar.AVGSearch
O43 - CFD: 2015/07/23 17:34:14 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Web TuneUp =>Toolbar.AVGSafeGuard
O43 - CFD: 2015/07/17 13:38:56 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2015
O43 - CFD: 2015/04/02 09:29:31 - [] HD -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
O43 - CFD: 2015/05/29 03:12:58 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DeskShare
O43 - CFD: 2015/04/29 21:04:52 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HideIPEasy
O43 - CFD: 2015/02/19 16:53:33 - [0] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\IDM
O43 - CFD: 2015/02/25 22:51:19 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\LogiShrd
O43 - CFD: 2015/07/15 00:43:30 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
O43 - CFD: 2015/02/19 21:18:47 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
O43 - CFD: 2015/07/16 03:46:14 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MetaQuotes
O43 - CFD: 2015/07/27 17:53:49 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
O43 - CFD: 2015/05/05 02:53:04 - [] SD -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
O43 - CFD: 2015/02/19 15:48:18 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Mozilla
O43 - CFD: 2015/07/18 19:31:12 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
O43 - CFD: 2015/04/20 01:29:15 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Oracle
O43 - CFD: 2015/07/18 00:15:06 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Package Cache
O43 - CFD: 2015/05/20 08:28:31 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PlatinumHideIP
O43 - CFD: 2015/07/25 17:29:14 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
O43 - CFD: 2015/05/05 14:03:35 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SlimWare Utilities, Inc
O43 - CFD: 2015/04/15 18:47:07 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
O43 - CFD: 2015/07/27 18:06:04 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\VMware
O43 - CFD: 2015/04/20 21:10:41 - [] D -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{a6962b01-26eb-9c9a-a696-62b0126eac04}
O43 - CFD: 2015/07/23 17:33:37 - [] D -- C:\Program Files\Fichiers communs\AVG Secure Search =>Toolbar.AVGSearch
O43 - CFD: 2014/11/20 14:05:40 - [] D -- C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 2015/04/20 01:27:59 - [] D -- C:\Program Files\Fichiers communs\Java
O43 - CFD: 2015/05/01 00:24:33 - [] D -- C:\Program Files\Fichiers communs\logishrd
O43 - CFD: 2014/11/22 01:49:22 - [] D -- C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 2014/11/08 14:44:41 - [] D -- C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 2014/11/08 15:40:00 - [] D -- C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 2015/05/14 22:15:38 - [] D -- C:\Program Files\Fichiers communs\Propellerhead Software
O43 - CFD: 2014/11/08 14:44:44 - [] D -- C:\Program Files\Fichiers communs\Services
O43 - CFD: 2015/02/08 07:11:46 - [] D -- C:\Program Files\Fichiers communs\Skype
O43 - CFD: 2014/11/08 15:39:57 - [] D -- C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 2015/02/19 17:31:45 - [] D -- C:\Program Files\Fichiers communs\System
O43 - CFD: 2015/04/18 23:37:29 - [] D -- C:\Program Files\Fichiers communs\VMware
O43 - CFD: 2015/02/11 18:34:16 - [] D -- C:\Program Files\Fichiers communs\Wise Installation Wizard
O43 - CFD: 2015/02/21 04:41:08 - [] D -- C:\Documents and Settings\reali\Application Data\Adobe
O43 - CFD: 2015/05/14 22:32:15 - [] D -- C:\Documents and Settings\reali\Application Data\Audio Recorder Titanium
O43 - CFD: 2015/06/28 00:48:33 - [] D -- C:\Documents and Settings\reali\Application Data\AutoHideIP
O43 - CFD: 2015/07/15 05:52:29 - [] D -- C:\Documents and Settings\reali\Application Data\AVG2015
O43 - CFD: 2015/05/26 12:33:20 - [] D -- C:\Documents and Settings\reali\Application Data\CoinMiner
O43 - CFD: 2015/05/05 01:36:05 - [] D -- C:\Documents and Settings\reali\Application Data\Command and Conquer - Generals
O43 - CFD: 2015/07/26 13:18:31 - [] D -- C:\Documents and Settings\reali\Application Data\DMCache
O43 - CFD: 2015/02/21 05:19:08 - [] D -- C:\Documents and Settings\reali\Application Data\driveridentifier
O43 - CFD: 2015/03/20 06:38:53 - [] D -- C:\Documents and Settings\reali\Application Data\Foxit Software
O43 - CFD: 2015/05/05 14:22:24 - [] D -- C:\Documents and Settings\reali\Application Data\GameRanger
O43 - CFD: 2015/07/03 14:26:09 - [] D -- C:\Documents and Settings\reali\Application Data\Hide IP Speed
O43 - CFD: 2015/04/29 21:04:52 - [] D -- C:\Documents and Settings\reali\Application Data\HideIPEasy
O43 - CFD: 2015/02/19 15:40:15 - [] D -- C:\Documents and Settings\reali\Application Data\Identities
O43 - CFD: 2015/07/17 17:04:31 - [] D -- C:\Documents and Settings\reali\Application Data\IDM
O43 - CFD: 2015/02/22 20:15:53 - [] D -- C:\Documents and Settings\reali\Application Data\Leadertech
O43 - CFD: 2015/02/21 04:41:08 - [] D -- C:\Documents and Settings\reali\Application Data\Macromedia
O43 - CFD: 2015/07/16 03:46:14 - [] D -- C:\Documents and Settings\reali\Application Data\MetaQuotes
O43 - CFD: 2015/03/05 07:49:25 - [] SD -- C:\Documents and Settings\reali\Application Data\Microsoft
O43 - CFD: 2015/02/19 15:48:25 - [] D -- C:\Documents and Settings\reali\Application Data\Mozilla
O43 - CFD: 2015/07/18 18:26:29 - [] D -- C:\Documents and Settings\reali\Application Data\Nero
O43 - CFD: 2015/07/17 18:27:37 - [] D -- C:\Documents and Settings\reali\Application Data\Opera Software
O43 - CFD: 2015/04/15 18:46:58 - [] D -- C:\Documents and Settings\reali\Application Data\Oracle
O43 - CFD: 2015/05/20 08:28:31 - [] D -- C:\Documents and Settings\reali\Application Data\PlatinumHideIP
O43 - CFD: 2015/05/31 15:24:01 - [] D -- C:\Documents and Settings\reali\Application Data\PowerISO
O43 - CFD: 2015/05/14 22:16:17 - [] D -- C:\Documents and Settings\reali\Application Data\REAPER
O43 - CFD: 2015/07/17 18:28:18 - [] D -- C:\Documents and Settings\reali\Application Data\Shortcut
O43 - CFD: 2015/07/27 17:54:35 - [] D -- C:\Documents and Settings\reali\Application Data\Skype
O43 - CFD: 2015/04/15 18:42:42 - [] D -- C:\Documents and Settings\reali\Application Data\Sun
O43 - CFD: 2015/04/12 06:34:47 - [] D -- C:\Documents and Settings\reali\Application Data\TuneUp Software
O43 - CFD: 2015/07/27 18:00:27 - [] D -- C:\Documents and Settings\reali\Application Data\uTorrent
O43 - CFD: 2015/07/27 04:00:48 - [] D -- C:\Documents and Settings\reali\Application Data\vlc
O43 - CFD: 2015/07/13 16:03:55 - [] D -- C:\Documents and Settings\reali\Application Data\VMware
O43 - CFD: 2015/02/21 06:51:07 - [] D -- C:\Documents and Settings\reali\Application Data\WinRAR
O43 - CFD: 2015/07/27 18:36:54 - [] D -- C:\Documents and Settings\reali\Application Data\ZHP
O43 - CFD: 2015/02/21 03:49:40 - [0] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Adobe
O43 - CFD: 2015/07/23 17:34:57 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\AVG Web TuneUp =>Toolbar.AVGSafeGuard
O43 - CFD: 2015/07/17 17:21:30 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Avg2015
O43 - CFD: 2015/05/31 20:19:00 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Chromium
O43 - CFD: 2015/05/29 03:15:57 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\DeskShare Data
O43 - CFD: 2015/02/19 15:44:05 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Downloaded Installations
O43 - CFD: 2015/02/23 00:45:48 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Foxit Reader
O43 - CFD: 2015/06/27 12:25:07 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Google
O43 - CFD: 2015/03/05 07:49:24 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Identities
O43 - CFD: 2015/06/28 00:21:28 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\IsolatedStorage
O43 - CFD: 2015/02/22 20:16:24 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\LogiShrd
O43 - CFD: 2015/06/13 14:08:20 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\MagicCamera
O43 - CFD: 2015/04/02 09:29:30 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\MFAData
O43 - CFD: 2015/06/01 00:38:51 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Microsoft
O43 - CFD: 2015/02/19 15:48:23 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Mozilla
O43 - CFD: 2015/07/18 18:23:48 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Nero
O43 - CFD: 2015/07/18 18:24:48 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Nero_AG
O43 - CFD: 2015/07/17 18:27:38 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Opera Software
O43 - CFD: 2015/02/21 21:49:17 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Skype
O43 - CFD: 2015/05/29 03:12:34 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Spoon
O43 - CFD: 2015/04/15 18:46:38 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\Sun
O43 - CFD: 2015/07/13 16:03:46 - [] D -- C:\Documents and Settings\reali\Local Settings\Application Data\VMware
O43 - CFD: 2015/06/01 02:59:12 - [0] D -- C:\Documents and Settings\reali\Local Settings\Application Data\WMTools Downloaded Files
O43 - CFD: 2015/02/21 17:41:30 - [] RD -- C:\Documents and Settings\reali\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 2015/07/27 13:35:25 - [] RD -- C:\Documents and Settings\reali\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 2015/07/17 17:04:18 - [] D -- C:\Documents and Settings\reali\Menu Démarrer\Programmes\Internet Download Manager
O43 - CFD: 2015/06/17 22:26:04 - [] RD -- C:\Documents and Settings\reali\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 2015/02/21 06:50:49 - [] D -- C:\Documents and Settings\reali\Menu Démarrer\Programmes\WinRAR

---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (1) - 6s
O45 - LFCP:[MD5.1936AB045BDDE285AF8057DC810BFAB5] 2015/07/23 17:34:32 A -- C:\WINDOWS\Prefetch\AVG WEB TUNEUP-306A48E5.pf =>Toolbar.AVGSafeGuard

---\\ Enumération des clés de registre StartupReg (SMSR) (O53) (16) - 2s
O53 - SMSR:HKLM\...\startupreg\atchk [Key] . (.Intel Corporation - Displays state of Intel® Active Management.) -- C:\Program Files\Intel\AMT\atchk.exe
O53 - SMSR:HKLM\...\startupreg\ctfmon.exe [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O53 - SMSR:HKLM\...\startupreg\DriverUpdate [Key] . (...) -- C:\Program Files\DriverUpdate\DriverUpdate.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\Logitech Vid [Key] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE [Key] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\SoundMAX [Key] . (.Analog Devices, Inc. - Audio Control Panel.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
O53 - SMSR:HKLM\...\startupreg\SoundMAXPnP [Key] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
O53 - SMSR:HKLM\...\startupreg\TunnelBear [Key] . (...) -- C:\Program Files\TunnelBear\TBear.Client.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\vProt [Key] . (.Copyright (C) 2012 - VProtect Application.) -- C:\Program Files\AVG Web TuneUp\vprot.exe =>Toolbar.AVGSafeGuard

---\\ Liste des pilotes du système (SDL) (O58) (134) - 27s
O58 - SDL:2008/12/11 14:11:34 A . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys [338944]
O58 - SDL:2009/03/12 12:04:30 A . (.Andrea Electronics Corporation - Andrea Audio Driver (32-bit).) -- C:\WINDOWS\System32\drivers\aeaudio.sys [112896]
O58 - SDL:2008/04/13 12:36:40 N . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\System32\drivers\amdagp.sys [43008]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [56623]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [11615]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [12047]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [30671]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [63663]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [26367]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [21343]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [36463]
O58 - SDL:2008/04/13 10:34:20 N . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [29455]
O58 - SDL:2008/04/13 10:34:20 N . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [34735]
O58 - SDL:2008/04/13 19:55:32 N . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [327168]
O58 - SDL:2008/04/13 19:55:34 N . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [701440]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM BT829 MiniDriver (A).) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [57856]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI Specialized MVD VBI Codec RT2.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [13824]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI Specialized PCD VBI Codec RT2.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [14336]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI Rage Theater Audio WDM Minidriver.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [52224]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM Rage Theater MiniDriver RT2.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [104960]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM TV Sound MiniDriver.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [28672]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM Teletext Decoder.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [13824]
O58 - SDL:2008/04/13 10:34:18 N . (.ATI Technologies Inc. - ATI WDM TVTuner MiniDriver.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [73216]
O58 - SDL:2008/04/13 10:34:20 N . (.ATI Technologies Inc. - ATI WDM CrossBar MiniDriver.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [31744]
O58 - SDL:2008/04/13 10:34:20 N . (.ATI Technologies Inc. - ATI WDM TVAUDIO_CrossBar MiniDriver RT2.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [63488]
O58 - SDL:2015/03/11 12:13:46 A . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) -- C:\WINDOWS\System32\drivers\avgdiskx.sys [132576]
O58 - SDL:2012/01/12 20:52:06 A . (.AVG Technologies CZ, s.r.o. - AVG Firewall intermediate miniport driver.) -- C:\WINDOWS\System32\drivers\avgfwdx.sys [30944]
O58 - SDL:2015/06/26 09:49:34 A . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) -- C:\WINDOWS\System32\drivers\avgidsdriverlx.sys [217008]
O58 - SDL:2015/05/12 14:45:04 A . (.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Dri.) -- C:\WINDOWS\System32\drivers\avgidshx.sys [190944]
O58 - SDL:2015/05/14 13:49:12 A . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Loader.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys [29664]
O58 - SDL:2015/06/16 15:54:52 A . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [207328]
O58 - SDL:2015/05/07 13:52:08 A . (.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) -- C:\WINDOWS\System32\drivers\avglogx.sys [290272]
O58 - SDL:2015/06/10 16:38:10 A . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [170464]
O58 - SDL:2015/03/20 12:18:22 A . (.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys [35808]
O58 - SDL:2015/05/12 14:46:06 A . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [213984]
O58 - SDL:2001/09/28 13:00:00 A . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528]
O58 - SDL:2001/09/28 13:00:00 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776]
O58 - SDL:2013/08/19 09:12:10 A . (.HID Global Corporation - PC/SC IFD-Handler for CCID compliant Reader.) -- C:\WINDOWS\System32\drivers\cxbu0wdm.sys [126976]
O58 - SDL:2015/07/15 02:17:24 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\dhhb.sys [52440]
O58 - SDL:2008/04/13 20:05:08 A . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys [800256]
O58 - SDL:2008/04/13 20:05:14 A . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys [154496]
O58 - SDL:2001/09/28 13:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888]
O58 - SDL:2012/10/30 11:17:46 A . (.Intel Corporation - Intel(R) Network Adapter NDIS 5.2 deseriali.) -- C:\WINDOWS\System32\drivers\e1e5132.sys [254336]
O58 - SDL:2007/08/09 04:13:04 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys [24448]
O58 - SDL:2009/10/12 15:21:54 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\ewusbdev.sys [100736]
O58 - SDL:2009/12/07 19:53:12 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys [102912]
O58 - SDL:2009/12/08 20:19:12 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys [114432]
O58 - SDL:2012/10/11 16:15:36 A . (.VMware, Inc. - VMware USB monitor.) -- C:\WINDOWS\System32\drivers\hcmon.sys [41496]
O58 - SDL:2008/04/13 10:36:06 N . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2005/01/07 18:07:16 N . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\System32\drivers\Hdaudio.sys [145920]
O58 - SDL:2009/09/18 17:32:06 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECI.sys [45184]
O58 - SDL:2008/04/13 12:23:50 N . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys [220032]
O58 - SDL:2008/04/13 12:23:52 N . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys [685056]
O58 - SDL:2008/04/13 12:23:54 N . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys [1041536]
O58 - SDL:2012/08/09 13:09:57 A . (.Intel Corporation - NDIS 5.1 Advanced Networking Services..) -- C:\WINDOWS\System32\drivers\ianswxp.sys [120696]
O58 - SDL:2015/06/12 04:00:58 A . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\System32\drivers\idmtdi.sys [128528]
O58 - SDL:2008/07/23 12:31:38 A . (.Infineon Technologies AG - Infineon Trusted Platform Module.) -- C:\WINDOWS\System32\drivers\ifxtpm.sys [44800]
O58 - SDL:2000/01/01 02:00:00 A . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\igxpmp32.sys [1730272]
O58 - SDL:2012/12/18 16:11:20 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) -- C:\WINDOWS\System32\drivers\iqvw32.sys [31048]
O58 - SDL:2009/05/01 00:55:56 A . (.Logitech Inc. - Logitech Webcam Software Driver.) -- C:\WINDOWS\System32\drivers\LV302V32.SYS [2687512]
O58 - SDL:2009/10/07 02:46:36 A . (...) -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [25752]
O58 - SDL:2015/06/18 08:41:36 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256]
O58 - SDL:2015/06/18 08:41:46 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [121560]
O58 - SDL:2015/07/27 18:06:39 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [98520]
O58 - SDL:2011/05/19 18:15:56 A . (.ShiningMorning Inc. - .) -- C:\WINDOWS\System32\drivers\mcdevice.sys [331072]
O58 - SDL:2008/04/13 12:23:58 N . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\System32\drivers\mdmxsdk.sys [11868]
O58 - SDL:2008/04/13 12:23:42 N . (.Smart Link - .) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [126686]
O58 - SDL:2008/04/13 12:23:40 N . (.Smart Link - .) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [1309184]
O58 - SDL:2008/04/13 10:34:28 N . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [452736]
O58 - SDL:2001/09/28 13:00:00 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032]
O58 - SDL:2008/04/13 12:23:42 N . (.Smart Link - .) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [180360]
O58 - SDL:2008/04/13 10:34:32 N . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Dri.) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [1897408]
O58 - SDL:2001/09/28 13:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792]
O58 - SDL:2008/04/13 12:23:44 N . (.Smart Link - .) -- C:\WINDOWS\System32\drivers\recagent.sys [13776]
O58 - SDL:2001/09/28 13:00:00 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032]
O58 - SDL:2001/09/28 13:00:00 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032]
O58 - SDL:2008/06/27 03:39:42 RA . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\WINDOWS\System32\drivers\RTL8187.sys [332928]
O58 - SDL:2008/04/13 10:34:34 N . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [166912]
O58 - SDL:2015/04/08 04:01:28 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\WINDOWS\System32\drivers\scdemu.sys [113984]
O58 - SDL:2008/04/13 10:39:16 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480]
O58 - SDL:2008/03/28 12:14:02 A . (.Sonic Focus, Inc - Sonic Focus DSP driver for ADI.) -- C:\WINDOWS\System32\drivers\sfaudio.sys [24064]
O58 - SDL:2008/04/13 12:36:40 N . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\System32\drivers\sisagp.sys [40960]
O58 - SDL:2008/04/13 12:23:44 N . (.Smart Link - .) -- C:\WINDOWS\System32\drivers\slnt7554.sys [129535]
O58 - SDL:2008/04/13 12:23:46 N . (.Smart Link - .) -- C:\WINDOWS\System32\drivers\slntamr.sys [404990]
O58 - SDL:2008/04/13 12:23:48 N . (.Smart Link - .) -- C:\WINDOWS\System32\drivers\slnthal.sys [95424]
O58 - SDL:2008/04/13 12:23:48 N . (.Smart Link - .) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [13240]
O58 - SDL:2008/11/21 13:28:42 A . (.MCCI Corporation - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\sscdbus.sys [87296]
O58 - SDL:2008/11/21 13:28:42 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\sscdcm.sys [12160]
O58 - SDL:2008/11/21 13:28:42 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\sscdcmnt.sys [12160]
O58 - SDL:2008/11/21 13:28:42 A . (.MCCI Corporation - SAMSUNG Mobile Modem Filter Driver.) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys [14976]
O58 - SDL:2008/11/21 13:28:42 A . (.MCCI Corporation - SAMSUNG Mobile Modem WDM.) -- C:\WINDOWS\System32\drivers\sscdmdm.sys [115968]
O58 - SDL:2008/11/21 13:28:42 A . (.MCCI Corporation - SAMSUNG Mobile Modem Diagnostic Serial Port.) -- C:\WINDOWS\System32\drivers\sscdserd.sys [94848]
O58 - SDL:2008/11/21 13:28:42 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\sscdwh.sys [12160]
O58 - SDL:2008/11/21 13:28:42 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\sscdwhnt.sys [12160]
O58 - SDL:2015/07/15 01:29:42 A . (.SlimWare Utilities, Inc. - Driver Update Installer Monitor.) -- C:\WINDOWS\System32\drivers\SWDUMon.sys [13368]
O58 - SDL:2013/08/22 14:40:22 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901.sys [35288]
O58 - SDL:2001/09/28 13:00:00 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376]
O58 - SDL:2015/03/16 18:44:30 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\WINDOWS\System32\drivers\VBoxDrv.sys [749664]
O58 - SDL:2015/03/16 18:42:58 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\WINDOWS\System32\drivers\VBoxNetAdp.sys [115672]
O58 - SDL:2015/03/16 18:42:56 A . (.Oracle Corporation - VirtualBox USB Driver.) -- C:\WINDOWS\System32\drivers\VBoxUSB.sys [95608]
O58 - SDL:2015/03/16 18:42:58 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys [104384]
O58 - SDL:2001/09/28 13:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112]
O58 - SDL:2012/10/24 14:16:50 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\WINDOWS\System32\drivers\vmci.sys [71152]
O58 - SDL:2013/02/26 02:27:46 A . (.VMware, Inc. - VMware keyboard filter driver (32-bit).) -- C:\WINDOWS\System32\drivers\VMkbd.sys [26064]
O58 - SDL:2013/02/26 02:27:46 A . (.VMware, Inc. - VMware virtual network driver (32-bit).) -- C:\WINDOWS\System32\drivers\vmnet.sys [19608]
O58 - SDL:2013/02/26 02:27:46 A . (.VMware, Inc. - VMware virtual network adapter driver (32-b.) -- C:\WINDOWS\System32\drivers\vmnetadapter.sys [16664]
O58 - SDL:2013/02/26 02:29:02 A . (.VMware, Inc. - VMware bridge driver (32-bit).) -- C:\WINDOWS\System32\drivers\vmnetbridge.sys [34384]
O58 - SDL:2013/02/26 02:28:06 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\WINDOWS\System32\drivers\vmnetuserif.sys [26192]
O58 - SDL:2013/02/26 02:28:26 A . (.VMware, Inc. - VMware parallel port driver.) -- C:\WINDOWS\System32\drivers\vmparport.sys [24272]
O58 - SDL:2012/10/11 16:15:06 A . (.VMware, Inc. - VMware USB driver.) -- C:\WINDOWS\System32\drivers\vmusb.sys [31280]
O58 - SDL:2013/02/26 02:28:04 A . (.VMware, Inc. - VMware kernel driver.) -- C:\WINDOWS\System32\drivers\vmx86.sys [62416]
O58 - SDL:2012/10/24 14:16:58 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\WINDOWS\System32\drivers\vsock.sys [61464]
O58 - SDL:2008/04/13 10:34:28 N . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [11807]
O58 - SDL:2008/04/13 10:34:28 N . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [11295]
O58 - SDL:2008/04/13 10:34:28 N . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [11871]
O58 - SDL:2008/04/13 10:34:30 N . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [11935]
O58 - SDL:2008/04/13 10:34:30 N . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\watv06nt.sys [22271]
O58 - SDL:2008/04/13 10:34:30 N . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\watv10nt.sys [25471]
O58 - SDL:2001/09/28 13:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9037]
O58 - SDL:2001/09/28 13:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2001/09/28 13:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4912]
O58 - SDL:2001/09/28 13:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2004/08/03 22:46:56 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2001/09/28 13:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27916]
O58 - SDL:2001/09/28 13:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2001/09/28 13:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2001/09/28 13:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2001/09/28 13:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2004/08/03 22:45:26 A . (...) -- C:\WINDOWS\System32\ntio.sys [34000]
O58 - SDL:2004/08/03 22:45:16 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2004/08/03 22:45:12 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2004/08/03 22:45:16 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2004/08/03 22:45:14 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]
O58 - SDL:2003/04/16 09:00:36 A . (.Compaq Computer Corporation - Client Management Device Driver.) -- C:\WINDOWS\System32\SP32395.SYS [50520]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (2) - 32s
O61 - LFC: 2015/07/23 16:34:47 A . (.BitTorrent Inc..) -- C:\Documents and Settings\reali\Application Data\uTorrent\uTorrent.exe [1693024]
O61 - LFC: 2015/07/23 16:34:47 A . (.BitTorrent Inc..) -- C:\Documents and Settings\reali\Application Data\uTorrent\updates\3.4.3_40760.exe [1693024]

---\\ Associations Shell Spawning (O67) (1) - 0s
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe

---\\ Menu de démarrage Internet (SMI) (O68) (13) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (10) - 6s
O69 - SBI: prefs.js [reali - ka644f0l.default] user_pref("avg.wtu.ext.dnsWhiteList", "toolbarhome.com,avg.com"); =>Trojan.Vonteera
O69 - SBI: prefs.js [reali - ka644f0l.default] user_pref("avg.wtu.ext.setting_hp_list", "[{\"name\":\"AVG Secure Search\",\"value\":\"https://mysearch.avg.com\"},{\"name\":\"Goo[...] =>Toolbar.AVGSearch
O69 - SBI: prefs.js [reali - ka644f0l.default] user_pref("browser.search.defaultenginename", "AVG Secure Search"); =>Toolbar.AVGSearch
O69 - SBI: prefs.js [reali - ka644f0l.default] user_pref("extensions.RecordPage.cg", "94370a5b-65a4-4daf-92f9-b7e61420906a"); =>PUP.Optional.RecordPage
O69 - SBI: prefs.js [reali - ka644f0l.default] user_pref("extensions.xpiState", "{\"app-profile\":{\"avg@toolbar\":{\"d\":\"C:\\\\Documents and Settings\\\\reali\\\\Application [...] =>Toolbar.AVGSearch
O69 - SBI: prefs.js [reali - ka644f0l.default] user_pref("plugin.state.npconduitfirefoxplugin", 0); =>PUP.Optional.Conduit
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://mysearch.avg.com/
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com/
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com/

---\\ Enumère les services démarrés par Svchost (SSS) (O83) (40) - 4s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [127488]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\system32\mswsock.dll [247808]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à.) -- C:\WINDOWS\system32\ipnathlp.dll [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\WINDOWS\system32\tapisrv.dll [249856]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [483840]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685568]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\system32\qmgr.dll [409088]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38400]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Fournisseur de services de périphérique mul.) -- C:\WINDOWS\system32\mspmsnsv.dll [52736]
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll [293376]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll [61440]

---\\ Scan Additionnel (O88) (24) - 0s
C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe =>Toolbar.AVGSafeGuard
C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
C:\Program Files\Fichiers communs\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe =>Toolbar.AVGSearch
C:\Documents and Settings\reali\Application Data\Mozilla\Firefox\Profiles\ka644f0l.default\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
C:\Program Files\AVG Web TuneUp\4.1.5.143\AVG Web TuneUp.dll =>Toolbar.AVGSafeGuard
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} =>Toolbar.AVGSafeGuard
HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.8.0 =>Toolbar.AVGSearch
HKLM\SYSTEM\CurrentControlSet\Services\WtuSystemSupport =>Toolbar.AVGSafeGuard
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp =>Toolbar.AVGSafeGuard
HKLM\SOFTWARE\AVG Web TuneUp =>Toolbar.AVGSafeGuard
HKLM\SOFTWARE\TENCENT =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AVG Web TuneUp =>Toolbar.AVGSafeGuard
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore
HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech
C:\Program Files\AVG Web TuneUp =>Toolbar.AVGSafeGuard
C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search =>Toolbar.AVGSearch
C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Web TuneUp =>Toolbar.AVGSafeGuard
C:\Program Files\Fichiers communs\AVG Secure Search =>Toolbar.AVGSearch
C:\Documents and Settings\reali\Local Settings\Application Data\AVG Web TuneUp =>Toolbar.AVGSafeGuard
C:\WINDOWS\Prefetch\AVG WEB TUNEUP-306A48E5.pf =>Toolbar.AVGSafeGuard
C:\Program Files\AVG Web TuneUp\vprot.exe =>Toolbar.AVGSafeGuard

---\\ Récapitulatif des éléments trouvées sur votre station (10) - 0s
http://www.nicolascoolman.fr/blog =>Toolbar.AVGSafeGuard
http://www.nicolascoolman.fr/blog =>Toolbar.AVGSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/adware-tencentaddressbar/ =>PUP.Optional.TencentAddressBar
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/pup-linkeysearch/ =>PUP.Optional.LinkeySearch
http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore
http://www.nicolascoolman.fr/blog =>PUP.Optional.SimplyTech
http://www.nicolascoolman.fr/trojan-vonteera/ =>Trojan.Vonteera
http://www.nicolascoolman.fr/pup-recordpage/ =>PUP.Optional.RecordPage

~ End of the scan, 44532 items in 303 seconds (764)(0)()

Publicité


Signaler le contenu de ce document

Publicité