~ Rapport de ZHPDiag v2014.3.2.6 - Nicolas Coolman (03/03/2014) ~ Lancé par Philippe (08/03/2014 17:04:03) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v7.0.6001.18000 MFIE: Mozilla Firefox 27.0.1 (Defaut) GCIE: Google Chrome v33.0.1750.146 ---\\ Informations sur les produits Windows ~ Langage: Français Windows Vista (TM) Home Basic, 32-bit Service Pack 1 (Build 6001) Windows Server License Manager Script : OK ~ Vista, OEM_COA_SLP channel Windows ID Activation : OK ~ Windows Partial Key : FYP78 Windows License : OK Windows Automatic Updates : OK ---\\ Logiciels de protection du système avast! Free Antivirus v9.0.2013 Malwarebytes Anti-Malware version 1.75.0.1300 ---\\ Logiciels d'optimisation du système CCleaner v4.09 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 12 Plugin Adobe Reader X Java 7 Update 51 ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1978 MB (43% free) System Restore: Activé (Enable) System drive C: has 89 GB (64%) free of 139 GB ---\\ Mode de connexion au système ~ Computer Name: PC-DE-PHILIPPE ~ User Name: Philippe ~ All Users Names: Philippe, mimi, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Philippe\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Philippe\AppData\Roaming\ ~ %Desktop% : C:\Users\Philippe\Desktop\ ~ %Favorites% : C:\Users\Philippe\Favorites\ ~ %LocalAppData% : C:\Users\Philippe\AppData\Local\ ~ %StartMenu% : C:\Users\Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 89 Go of 139 Go) D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go) E: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 46 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.27/02/2009 - 05:54:56.) -- C:\Windows\Explorer.exe [2927104] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.DA5A72211661C7F162B332FEA4F09A69] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2011 - 16:00:34.) -- C:\Windows\System32\wininet.dll [833024] [MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/01/2008 - 03:34:38.) -- C:\Windows\System32\Winlogon.exe [314880] [MD5.48EB99503533C27AC6135648E5474457] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:16:42.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.9C0E70031905ADBF94EDB9EA14AF943B] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.27/02/2009 - 05:43:10.) -- C:\Windows\system32\Drivers\atapi.sys [21560] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/01/2008 - 03:32:23.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.A3E9FA213F443AC77C7746119D13FEEC] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:24:14.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/01/2008 - 03:32:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [53760] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.5734A0F2BE7E495F7D3ED6EFD4B9F5A1] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 13:49:35.) -- C:\Windows\system32\Drivers\MRxSmb.sys [105984] [MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.21/01/2008 - 03:34:49.) -- C:\Windows\system32\Drivers\netBT.sys [184320] [MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\ntfs.sys [1081912] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832] [MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.21/01/2008 - 03:34:49.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.21/01/2008 - 03:34:42.) -- C:\Windows\system32\Drivers\tdx.sys [71680] [MD5.D8B4A53DD2769F226B3EB374374987C9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/01/2008 - 03:32:47.) -- C:\Windows\system32\Drivers\volsnap.sys [227896] ~ Generic Processes: Scanned in 00mn 03s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/943 ~ Mes musiques (My Musics) : 15/352 ~ Mes Videos (My Videos) : 1/13 ~ Mes Favoris (My Favorites) : 1/27 ~ Mes Documents (My Documents) : 11/382 ~ Mon Bureau (My Desktop) : 3/592 ~ Menu demarrer (Programs) : 1/35 ~ Hidden Files: Scanned in 00mn 08s ---\\ Processus lancés [MD5.6C4878F3483B959891408B804DE4475C] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344] [PID.3060] [MD5.C89097A61AEF2679E61504EA4F93751D] - (.Filipe Lourenço - BatteryCare.) -- C:\Program Files\BatteryCare\BatteryCare.exe [752128] [PID.3208] [MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096] [PID.3296] [MD5.B236FE89F31893CDF6DB5A1DC6FCB369] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [450652] [PID.3352] [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336] [PID.3412] [MD5.4A9295C9BE22739D030AB072E9A0B169] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392] [PID.3448] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.3456] =>Toolbar.Google [MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.2864] [MD5.C8649EDF4955DE896A7AED515C932B09] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.2340] [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.3772] [MD5.FF409C974A9AD58B82374DEEF6B44CBB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.3628] [MD5.0642800E69522E29B93EF4C6BE00D13E] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe [1863560] [PID.2704] [MD5.9C8A63AB622C5258C940E6D737C8F374] - (.Microsoft Corporation - Sauvegarde Microsoft® Windows.) -- C:\Windows\system32\sdclt.exe [1169408] [PID.3696] [MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.2680] [MD5.66EA3B698F9A7EA2DBF0E4B246B6C958] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8349696] [PID.284] [MD5.2E3DB7DBC4D96949F4DA4383AA02AE72] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [217170] [PID.1112] [MD5.0BA91E1358AD25236863039BB2609A2E] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [2623488] [PID.1260] [MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1516] [MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.1548] [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1820] [MD5.827DBC22C96EECF6D36A13162FABAFD3] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [81920] [PID.1844] [MD5.ABF90FC5A127F481219B873C1B8DFC1C] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.1900] [MD5.2063D6B51FD874E67502B31A9FDBA685] - (.Pas de propriétaire - STServices.) -- C:\Program Files\SMINST\BLService.exe [365952] [PID.1952] [MD5.498EB62A160674E793FA40FD65390625] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152] [PID.2008] [MD5.A19B0BB5A7EB6DF2DD4A0711D36955EE] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.3364] ~ Processes Running: Scanned in 00mn 11s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Aide et Support d'HP.lnk . (.Hewlett-Packard - HPHS Launcher.) -- C:\Windows\Help\OEM\scripts\HPHS_Launcher.exe O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe O4 - GS\Desktop [Public]: Jeux et musique gratuits.lnk . (...) -- C:\Program Files\Real\RealPlayer\freeoffers.rnx O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Desktop [Public]: Sauvez Vos K7 Vidéos.lnk . (.Micro Application - Sauvez vos cassettes vidéo.) -- C:\Program Files\Micro Application\Sauvez Vos K7 Vidéos\MovieCreator.exe O4 - GS\Desktop [Public]: WinChess 1.0.lnk . (.Francky Compagny - Application WinChess.) -- C:\Users\Philippe\Desktop\Chess\WinChess.exe O4 - GS\Program [Public]: DVD Play.lnk . (...) -- C:\Program Files\HP\QuickPlay\QP.exe (.not file.) O4 - GS\Program [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Pour les enfants.lnk . (...) -- C:\Program Files\EasyBits For Kids\Promo\ezKidsReady.exe (.not file.) O4 - GS\Program [Public]: WinChess 1.0.lnk . (.Francky Compagny - Application WinChess.) -- C:\Users\Philippe\Desktop\Chess\WinChess.exe O4 - GS\QuickLaunch [Philippe]: Free DVD Ripper Platinum.lnk . (...) -- C:\Program Files\Free DVD Ripper Platinum\FreeDVDRipperPlatinum.exe O4 - GS\QuickLaunch [Philippe]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch [Philippe]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [Philippe]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Program [Philippe]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SystemTools [Philippe]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Desktop [Philippe]: 9Giga Synchro.lnk . (.Agematis - 9Giga Synchro.) -- C:\Program Files\SFR\9Giga Synchro\9Giga_Synchro.exe O4 - GS\Desktop [Philippe]: Free DVD Ripper Platinum.lnk . (...) -- C:\Program Files\Free DVD Ripper Platinum\FreeDVDRipperPlatinum.exe O4 - GS\Desktop [Philippe]: FREECOM HDD (F) - Raccourci.lnk - Clé orpheline O4 - GS\Desktop [Philippe]: Index.dat Analyzer.lnk . (.Systenance Software - Index.dat Analyzer.) -- C:\Program Files\Index.dat Analyzer\index.exe O4 - GS\Desktop [Philippe]: PC Inspector File Recovery.lnk . (...) -- C:\Program Files\Convar\PC Inspector File Recovery\Filerecovery.exe O4 - GS\Desktop [Philippe]: Vimeo Video Downloader.lnk . (.Downloadtoolz, Inc. - Pas de description.) -- C:\Program Files\DownloadToolz\Vimeo Video Downloader\vimeo_d.exe O4 - GS\QuickLaunch [mimi]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [mimi]: OTB_util.lnk . (...) -- C:\Program Files\OTB_util\OTB_util.exe (.not file.) O4 - GS\Program [mimi]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SystemTools [mimi]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Global Startup: 95 Legitimates Filtered in 00mn 08s ---\\ Applications lancées au démarrage du sytème (O4) O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Run: [WirelessAssistant] . (.Hewlett-Packard - HP Wireless Assistant main program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe (.not file.) =>.Hewlett-Packard Co O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKUS\S-1-5-21-1556251780-2340890258-3819325119-1001\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe O4 - HKUS\S-1-5-21-1556251780-2340890258-3819325119-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google ~ Application: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{35AA0E46-A307-4C07-B47E-582CABC0A06B}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{FDB9B1CE-4879-4ABE-AE97-2440561F1241}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{35AA0E46-A307-4C07-B47E-582CABC0A06B}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{FDB9B1CE-4879-4ABE-AE97-2440561F1241}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{35AA0E46-A307-4C07-B47E-582CABC0A06B}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{FDB9B1CE-4879-4ABE-AE97-2440561F1241}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{35AA0E46-A307-4C07-B47E-582CABC0A06B}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{FDB9B1CE-4879-4ABE-AE97-2440561F1241}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk /r \??\F:) - File not found ~ BEX: 2 Legitimates Filtered in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [{3AECE2D7-4424-4597-9D7E-4D4D7ACADA20}] (...) -- C:\Users\Philippe\Downloads\vlc(5).exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{7FB832F2-33C4-41A9-885D-22844DC91FB1}] (...) -- C:\Users\Philippe\Downloads\mensuel.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{BC8405A8-77BC-4B3A-B690-55E48386C311}] (...) -- C:\Users\Philippe\Downloads\mensuel(1).exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F0E9DF99-2D0E-4172-915D-0F38F50B352B}] (...) -- C:\Users\Philippe\Downloads\vlc(3).exe (.not file.) [0] ~ Scheduled Task: 21 Legitimates Filtered in 00mn 10s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (SRTSP) . (. - .) - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.sys (.not file.) O41 - Driver: (SRTSPX) . (. - .) - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.sys (.not file.) ~ Drivers: 94 Legitimates Filtered in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Music Search] [HKCU\Software\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램] [HKLM\Software\Home] ~ Key Software: 273 Legitimates Filtered in 00mn 02s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.2D9047C33C0C1FE1D0EF5436D8312771] - 08/03/2014 - 10:28:49 ----- . (...) -- C:\UsbFix [Scan 1] PC-DE-PHILIPPE.txt [7036] O44 - LFC:[MD5.91B6DFBA0FD7D0F4836FB711D1B5D81C] - 08/03/2014 - 13:45:13 ---A- . (...) -- C:\Windows\System32\TrueSight.sys [26624] O44 - LFC:[MD5.2D2EFF3A1799927CCB590F089D216699] - 08/03/2014 - 13:55:30 ----- . (...) -- C:\UsbFix [Scan 2] PC-DE-PHILIPPE.txt [7041] O44 - LFC:[MD5.D323D5901BCCA0FA05716803C8D885D2] - 08/03/2014 - 16:12:24 ---A- . (...) -- C:\UsbFix [Clean 2] PC-DE-PHILIPPE.txt [13516] O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 08/03/2014 - 16:42:19 ---A- . (...) -- C:\Windows\System32\DOErrors.log [52] ~ Files: 17 Legitimates Filtered in 00mn 09s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\OTB_util [Key] . (...) -- C:\Program Files\OTB_util\OTB_util.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\QPService [Key] . (...) -- C:\Program Files\HP\QuickPlay\QPService.exe (.not file.) ~ SMSR Keys: 17 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "HideSCAPower"=0 ~ MWPE Keys: 1 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.F385467DF95D0A73775CB3B076B8B969] - 23/10/2013 - 08:55:07 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944] O58 - SDL:[MD5.1B0662514A68C3A42E60D240C5ABEF28] - 18/12/2013 - 10:12:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180248] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:32:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584] O58 - SDL:[MD5.75860C1E8F36D13A96A8CB426E4C18AE] - 17/09/2009 - 16:01:18 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\Windows\System32\Drivers\emBDA.sys [579840] O58 - SDL:[MD5.A8FFE391C198F86392EAF7AB8B9BAAB2] - 17/09/2009 - 16:00:38 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\Windows\System32\Drivers\emOEM.sys [543744] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/07/2006 - 15:05:00 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [5632] O58 - SDL:[MD5.E3C50B029BD08A35FC6A5F0B1CF5D300] - 03/06/2009 - 19:43:18 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt.sys [407040] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:32:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:32:49 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672] O58 - SDL:[MD5.91B6DFBA0FD7D0F4836FB711D1B5D81C] - 08/03/2014 - 13:45:13 ---A- . (...) -- C:\Windows\System32\TrueSight.sys [26624] ~ Drivers: 16 Legitimates Filtered in 00mn 11s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 26/07/2008 - C:\Program Files\BatteryCare\WinRing0.sys (WinRing0_1_2_0) .(.OpenLibSys.org - WinRing0.) - LEGACY_WINRING0_1_2_0 ~ Legacy: 118 Legitimates Filtered in 00mn 01s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKUS\.DEFAULT] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKUS\S-1-5-18] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{8E3EE88C-0733-4AA7-82D8-E2869214A3C8}" |In - None - P6 - TRUE | .(...) -- C:\Program Files\HP\QuickPlay\QP.exe (.not file.) O87 - FAEL: "{B2335589-E8D4-487C-8F29-C0BF5B9EC6B2}" |In - None - P6 - TRUE | .(...) -- C:\Program Files\HP\QuickPlay\QPService.exe (.not file.) O87 - FAEL: "TCP Query User{2690F371-E419-47FF-92F3-8421A03FF16B}C:\program files\hp\common\hpdevicedetection3.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\hp\common\hpdevicedetection3.exe (.not file.) O87 - FAEL: "UDP Query User{0482BD1A-E1A3-4BD8-96BF-642B78F543AE}C:\program files\hp\common\hpdevicedetection3.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\hp\common\hpdevicedetection3.exe (.not file.) ~ Firewall: 201 Legitimates Filtered in 00mn 04s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) ~ WIS: 59 Legitimates Filtered in 00mn 09s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 21/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 04/12/2008 222512 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe SS - | Disabled 30/12/2009 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 30/12/2009 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 16/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SS - | Disabled 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 02/03/2009 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe SR - | Auto 25/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe SR - | Auto 21/01/2008 21504 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe SR - | Auto 09/10/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe SR - | Auto 09/06/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe SR - | Auto 23/12/2008 365952 | (Recovery Service for Windows) . (...) - C:\Program Files\SMINST\BLService.exe SR - | Auto 26/11/2008 247152 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe SR - | Auto 03/06/2009 217170 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 10s ---\\ Scan Additionnel (O88) Database Version : 13031 - (03/03/2014) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 1 [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^ ~ Additionnel Scan: 268541 Items scanned in 01mn 30s ---\\ Récapitulatif des détections trouvées sur votre station ~ MSI: 0 link(s) detected in 01mn 30s ~ 1112 Legitimates filtered by white list End of the scan (454 lines in 06mn 10s)(0)