cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2013.9.28.51 - Nicolas Coolman (28/09/2013)
~ Lanc� par salamandre (29/09/2013 14:11:15)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 24.0 (Defaut)
GCIE: Google Chrome v29.0.1547.76

---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Logiciels de protection du syst�me
Avira Free Antivirus v13.0.0.4042
Malwarebytes Anti-Malware version 1.75.0.1300
ZoneAlarm Firewall v11.0.000.057
ZoneAlarm Free Firewall v11.0.000.504
ZoneAlarm Security v11.0.000.504

---\\ Logiciels d'optimisation du syst�me
CCleaner v4.05 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin

---\\ Informations sur le syst�me
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3071 MB (70% free)
System Restore: Activ� (Enable)
System drive C: has 19 GB (29%) free of 64 GB

---\\ Mode de connexion au syst�me
~ Computer Name: FRAN-0B13FB6602
~ User Name: salamandre
~ All Users Names: SUPPORT_388945a0, salamandre, HelpAssistant, Administrateur,
~ Unselected Option: O82
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\salamandre\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\salamandre\Application Data\
~ %Desktop% : C:\Documents and Settings\salamandre\Bureau\
~ %Favorites% : C:\Documents and Settings\salamandre\Favoris\
~ %LocalAppData% : C:\Documents and Settings\salamandre\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\salamandre\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 19 Go of 64 Go)
D: Hard drive, Flash drive, Thumb drive (Free 126 Go of 298 Go)
E: Hard drive, Flash drive, Thumb drive (Free 647 Go of 932 Go)
F: Hard drive, Flash drive, Thumb drive (Free 47 Go of 85 Go)
G: CD-ROM drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 29 Legitimates Filtered in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.EA7AB3839BE1FFE067A8131F3547160D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.08/08/2013 - 07:05:46.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/11
~ Mes musiques (My Musics) : 1/8
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 1/1418
~ Mon Bureau (My Desktop) : 0/32
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lanc�s
[MD5.B359821835CB8A00F48AEDBF40A50C19] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [643072] [PID.1024]
[MD5.57FE873B8246DEF1372503CBC57A7499] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [497320] [PID.224]
[MD5.8769E2D1072B62AB071F166F03B3E3DC] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024] [PID.528]
[MD5.9F9D928F2004559247E8DEA4D1361D9B] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738984] [PID.608]
[MD5.AD1D13E6326E0B8DA2A7BE13B39A8FE0] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088] [PID.620]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.656]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.916]
[MD5.8794F7576B922C21C527593C1EC7619B] - (.VIA Technologies, Inc. - Service binary.) -- C:\WINDOWS\system32\KaraokeSer.exe [88696] [PID.2004]
[MD5.0DDFDCAA92C7F553328DB06BA599BEA9] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe [154136] [PID.2040]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.2480]
[MD5.F30BF9FC4275156F2AE96FCDF1ED5EE4] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76856] [PID.2744]
[MD5.DB3F7F19F942D3CE4E1A0E8D9FF541FB] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192] [PID.3640]
[MD5.0D67A518BE3BC74C63423AC5595C7251] - (.Check Point Software Technologies LTD - ZoneAlarm.) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73832] [PID.3740]
[MD5.E7704CBF568815C1CAA6E513387BD3F2] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [65536] [PID.1196]
[MD5.2589FFE360BED8F824CBC6171CB5B874] - (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304] [PID.2520]
[MD5.A9F9D081518AC03A51C1195986076F42] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.1992]
[MD5.2992EA136778FA1485FE543FDA098C1D] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18678376] [PID.2892]
[MD5.98D472ECFBC0E8ED25A0483E765F42B6] - (...) -- C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe [560472] [PID.3080]
[MD5.FE56897B27ED266F9C4E7D90A0B5DA47] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.3296]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [10376704] [PID.3332]
[MD5.CCE5D71F19AB70D969F9819B5C88438D] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [65536] [PID.3908]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [10368512] [PID.1244]
[MD5.53B399A4785651C6B638541FD282E9AF] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8024576] [PID.1680]
[MD5.2313A18382B038AAF6EB5DD750CC65E5] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2447888] [PID.3712]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\salamandre\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] http://start.iminent.com =>Adware.IMBooster
G1 - GCS: Preference [User Data\Default] http://www.bing.com
~ Google Browser: 3 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\prefs.js
M3 - MFPP: Plugins - [salamandre] -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\searchplugins\bingp.xml
~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: EPSON Web-To-Page - [HKLM]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: ZoneAlarm Security Engine - [HKLM]{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: HD ADeck.lnk . (.VIA Technologies, Inc. - HDeck MFC Application.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Program [salamandre]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
~ Global Startup: 10 Legitimates Filtered in 00mn 00s



---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - GS\Program [salamandre]: OpenOffice.org 3.4.1.lnk . (...) -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [ZoneAlarm] . (.Check Point Software Technologies LTD - ZoneAlarm.) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst� Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA Technologies, Inc. - HDeck MFC Application.) -- C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] . (...) -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1757981266-562591055-1801674531-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1757981266-562591055-1801674531-1004\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.
O4 - HKUS\S-1-5-21-1757981266-562591055-1801674531-1004\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.exe =>.Epson Seiko Corporation
~ Application: Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1D3E41F-1307-4589-9610-73A5178918DB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C1D3E41F-1307-4589-9610-73A5178918DB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C1D3E41F-1307-4589-9610-73A5178918DB}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
~ Services: 11 Legitimates Filtered in 00mn 06s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.B83833CD0F36156D36E44C7BB7D18D1B] - 29/09/2013 - 13:05:27 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.9A23D4383E3377DD97C633A4A6D0D78B] - 29/09/2013 - 13:05:27 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.E61E28AF5A90CE0E0DBA71299D6B9DA6] - 28/09/2013 - 15:54:51 ---A- . (...) -- C:\WINDOWS\system32\???6 [98430869]
O44 - LFC:[MD5.A6FBF1C4C7DB246D6C89AE45AC1FA283] - 26/09/2013 - 21:01:49 ---A- . (...) -- C:\WINDOWS\system32\???6 [98009570]
O44 - LFC:[MD5.A322ABE673354917AD315093FF209D97] - 26/09/2013 - 15:02:49 ---A- . (...) -- C:\WINDOWS\system32\???6 [97961477]
O44 - LFC:[MD5.A3CBCCB468CADF3B125A0603830CAC85] - 26/09/2013 - 08:57:30 ---A- . (...) -- C:\WINDOWS\system32\???6 [97892804]
O44 - LFC:[MD5.FAABE064C31BEBCADE8E3F08415C2065] - 25/09/2013 - 17:26:14 ---A- . (...) -- C:\WINDOWS\system32\???6 [97787360]
O44 - LFC:[MD5.F79268C10C9375CA750DCB430BD2D577] - 23/09/2013 - 09:33:40 ---A- . (...) -- C:\WINDOWS\system32\???6 [98615842]
O44 - LFC:[MD5.15CD87AEDD0CF3C2E6AD5DA0A66A3F03] - 22/09/2013 - 16:40:46 ---A- . (...) -- C:\WINDOWS\system32\???6 [98597466]
O44 - LFC:[MD5.D662C4D15D3722D7D11170EA7C24BD82] - 22/09/2013 - 10:41:16 ---A- . (...) -- C:\WINDOWS\system32\???6 [98586517]
O44 - LFC:[MD5.804A0ABF861560DF028A71194E8458A5] - 21/09/2013 - 16:00:58 ---A- . (...) -- C:\WINDOWS\system32\???6 [98547399]
O44 - LFC:[MD5.1A29786D5E9FE6FB87E1975CD180B268] - 20/09/2013 - 15:12:10 ---A- . (...) -- C:\WINDOWS\system32\???6 [98481651]
O44 - LFC:[MD5.3528BE1C3172B0A55E5ECD3A43E14AD8] - 19/09/2013 - 16:59:26 ---A- . (...) -- C:\WINDOWS\system32\???6 [98378485]
O44 - LFC:[MD5.29CE28E60328342E11F67EE8BCD6EA2F] - 14/09/2013 - 16:25:37 ---A- . (...) -- C:\WINDOWS\system32\???6 [97581476]
~ Files: 21 Legitimates Filtered in 00mn 59s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.3F11B2790825386FCF86BEDDF90D9583] - 04/09/2013 - 10:48:59 ---A- - C:\WINDOWS\Prefetch\29.0.1547.66_29.0.1547.62_CHR-167C4E33.pf
O45 - LFCP:[MD5.8293C7301F33ACB05A1A0CDB9637A68A] - 11/09/2013 - 07:08:42 ---A- - C:\WINDOWS\Prefetch\KARAOKESER.EXE-034AE923.pf
O45 - LFCP:[MD5.43B26C5EB130829F9D8E3A59F7199DD5] - 14/09/2013 - 18:12:24 ---A- - C:\WINDOWS\Prefetch\NS1A71.TMP-0FF89D29.pf
O45 - LFCP:[MD5.987332146DF6D6A49BB80418D86E8C0E] - 18/09/2013 - 17:07:02 ---A- - C:\WINDOWS\Prefetch\NS1CAD.TMP-1B78221E.pf
O45 - LFCP:[MD5.C02AF7F3E77F870059214CBA208541FD] - 21/09/2013 - 00:48:59 ---A- - C:\WINDOWS\Prefetch\29.0.1547.76_29.0.1547.66_CHR-004F46F5.pf
O45 - LFCP:[MD5.BB888FA19A12579B5BDC4F74D4E228EA] - 25/09/2013 - 10:50:29 ---A- - C:\WINDOWS\Prefetch\EFILEMANAGER.EXE-3B45794F.pf
O45 - LFCP:[MD5.F4F4489C6CEF83ECE0093BA21AA398FE] - 29/09/2013 - 13:07:46 ---A- - C:\WINDOWS\Prefetch\HDECK.EXE-340A4BE1.pf
O45 - LFCP:[MD5.5A1E1DFF8EC02204E0F5E2CDC242F43A] - 29/09/2013 - 13:07:46 ---A- - C:\WINDOWS\Prefetch\LWS.EXE-093A4ECD.pf
O45 - LFCP:[MD5.B2AFE2ED74BCB130CA1AB87F529229BD] - 29/09/2013 - 13:10:47 ---A- - C:\WINDOWS\Prefetch\VSMON.EXE-1D3BE476.pf
~ Prefetcher: 117 Legitimates Filtered in 00mn 00s



---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.CAC3BB575E4A0417BFF28D3196E44D3A] - 21/01/2008 - 10:45:02 R--A- . (.Pas de propri�taire - ATK0110 ACPI Utility.) -- C:\WINDOWS\system32\Drivers\ASACPI.sys [8192]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: 7 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 26/09/2013 - 09:47:00 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\bookmarkbackups\bookmarks-2013-09-26.json [0]
O61 - LFC: 26/09/2013 - 23:15:58 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\bookmarkbackups\bookmarks-2013-09-27.json [11665]
O61 - LFC: 27/09/2013 - 19:45:13 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\dntp-tracker-rules.json [78442]
O61 - LFC: 27/09/2013 - 19:51:46 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\extensions.sqlite [458752]
O61 - LFC: 28/09/2013 - 09:31:30 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\bookmarkbackups\bookmarks-2013-09-28.json [11665]
O61 - LFC: 28/09/2013 - 11:22:02 ---A- . (...) -- C:\Documents and Settings\salamandre\Mes documents\T�l�chargements\registrycleaner_en.zip [909117]
O61 - LFC: 28/09/2013 - 15:56:17 ---A- . (...) -- C:\Documents and Settings\salamandre\UserData\index.dat [16384]
O61 - LFC: 28/09/2013 - 15:57:05 ---A- . (...) -- C:\Documents and Settings\salamandre\Local Settings\Application Data\Google\Chrome\User Data\Default\History [90112]
O61 - LFC: 28/09/2013 - 17:12:51 -SHA- . (...) -- C:\Documents and Settings\salamandre\IETldCache\index.dat [262144]
O61 - LFC: 28/09/2013 - 17:43:14 ---A- . (...) -- C:\Documents and Settings\salamandre\Bureau\ZHPDiag.lnk [1523] =>.Nicolas Coolman
O61 - LFC: 28/09/2013 - 17:43:14 ---A- . (...) -- C:\Documents and Settings\salamandre\Bureau\ZHPFix.lnk [1628] =>.Nicolas Coolman
O61 - LFC: 28/09/2013 - 18:06:30 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\ZHP\ZHPDiag.txt [20041] =>.Nicolas Coolman
O61 - LFC: 28/09/2013 - 18:12:41 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\downloads.sqlite [98304]
O61 - LFC: 28/09/2013 - 18:27:10 ---A- . (...) -- C:\Documents and Settings\salamandre\Recent\ZHPDiag.lnk [486] =>.Nicolas Coolman
O61 - LFC: 28/09/2013 - 18:31:04 ---A- . (...) -- C:\Documents and Settings\salamandre\Local Settings\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\startupCache\startupCache.4.little [1411148]
O61 - LFC: 28/09/2013 - 19:47:20 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\healthreport\state.json [123]
O61 - LFC: 28/09/2013 - 19:50:40 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\addons.sqlite [524288]
O61 - LFC: 28/09/2013 - 19:52:43 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\blocklist.xml [79439]
O61 - LFC: 29/09/2013 - 01:09:57 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\bookmarkbackups\bookmarks-2013-09-29.json [11665]
O61 - LFC: 29/09/2013 - 01:09:57 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\sessionstore.bak [127641]
O61 - LFC: 29/09/2013 - 01:09:58 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\content-prefs.sqlite [229376]
O61 - LFC: 29/09/2013 - 09:38:48 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\parent.lock [0]
O61 - LFC: 29/09/2013 - 09:38:49 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\webapps\webapps.json [2]
O61 - LFC: 29/09/2013 - 09:38:52 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\urlclassifierkey3.txt [154]
O61 - LFC: 29/09/2013 - 11:18:13 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\pluginreg.dat [4926]
O61 - LFC: 29/09/2013 - 12:32:08 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\signons.sqlite [327680]
O61 - LFC: 29/09/2013 - 12:50:59 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\formhistory.sqlite [196608]
O61 - LFC: 29/09/2013 - 12:53:40 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\dntp-logs.json [4154]
O61 - LFC: 29/09/2013 - 12:57:12 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\cert8.db [212992]
O61 - LFC: 29/09/2013 - 12:57:12 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\cookies.sqlite [1572864]
O61 - LFC: 29/09/2013 - 12:57:12 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\healthreport.sqlite [1212416]
O61 - LFC: 29/09/2013 - 12:57:12 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\key3.db [16384]
O61 - LFC: 29/09/2013 - 12:57:12 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\localstore.rdf [7658]
O61 - LFC: 29/09/2013 - 12:57:12 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\places.sqlite [10485760]
O61 - LFC: 29/09/2013 - 12:57:12 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\sessionstore.js [281847]
O61 - LFC: 29/09/2013 - 12:57:13 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\permissions.sqlite [65536]
O61 - LFC: 29/09/2013 - 12:57:13 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\prefs.js [25691]
O61 - LFC: 29/09/2013 - 12:57:13 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\webappsstore.sqlite [1343488]
O61 - LFC: 29/09/2013 - 12:57:13 ---A- . (...) -- C:\Documents and Settings\salamandre\Local Settings\Application Data\Mozilla\Firefox\Profiles\zz2kbmf7.default\_CACHE_CLEAN_ [1]
O61 - LFC: 29/09/2013 - 13:09:58 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\ZHP\TestsZHPDiag.txt [3373] =>.Nicolas Coolman
O61 - LFC: 29/09/2013 - 13:12:41 ---A- . (...) -- C:\Documents and Settings\salamandre\Application Data\ZHP\Log.txt [36873] =>.Nicolas Coolman
~ 53 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 680 Legitimates Filtered in 00mn 57s



---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.9B4B87A0D656A6A3B785790EAAD910B5] [SPRF][28/03/2013] (...) -- C:\Documents and Settings\All Users\Application Data\LaunchURL.bat [143]
[MD5.4EF33D516F31BEB1C9847D1FDA69375C] [SPRF][29/06/2013] (...) -- C:\Documents and Settings\salamandre\Bureau\adwcleaner.exe [648201]
[MD5.09A3F926C400C29B3CF04FD15A0D8DEA] [SPRF][29/06/2013] (.Oleg N. Scherbakov - 7z Setup SFX.) -- C:\Documents and Settings\salamandre\Bureau\JRT.exe [545954]
[MD5.585CAD98B9DCFD8FFDB55B99946D5597] [SPRF][29/06/2013] (.Pas de propri�taire - Nettoyage des fichiers temporaires.) -- C:\Documents and Settings\salamandre\Bureau\SFTGC.exe [1064342]
~ Files: 9 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.CC6698BC951C8E50136E6D80654F81B0] [WIS][28/05/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\1a323d5.msi [1766400] =>Adware.IMBooster
~ WIS: 61 Legitimates Filtered in 00mn 12s



---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 10/09/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 10/09/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 29/11/2012 643072 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 18/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Demand 31/05/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 22/11/2012 497320 | (IswSvc) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
SR - | Auto 22/10/2012 88696 | (KaraokeService) . (.VIA Technologies, Inc..) - C:\WINDOWS\system32\KaraokeSer.exe
SR - | Auto 07/10/2009 154136 | (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
SS - | Demand 05/02/2013 312704 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Demand 18/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 27/03/2013 2447888 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
~ Services: Scanned in 00mn 13s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by salamandre at 29/09/2013 14:13:59

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
1 ntkrnlpa!IofCallDriver[0x804EF200] >> \Device\Harddisk1\DR1[0x8A2D2AB8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 13 Legitimates Filtered in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by salamandre at 29/09/2013 14:14:01

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 12930 - (28/09/2013)
Cl�s trouv�es (Keys found) : 2
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Toolbar] =>Toolbar.ZoneAlarm
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Protection_ZoneAlarm Toolbar] =>Toolbar.ZoneAlarm
C:\Windows\Installer\1a323d5.msi =>Adware.IMBooster^
~ Additionnel Scan: 184217 Items scanned in 00mn 14s



---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ MSI: 1 link(s) detected in 00mn 14s



~ 1544 Legitimates filtered by white list
End of the scan (485 lines in 02mn 59s)(0)

Publicité


Signaler le contenu de ce document

Publicité