cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.4.5.28 par Nicolas Coolman, Update du 05/04/2013
Run by H. J. DELABRE at 09/04/2013 10:47:10
State : Nouvelle version disponible
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16519 (Defaut)
GCIE: Google Chrome v26.0.1410.43

---\\ Windows Product Information
~ Langage: Fran�ais
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : MG67T
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6101 MB (70% free)
System Restore: Activ� (Enable)
System drive C: has 408 GB (89%) free of 457 GB

---\\ Logged in mode
~ Computer Name: DELABRE
~ User Name: H. J. DELABRE
~ All Users Names: HomeGroupUser$, H. J. DELABRE, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\H. J. DELABRE\AppData\Roaming\
~ %Desktop% : C:\Users\H. J. DELABRE\Desktop\
~ %Favorites% : C:\Users\H. J. DELABRE\Favorites\
~ %LocalAppData% : C:\Users\H. J. DELABRE\AppData\Local\
~ %StartMenu% : C:\Users\H. J. DELABRE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 408 Go of 457 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 458 Go of 458 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 1 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: Scanned in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.2769AF459DDA7140B73227C31DCE61BD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.04/02/2013 - 23:39:47.) -- C:\Windows\System32\wininet.dll [2246656]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioth�que de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parall�le.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de p�riph�rique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/1623
~ Mes musiques (My Musics) : 1/53
~ Mes Favoris (My Favorites) : 1/30
~ Mes Documents (My Documents) : 1/292
~ Mon Bureau (My Desktop) : 1/5
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lanc�s
[MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [512360] [PID.2244]
[MD5.241BD3019FB31E812A51B31B06906335] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe [144520] [PID.1436]
[MD5.F7D2E592A878D390A15E801500999939] - (.Acer Incorporated - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [524944] [PID.2804]
[MD5.5EA80B00E1F5931641E8B95A23B7342D] - (.Orbiscom Ltd. All rights reserved. - ECBL Client.) -- C:\Program Files (x86)\e-Carte Bleue LCL\ecbl-lcl.exe [278528] [PID.4236]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.4316]
[MD5.63A2D767B9261B4F33F97BF88F2FB197] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [276328] [PID.4360]
[MD5.2FB757B35C94B1C1C65BA35E4E7EC0F2] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [174952] [PID.4524]
[MD5.F01A418BDDFC14D60E463C50CABC7750] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [565096] [PID.4568]
[MD5.B2F0B501A7C017F21C4B4417623895BD] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [367976] [PID.4608]
[MD5.0CED501E811F5C4745415FCC000CE043] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe [164864] [PID.4784]
[MD5.6E5876A0BBCD9146A4DB62C68BB99EE6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6493184] [PID.3672]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\H. J. DELABRE\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
~ Firefox Browser: Scanned in 00mn 01s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
~ BHO: 5 Legitimates Scanned in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\H. J. DELABRE\Desktop\Boite de r�ception - mail Orange.url . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Documents And Settings\H. J. DELABRE\Desktop\Boite de r�ception - mail Orange.url
O4 - GS\Desktop: Demande d'information - Informations sur les lots et cadeaux - Raccourci.lnk . (...) -- C:\Users\H. J. DELABRE\Pictures\Downloads\Demande d'information - Informations sur les lots et cadeaux.zip
~ Global Startup: Scanned in 00mn 00s



---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer � OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll
O9 - Extra button: Notes &li�es OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 6 Legitimates Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{451F4D84-053F-4C72-9294-20AEC928066A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{451F4D84-053F-4C72-9294-20AEC928066A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA Stereo Initialization dll, Version 3.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: CCDMonitorService (CCDMonitorService) . (.Acer Incorporated - CCD Monitor Service.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Services: 14 Legitimates Scanned in 00mn 05s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
[MD5.A35F3BCC83B932F0F50571F7B12632DF] [APT] [ALU] (...) -- C:\Program Files (x86)\Acer\Live Updater\updater.exe [3331216]
[MD5.BD0BA490E0300E859DB99DA3AB024371] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [39568]
[MD5.7AE4D6C70C2D7912AB2B4651DF595575] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [990320]
[MD5.4942FBE3BA93C1536EC775A0104C11E9] [APT] [EgisUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\EgisUpdate.exe [202832]
[MD5.773C84EA68CF5359A6B4C82D6A96A938] [APT] [PMMUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\PMMUpdate.exe [467024]
[MD5.00000000000000000000000000000000] [APT] [{2481E0E2-A970-48C3-A117-451C478289AA}] (...) -- C:\Program Files\McAfee\MSC\mcuihost.exe (.not file.) [0]
~ Scheduled Task: 18 Legitimates Scanned in 00mn 03s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 9 Legitimates Scanned in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
~ Drivers: 54 Legitimates Scanned in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: AcerCloud - (.Acer Incorporated.) [HKLM][64Bits] -- {A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
O42 - Logiciel: AcerCloud Docs - (.Acer Incorporated.) [HKLM][64Bits] -- {CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
~ Logic: 124 Legitimates Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5a48bda]
~ Key Software: 169 Legitimates Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/04/2013 - 16:40:04 - [0,015] ----D C:\Program Files (x86)\MyPC Backup
O43 - CFD: 03/04/2013 - 15:35:35 - [4,720] ----D C:\Program Files (x86)\RocketPDF
O43 - CFD: 07/04/2013 - 17:13:16 - [0,040] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 06/04/2013 - 16:36:55 - [0,056] ----D C:\Users\H. J. DELABRE\AppData\Roaming\PlusWinks
O43 - CFD: 06/04/2013 - 16:49:23 - [0,012] ----D C:\Users\H. J. DELABRE\AppData\Roaming\RocketPDF
~ Program Folder: 139 Legitimates Scanned in 00mn 14s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.5F28D41390C6CB314CF8E3E538B6F661] - 07/04/2013 - 16:13:29 ---A- . (...) -- C:\AdwCleaner[S1].txt [30201]
O44 - LFC:[MD5.B1E77F4A8B654C488ACF55C9086A3A9A] - 07/04/2013 - 16:13:29 ---A- . (...) -- C:\Windows\DeleteOnReboot.bat [101]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 25/07/2012 - 11:03:10 ---A- . (...) -- C:\Windows\SysNative\sasnative64.exe [16896]
O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 25/07/2012 - 11:03:10 RSHAD . (...) -- C:\Windows\System32\sasnative64.exe [16896]
~ Files: 118 Legitimates Scanned in 00mn 26s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.5BABD9C091D101E32614635787746C42] - 03/04/2013 - 14:42:55 ---A- - C:\Windows\Prefetch\PRINTDIALOGHOST.EXE-90923561.pf
O45 - LFCP:[MD5.5C21EB0D947CBAD9399A31E33EDE8FFE] - 04/04/2013 - 21:04:19 ---A- - C:\Windows\Prefetch\HPQUSGM.EXE-7B8D1D73.pf
O45 - LFCP:[MD5.1ABD3ABF03514BE3F1846107D0077745] - 04/04/2013 - 21:08:49 ---A- - C:\Windows\Prefetch\DFSVC.EXE-AD35CBCB.pf
O45 - LFCP:[MD5.5323701807A825074008C860AD1A8BF2] - 04/04/2013 - 21:26:49 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.3E2E69F2A43D1057243D5D0736D73AA2] - 05/04/2013 - 07:09:52 ---A- - C:\Windows\Prefetch\RCPSETUP_MARIM_MARM.TMP-BC756BB5.pf
O45 - LFCP:[MD5.7D2B84D7212AAF69B93BCA4EF1BCC9FA] - 05/04/2013 - 07:09:56 ---A- - C:\Windows\Prefetch\RCPSETUP_MARIM_MARM.TMP-38F7F5DF.pf
O45 - LFCP:[MD5.5D2470EC0F7BCDA950BBF13EBBAD55B0] - 05/04/2013 - 07:13:30 ---A- - C:\Windows\Prefetch\ASPSETUP.TMP-1ADCC72D.pf
O45 - LFCP:[MD5.9E123249820C9548437277BDB9200408] - 05/04/2013 - 07:17:00 ---A- - C:\Windows\Prefetch\UNINS000.EXE-A28EF926.pf
O45 - LFCP:[MD5.3826C6C356E6C9435A847444F287A5DF] - 05/04/2013 - 07:17:00 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-311B6B89.pf
O45 - LFCP:[MD5.CB0B0D66E07CD5C6B6D1C26B3A6A53CE] - 05/04/2013 - 07:24:38 ---A- - C:\Windows\Prefetch\ADAWARE_INSTALLER.EXE-9E4E5310.pf
O45 - LFCP:[MD5.DA380D161EDC8109D41B44B266192307] - 05/04/2013 - 07:26:21 ---A- - C:\Windows\Prefetch\D33F747D-8625-46BC-BD32-2DB95-8A5BDC9B.pf
O45 - LFCP:[MD5.E61A55B4690F3CBE4D3F38B1E0B3241D] - 05/04/2013 - 07:26:25 ---A- - C:\Windows\Prefetch\ADAWAREBROWSINGPROTECTION_SET-8846F9BA.pf
O45 - LFCP:[MD5.B2ADC1C529D65267C0FE3DDCDEB24629] - 05/04/2013 - 07:32:21 ---A- - C:\Windows\Prefetch\ADAWARE.EXE-EC222E9B.pf
O45 - LFCP:[MD5.420840B8F193DD4E2445D3BE7EC2D0CB] - 05/04/2013 - 07:34:09 ---A- - C:\Windows\Prefetch\SIGNUP WIZARD.EXE-9554BD21.pf
O45 - LFCP:[MD5.20E6F540895131E7C3FAF281A681E408] - 05/04/2013 - 08:36:34 ---A- - C:\Windows\Prefetch\BOOTSTRAPPER.EXE-A76488EF.pf
O45 - LFCP:[MD5.C7C0FAA180673050E7219B5A2A523C41] - 06/04/2013 - 13:05:55 ---A- - C:\Windows\Prefetch\SPYWAREFIGHTER.EXE-17126612.pf
O45 - LFCP:[MD5.11EC8F2ADCADDC5FD51FD73D2C7617C8] - 06/04/2013 - 13:05:55 ---A- - C:\Windows\Prefetch\SWVFSETUP_X32.EXE-99A9E681.pf
O45 - LFCP:[MD5.CDE862F2458CBECA5CD3E090245A57BD] - 06/04/2013 - 15:36:22 ---A- - C:\Windows\Prefetch\COMPONENT_600-AB4B744B.pf
O45 - LFCP:[MD5.DCA89F7B208EC3EC7AC8D7216F08A602] - 06/04/2013 - 15:36:32 ---A- - C:\Windows\Prefetch\COMPONENT_612.DECRPT-3F7F22AA.pf
O45 - LFCP:[MD5.7D4724E7FD4794DEB5A7D81927FFC98C] - 06/04/2013 - 15:36:54 ---A- - C:\Windows\Prefetch\PLUSWINKS.EXE-14783FE0.pf
O45 - LFCP:[MD5.E27E24BF1E1E42E3C4836297A6E57711] - 06/04/2013 - 15:36:55 ---A- - C:\Windows\Prefetch\COMPONENT_342-9EE83B8A.pf
O45 - LFCP:[MD5.169F7D1E0B40C38B21EC0F7D7FA9D492] - 06/04/2013 - 15:39:52 ---A- - C:\Windows\Prefetch\UNINST.EXE-008C70BB.pf
O45 - LFCP:[MD5.E212D53999360802C5610C0DB23AEF16] - 06/04/2013 - 15:39:59 ---A- - C:\Windows\Prefetch\REGISTEREXTENSIONDOTNET20_X86-7C958069.pf
O45 - LFCP:[MD5.DFD3183381ED8EF3F8133AC8883F1132] - 06/04/2013 - 15:40:00 ---A- - C:\Windows\Prefetch\REGISTEREXTENSIONDOTNET20_X64-8B0528E5.pf
O45 - LFCP:[MD5.6D5A906E995F96D7CC3139F640DEB140] - 06/04/2013 - 15:40:04 ---A- - C:\Windows\Prefetch\UNREGISTEREXTENSIONS.EXE-4B678C96.pf
O45 - LFCP:[MD5.94598368528802E015BC17AECD9F1D63] - 06/04/2013 - 15:44:43 ---A- - C:\Windows\Prefetch\AD-AWARE BROWSING PROTECTION -A6CB27BC.pf
O45 - LFCP:[MD5.0C9DFD231F97AA40E40D875FAF713385] - 06/04/2013 - 15:53:01 ---A- - C:\Windows\Prefetch\GLCND.EXE-DD45F588.pf
O45 - LFCP:[MD5.DFFF2E41029B53C4FBEBB88C712C5827] - 06/04/2013 - 15:54:39 ---A- - C:\Windows\Prefetch\ROCKETPDF.EXE-5B242757.pf
O45 - LFCP:[MD5.64DFB1E177C5565CFFE6F2546671A496] - 06/04/2013 - 16:34:47 ---A- - C:\Windows\Prefetch\HH.EXE-603A5034.pf
O45 - LFCP:[MD5.310487ADFB9AD763817ADB9976A5EF7D] - 06/04/2013 - 23:00:56 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-5B613C33.pf
O45 - LFCP:[MD5.3E7009284B50834B9091BE2E5E3059FB] - 07/04/2013 - 12:01:33 ---A- - C:\Windows\Prefetch\SEARCH_PROTECT.EXE-FCF5163C.pf
O45 - LFCP:[MD5.E3F82B24BF9160ACCC58E7833130E3AE] - 07/04/2013 - 12:07:58 ---A- - C:\Windows\Prefetch\WSHOST.EXE-05F0A3AF.pf
O45 - LFCP:[MD5.78E70A7BB02B6C5BD6FBA02577E97CB6] - 07/04/2013 - 16:05:31 ---A- - C:\Windows\Prefetch\REVOSETUP (1).EXE-6C6665E1.pf
O45 - LFCP:[MD5.8F819B18A3EDEA9DEE20766FE5BE9D03] - 07/04/2013 - 16:08:39 ---A- - C:\Windows\Prefetch\UNINST.EXE-D3AFADB7.pf
O45 - LFCP:[MD5.7F79900C07CA83078F1E5EBF73C54966] - 07/04/2013 - 16:09:29 ---A- - C:\Windows\Prefetch\SBSETUPDRIVERS.EXE-3E707297.pf
O45 - LFCP:[MD5.E798D6AC819C4E6464EE5D15491431A1] - 07/04/2013 - 16:09:50 ---A- - C:\Windows\Prefetch\PROPERTYSYNC.EXE-D2FFA082.pf
O45 - LFCP:[MD5.D871A94DA71ECAD36314EA8F3FA5D3E9] - 07/04/2013 - 16:09:51 ---A- - C:\Windows\Prefetch\PROPERTYSYNC.EXE-08755191.pf
O45 - LFCP:[MD5.ED099B036CF086F81AC33967AF9A1A85] - 07/04/2013 - 16:15:50 ---A- - C:\Windows\Prefetch\EPOWERSVC.EXE-31C24032.pf
O45 - LFCP:[MD5.D495D9718D712A7CE978DE5B7DE4CF77] - 08/04/2013 - 00:10:20 ---A- - C:\Windows\Prefetch\HPQTRA08.EXE-97BDFA1A.pf
O45 - LFCP:[MD5.AA0AD45C954D6731048B94B08A0AD0D6] - 08/04/2013 - 00:10:21 ---A- - C:\Windows\Prefetch\ECBL-LCL.EXE-9B756A7E.pf
O45 - LFCP:[MD5.95DC2D0345082741247FC5C570FA225B] - 08/04/2013 - 06:35:17 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-5B613C34.pf
O45 - LFCP:[MD5.1DCF2706B6B2972939A4CD3D432099E3] - 08/04/2013 - 06:35:17 ---A- - C:\Windows\Prefetch\HECISERVER.EXE-AD396A6A.pf
O45 - LFCP:[MD5.ABC64577B2D0213E7940949341601FD5] - 08/04/2013 - 06:35:17 ---A- - C:\Windows\Prefetch\JHI_SERVICE.EXE-9CD021CB.pf
O45 - LFCP:[MD5.43ED1A1E9A523B002059D169DECCA9B8] - 08/04/2013 - 17:28:44 ---A- - C:\Windows\Prefetch\EPOWERBUTTON.EXE-98D06F6A.pf
O45 - LFCP:[MD5.0A150E7A3D8CDBB19C66F2B2BB5FC7EE] - 08/04/2013 - 19:30:36 ---A- - C:\Windows\Prefetch\ARA.EXE-49583B18.pf
O45 - LFCP:[MD5.AFB5ECA7F6BFAC2217F76E9FCE9C7675] - 08/04/2013 - 19:30:36 ---A- - C:\Windows\Prefetch\UPDATEBRIDGE.EXE-AEB7D21C.pf
O45 - LFCP:[MD5.FB45C1B9FA6F46D4E872BB3FD78A246A] - 08/04/2013 - 19:30:40 ---A- - C:\Windows\Prefetch\ARAMETRO.EXE-B27AC813.pf
O45 - LFCP:[MD5.BA32D50F594D8EFA7EBC24F9E09BD9FE] - 08/04/2013 - 22:25:20 ---A- - C:\Windows\Prefetch\ASOELNCH.EXE-94175347.pf
O45 - LFCP:[MD5.F7360C162AC282BA8615F578E78B44FF] - 09/04/2013 - 07:16:47 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-CA4FE585.pf
O45 - LFCP:[MD5.F7132A157689A1AC309782290CD29024] - 09/04/2013 - 07:21:08 ---A- - C:\Windows\Prefetch\CLTLMH.EXE-9063CA12.pf
O45 - LFCP:[MD5.8FC583D2EDBC0FF305C20342983FF465] - 09/04/2013 - 07:25:26 ---A- - C:\Windows\Prefetch\SEAPORT.EXE-F1CD49BB.pf
O45 - LFCP:[MD5.0B6C4E9F6DD9B53C93087A1D2452BC03] - 09/04/2013 - 07:26:01 ---A- - C:\Windows\Prefetch\LAUNCHTM.EXE-B444BC8E.pf
O45 - LFCP:[MD5.5EB4A7CE408D66C9BF31F1678838C154] - 09/04/2013 - 07:37:20 ---A- - C:\Windows\Prefetch\SYMERR.EXE-F8405B78.pf
O45 - LFCP:[MD5.708D6ABD4507E53E1DFAE07014739B6B] - 09/04/2013 - 08:15:21 ---A- - C:\Windows\Prefetch\CLTRT.EXE-944D9C4B.pf
O45 - LFCP:[MD5.696C1255EC2BB58459E5ED1579EA3551] - 26/03/2013 - 18:53:12 ---A- - C:\Windows\Prefetch\HPQDIREC.EXE-4D68D632.pf
~ Prefetcher: 253 Legitimates Scanned in 00mn 02s



---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 9 Legitimates Scanned in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 17 Legitimates Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 2 Legitimates Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Legitimates Scanned in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome.manifest [308]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\background.html [118]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\button.xml [1582]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\config.js [223]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\content.js [9721]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\framework.js [19068]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\framework.xul [1856]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\icon128.png [12003]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\icon16.png [640]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\icon48.png [2912]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\jquery-1.6.2.min.js [91731]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\mz\background.js [2162]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\mz\content.js [1837]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\options.xul [1568]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\content\settings.json [183]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\chrome\skin\framework.css [1321]
O61 - LFC: 06/04/2013 - 15:36:55 ---A- C:\Users\H. J. DELABRE\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks\install.rdf [957]
O61 - LFC: 08/04/2013 - 14:04:23 ---A- C:\Users\H. J. DELABRE\AppData\Local\Google\Chrome\User Data\Service State [52]
O61 - LFC: 09/04/2013 - 00:41:01 ---A- C:\Users\H. J. DELABRE\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268117]
O61 - LFC: 09/04/2013 - 09:46:46 ---A- C:\Users\H. J. DELABRE\AppData\Local\Google\Chrome\User Data\Local State [25704]
O61 - LFC: 09/04/2013 - 09:46:46 ---A- C:\Users\H. J. DELABRE\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
~ 3 Fichiers temporaires (Temporary files)
~ Files: 333 Legitimates Scanned in 00mn 29s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ FASS Keys: 18 Legitimates Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 34 Legitimates Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{02A2E7A0-FB44-424D-9ACD-5D95CD374839}" | In - None - P6 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
O87 - FAEL: "{D5EA701D-D731-4315-BEAD-25BBD2331CAC}" | In - None - P17 - TRUE | .(.Acer Cloud Technology - AcerCloud Client.) -- C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
~ Firewall: 249 Legitimates Scanned in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : v2.11459 - (05/04/2013)
Cl�s trouv�es (Keys found) : 6
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0

[HKLM\Software\Classes\AppID\AddonsFramework.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ButtonSite.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\PropertySync.EXE] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ScriptHost.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder
~ Additionnel: Scanned in 00mn 06s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "0B8EF4ACC892D5E44A683FB321D6A6A0" . (.AcerCloud Docs.) -- C:\Windows\Installer\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}\icon.ico
O90 - PUC: "71B0DA5AD43FEB941A758C3B5DA2DC31" . (.AcerCloud.) -- C:\Windows\Installer\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}\icon.ico
~ Update Products: 80 Legitimates Scanned in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 16/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 11/06/2012 193616 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
SR - | Demand 11/06/2012 240208 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
SR - | Auto 27/07/2012 2415760 | (CCDMonitorService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
SS - | Demand 12/07/2012 174160 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Demand 01/08/2012 659600 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 04/04/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 26/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 24/12/2012 144520 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
SR - | Auto 11/07/2012 3939008 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
SR - | Auto 26/07/2012 891240 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\System32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 25/07/2012 382312 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by H. J. DELABRE at 09/04/2013 10:49:53

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



~ 1554 Legitimates filtered by white list
End of the scan (550 lines in 02mn 42s)(0)

Publicité


Signaler le contenu de ce document

Publicité