Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2013.10.24.63 - Nicolas Coolman (24/10/2013)
~ Lanc� par galtier (25/10/2013 18:55:25)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance � la d�sinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : D�sactiv�e par l'utilisateur
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7600.16385 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 7 Business Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : PW487
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
Windows Defender W7
---\\ Logiciels d'optimisation du syst�me
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
---\\ Informations sur le syst�me
~ Processor: Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3198 MB (73% free)
System Restore: Activ� (Enable)
System drive C: has 855 GB (91%) free of 931 GB
---\\ Mode de connexion au syst�me
~ Computer Name: GALTIER-PC
~ User Name: galtier
~ All Users Names: galtier, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\galtier\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\galtier\AppData\Roaming\
~ %Desktop% : C:\Users\galtier\Desktop\
~ %Favorites% : C:\Users\galtier\Favorites\
~ %LocalAppData% : C:\Users\galtier\AppData\Local\
~ %StartMenu% : C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 855 Go of 931 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified =>PUA.StartShow
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 40 Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2009 - 02:39:10.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 - 02:41:56.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioth�que de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/07/2009 - 00:21:42.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/07/2009 - 00:23:44.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2009 - 00:24:00.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.14/07/2009 - 02:48:27.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 01:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/07/2009 - 02:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes Favoris (My Favorites) : 1/26
~ Mon Bureau (My Desktop) : 1/3
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.2C32E3E596CFE660353753EABEFB0540] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673048] [PID.3024]
[MD5.B93FFCF1D42AE4613CDFF7450F7D4199] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8128512] [PID.2616]
[MD5.39A26778EC10928572664729F8FEA7DE] - (.Adobe Systems Incorporated - Adobe� Flash� Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe [829832] [PID.912]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 16 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise � niveau expr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie math�matiqu.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilit� Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau � distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magn�tophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caract�res.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - D�fragmenteur de disque Microsoft�.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations syst�me.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du syst�me de Microsoft� Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et param�.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [galtier]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [galtier]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [galtier]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Program [galtier]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [galtier]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories [galtier]: Command Prompt.lnk . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [galtier]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [galtier]: Run.lnk - Cl� orpheline
O4 - GS\Accessories [galtier]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [galtier]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [galtier]: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Desktop [galtier]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [galtier]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 42 Scanned in 00mn 01s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d�affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5C60AA2-D468-4392-8008-D0F4D6F854DD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{F5C60AA2-D468-4392-8008-D0F4D6F854DD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{F5C60AA2-D468-4392-8008-D0F4D6F854DD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
~ Services: 1 Scanned in 00mn 03s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enum�re les donn�es de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070]
~ Scheduled Task: 2 Scanned in 00mn 07s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d�initialisation d�Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d�IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d�initialisation d�Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage du syst�me (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (...) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\Windows\system32\drivers\aswTdi.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-syst�me de mise en m�moire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de p�riph�rique s�rie.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 78 Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Utilitaire client sans fil TP-LINK - (.TP-LINK.) [HKLM][64Bits] -- {BD9FA1D6-DFA7-4C89-8956-D96CCC7A296A}
~ Logic: 28 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Google]
[HKCU\Software\Macromedia]
[HKCU\Software\Policies]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\TP-LINK]
[HKLM\Software\Wow6432Node]
~ Key Software: 58 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/07/2009 - 05:20:08 - [64,321] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 25/10/2013 - 17:25:00 - [114,610] ----D C:\Program Files (x86)\Google
O43 - CFD: 25/10/2013 - 17:21:12 - [48,476] ----D C:\Program Files (x86)\GUM50F.tmp
O43 - CFD: 25/10/2013 - 16:51:11 - [14,320] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 14/07/2009 - 17:24:08 - [4,263] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 14/07/2009 - 07:32:38 - [36,805] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 14/07/2009 - 17:24:08 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 14/07/2009 - 17:24:08 - [5,895] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 17:24:08 - [4,791] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [11,630] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 14/07/2009 - 17:24:08 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/07/2009 - 17:24:08 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 25/10/2013 - 18:54:38 - [17,025] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 14/07/2009 - 17:24:08 - [15,485] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 17:24:08 - [9,634] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 25/10/2013 - 16:54:40 - [1,872] ----D C:\ProgramData\AVAST Software
O43 - CFD: 25/10/2013 - 13:41:08 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 25/10/2013 - 13:41:08 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 25/10/2013 - 13:41:08 - [0] -SH-D C:\ProgramData\Menu D�marrer
O43 - CFD: 25/10/2013 - 16:52:20 - [102,602] -S--D C:\ProgramData\Microsoft
O43 - CFD: 25/10/2013 - 13:41:08 - [0] -SH-D C:\ProgramData\Mod�les
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 25/10/2013 - 16:50:47 - [0,009] ----D C:\ProgramData\TP-LINK
O43 - CFD: 25/10/2013 - 18:53:42 - [0] ----D C:\Users\galtier\AppData\Roaming\Adobe
O43 - CFD: 25/10/2013 - 13:42:41 - [0] ----D C:\Users\galtier\AppData\Roaming\Identities
O43 - CFD: 25/10/2013 - 18:53:42 - [0] ----D C:\Users\galtier\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 17:35:18 - [0] ----D C:\Users\galtier\AppData\Roaming\Media Center Programs
O43 - CFD: 25/10/2013 - 14:17:15 - [1,325] -S--D C:\Users\galtier\AppData\Roaming\Microsoft
O43 - CFD: 25/10/2013 - 18:56:00 - [0,014] ----D C:\Users\galtier\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 25/10/2013 - 13:41:18 - [0] -SH-D C:\Users\galtier\AppData\Local\Application Data
O43 - CFD: 25/10/2013 - 14:19:48 - [2,509] ----D C:\Users\galtier\AppData\Local\Diagnostics
O43 - CFD: 25/10/2013 - 17:21:12 - [0] ----D C:\Users\galtier\AppData\Local\Google
O43 - CFD: 25/10/2013 - 13:41:18 - [0] -SH-D C:\Users\galtier\AppData\Local\Historique
O43 - CFD: 25/10/2013 - 14:17:21 - [48,820] ----D C:\Users\galtier\AppData\Local\Microsoft
O43 - CFD: 25/10/2013 - 18:55:40 - [219,310] ----D C:\Users\galtier\AppData\Local\Temp
O43 - CFD: 25/10/2013 - 13:41:18 - [0] -SH-D C:\Users\galtier\AppData\Local\Temporary Internet Files
O43 - CFD: 25/10/2013 - 13:42:36 - [0] ----D C:\Users\galtier\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 25/10/2013 - 13:55:33 - [0] R---D C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 25/10/2013 - 13:55:33 - [0] R---D C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 51 Scanned in 00mn 05s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.9E0B7362236E69A79513535B2E231D9D] - 20/10/2013 - 10:50:43 ---A- . (...) -- C:\TDSSKiller.2.8.16.0_20.10.2013_11.50.26_log.txt [354]
O44 - LFC:[MD5.92A522B83FD39D3B44979A698A53EE75] - 20/10/2013 - 10:51:55 ---A- . (...) -- C:\TDSSKiller.3.0.0.14_20.10.2013_11.51.09_log.txt [188554]
O44 - LFC:[MD5.A89874A3831C138705E1B7102FFF04BB] - 25/10/2013 - 12:16:32 ----- . (...) -- C:\bootsqm.dat [10080]
O44 - LFC:[MD5.C15F72982F821F15B2C9BBA5AF25047E] - 25/10/2013 - 12:21:46 ---A- . (...) -- C:\Windows\TSSysprep.log [1313]
O44 - LFC:[MD5.055507189049370BA4B3FD607FAA277A] - 25/10/2013 - 12:21:53 ---A- . (...) -- C:\Windows\DtcInstall.log [1774]
O44 - LFC:[MD5.8136841474281C1F70F8AD6A491C428C] - 25/10/2013 - 12:22:30 ---A- . (...) -- C:\Windows\SysNative\license.rtf [55877]
O44 - LFC:[MD5.8136841474281C1F70F8AD6A491C428C] - 25/10/2013 - 12:22:30 ---A- . (...) -- C:\Windows\System32\license.rtf [55877]
O44 - LFC:[MD5.1080517A5052D0F626D8959ABD26B830] - 25/10/2013 - 12:30:06 ---A- . (...) -- C:\Windows\setuperr.log [270]
O44 - LFC:[MD5.B160668147E75346CBBFA548A56C7B56] - 25/10/2013 - 12:33:04 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [274464]
O44 - LFC:[MD5.B160668147E75346CBBFA548A56C7B56] - 25/10/2013 - 12:33:04 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [274464]
O44 - LFC:[MD5.6353DC9A6E9B95DF3A191C17582FB341] - 25/10/2013 - 15:51:11 ----- . (...) -- C:\Windows\SysNative\athurextx.cat [7402]
O44 - LFC:[MD5.37B420534393A40437FD7405DB3871BB] - 25/10/2013 - 15:51:11 ----- . (...) -- C:\Windows\SysNative\netathurx.inf [20966]
O44 - LFC:[MD5.6353DC9A6E9B95DF3A191C17582FB341] - 25/10/2013 - 15:51:11 ----- . (...) -- C:\Windows\System32\athurextx.cat [7402]
O44 - LFC:[MD5.37B420534393A40437FD7405DB3871BB] - 25/10/2013 - 15:51:11 ----- . (...) -- C:\Windows\System32\netathurx.inf [20966]
O44 - LFC:[MD5.417B9BAB376E8E50F6770196656FD348] - 25/10/2013 - 15:51:11 ----- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\SysNative\athurx.sys [1918976]
O44 - LFC:[MD5.417B9BAB376E8E50F6770196656FD348] - 25/10/2013 - 15:51:11 ----- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\athurx.sys [1918976]
O44 - LFC:[MD5.417B9BAB376E8E50F6770196656FD348] - 25/10/2013 - 15:51:11 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\Drivers\athurx.sys [1918976]
O44 - LFC:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 25/10/2013 - 16:08:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O44 - LFC:[MD5.C1E86B378CF2BCCA5508B83FBE624482] - 25/10/2013 - 16:08:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys [409832]
O44 - LFC:[MD5.59787B95DD9CA44CB139D96863438587] - 25/10/2013 - 16:08:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [205320]
O44 - LFC:[MD5.79EB7B1733F0EA220C95335795C806EB] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\Drivers\aswFsBlk.sys [38984]
O44 - LFC:[MD5.9FB1012D9EE3B9510FAA4C8D34DECD1C] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [84328]
O44 - LFC:[MD5.D0FBC21805855396820D9C8A6A082A6A] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43152]
O44 - LFC:[MD5.47BC12AC7D5B4F8D2086C6EAD759355E] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [65264]
O44 - LFC:[MD5.DF97409EBD35C5A40AF5594806724F75] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1032416]
O44 - LFC:[MD5.679712B7A353EE665B9301592164A172] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [92544]
O44 - LFC:[MD5.B6E80D5B88B2BA12C20E12E2386D3BF8] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [334648]
O44 - LFC:[MD5.B6E80D5B88B2BA12C20E12E2386D3BF8] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [334648]
O44 - LFC:[MD5.E6DF89C7F26CC0E3E0C96CA3627C8749] - 25/10/2013 - 17:37:46 ---A- . (...) -- C:\Windows\PFRO.log [338]
O44 - LFC:[MD5.A2D1965143CEE5D07219250B35DC53CB] - 25/10/2013 - 17:37:55 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.1BD617F0130FE752B1EEBD5FB4B41A6D] - 25/10/2013 - 17:37:57 ---A- . (...) -- C:\Windows\setupact.log [17856]
O44 - LFC:[MD5.D293465938AC1EC3C91A03D458111008] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.7418A644D7306312E7D4A44CA077912A] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [103370]
O44 - LFC:[MD5.6C48376DCFDA49380B81EF5279D997B6] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [127478]
O44 - LFC:[MD5.54ADFF71414C4B185D55692314B15129] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [606992]
O44 - LFC:[MD5.DF9EA4F9EFD7AD1C62A5B443FABC21D6] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [694766]
O44 - LFC:[MD5.D293465938AC1EC3C91A03D458111008] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.7418A644D7306312E7D4A44CA077912A] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103370]
O44 - LFC:[MD5.6C48376DCFDA49380B81EF5279D997B6] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [127478]
O44 - LFC:[MD5.54ADFF71414C4B185D55692314B15129] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\perfh009.dat [606992]
O44 - LFC:[MD5.DF9EA4F9EFD7AD1C62A5B443FABC21D6] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [694766]
O44 - LFC:[MD5.B83E489D412C257A642F711005B1D013] - 25/10/2013 - 17:55:55 ---A- . (...) -- C:\Windows\WindowsUpdate.log [74869]
O44 - LFC:[MD5.EFD3FD9742ACD4795DEEC4F2A5C826D8] - 25/10/2013 - 17:56:00 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\SysNative\MpSigStub.exe [278800]
O44 - LFC:[MD5.EFD3FD9742ACD4795DEEC4F2A5C826D8] - 25/10/2013 - 17:56:00 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [278800]
~ Files: 44 Scanned in 00mn 08s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/03/2139 - 12:57:20 ----D - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.FB0405F5CC4C5273DA9B13D26F2CAC3F] - 25/10/2013 - 12:18:39 ---A- - C:\Windows\Prefetch\AgAppLaunch.db
O45 - LFCP:[MD5.EE097FEED546D19797A1740AA89E1902] - 25/10/2013 - 12:18:40 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.378304F2AF8A506216AA35406BA978DC] - 25/10/2013 - 12:21:31 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf
O45 - LFCP:[MD5.3F18747E9B9C2E839635E27056A84AF2] - 25/10/2013 - 12:22:04 ---A- - C:\Windows\Prefetch\BFSVC.EXE-9C7A4DEE.pf
O45 - LFCP:[MD5.3C9F2930374EA5BCC9D7F7A584B45F48] - 25/10/2013 - 12:22:10 ---A- - C:\Windows\Prefetch\NETSH.EXE-F1B6DA12.pf
O45 - LFCP:[MD5.98DBBC43312EB9DB48645CAD5F710E15] - 25/10/2013 - 12:22:14 ---A- - C:\Windows\Prefetch\CLRGC.EXE-CDEF051D.pf
O45 - LFCP:[MD5.086FEC33F565E123583DA063122E9E80] - 25/10/2013 - 12:39:39 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-63699C7D.pf
O45 - LFCP:[MD5.6FB89619D9CA27B62E26A7B5E264D9E3] - 25/10/2013 - 12:39:39 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-95B0C790.pf
O45 - LFCP:[MD5.1BD53AA6EDCAA3FA0DB83ECC4E4EE8FA] - 25/10/2013 - 12:39:44 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
O45 - LFCP:[MD5.99673315E0D8BCCAF96D981B9DE29F1E] - 25/10/2013 - 12:39:44 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-FEDB32D0.pf
O45 - LFCP:[MD5.9158992367D8BE03E2C94EE6155E4745] - 25/10/2013 - 12:39:50 ---A- - C:\Windows\Prefetch\MCBUILDER.EXE-7F26B913.pf
O45 - LFCP:[MD5.13EE8E7D9903468BB53AD985CE69CA61] - 25/10/2013 - 12:41:19 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf
O45 - LFCP:[MD5.BE63B2C0C3FD39F8389A9C152E651278] - 25/10/2013 - 12:41:23 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:[MD5.0B28CF8B78B9B56D88D31694F9644B51] - 25/10/2013 - 12:42:37 ---A- - C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
O45 - LFCP:[MD5.6B9701499750D19C24DB93397E21384D] - 25/10/2013 - 12:42:37 ---A- - C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf
O45 - LFCP:[MD5.E3340ABC0D549CEAE5142D6F40EBFB23] - 25/10/2013 - 12:42:48 ---A- - C:\Windows\Prefetch\WINMAIL.EXE-F551299C.pf
O45 - LFCP:[MD5.89DD5D9AB14D6B45034C0202E1E3F6F9] - 25/10/2013 - 12:48:00 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-245ED79E.pf
O45 - LFCP:[MD5.9D8EEFC991C606FCDAD0A8AF4BDD61CC] - 25/10/2013 - 12:48:09 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-90526FAC.pf
O45 - LFCP:[MD5.56F1AFB6AE0E2CDE33E4F727052DA018] - 25/10/2013 - 12:52:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-685A8F09.pf
O45 - LFCP:[MD5.91796DEB955B9BF3A209943067C8C81E] - 25/10/2013 - 12:52:41 ---A- - C:\Windows\Prefetch\IE4UINIT.EXE-3A7E0C67.pf
O45 - LFCP:[MD5.B4E6CC73DC88E9A9C46A4AE604AFBCB0] - 25/10/2013 - 12:52:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-46A5F75F.pf
O45 - LFCP:[MD5.0755503F83D04F7722D6D2994AC0EAAE] - 25/10/2013 - 12:52:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A148E651.pf
O45 - LFCP:[MD5.9CB40F1C4D22FEB62A4B7CA99AB650A6] - 25/10/2013 - 12:52:42 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7438E4D5.pf
O45 - LFCP:[MD5.630C0843E60462D6C925776542F08D6F] - 25/10/2013 - 12:52:44 ---A- - C:\Windows\Prefetch\UNREGMP2.EXE-2294B148.pf
O45 - LFCP:[MD5.950884618468DE7CDD575F1E6876C3BE] - 25/10/2013 - 12:52:44 ---A- - C:\Windows\Prefetch\WINMAIL.EXE-1092D371.pf
O45 - LFCP:[MD5.2C5FC7DCA70DC591A88950D32A1B3091] - 25/10/2013 - 12:52:54 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf
O45 - LFCP:[MD5.4D26625937CD07ED7AC9271387F41769] - 25/10/2013 - 12:56:59 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.20D499F46BA55E85F2279BA51D98D2B5] - 25/10/2013 - 13:13:22 ---A- - C:\Windows\Prefetch\WINSAT.EXE-DE36CB46.pf
O45 - LFCP:[MD5.8DB6F9967E0593B95B11C4E58E9B6B7F] - 25/10/2013 - 13:16:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf
O45 - LFCP:[MD5.34378A950BA85059293137970EF8D5CB] - 25/10/2013 - 13:16:26 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf
O45 - LFCP:[MD5.4F7CAF52E8E49F0B49F9A132741722C7] - 25/10/2013 - 13:16:59 ---A- - C:\Windows\Prefetch\IE4UINIT.EXE-8B333E8B.pf
O45 - LFCP:[MD5.EC3E9417A881D1EC1F1C79A49460D167] - 25/10/2013 - 13:20:19 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1B554EAC.pf
O45 - LFCP:[MD5.B985100C87B146025346D3D2E0DE82CB] - 25/10/2013 - 13:20:26 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-FD30A2A8.pf
O45 - LFCP:[MD5.C66176455A6E192F3C93B25EC7ED15F9] - 25/10/2013 - 13:21:02 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3752842217-744198734-1164051984-1000.db
O45 - LFCP:[MD5.CFABFDF088DD3BC40B8BFBA27C3FE755] - 25/10/2013 - 13:21:02 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3752842217-744198734-1164051984-1000.db
O45 - LFCP:[MD5.AABD07C027F9CBF7F20CCA4889CEBAE6] - 25/10/2013 - 15:35:38 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf
O45 - LFCP:[MD5.371DAA36A1BAA79CA568F2EF7EB90687] - 25/10/2013 - 15:35:39 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-28BF826E.pf
O45 - LFCP:[MD5.24C7CF835F126E769782772CA851B2E3] - 25/10/2013 - 15:37:54 ---A- - C:\Windows\Prefetch\IPCONFIG.EXE-912F3D5B.pf
O45 - LFCP:[MD5.8C65BED5C055597F57ADDBF465C390D9] - 25/10/2013 - 15:37:54 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-0F1704A4.pf
O45 - LFCP:[MD5.4F49EFD1C01291B7188DD0964E483334] - 25/10/2013 - 15:37:54 ---A- - C:\Windows\Prefetch\ROUTE.EXE-5E3D06CB.pf
O45 - LFCP:[MD5.A584CBF785A968E0D36B04FDFC25512F] - 25/10/2013 - 15:37:58 ---A- - C:\Windows\Prefetch\MSDT.EXE-09841468.pf
O45 - LFCP:[MD5.539E8A3271BD8A5F2C501E45D411ED50] - 25/10/2013 - 15:37:58 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-8D72177C.pf
O45 - LFCP:[MD5.87241E39F8015C48584C420485E62F92] - 25/10/2013 - 15:49:11 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-3CE780E1.pf
O45 - LFCP:[MD5.15DF96A7DA48E277A5111DE74119AC37] - 25/10/2013 - 15:49:12 ---A- - C:\Windows\Prefetch\DINOTIFY.EXE-35A869D6.pf
O45 - LFCP:[MD5.2331289DE8ABF837E89E0DEEFAE6C5AC] - 25/10/2013 - 15:49:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-864E550D.pf
O45 - LFCP:[MD5.37C270FA549A34CCF333D63C42C80F14] - 25/10/2013 - 15:49:49 ---A- - C:\Windows\Prefetch\AUTORUN.EXE-D28490C2.pf
O45 - LFCP:[MD5.39ED41B8022F702A89586A9AC2A0A4E4] - 25/10/2013 - 15:50:56 ---A- - C:\Windows\Prefetch\SETUP.EXE-4E53A706.pf
O45 - LFCP:[MD5.4CAE548CE05A0F9C6627F1A042D05E0F] - 25/10/2013 - 15:50:57 ---A- - C:\Windows\Prefetch\ISBEW64.EXE-FB342C96.pf
O45 - LFCP:[MD5.15EC35270645A9D5318F953A50E082CB] - 25/10/2013 - 15:51:21 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf
O45 - LFCP:[MD5.95554E11E03C50F11D887BA84A206737] - 25/10/2013 - 15:51:21 ---A- - C:\Windows\Prefetch\INSTALLIMD64.EXE-C4F94035.pf
O45 - LFCP:[MD5.34266A45480BEED6CC8EA3401A85FD49] - 25/10/2013 - 15:51:30 ---A- - C:\Windows\Prefetch\WLANEXT.EXE-D2CEDC57.pf
O45 - LFCP:[MD5.A4E6383553758F88AE2822E99E2AE3ED] - 25/10/2013 - 15:51:31 ---A- - C:\Windows\Prefetch\DEVAMD64.EXE-90B7891D.pf
O45 - LFCP:[MD5.3E6ED310B2F674ECE4AC3AB89D4BA08B] - 25/10/2013 - 15:51:32 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf
O45 - LFCP:[MD5.346AB9EE33B66DE9866514A96122D1CB] - 25/10/2013 - 15:52:33 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf
O45 - LFCP:[MD5.DABA9442F2C51868FD5854B971EFE95D] - 25/10/2013 - 15:54:38 ---A- - C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP01[-15AB9126.pf
O45 - LFCP:[MD5.C4B5674FA1A0DEBEDE7FB2E3E042E650] - 25/10/2013 - 15:54:50 ---A- - C:\Windows\Prefetch\INSTUP.EXE-4134438A.pf
O45 - LFCP:[MD5.B51871E41585E7167B8B2390DA418B7B] - 25/10/2013 - 15:55:51 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf
O45 - LFCP:[MD5.BB6EF2ACB306066CC1073696000B9D70] - 25/10/2013 - 16:08:33 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:[MD5.781846749A44D9797F7B036257D9194C] - 25/10/2013 - 16:12:56 ---A- - C:\Windows\Prefetch\MPAM-961A0B82.EXE-CC071A15.pf
O45 - LFCP:[MD5.E4979322238B8EBF71DD5FCEEEFE5323] - 25/10/2013 - 16:14:00 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf
O45 - LFCP:[MD5.2A025B67C9CFA64E0BA80F5F359E0775] - 25/10/2013 - 16:14:12 ---A- - C:\Windows\Prefetch\ASWOFFERTOOL.EXE-7CEC7DEA.pf
O45 - LFCP:[MD5.53803B9C095CD4DF9F82A9F8CA78F808] - 25/10/2013 - 16:15:06 ---A- - C:\Windows\Prefetch\CHROME_SETUP_1382714042256.EX-C726740D.pf
O45 - LFCP:[MD5.17FE0F83190242E4873430F2E9C01275] - 25/10/2013 - 16:20:09 ---A- - C:\Windows\Prefetch\GOOGLEUPDATESETUP_1.3.21.169.-77E7E656.pf
O45 - LFCP:[MD5.DA18AB8F10A20FEB88A4F3D6E3ECA515] - 25/10/2013 - 16:21:12 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-37753F50.pf
O45 - LFCP:[MD5.692DF4059ED4625A6A4F85258C19EAD4] - 25/10/2013 - 16:23:40 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
O45 - LFCP:[MD5.29488CED2CDBBDB0C5D313B2CD36F6D4] - 25/10/2013 - 16:26:09 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.13F730D33C2C282099CBA5FCE59172D3] - 25/10/2013 - 16:26:09 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.44E274D9943604E1761326E3C2678AB2] - 25/10/2013 - 16:26:10 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.FF902B4AC57033A6552514EF3B8273AF] - 25/10/2013 - 16:26:10 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.91AF42AC89472D180F8DF1F55F9412DD] - 25/10/2013 - 17:40:20 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
O45 - LFCP:[MD5.DC264D56F1CBCA01068FEDF1C67CD468] - 25/10/2013 - 17:40:20 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf
O45 - LFCP:[MD5.50CC25C883932F1D97076028C12A26D1] - 25/10/2013 - 17:40:21 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf
O45 - LFCP:[MD5.E5CA2ED8E009FC4259DDEC04F27993BD] - 25/10/2013 - 17:41:08 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf
O45 - LFCP:[MD5.847E04C8B9D8DC18269FD32877729021] - 25/10/2013 - 17:42:01 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf
O45 - LFCP:[MD5.4F15E8D3B187ABF039740ADA73B4311B] - 25/10/2013 - 17:42:17 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.326F56E4464691F12F1D04219D545A02] - 25/10/2013 - 17:42:19 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:[MD5.463EEAE0AD74FBC83E0FA06EAD808FFD] - 25/10/2013 - 17:43:37 ---A- - C:\Windows\Prefetch\MSDT.EXE-C20E6F0C.pf
O45 - LFCP:[MD5.71111CAE9F3BFF434358B114DFC3BADF] - 25/10/2013 - 17:43:39 ---A- - C:\Windows\Prefetch\IPCONFIG.EXE-E1E46F7F.pf
O45 - LFCP:[MD5.E355B5581E11C90A1A3879A2CB03A01D] - 25/10/2013 - 17:43:39 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-4CDBAF68.pf
O45 - LFCP:[MD5.3E3D5AC990DAC97E3BB43FBCA39C97AD] - 25/10/2013 - 17:43:39 ---A- - C:\Windows\Prefetch\ROUTE.EXE-3A1BBDCF.pf
O45 - LFCP:[MD5.464673DDD00E00B17CB5CCE37D83D8D4] - 25/10/2013 - 17:43:48 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-99BBAB60.pf
O45 - LFCP:[MD5.0146E433B18E13CA66E4D7FB8EEFA46D] - 25/10/2013 - 17:50:15 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf
O45 - LFCP:[MD5.43B109681E3CDC890CF8621FCE9320A1] - 25/10/2013 - 17:51:43 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:[MD5.BE3BFD3C5D3D6D906B0FC6E72D8FD5C3] - 25/10/2013 - 17:53:03 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pf
O45 - LFCP:[MD5.4165AFAE3DD0C409733E97BCBCFC9FE5] - 25/10/2013 - 17:53:07 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-4A28B1CA.pf
O45 - LFCP:[MD5.4C337327D8A4DCEB756BED9A68ECD279] - 25/10/2013 - 17:53:11 ---A- - C:\Windows\Prefetch\IEINSTAL.EXE-9C71E8B0.pf
O45 - LFCP:[MD5.1EFDDD22290F62FB9A2F0C928187486E] - 25/10/2013 - 17:53:12 ---A- - C:\Windows\Prefetch\FP_AX_CAB_INSTALLER64.EXE-71B14064.pf
O45 - LFCP:[MD5.7B146D8A22FA3E8519A37A1139C98869] - 25/10/2013 - 17:53:29 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
O45 - LFCP:[MD5.108AA1F01A32928100F73B06CCA0B2AE] - 25/10/2013 - 17:53:29 ---A- - C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-618C8E41.pf
O45 - LFCP:[MD5.F08D46486E443EDDE41FBEA8A2CD14F3] - 25/10/2013 - 17:53:30 ---A- - C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-93F25039.pf
O45 - LFCP:[MD5.BBE7F3D5024963DB3E2431F04B5B08D0] - 25/10/2013 - 17:53:41 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf
O45 - LFCP:[MD5.91D3FF9400C2B3C6CF75FB0D3119F1E5] - 25/10/2013 - 17:53:41 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
O45 - LFCP:[MD5.6A9F7D83CCE3C41ADAD1D86746B952A3] - 25/10/2013 - 17:53:52 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:[MD5.507B13ACBEDE6A2D210E63FAB05CA795] - 25/10/2013 - 17:53:52 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:[MD5.9237C062B86B1C4287BA1DD86D71F353] - 25/10/2013 - 17:54:39 ---A- - C:\Windows\Prefetch\ZHPDIAG2[1].TMP-DFBA9C7C.pf
O45 - LFCP:[MD5.53C2D86067118DA974A7D4B307D6F8B3] - 25/10/2013 - 17:54:40 ---A- - C:\Windows\Prefetch\ZHPDIAG2[1].EXE-ECC86876.pf
O45 - LFCP:[MD5.133EE42356EEECDC680DE1B801BE95AC] - 25/10/2013 - 17:54:40 ---A- - C:\Windows\Prefetch\ZHPDIAG2[1].TMP-3A7CF1CA.pf
O45 - LFCP:[MD5.3075965E5D2C818DA91C69F9AB0CC52A] - 25/10/2013 - 17:54:53 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:[MD5.5F79053877C4DC43D1D2F28A150AACA4] - 25/10/2013 - 17:54:54 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:[MD5.C6475675101AE9BC1AEEDB2B425199AB] - 25/10/2013 - 17:54:54 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-EBD3B8D7.pf
O45 - LFCP:[MD5.10327865F48EA071291ED652EA002858] - 25/10/2013 - 17:54:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:[MD5.68DC7C5B38C57AD5C5EBECD8DD6BF1A8] - 25/10/2013 - 17:55:05 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-0D117CAF.pf
O45 - LFCP:[MD5.6C0BE324FDB6EC294B3465E875A11E8F] - 25/10/2013 - 17:55:22 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf
O45 - LFCP:[MD5.58876030A5EE46D3CC06CA50A69BB53E] - 25/10/2013 - 17:55:35 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-0FB3F22C.pf
O45 - LFCP:[MD5.BE2C4AEAED0E5D0A12BB0EC7A0720611] - 25/10/2013 - 17:55:36 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-6768A320.pf
O45 - LFCP:[MD5.D8F533B2315F1B517805759D5E7C5173] - 25/10/2013 - 17:55:44 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:[MD5.DFAA1E1796D88731F32FBFF69B89BADB] - 25/10/2013 - 17:55:44 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:[MD5.04EE92B72734BF2B31E0809C6C45E165] - 25/10/2013 - 17:55:45 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
O45 - LFCP:[MD5.ED173528DD4B2693D6F9B147BD73AB78] - 25/10/2013 - 17:55:45 ---A- - C:\Windows\Prefetch\PV.EXE-34B75B82.pf
O45 - LFCP:[MD5.1ABFC50996E5F89DD609DB01DCE29E5A] - 25/10/2013 - 17:55:48 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf
O45 - LFCP:[MD5.5C81C6BBC6AEF0685C6F65C61E8A5CE2] - 25/10/2013 - 17:55:48 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-AB0CE9D9.pf
O45 - LFCP:[MD5.6537720C8FAB4974EAF2CFB0EB9A0237] - 25/10/2013 - 17:55:50 ---A- - C:\Windows\Prefetch\FLASHUTIL32_11_9_900_117_ACTI-7943581B.pf
O45 - LFCP:[MD5.F0B39C5A33572925947DF011D063123F] - 25/10/2013 - 17:55:57 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-AD598958.pf
O45 - LFCP:[MD5.6DCB2A178E152B3683AF46D30DF77CE9] - 25/10/2013 - 17:56:04 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf
O45 - LFCP:[MD5.AADC24B3E81ABF76A4BFD066D8036417] - 25/10/2013 - 17:56:07 ---A- - C:\Windows\Prefetch\MPAS-FE.EXE-6BCBD37D.pf
O45 - LFCP:[MD5.EE5DAF4624E1B2F0BF45737D4552291E] - 25/10/2013 - 17:56:08 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-08F424AE.pf
~ Prefetcher: 117 Scanned in 00mn 02s
---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l��diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Cl� de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{05ad2e01-3d67-11e3-ab8f-806e6f6e6963}\AutoRun\command. (.TP-LINK TECHNOLOGIES CO., LTD. - Autorun Program.) -- D:\Autorun.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.417B9BAB376E8E50F6770196656FD348] - 16/09/2010 - 18:49:00 ----- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athurx.sys [1918976]
~ Drivers: 16 Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\80FE9C55-F004-4FF1-8C35-FE2283E837FA.Diagnose.0.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\NetworkConfiguration.cab [994]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\NetworkDiagnostics.0.debugreport.xml [72783]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\ResultReport.xml [39723]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\results.xml [263]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\9C23FAC2-BFC9-4E2E-94C5-7B7317294D8B.Diagnose.0.etl [131072]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\9C23FAC2-BFC9-4E2E-94C5-7B7317294D8B.Repair.1.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\9C23FAC2-BFC9-4E2E-94C5-7B7317294D8B.Verify.2.etl [262144]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\E96847DF-B692-4B7D-A760-07C1AF045841.Diagnose.3.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\NetworkConfiguration.cab [994]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\NetworkDiagnostics.0.debugreport.xml [73238]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\NetworkDiagnostics.1.debugreport.xml [67880]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\ResultReport.xml [40024]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\results.xml [263]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\BB531BB9-58C8-4EF8-8235-290CE1946980.Diagnose.0.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\NetworkConfiguration.cab [994]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\NetworkDiagnostics.0.debugreport.xml [74158]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\NetworkDiagnostics.1.debugreport.xml [68195]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\ResultReport.xml [39724]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\results.xml [263]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\3CA5F450-76F8-49C0-A9D0-0545829693A1.Diagnose.0.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\NetworkConfiguration.cab [994]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\NetworkDiagnostics.0.debugreport.xml [72486]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\ResultReport.xml [39723]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\results.xml [263]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\9B0E8482-1EB0-4154-987B-AD6891F3A139.Diagnose.0.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\NetworkConfiguration.cab [1793]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\NetworkDiagnostics.0.debugreport.xml [76998]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\NetworkDiagnostics.1.debugreport.xml [71326]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\ResultReport.xml [39124]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\results.xml [256]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\latest.cab [29876]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\GDIPFONTCACHEV1.DAT [57560]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\CR_EC273.tmp\CHROME.PACKED.7Z [34233426]
O61 - LFC: 25/10/2013 - 18:56:22 --HA- . (...) -- C:\Users\galtier\AppData\Local\IconCache.db [775146]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\FXSAPIDebugLogFile.txt [0]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\galtier.bmp [49208]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF074B554290EABBAC.TMP [512]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF0D1668CD879222DB.TMP [32768]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF14425FA0DFB5F206.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF4CD4ACF18FE4F64C.TMP [0]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF526C287C3EFBF811.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF55CE5F6035CA5791.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF57108AD76D4C0488.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF633F8F3B739A9AE8.TMP [512]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF681C3A562D801A13.TMP [0]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF708DFC1253236FDA.TMP [512]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF92C1F7A396F4E579.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFAE0E3F042900AA57.TMP [32768]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFBF17C24EFA29C325.TMP [32768]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFD97BF68D53F00A44.TMP [512]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFDBE4AAADD596C881.TMP [0]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFE9C458EC00F4C551.TMP [20480]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\HTMLayout.dll [3166600]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\Instup.dll [7300544]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\aswOfferTool.exe [3169184]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\avBugReport.exe [1242560]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\instup.exe [209536]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\uglyoyxc.sys [409832]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.Google Inc..) -- C:\Users\galtier\AppData\Local\Temp\CR_EC273.tmp\setup.exe [1185744]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFFA26C298D4DC4A92.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk [0]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\AppData\Roaming\ZHP\Log.txt [14694] =>.Nicolas Coolman
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\AppData\Roaming\ZHP\TestsZHPDiag.txt [2892] =>.Nicolas Coolman
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\Contacts\galtier.contact [68376]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\Links\Desktop.lnk [443]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\Links\Downloads.lnk [898]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\Links\RecentPlaces.lnk [383]
O61 - LFC: 25/10/2013 - 18:56:24 -SHA- . (...) -- C:\Users\galtier\AppData\Roaming\Microsoft\Protect\CREDHIST [24]
O61 - LFC: 25/10/2013 - 18:56:24 -SHA- . (...) -- C:\Users\galtier\AppData\Roaming\Microsoft\Protect\S-1-5-21-3752842217-744198734-1164051984-1000\Preferred [24]
O61 - LFC: 25/10/2013 - 18:56:24 -SHA- . (...) -- C:\Users\galtier\AppData\Roaming\Microsoft\Protect\S-1-5-21-3752842217-744198734-1164051984-1000\de85df61-e6b3-4576-8f09-b904e1681e19 [468]
O61 - LFC: 25/10/2013 - 18:56:24 R-HA- . (...) -- C:\Users\galtier\Searches\Everywhere.search-ms [248]
O61 - LFC: 25/10/2013 - 18:56:24 R-HA- . (...) -- C:\Users\galtier\Searches\Indexed Locations.search-ms [248]
~ 27 Fichiers temporaires (Temporary files)
~ Files: 78 Scanned in 00mn 02s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 25/10/2013 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 25/10/2013 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de syst�me de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d�E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du r�seau.) - LEGACY_TCPIP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du r�seau.) - LEGACY_TDX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d�extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de clich� instantan� du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l�infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
~ Legacy: 110 Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ FASS Keys: 18 Scanned in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Enum�re les service demarr�s par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [235520]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [776192]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [845824]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [676864]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d�acc�s distant.) -- C:\Windows\System32\rasmans.dll [343552]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l�application d�assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316416]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur h�te de session Burea.) -- C:\Windows\System32\termsrv.dll [706560]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2418176]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [848384]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [369664]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [565760]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d�ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau � distance.) -- C:\Windows\System32\sessenv.dll [104960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [136192]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [1104384]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [208384]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des th�mes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Services: 33 Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.7BCB1A0C43878FA836E7B4A04DCE0FAB] [SPRF][24/09/2013] (...) -- C:\Users\galtier\AppData\Local\Temp\GoogleUpdateSetup_1.3.21.169.exe [818968]
~ Files: 1 Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-In" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-Out" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "SPPSVC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) -- C:\Windows\system32\sppsvc.exe
O87 - FAEL: "SPPSVC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) -- C:\Windows\system32\sppsvc.exe
~ Firewall: 171 Scanned in 00mn 00s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 25/10/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by galtier at 25/10/2013 18:57:45
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by galtier at 25/10/2013 18:57:47
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 12960 - (24/10/2013)
Cl�s trouv�es (Keys found) : 0
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 1
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified =>PUA.StartShow ^
~ Additionnel Scan: 107975 Items scanned in 00mn 19s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/34077727-pua-startshow =>PUA.StartShow
~ MSI: 1 link(s) detected in 00mn 19s
End of the scan (1151 lines in 02mn 42s)(0)
~ Lanc� par galtier (25/10/2013 18:55:25)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance � la d�sinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : D�sactiv�e par l'utilisateur
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7600.16385 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 7 Business Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : PW487
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
Windows Defender W7
---\\ Logiciels d'optimisation du syst�me
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
---\\ Informations sur le syst�me
~ Processor: Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3198 MB (73% free)
System Restore: Activ� (Enable)
System drive C: has 855 GB (91%) free of 931 GB
---\\ Mode de connexion au syst�me
~ Computer Name: GALTIER-PC
~ User Name: galtier
~ All Users Names: galtier, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\galtier\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\galtier\AppData\Roaming\
~ %Desktop% : C:\Users\galtier\Desktop\
~ %Favorites% : C:\Users\galtier\Favorites\
~ %LocalAppData% : C:\Users\galtier\AppData\Local\
~ %StartMenu% : C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 855 Go of 931 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified =>PUA.StartShow
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 40 Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2009 - 02:39:10.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 - 02:41:56.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioth�que de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/07/2009 - 00:21:42.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/07/2009 - 00:23:44.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2009 - 00:24:00.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.14/07/2009 - 02:48:27.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 01:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/07/2009 - 02:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes Favoris (My Favorites) : 1/26
~ Mon Bureau (My Desktop) : 1/3
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.2C32E3E596CFE660353753EABEFB0540] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673048] [PID.3024]
[MD5.B93FFCF1D42AE4613CDFF7450F7D4199] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8128512] [PID.2616]
[MD5.39A26778EC10928572664729F8FEA7DE] - (.Adobe Systems Incorporated - Adobe� Flash� Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe [829832] [PID.912]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 16 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise � niveau expr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie math�matiqu.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilit� Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau � distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magn�tophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caract�res.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - D�fragmenteur de disque Microsoft�.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations syst�me.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du syst�me de Microsoft� Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et param�.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [galtier]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [galtier]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [galtier]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Program [galtier]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [galtier]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories [galtier]: Command Prompt.lnk . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [galtier]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [galtier]: Run.lnk - Cl� orpheline
O4 - GS\Accessories [galtier]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [galtier]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [galtier]: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Desktop [galtier]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [galtier]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 42 Scanned in 00mn 01s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d�affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5C60AA2-D468-4392-8008-D0F4D6F854DD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{F5C60AA2-D468-4392-8008-D0F4D6F854DD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{F5C60AA2-D468-4392-8008-D0F4D6F854DD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
~ Services: 1 Scanned in 00mn 03s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enum�re les donn�es de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070]
~ Scheduled Task: 2 Scanned in 00mn 07s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d�initialisation d�Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d�IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d�initialisation d�Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage du syst�me (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (...) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\Windows\system32\drivers\aswTdi.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-syst�me de mise en m�moire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de p�riph�rique s�rie.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 78 Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Utilitaire client sans fil TP-LINK - (.TP-LINK.) [HKLM][64Bits] -- {BD9FA1D6-DFA7-4C89-8956-D96CCC7A296A}
~ Logic: 28 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Google]
[HKCU\Software\Macromedia]
[HKCU\Software\Policies]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\TP-LINK]
[HKLM\Software\Wow6432Node]
~ Key Software: 58 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/07/2009 - 05:20:08 - [64,321] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 25/10/2013 - 17:25:00 - [114,610] ----D C:\Program Files (x86)\Google
O43 - CFD: 25/10/2013 - 17:21:12 - [48,476] ----D C:\Program Files (x86)\GUM50F.tmp
O43 - CFD: 25/10/2013 - 16:51:11 - [14,320] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 14/07/2009 - 17:24:08 - [4,263] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 14/07/2009 - 07:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 14/07/2009 - 07:32:38 - [36,805] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 14/07/2009 - 17:24:08 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 14/07/2009 - 17:24:08 - [5,895] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 17:24:08 - [4,791] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [11,630] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 14/07/2009 - 17:24:08 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/07/2009 - 17:24:08 - [5,716] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 25/10/2013 - 18:54:38 - [17,025] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 14/07/2009 - 17:24:08 - [15,485] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 14/07/2009 - 17:24:08 - [9,634] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 25/10/2013 - 16:54:40 - [1,872] ----D C:\ProgramData\AVAST Software
O43 - CFD: 25/10/2013 - 13:41:08 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 25/10/2013 - 13:41:08 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Favorites
O43 - CFD: 25/10/2013 - 13:41:08 - [0] -SH-D C:\ProgramData\Menu D�marrer
O43 - CFD: 25/10/2013 - 16:52:20 - [102,602] -S--D C:\ProgramData\Microsoft
O43 - CFD: 25/10/2013 - 13:41:08 - [0] -SH-D C:\ProgramData\Mod�les
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 14/07/2009 - 07:08:56 - [0] -SH-D C:\ProgramData\Templates
O43 - CFD: 25/10/2013 - 16:50:47 - [0,009] ----D C:\ProgramData\TP-LINK
O43 - CFD: 25/10/2013 - 18:53:42 - [0] ----D C:\Users\galtier\AppData\Roaming\Adobe
O43 - CFD: 25/10/2013 - 13:42:41 - [0] ----D C:\Users\galtier\AppData\Roaming\Identities
O43 - CFD: 25/10/2013 - 18:53:42 - [0] ----D C:\Users\galtier\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - 17:35:18 - [0] ----D C:\Users\galtier\AppData\Roaming\Media Center Programs
O43 - CFD: 25/10/2013 - 14:17:15 - [1,325] -S--D C:\Users\galtier\AppData\Roaming\Microsoft
O43 - CFD: 25/10/2013 - 18:56:00 - [0,014] ----D C:\Users\galtier\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 25/10/2013 - 13:41:18 - [0] -SH-D C:\Users\galtier\AppData\Local\Application Data
O43 - CFD: 25/10/2013 - 14:19:48 - [2,509] ----D C:\Users\galtier\AppData\Local\Diagnostics
O43 - CFD: 25/10/2013 - 17:21:12 - [0] ----D C:\Users\galtier\AppData\Local\Google
O43 - CFD: 25/10/2013 - 13:41:18 - [0] -SH-D C:\Users\galtier\AppData\Local\Historique
O43 - CFD: 25/10/2013 - 14:17:21 - [48,820] ----D C:\Users\galtier\AppData\Local\Microsoft
O43 - CFD: 25/10/2013 - 18:55:40 - [219,310] ----D C:\Users\galtier\AppData\Local\Temp
O43 - CFD: 25/10/2013 - 13:41:18 - [0] -SH-D C:\Users\galtier\AppData\Local\Temporary Internet Files
O43 - CFD: 25/10/2013 - 13:42:36 - [0] ----D C:\Users\galtier\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 25/10/2013 - 13:55:33 - [0] R---D C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 25/10/2013 - 13:55:33 - [0] R---D C:\Users\galtier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 51 Scanned in 00mn 05s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.9E0B7362236E69A79513535B2E231D9D] - 20/10/2013 - 10:50:43 ---A- . (...) -- C:\TDSSKiller.2.8.16.0_20.10.2013_11.50.26_log.txt [354]
O44 - LFC:[MD5.92A522B83FD39D3B44979A698A53EE75] - 20/10/2013 - 10:51:55 ---A- . (...) -- C:\TDSSKiller.3.0.0.14_20.10.2013_11.51.09_log.txt [188554]
O44 - LFC:[MD5.A89874A3831C138705E1B7102FFF04BB] - 25/10/2013 - 12:16:32 ----- . (...) -- C:\bootsqm.dat [10080]
O44 - LFC:[MD5.C15F72982F821F15B2C9BBA5AF25047E] - 25/10/2013 - 12:21:46 ---A- . (...) -- C:\Windows\TSSysprep.log [1313]
O44 - LFC:[MD5.055507189049370BA4B3FD607FAA277A] - 25/10/2013 - 12:21:53 ---A- . (...) -- C:\Windows\DtcInstall.log [1774]
O44 - LFC:[MD5.8136841474281C1F70F8AD6A491C428C] - 25/10/2013 - 12:22:30 ---A- . (...) -- C:\Windows\SysNative\license.rtf [55877]
O44 - LFC:[MD5.8136841474281C1F70F8AD6A491C428C] - 25/10/2013 - 12:22:30 ---A- . (...) -- C:\Windows\System32\license.rtf [55877]
O44 - LFC:[MD5.1080517A5052D0F626D8959ABD26B830] - 25/10/2013 - 12:30:06 ---A- . (...) -- C:\Windows\setuperr.log [270]
O44 - LFC:[MD5.B160668147E75346CBBFA548A56C7B56] - 25/10/2013 - 12:33:04 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [274464]
O44 - LFC:[MD5.B160668147E75346CBBFA548A56C7B56] - 25/10/2013 - 12:33:04 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [274464]
O44 - LFC:[MD5.6353DC9A6E9B95DF3A191C17582FB341] - 25/10/2013 - 15:51:11 ----- . (...) -- C:\Windows\SysNative\athurextx.cat [7402]
O44 - LFC:[MD5.37B420534393A40437FD7405DB3871BB] - 25/10/2013 - 15:51:11 ----- . (...) -- C:\Windows\SysNative\netathurx.inf [20966]
O44 - LFC:[MD5.6353DC9A6E9B95DF3A191C17582FB341] - 25/10/2013 - 15:51:11 ----- . (...) -- C:\Windows\System32\athurextx.cat [7402]
O44 - LFC:[MD5.37B420534393A40437FD7405DB3871BB] - 25/10/2013 - 15:51:11 ----- . (...) -- C:\Windows\System32\netathurx.inf [20966]
O44 - LFC:[MD5.417B9BAB376E8E50F6770196656FD348] - 25/10/2013 - 15:51:11 ----- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\SysNative\athurx.sys [1918976]
O44 - LFC:[MD5.417B9BAB376E8E50F6770196656FD348] - 25/10/2013 - 15:51:11 ----- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\athurx.sys [1918976]
O44 - LFC:[MD5.417B9BAB376E8E50F6770196656FD348] - 25/10/2013 - 15:51:11 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\Drivers\athurx.sys [1918976]
O44 - LFC:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 25/10/2013 - 16:08:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O44 - LFC:[MD5.C1E86B378CF2BCCA5508B83FBE624482] - 25/10/2013 - 16:08:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys [409832]
O44 - LFC:[MD5.59787B95DD9CA44CB139D96863438587] - 25/10/2013 - 16:08:35 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [205320]
O44 - LFC:[MD5.79EB7B1733F0EA220C95335795C806EB] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\Drivers\aswFsBlk.sys [38984]
O44 - LFC:[MD5.9FB1012D9EE3B9510FAA4C8D34DECD1C] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [84328]
O44 - LFC:[MD5.D0FBC21805855396820D9C8A6A082A6A] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43152]
O44 - LFC:[MD5.47BC12AC7D5B4F8D2086C6EAD759355E] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [65264]
O44 - LFC:[MD5.DF97409EBD35C5A40AF5594806724F75] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1032416]
O44 - LFC:[MD5.679712B7A353EE665B9301592164A172] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [92544]
O44 - LFC:[MD5.B6E80D5B88B2BA12C20E12E2386D3BF8] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\SysNative\aswBoot.exe [334648]
O44 - LFC:[MD5.B6E80D5B88B2BA12C20E12E2386D3BF8] - 25/10/2013 - 16:08:35 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [334648]
O44 - LFC:[MD5.E6DF89C7F26CC0E3E0C96CA3627C8749] - 25/10/2013 - 17:37:46 ---A- . (...) -- C:\Windows\PFRO.log [338]
O44 - LFC:[MD5.A2D1965143CEE5D07219250B35DC53CB] - 25/10/2013 - 17:37:55 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.1BD617F0130FE752B1EEBD5FB4B41A6D] - 25/10/2013 - 17:37:57 ---A- . (...) -- C:\Windows\setupact.log [17856]
O44 - LFC:[MD5.D293465938AC1EC3C91A03D458111008] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.7418A644D7306312E7D4A44CA077912A] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [103370]
O44 - LFC:[MD5.6C48376DCFDA49380B81EF5279D997B6] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [127478]
O44 - LFC:[MD5.54ADFF71414C4B185D55692314B15129] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [606992]
O44 - LFC:[MD5.DF9EA4F9EFD7AD1C62A5B443FABC21D6] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [694766]
O44 - LFC:[MD5.D293465938AC1EC3C91A03D458111008] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1524562]
O44 - LFC:[MD5.7418A644D7306312E7D4A44CA077912A] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103370]
O44 - LFC:[MD5.6C48376DCFDA49380B81EF5279D997B6] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [127478]
O44 - LFC:[MD5.54ADFF71414C4B185D55692314B15129] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\perfh009.dat [606992]
O44 - LFC:[MD5.DF9EA4F9EFD7AD1C62A5B443FABC21D6] - 25/10/2013 - 17:42:16 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [694766]
O44 - LFC:[MD5.B83E489D412C257A642F711005B1D013] - 25/10/2013 - 17:55:55 ---A- . (...) -- C:\Windows\WindowsUpdate.log [74869]
O44 - LFC:[MD5.EFD3FD9742ACD4795DEEC4F2A5C826D8] - 25/10/2013 - 17:56:00 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\SysNative\MpSigStub.exe [278800]
O44 - LFC:[MD5.EFD3FD9742ACD4795DEEC4F2A5C826D8] - 25/10/2013 - 17:56:00 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [278800]
~ Files: 44 Scanned in 00mn 08s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/03/2139 - 12:57:20 ----D - C:\Windows\Prefetch\ReadyBoot
O45 - LFCP:[MD5.FB0405F5CC4C5273DA9B13D26F2CAC3F] - 25/10/2013 - 12:18:39 ---A- - C:\Windows\Prefetch\AgAppLaunch.db
O45 - LFCP:[MD5.EE097FEED546D19797A1740AA89E1902] - 25/10/2013 - 12:18:40 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.378304F2AF8A506216AA35406BA978DC] - 25/10/2013 - 12:21:31 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf
O45 - LFCP:[MD5.3F18747E9B9C2E839635E27056A84AF2] - 25/10/2013 - 12:22:04 ---A- - C:\Windows\Prefetch\BFSVC.EXE-9C7A4DEE.pf
O45 - LFCP:[MD5.3C9F2930374EA5BCC9D7F7A584B45F48] - 25/10/2013 - 12:22:10 ---A- - C:\Windows\Prefetch\NETSH.EXE-F1B6DA12.pf
O45 - LFCP:[MD5.98DBBC43312EB9DB48645CAD5F710E15] - 25/10/2013 - 12:22:14 ---A- - C:\Windows\Prefetch\CLRGC.EXE-CDEF051D.pf
O45 - LFCP:[MD5.086FEC33F565E123583DA063122E9E80] - 25/10/2013 - 12:39:39 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-63699C7D.pf
O45 - LFCP:[MD5.6FB89619D9CA27B62E26A7B5E264D9E3] - 25/10/2013 - 12:39:39 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-95B0C790.pf
O45 - LFCP:[MD5.1BD53AA6EDCAA3FA0DB83ECC4E4EE8FA] - 25/10/2013 - 12:39:44 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
O45 - LFCP:[MD5.99673315E0D8BCCAF96D981B9DE29F1E] - 25/10/2013 - 12:39:44 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-FEDB32D0.pf
O45 - LFCP:[MD5.9158992367D8BE03E2C94EE6155E4745] - 25/10/2013 - 12:39:50 ---A- - C:\Windows\Prefetch\MCBUILDER.EXE-7F26B913.pf
O45 - LFCP:[MD5.13EE8E7D9903468BB53AD985CE69CA61] - 25/10/2013 - 12:41:19 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf
O45 - LFCP:[MD5.BE63B2C0C3FD39F8389A9C152E651278] - 25/10/2013 - 12:41:23 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:[MD5.0B28CF8B78B9B56D88D31694F9644B51] - 25/10/2013 - 12:42:37 ---A- - C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
O45 - LFCP:[MD5.6B9701499750D19C24DB93397E21384D] - 25/10/2013 - 12:42:37 ---A- - C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf
O45 - LFCP:[MD5.E3340ABC0D549CEAE5142D6F40EBFB23] - 25/10/2013 - 12:42:48 ---A- - C:\Windows\Prefetch\WINMAIL.EXE-F551299C.pf
O45 - LFCP:[MD5.89DD5D9AB14D6B45034C0202E1E3F6F9] - 25/10/2013 - 12:48:00 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-245ED79E.pf
O45 - LFCP:[MD5.9D8EEFC991C606FCDAD0A8AF4BDD61CC] - 25/10/2013 - 12:48:09 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-90526FAC.pf
O45 - LFCP:[MD5.56F1AFB6AE0E2CDE33E4F727052DA018] - 25/10/2013 - 12:52:40 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-685A8F09.pf
O45 - LFCP:[MD5.91796DEB955B9BF3A209943067C8C81E] - 25/10/2013 - 12:52:41 ---A- - C:\Windows\Prefetch\IE4UINIT.EXE-3A7E0C67.pf
O45 - LFCP:[MD5.B4E6CC73DC88E9A9C46A4AE604AFBCB0] - 25/10/2013 - 12:52:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-46A5F75F.pf
O45 - LFCP:[MD5.0755503F83D04F7722D6D2994AC0EAAE] - 25/10/2013 - 12:52:41 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A148E651.pf
O45 - LFCP:[MD5.9CB40F1C4D22FEB62A4B7CA99AB650A6] - 25/10/2013 - 12:52:42 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7438E4D5.pf
O45 - LFCP:[MD5.630C0843E60462D6C925776542F08D6F] - 25/10/2013 - 12:52:44 ---A- - C:\Windows\Prefetch\UNREGMP2.EXE-2294B148.pf
O45 - LFCP:[MD5.950884618468DE7CDD575F1E6876C3BE] - 25/10/2013 - 12:52:44 ---A- - C:\Windows\Prefetch\WINMAIL.EXE-1092D371.pf
O45 - LFCP:[MD5.2C5FC7DCA70DC591A88950D32A1B3091] - 25/10/2013 - 12:52:54 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf
O45 - LFCP:[MD5.4D26625937CD07ED7AC9271387F41769] - 25/10/2013 - 12:56:59 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.20D499F46BA55E85F2279BA51D98D2B5] - 25/10/2013 - 13:13:22 ---A- - C:\Windows\Prefetch\WINSAT.EXE-DE36CB46.pf
O45 - LFCP:[MD5.8DB6F9967E0593B95B11C4E58E9B6B7F] - 25/10/2013 - 13:16:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf
O45 - LFCP:[MD5.34378A950BA85059293137970EF8D5CB] - 25/10/2013 - 13:16:26 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf
O45 - LFCP:[MD5.4F7CAF52E8E49F0B49F9A132741722C7] - 25/10/2013 - 13:16:59 ---A- - C:\Windows\Prefetch\IE4UINIT.EXE-8B333E8B.pf
O45 - LFCP:[MD5.EC3E9417A881D1EC1F1C79A49460D167] - 25/10/2013 - 13:20:19 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1B554EAC.pf
O45 - LFCP:[MD5.B985100C87B146025346D3D2E0DE82CB] - 25/10/2013 - 13:20:26 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-FD30A2A8.pf
O45 - LFCP:[MD5.C66176455A6E192F3C93B25EC7ED15F9] - 25/10/2013 - 13:21:02 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3752842217-744198734-1164051984-1000.db
O45 - LFCP:[MD5.CFABFDF088DD3BC40B8BFBA27C3FE755] - 25/10/2013 - 13:21:02 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3752842217-744198734-1164051984-1000.db
O45 - LFCP:[MD5.AABD07C027F9CBF7F20CCA4889CEBAE6] - 25/10/2013 - 15:35:38 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf
O45 - LFCP:[MD5.371DAA36A1BAA79CA568F2EF7EB90687] - 25/10/2013 - 15:35:39 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-28BF826E.pf
O45 - LFCP:[MD5.24C7CF835F126E769782772CA851B2E3] - 25/10/2013 - 15:37:54 ---A- - C:\Windows\Prefetch\IPCONFIG.EXE-912F3D5B.pf
O45 - LFCP:[MD5.8C65BED5C055597F57ADDBF465C390D9] - 25/10/2013 - 15:37:54 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-0F1704A4.pf
O45 - LFCP:[MD5.4F49EFD1C01291B7188DD0964E483334] - 25/10/2013 - 15:37:54 ---A- - C:\Windows\Prefetch\ROUTE.EXE-5E3D06CB.pf
O45 - LFCP:[MD5.A584CBF785A968E0D36B04FDFC25512F] - 25/10/2013 - 15:37:58 ---A- - C:\Windows\Prefetch\MSDT.EXE-09841468.pf
O45 - LFCP:[MD5.539E8A3271BD8A5F2C501E45D411ED50] - 25/10/2013 - 15:37:58 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-8D72177C.pf
O45 - LFCP:[MD5.87241E39F8015C48584C420485E62F92] - 25/10/2013 - 15:49:11 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-3CE780E1.pf
O45 - LFCP:[MD5.15DF96A7DA48E277A5111DE74119AC37] - 25/10/2013 - 15:49:12 ---A- - C:\Windows\Prefetch\DINOTIFY.EXE-35A869D6.pf
O45 - LFCP:[MD5.2331289DE8ABF837E89E0DEEFAE6C5AC] - 25/10/2013 - 15:49:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-864E550D.pf
O45 - LFCP:[MD5.37C270FA549A34CCF333D63C42C80F14] - 25/10/2013 - 15:49:49 ---A- - C:\Windows\Prefetch\AUTORUN.EXE-D28490C2.pf
O45 - LFCP:[MD5.39ED41B8022F702A89586A9AC2A0A4E4] - 25/10/2013 - 15:50:56 ---A- - C:\Windows\Prefetch\SETUP.EXE-4E53A706.pf
O45 - LFCP:[MD5.4CAE548CE05A0F9C6627F1A042D05E0F] - 25/10/2013 - 15:50:57 ---A- - C:\Windows\Prefetch\ISBEW64.EXE-FB342C96.pf
O45 - LFCP:[MD5.15EC35270645A9D5318F953A50E082CB] - 25/10/2013 - 15:51:21 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf
O45 - LFCP:[MD5.95554E11E03C50F11D887BA84A206737] - 25/10/2013 - 15:51:21 ---A- - C:\Windows\Prefetch\INSTALLIMD64.EXE-C4F94035.pf
O45 - LFCP:[MD5.34266A45480BEED6CC8EA3401A85FD49] - 25/10/2013 - 15:51:30 ---A- - C:\Windows\Prefetch\WLANEXT.EXE-D2CEDC57.pf
O45 - LFCP:[MD5.A4E6383553758F88AE2822E99E2AE3ED] - 25/10/2013 - 15:51:31 ---A- - C:\Windows\Prefetch\DEVAMD64.EXE-90B7891D.pf
O45 - LFCP:[MD5.3E6ED310B2F674ECE4AC3AB89D4BA08B] - 25/10/2013 - 15:51:32 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf
O45 - LFCP:[MD5.346AB9EE33B66DE9866514A96122D1CB] - 25/10/2013 - 15:52:33 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf
O45 - LFCP:[MD5.DABA9442F2C51868FD5854B971EFE95D] - 25/10/2013 - 15:54:38 ---A- - C:\Windows\Prefetch\AVAST_FREE_ANTIVIRUS_SETUP01[-15AB9126.pf
O45 - LFCP:[MD5.C4B5674FA1A0DEBEDE7FB2E3E042E650] - 25/10/2013 - 15:54:50 ---A- - C:\Windows\Prefetch\INSTUP.EXE-4134438A.pf
O45 - LFCP:[MD5.B51871E41585E7167B8B2390DA418B7B] - 25/10/2013 - 15:55:51 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf
O45 - LFCP:[MD5.BB6EF2ACB306066CC1073696000B9D70] - 25/10/2013 - 16:08:33 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:[MD5.781846749A44D9797F7B036257D9194C] - 25/10/2013 - 16:12:56 ---A- - C:\Windows\Prefetch\MPAM-961A0B82.EXE-CC071A15.pf
O45 - LFCP:[MD5.E4979322238B8EBF71DD5FCEEEFE5323] - 25/10/2013 - 16:14:00 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf
O45 - LFCP:[MD5.2A025B67C9CFA64E0BA80F5F359E0775] - 25/10/2013 - 16:14:12 ---A- - C:\Windows\Prefetch\ASWOFFERTOOL.EXE-7CEC7DEA.pf
O45 - LFCP:[MD5.53803B9C095CD4DF9F82A9F8CA78F808] - 25/10/2013 - 16:15:06 ---A- - C:\Windows\Prefetch\CHROME_SETUP_1382714042256.EX-C726740D.pf
O45 - LFCP:[MD5.17FE0F83190242E4873430F2E9C01275] - 25/10/2013 - 16:20:09 ---A- - C:\Windows\Prefetch\GOOGLEUPDATESETUP_1.3.21.169.-77E7E656.pf
O45 - LFCP:[MD5.DA18AB8F10A20FEB88A4F3D6E3ECA515] - 25/10/2013 - 16:21:12 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-37753F50.pf
O45 - LFCP:[MD5.692DF4059ED4625A6A4F85258C19EAD4] - 25/10/2013 - 16:23:40 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B95715F5.pf
O45 - LFCP:[MD5.29488CED2CDBBDB0C5D313B2CD36F6D4] - 25/10/2013 - 16:26:09 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.13F730D33C2C282099CBA5FCE59172D3] - 25/10/2013 - 16:26:09 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.44E274D9943604E1761326E3C2678AB2] - 25/10/2013 - 16:26:10 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.FF902B4AC57033A6552514EF3B8273AF] - 25/10/2013 - 16:26:10 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.91AF42AC89472D180F8DF1F55F9412DD] - 25/10/2013 - 17:40:20 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf
O45 - LFCP:[MD5.DC264D56F1CBCA01068FEDF1C67CD468] - 25/10/2013 - 17:40:20 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf
O45 - LFCP:[MD5.50CC25C883932F1D97076028C12A26D1] - 25/10/2013 - 17:40:21 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf
O45 - LFCP:[MD5.E5CA2ED8E009FC4259DDEC04F27993BD] - 25/10/2013 - 17:41:08 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf
O45 - LFCP:[MD5.847E04C8B9D8DC18269FD32877729021] - 25/10/2013 - 17:42:01 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf
O45 - LFCP:[MD5.4F15E8D3B187ABF039740ADA73B4311B] - 25/10/2013 - 17:42:17 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.326F56E4464691F12F1D04219D545A02] - 25/10/2013 - 17:42:19 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:[MD5.463EEAE0AD74FBC83E0FA06EAD808FFD] - 25/10/2013 - 17:43:37 ---A- - C:\Windows\Prefetch\MSDT.EXE-C20E6F0C.pf
O45 - LFCP:[MD5.71111CAE9F3BFF434358B114DFC3BADF] - 25/10/2013 - 17:43:39 ---A- - C:\Windows\Prefetch\IPCONFIG.EXE-E1E46F7F.pf
O45 - LFCP:[MD5.E355B5581E11C90A1A3879A2CB03A01D] - 25/10/2013 - 17:43:39 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-4CDBAF68.pf
O45 - LFCP:[MD5.3E3D5AC990DAC97E3BB43FBCA39C97AD] - 25/10/2013 - 17:43:39 ---A- - C:\Windows\Prefetch\ROUTE.EXE-3A1BBDCF.pf
O45 - LFCP:[MD5.464673DDD00E00B17CB5CCE37D83D8D4] - 25/10/2013 - 17:43:48 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-99BBAB60.pf
O45 - LFCP:[MD5.0146E433B18E13CA66E4D7FB8EEFA46D] - 25/10/2013 - 17:50:15 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf
O45 - LFCP:[MD5.43B109681E3CDC890CF8621FCE9320A1] - 25/10/2013 - 17:51:43 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:[MD5.BE3BFD3C5D3D6D906B0FC6E72D8FD5C3] - 25/10/2013 - 17:53:03 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pf
O45 - LFCP:[MD5.4165AFAE3DD0C409733E97BCBCFC9FE5] - 25/10/2013 - 17:53:07 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-4A28B1CA.pf
O45 - LFCP:[MD5.4C337327D8A4DCEB756BED9A68ECD279] - 25/10/2013 - 17:53:11 ---A- - C:\Windows\Prefetch\IEINSTAL.EXE-9C71E8B0.pf
O45 - LFCP:[MD5.1EFDDD22290F62FB9A2F0C928187486E] - 25/10/2013 - 17:53:12 ---A- - C:\Windows\Prefetch\FP_AX_CAB_INSTALLER64.EXE-71B14064.pf
O45 - LFCP:[MD5.7B146D8A22FA3E8519A37A1139C98869] - 25/10/2013 - 17:53:29 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
O45 - LFCP:[MD5.108AA1F01A32928100F73B06CCA0B2AE] - 25/10/2013 - 17:53:29 ---A- - C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-618C8E41.pf
O45 - LFCP:[MD5.F08D46486E443EDDE41FBEA8A2CD14F3] - 25/10/2013 - 17:53:30 ---A- - C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-93F25039.pf
O45 - LFCP:[MD5.BBE7F3D5024963DB3E2431F04B5B08D0] - 25/10/2013 - 17:53:41 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf
O45 - LFCP:[MD5.91D3FF9400C2B3C6CF75FB0D3119F1E5] - 25/10/2013 - 17:53:41 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf
O45 - LFCP:[MD5.6A9F7D83CCE3C41ADAD1D86746B952A3] - 25/10/2013 - 17:53:52 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:[MD5.507B13ACBEDE6A2D210E63FAB05CA795] - 25/10/2013 - 17:53:52 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:[MD5.9237C062B86B1C4287BA1DD86D71F353] - 25/10/2013 - 17:54:39 ---A- - C:\Windows\Prefetch\ZHPDIAG2[1].TMP-DFBA9C7C.pf
O45 - LFCP:[MD5.53C2D86067118DA974A7D4B307D6F8B3] - 25/10/2013 - 17:54:40 ---A- - C:\Windows\Prefetch\ZHPDIAG2[1].EXE-ECC86876.pf
O45 - LFCP:[MD5.133EE42356EEECDC680DE1B801BE95AC] - 25/10/2013 - 17:54:40 ---A- - C:\Windows\Prefetch\ZHPDIAG2[1].TMP-3A7CF1CA.pf
O45 - LFCP:[MD5.3075965E5D2C818DA91C69F9AB0CC52A] - 25/10/2013 - 17:54:53 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:[MD5.5F79053877C4DC43D1D2F28A150AACA4] - 25/10/2013 - 17:54:54 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:[MD5.C6475675101AE9BC1AEEDB2B425199AB] - 25/10/2013 - 17:54:54 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-EBD3B8D7.pf
O45 - LFCP:[MD5.10327865F48EA071291ED652EA002858] - 25/10/2013 - 17:54:59 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:[MD5.68DC7C5B38C57AD5C5EBECD8DD6BF1A8] - 25/10/2013 - 17:55:05 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-0D117CAF.pf
O45 - LFCP:[MD5.6C0BE324FDB6EC294B3465E875A11E8F] - 25/10/2013 - 17:55:22 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf
O45 - LFCP:[MD5.58876030A5EE46D3CC06CA50A69BB53E] - 25/10/2013 - 17:55:35 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-0FB3F22C.pf
O45 - LFCP:[MD5.BE2C4AEAED0E5D0A12BB0EC7A0720611] - 25/10/2013 - 17:55:36 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-6768A320.pf
O45 - LFCP:[MD5.D8F533B2315F1B517805759D5E7C5173] - 25/10/2013 - 17:55:44 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:[MD5.DFAA1E1796D88731F32FBFF69B89BADB] - 25/10/2013 - 17:55:44 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:[MD5.04EE92B72734BF2B31E0809C6C45E165] - 25/10/2013 - 17:55:45 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf
O45 - LFCP:[MD5.ED173528DD4B2693D6F9B147BD73AB78] - 25/10/2013 - 17:55:45 ---A- - C:\Windows\Prefetch\PV.EXE-34B75B82.pf
O45 - LFCP:[MD5.1ABFC50996E5F89DD609DB01DCE29E5A] - 25/10/2013 - 17:55:48 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf
O45 - LFCP:[MD5.5C81C6BBC6AEF0685C6F65C61E8A5CE2] - 25/10/2013 - 17:55:48 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-AB0CE9D9.pf
O45 - LFCP:[MD5.6537720C8FAB4974EAF2CFB0EB9A0237] - 25/10/2013 - 17:55:50 ---A- - C:\Windows\Prefetch\FLASHUTIL32_11_9_900_117_ACTI-7943581B.pf
O45 - LFCP:[MD5.F0B39C5A33572925947DF011D063123F] - 25/10/2013 - 17:55:57 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-AD598958.pf
O45 - LFCP:[MD5.6DCB2A178E152B3683AF46D30DF77CE9] - 25/10/2013 - 17:56:04 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf
O45 - LFCP:[MD5.AADC24B3E81ABF76A4BFD066D8036417] - 25/10/2013 - 17:56:07 ---A- - C:\Windows\Prefetch\MPAS-FE.EXE-6BCBD37D.pf
O45 - LFCP:[MD5.EE5DAF4624E1B2F0BF45737D4552291E] - 25/10/2013 - 17:56:08 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-08F424AE.pf
~ Prefetcher: 117 Scanned in 00mn 02s
---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l��diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
---\\ Cl� de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{05ad2e01-3d67-11e3-ab8f-806e6f6e6963}\AutoRun\command. (.TP-LINK TECHNOLOGIES CO., LTD. - Autorun Program.) -- D:\Autorun.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.417B9BAB376E8E50F6770196656FD348] - 16/09/2010 - 18:49:00 ----- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athurx.sys [1918976]
~ Drivers: 16 Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\80FE9C55-F004-4FF1-8C35-FE2283E837FA.Diagnose.0.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\NetworkConfiguration.cab [994]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\NetworkDiagnostics.0.debugreport.xml [72783]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\ResultReport.xml [39723]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\results.xml [263]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102512.000\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\9C23FAC2-BFC9-4E2E-94C5-7B7317294D8B.Diagnose.0.etl [131072]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\9C23FAC2-BFC9-4E2E-94C5-7B7317294D8B.Repair.1.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\9C23FAC2-BFC9-4E2E-94C5-7B7317294D8B.Verify.2.etl [262144]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\E96847DF-B692-4B7D-A760-07C1AF045841.Diagnose.3.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\NetworkConfiguration.cab [994]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\NetworkDiagnostics.0.debugreport.xml [73238]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\NetworkDiagnostics.1.debugreport.xml [67880]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\ResultReport.xml [40024]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\results.xml [263]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.000\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\BB531BB9-58C8-4EF8-8235-290CE1946980.Diagnose.0.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\NetworkConfiguration.cab [994]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\NetworkDiagnostics.0.debugreport.xml [74158]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\NetworkDiagnostics.1.debugreport.xml [68195]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\ResultReport.xml [39724]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\results.xml [263]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.001\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\3CA5F450-76F8-49C0-A9D0-0545829693A1.Diagnose.0.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\NetworkConfiguration.cab [994]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\NetworkDiagnostics.0.debugreport.xml [72486]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\ResultReport.xml [39723]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\results.xml [263]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102514.002\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\9B0E8482-1EB0-4154-987B-AD6891F3A139.Diagnose.0.etl [196608]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\NetworkConfiguration.cab [1793]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\NetworkDiagnostics.0.debugreport.xml [76998]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\NetworkDiagnostics.1.debugreport.xml [71326]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\ResultReport.xml [39124]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\results.xml [256]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\2013102516.000\results.xsl [49097]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Diagnostics\460911090\latest.cab [29876]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\GDIPFONTCACHEV1.DAT [57560]
O61 - LFC: 25/10/2013 - 18:56:22 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\CR_EC273.tmp\CHROME.PACKED.7Z [34233426]
O61 - LFC: 25/10/2013 - 18:56:22 --HA- . (...) -- C:\Users\galtier\AppData\Local\IconCache.db [775146]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\FXSAPIDebugLogFile.txt [0]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\galtier.bmp [49208]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF074B554290EABBAC.TMP [512]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF0D1668CD879222DB.TMP [32768]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF14425FA0DFB5F206.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF4CD4ACF18FE4F64C.TMP [0]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF526C287C3EFBF811.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF55CE5F6035CA5791.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF57108AD76D4C0488.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF633F8F3B739A9AE8.TMP [512]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF681C3A562D801A13.TMP [0]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF708DFC1253236FDA.TMP [512]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DF92C1F7A396F4E579.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFAE0E3F042900AA57.TMP [32768]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFBF17C24EFA29C325.TMP [32768]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFD97BF68D53F00A44.TMP [512]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFDBE4AAADD596C881.TMP [0]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFE9C458EC00F4C551.TMP [20480]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\HTMLayout.dll [3166600]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\Instup.dll [7300544]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\aswOfferTool.exe [3169184]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\avBugReport.exe [1242560]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\instup.exe [209536]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.AVAST Software.) -- C:\Users\galtier\AppData\Local\Temp\_av_iup.tm~a01408\uglyoyxc.sys [409832]
O61 - LFC: 25/10/2013 - 18:56:23 ---A- . (.Google Inc..) -- C:\Users\galtier\AppData\Local\Temp\CR_EC273.tmp\setup.exe [1185744]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\AppData\Local\Temp\~DFFA26C298D4DC4A92.TMP [16384]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk [0]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\AppData\Roaming\ZHP\Log.txt [14694] =>.Nicolas Coolman
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\AppData\Roaming\ZHP\TestsZHPDiag.txt [2892] =>.Nicolas Coolman
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\Contacts\galtier.contact [68376]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\Links\Desktop.lnk [443]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\Links\Downloads.lnk [898]
O61 - LFC: 25/10/2013 - 18:56:24 ---A- . (...) -- C:\Users\galtier\Links\RecentPlaces.lnk [383]
O61 - LFC: 25/10/2013 - 18:56:24 -SHA- . (...) -- C:\Users\galtier\AppData\Roaming\Microsoft\Protect\CREDHIST [24]
O61 - LFC: 25/10/2013 - 18:56:24 -SHA- . (...) -- C:\Users\galtier\AppData\Roaming\Microsoft\Protect\S-1-5-21-3752842217-744198734-1164051984-1000\Preferred [24]
O61 - LFC: 25/10/2013 - 18:56:24 -SHA- . (...) -- C:\Users\galtier\AppData\Roaming\Microsoft\Protect\S-1-5-21-3752842217-744198734-1164051984-1000\de85df61-e6b3-4576-8f09-b904e1681e19 [468]
O61 - LFC: 25/10/2013 - 18:56:24 R-HA- . (...) -- C:\Users\galtier\Searches\Everywhere.search-ms [248]
O61 - LFC: 25/10/2013 - 18:56:24 R-HA- . (...) -- C:\Users\galtier\Searches\Indexed Locations.search-ms [248]
~ 27 Fichiers temporaires (Temporary files)
~ Files: 78 Scanned in 00mn 02s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 25/10/2013 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 25/10/2013 - C:\Windows\system32\drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 25/10/2013 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) - LEGACY_BOWSER
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\cdfs.sys (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de syst�me de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d�E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du r�seau.) - LEGACY_TCPIP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du r�seau.) - LEGACY_TDX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d�extension du gestionnaire de volum.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de clich� instantan� du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l�infrastructure de pilotes en m.) - LEGACY_WDF01000
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF
~ Legacy: 110 Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
~ FASS Keys: 18 Scanned in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Enum�re les service demarr�s par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [235520]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [776192]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [845824]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [676864]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d�acc�s distant.) -- C:\Windows\System32\rasmans.dll [343552]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l�application d�assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316416]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur h�te de session Burea.) -- C:\Windows\System32\termsrv.dll [706560]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2418176]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [848384]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [369664]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [565760]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d�ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau � distance.) -- C:\Windows\System32\sessenv.dll [104960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [136192]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [1104384]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [208384]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des th�mes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Services: 33 Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.7BCB1A0C43878FA836E7B4A04DCE0FAB] [SPRF][24/09/2013] (...) -- C:\Users\galtier\AppData\Local\Temp\GoogleUpdateSetup_1.3.21.169.exe [818968]
~ Files: 1 Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage imm�diat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-syst�me spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-LLMNR-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contr�leur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Serveur COM d�assistance � distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance � distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-In" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "Microsoft-Windows-PeerDist-WSD-Out" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe
O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus h�te pour les services Windows.) -- C:\Windows\system32\svchost.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe =>.Microsoft Corporation
O87 - FAEL: "SPPSVC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) -- C:\Windows\system32\sppsvc.exe
O87 - FAEL: "SPPSVC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) -- C:\Windows\system32\sppsvc.exe
~ Firewall: 171 Scanned in 00mn 00s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 25/10/2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by galtier at 25/10/2013 18:57:45
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by galtier at 25/10/2013 18:57:47
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 12960 - (24/10/2013)
Cl�s trouv�es (Keys found) : 0
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 1
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified =>PUA.StartShow ^
~ Additionnel Scan: 107975 Items scanned in 00mn 19s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/34077727-pua-startshow =>PUA.StartShow
~ MSI: 1 link(s) detected in 00mn 19s
End of the scan (1151 lines in 02mn 42s)(0)