Rapport de ZHPDiag v2013.4.15.86 par Nicolas Coolman, Update du 15/04/2013 Run by Arnaud at 16/04/2013 08:37:19 State : Problème connexion internet WhiteList : Enable High Elevated Privileges : OK UAC : Activate by user ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 20.0.1 v20.0.1 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : WQD8Q Windows License : OK Windows Automatic Updates : OK ---\\ System Protection Malwarebytes Anti-Malware version 1.75.0.1300 ---\\ System Optimizer CCleaner v4.00 ---\\ Software Update Adobe Flash Player 11 Plugin Java 7 Update 17 ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3065 MB (55% free) System Restore: Activé (Enable) System drive C: has 241 GB (83%) free of 288 GB ---\\ Logged in mode ~ Computer Name: PC-DE-ARNAUD ~ User Name: Arnaud ~ All Users Names: McAfeeMVSUser, Arnaud, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Arnaud\AppData\Roaming\ ~ %Desktop% : C:\Users\Arnaud\Desktop\ ~ %Favorites% : C:\Users\Arnaud\Favorites\ ~ %LocalAppData% : C:\Users\Arnaud\AppData\Local\ ~ %StartMenu% : C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 241 Go of 288 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 9 Go) E:\ CD-ROM drive (Not Inserted) F:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 1 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.C5B6468422DB1C8AA36C32CBB0197E5E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/04/2013 - 14:51:39.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\Drivers\atapi.sys [21560] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880] [MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192] [MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/2 ~ Mes musiques (My Musics) : 1/2 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/19 ~ Mes Documents (My Documents) : 1/666 ~ Mon Bureau (My Desktop) : 1/6 ~ Menu demarrer (Programs) : 1/32 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.66B24E2EB8F8A8340F238A346F231C79] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712] [PID.3548] [MD5.85C1D3EE666A4A2B8071A570227A68A1] - (.ActivIdentity - ActivIdentity card event handler.) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [293168] [PID.3628] [MD5.FECB438F7ABEA262C9633616CBD8CFDF] - (.ActivIdentity - ActivIdentity Event Service.) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe [95024] [PID.832] [MD5.20CB286C4591EEA68778CA6626D70D47] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272] [PID.3388] [MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752] [PID.3464] [MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.3780] [MD5.FE7CE849DB8C3986B2E721C6A3184FAA] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [287800] [PID.3876] [MD5.6438FF6F59D64E97E862F90AB66B7996] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816] [PID.3472] [MD5.BFDD0478B3CCA7FDCD6AA81CC1F0C321] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [727592] [PID.2328] [MD5.001B2CD2D45BC59575BA0F1A4A997682] - (. Hewlett-Packard Development Company, L.P. - Volume related element.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe [76856] [PID.3832] [MD5.A958832BAB4040B54935CDE64CC5B289] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe [1624616] [PID.3884] [MD5.8D07F0687318214A3CEF62EA1048D101] - (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.exe [316720] [PID.2840] [MD5.0DE3C7622EC33126579B1742260F08C2] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe [632888] [PID.1572] [MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.3192] [MD5.10247055758850D4D0E9469322A93D42] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.4268] [MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152] [PID.4328] [MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [920472] [PID.4896] [MD5.1CB6A775D760DBCD5DD09B01E4942450] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6778368] [PID.5220] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\windows\system32\conime.exe [69120] [PID.4176] [MD5.098C7CE10A929C9E101468377609882D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\windows\system32\Ati2evxx.exe [671744] [PID.996] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\windows\system32\SLsvc.exe [3408896] [PID.1236] [MD5.C0BEB56ED79B59B7B33D0AA6C38A0BA6] - (.Hewlett-Packard Company - HpService.) -- C:\windows\system32\Hpservice.exe [26168] [PID.1336] [MD5.EC4A5D4E36A8E49261CD823450E0BA51] - (.ActivIdentity - ActivIdentity Cache Server.) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe [182576] [PID.324] [MD5.585F5793BB5D79C8754EE63BCBAF2B3A] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\windows\system32\AEADISRV.exe [86016] [PID.380] [MD5.8ED60797908FD394EEE0D6949F493224] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- C:\Windows\system32\agrsmsvc.exe [12800] [PID.476] [MD5.85D5E6AC46A2AE4672C1AC813AE45B95] - (.Microsoft Corp. - Bing Desktop updating service.) -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [168592] [PID.644] [MD5.9F0510096ECCD84D21918B28ED606C60] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [440872] [PID.1420] [MD5.EDC243EF33F8DA2A1A499331891D9472] - (.McAfee, Inc. - Common Shell3 - Scanners' interface to the.) -- C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe [13632] [PID.0] [MD5.3AD7614C487C948ADD435662265750FB] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.2112] [MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [112152] [PID.2148] [MD5.C215E09622118383B236DD56C2065183] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2172] [MD5.38BCCF016B694A745E1CDBC0B080A59C] - (.McAfee, Inc. - McAfee HackerWatch Service.) -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe [540776] [PID.2216] [MD5.7869AE9E3533D5A6F006E7B97F5FB991] - (.McAfee, Inc. - McAfee Personal Firewall Service.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe [841256] [PID.2232] [MD5.ACD411DE0A23E5ECBE57FE051CB4CC6E] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [576024] [PID.2348] [MD5.675C575444AAFD56B4E8A99EF8A570CD] - (.Absolute Software Corp. - rpcnet.) -- C:\windows\system32\rpcnet.exe [69792] [PID.2484] [MD5.FDF273A845F1FFCCEADF363AAF47582F] - (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [229944] [PID.3772] [MD5.C7A0E61D5714AC20DE52D4F66EC773B8] - (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [227896] [PID.1608] [MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384] [PID.5332] [MD5.D13E6BFD7E9189D26A42E94CB2447044] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.5624] ~ Processes Running: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Arnaud\AppData\Roaming\Mozilla\Firefox\Profiles\hgbz242s.default\prefs.js M0 - MFSP: prefs.js [Arnaud - hgbz242s.default] http://professionnels.societegenerale.fr M2 - MFEP: prefs.js [Arnaud - hgbz242s.default\coralietab@mozdev.org] [] IE Tab + v2.04.20110724 (..) M2 - MFEP: prefs.js [Arnaud - hgbz242s.default\{1018e4d6-728f-4b20-ad56-37578a4de76b}] [] Flagfox v4.2.7 (..) M2 - MFEP: prefs.js [Arnaud - hgbz242s.default\{ada4b710-8346-4b82-8199-5de2b400a6ae}] [] ReminderFox v2.0.2 (..) M2 - MFEP: prefs.js [Arnaud - hgbz242s.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.14 (..) ~ Firefox Browser: 21 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com ~ IE Browser: 8 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{0BF43445-2F28-4351-9252-17FE6E806AA0} Clé orpheline O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll ~ Toolbar: Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [accrdsub] . (.ActivIdentity - ActivIdentity card event handler.) -- c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [SoundMAX] . (.Analog Devices, Inc. - SoundMAX Audio Settings (32-bit).) -- C:\Program Files\Analog Devices\SoundMAX\soundmax.exe O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - GS\QuickLaunch: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Microsoft Office Excel 2007.lnk . (...) -- C:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe O4 - GS\QuickLaunch: Microsoft Office Word 2007.lnk . (...) -- C:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SendTo: Assistant Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\fsquirt.exe O4 - GS\SendTo: Unlocker.lnk . (...) -- C:\Program Files\Unlocker\Unlocker.exe O4 - GS\Desktop: La Nouvelle Mercerie.lnk . (...) -- C:\Users\Arnaud\Documents\La Nouvelle Mercerie O4 - GS\Desktop: Microsoft Money.lnk . (.Microsoft(R) Corporation - Microsoft Money.) -- C:\Program Files\Microsoft Money 2005\MNYCoreFiles\msmoney.exe O4 - GS\Desktop: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe O4 - GS\Desktop: Windows Update.lnk . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe ~ Global Startup: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll O9 - Extra button: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{29EFFFC8-AA9B-4131-B114-121924F1D1A1}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{825504FE-4BE0-4106-BD9F-BDEE842C3404}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{29EFFFC8-AA9B-4131-B114-121924F1D1A1}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{825504FE-4BE0-4106-BD9F-BDEE842C3404}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{29EFFFC8-AA9B-4131-B114-121924F1D1A1}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{825504FE-4BE0-4106-BD9F-BDEE842C3404}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: ActivClient Middleware Service (accoca) . (.ActivIdentity - ActivIdentity Cache Server.) - c:\Program Files\ActivIdentity\ActivClient\accoca.exe O23 - Service: EngineServer (EngineServer) . (.McAfee, Inc. - Common Shell3 - Scanners' interface to the.) - C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe O23 - Service: McAfee HackerWatch Service (McAfee HackerWatch Service) . (.McAfee, Inc. - McAfee HackerWatch Service.) - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: (VSSERV) . (...) - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (.not file.) ~ Services: 15 Legitimates Filtered in 00mn 04s ---\\ Tâches planifiées en automatique (O39) [MD5.CD765DF2695403434C4526F19602DA8F] [APT] [Registration] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [28672] ~ Scheduled Task: 3 Legitimates Filtered in 00mn 02s ---\\ Logiciels installés (O42) O42 - Logiciel: ActivClient 6.1 x86 - (.ActivIdentity.) [HKLM] -- {AC194855-F7AC-4D04-B4C9-07BA46FCB697} ~ Logic: 82 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKLM\Software\ActivCard] [HKLM\Software\ActivIdentity] [HKLM\Software\GSC] [HKLM\Software\ITConcepts] ~ Key Software: 115 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 15/07/2008 - 10:37:06 - [4,936] ----D C:\Program Files\ActivIdentity O43 - CFD: 15/07/2008 - 10:37:06 - [0] ----D C:\Program Files\Common Files\ActivIdentity ~ Program Folder: 129 Legitimates Filtered in 00mn 14s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.5A186198384A33FF53FB5B3A26368BB3] - 16/04/2013 - 07:21:20 ---A- . (...) -- C:\Windows\System32\rpcnetp.exe [17408] O44 - LFC:[MD5.476C877BFCC58F59E3E646A2AE9C1AEE] - 15/04/2013 - 18:52:06 ---A- . (...) -- C:\Windows\System32\spsys.log [808] O44 - LFC:[MD5.A53990B67E33E6A73800C8A3F0C20B79] - 15/04/2013 - 18:42:52 ---A- . (...) -- C:\Windows\ntbtlog.txt [92118] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/04/2013 - 18:33:15 ---A- . (...) -- C:\Windows\System32\lic2.xml30922 [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/04/2013 - 18:16:19 ---A- . (...) -- C:\Windows\System32\lic2.xml27611 [0] O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 15/04/2013 - 14:51:47 ---A- . (...) -- C:\Windows\System32\icrav03.rat [8798] O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 15/04/2013 - 14:51:47 ---A- . (...) -- C:\Windows\System32\ticrf.rat [1988] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 15/04/2013 - 14:51:38 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822] O44 - LFC:[MD5.75DFEB04C0C978810720283C1B5CD7B1] - 15/04/2013 - 13:34:51 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [130008] O44 - LFC:[MD5.6F7C27002EA0F9496070A1150C977DEC] - 15/04/2013 - 13:34:49 ---A- . (...) -- C:\Windows\System32\spcinstrumentation.man [9239] O44 - LFC:[MD5.4DF0D81B2B19B87DBFF241619DCDDC31] - 15/04/2013 - 13:34:44 ---A- . (...) -- C:\Windows\System32\dot3.tmf [442788] O44 - LFC:[MD5.E9E66706083BFE4B0070EE0A5E8D42DB] - 15/04/2013 - 13:34:42 ---A- . (...) -- C:\Windows\System32\StructuredQuerySchema.bin [107612] O44 - LFC:[MD5.358A03A7A47F0AD71E84306AC635A626] - 15/04/2013 - 13:34:42 ---A- . (.Pas de propriétaire - Programme d'authentification du périphériqu.) -- C:\Windows\System32\EhStorAuthn.dll [117248] O44 - LFC:[MD5.16D06DC26B8BD160AD81EE271D9577D8] - 15/04/2013 - 13:34:41 ---A- . (...) -- C:\Windows\System32\onex.tmf [392170] O44 - LFC:[MD5.AD4C3968CE1DB3A3A4632E1CDECA9555] - 15/04/2013 - 13:34:38 ---A- . (...) -- C:\Windows\System32\eaphost.tmf [344698] O44 - LFC:[MD5.A3EB38D309C5682BBA0E23732C5D4AF2] - 15/04/2013 - 13:34:31 ---A- . (...) -- C:\Windows\System32\WFP.TMF [208966] O44 - LFC:[MD5.BCDBB5CEA1E8AEA0FA353691EB003728] - 15/04/2013 - 13:34:29 ---A- . (...) -- C:\Windows\System32\slmgr.vbs [92918] O44 - LFC:[MD5.52CB0185C73E1BA86CC7F726F22523C3] - 15/04/2013 - 13:34:27 ---A- . (...) -- C:\Windows\System32\msjetoledb40.dll [368640] O44 - LFC:[MD5.07400BC21119204892795F015052CDF4] - 15/04/2013 - 13:34:11 ---A- . (...) -- C:\Windows\System32\RacUR.xml [9212] O44 - LFC:[MD5.4C58B5E71FEEFD18BB7F537343C7219A] - 15/04/2013 - 13:34:09 ---A- . (...) -- C:\Windows\System32\RacUREx.xml [153] O44 - LFC:[MD5.AF9E3107108E70C1AF9F3831622068A3] - 15/04/2013 - 13:00:11 ---A- . (...) -- C:\Windows\System32\rpcnetp.dll [17408] O44 - LFC:[MD5.18B2C06EF8DC3FAF83C074089024391E] - 15/04/2013 - 08:04:17 ---A- . (...) -- C:\Windows\System32\wlan.tmf [2501921] O44 - LFC:[MD5.D07E5384D2B4E71F7D49C9F334D69284] - 15/04/2013 - 07:48:52 ---A- . (...) -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [18904] O44 - LFC:[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - 15/04/2013 - 07:48:50 ---A- . (...) -- C:\Windows\System32\korwbrkr.lex [11967524] O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 14/04/2013 - 22:31:23 ---A- . (...) -- C:\Windows\System32\WsmTxt.xsl [2426] O44 - LFC:[MD5.F6D48AE1F578493D2E19DD644B153976] - 14/04/2013 - 22:31:23 ---A- . (...) -- C:\Windows\System32\winrm.vbs [201184] O44 - LFC:[MD5.3C436603213561E2E7DD3D4459DBB7D4] - 14/04/2013 - 22:31:23 ---A- . (...) -- C:\Windows\System32\wsmanconfig_schema.xml [4675] O44 - LFC:[MD5.4E8F2BB3A5A87E75C35533723B50E685] - 14/04/2013 - 20:54:46 ---A- . (...) -- C:\Windows\System32\user_gensett.xml [385] O44 - LFC:[MD5.377834A9909097B9733F840C2FE2D12B] - 14/04/2013 - 20:07:19 ---A- . (...) -- C:\Windows\win.ini [128] O44 - LFC:[MD5.28CBE9DE37E1A99BDD05441A4B208EAB] - 14/04/2013 - 19:37:31 ---A- . (...) -- C:\Windows\snp2uvc.ini [15497] O44 - LFC:[MD5.E0067DD7AE6C680CB18E3A58E7FB8DFB] - 14/04/2013 - 19:37:31 ---A- . (...) -- C:\Windows\snp2uvc.src [13022] O44 - LFC:[MD5.CC9EE86BFB63E03179AAFCBCA7DB324F] - 14/04/2013 - 19:37:31 ---A- . (.Pas de propriétaire - ResourceDLL.) -- C:\Windows\System32\rsnp2uvc.dll [180224] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/04/2013 - 19:30:20 RSHA- . (...) -- C:\Windows\System32\Drivers\103C_HP_bNB_6830s_Y5336AN_0U_QCNU9117NV6_E480268-A41_4A_I30E9_SHP_V95.1C_68PZD F.0A_T090220_WV3-1_L40C_M3066_J320_7Intel_86FD_92.00_#080715_N_(FU484ES#ABF)_XMOBILE_CN10_Z_2F.0A_G100295C2_OOptiarc DVD RW AD-7561S.MRK [0] ~ Files: 937 Legitimates Filtered in 00mn 17s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro37.sys . (...) -- C:\Windows\System32\Drivers\hitmanpro37.sys (.not file.) ~ CSB: 17 Legitimates Filtered in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.CC1F1D3D70DC13C2C281488D347D4415] - 13/05/2011 - 17:57:20 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [35896] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: Scanned in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 29/04/2008 - C:\Windows\System32\drivers\MfeBOPK.sys (MfeBOPK) .(.McAfee, Inc. - Buffer Overflow Protection Driver.) - LEGACY_MFEBOPK O64 - Services: CurCS - 29/04/2008 - C:\Windows\System32\drivers\mfetdik.sys (mfetdik) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFETDIK ~ Legacy: 118 Legitimates Filtered in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [Arnaud - hgbz242s.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search"); O69 - SBI: SearchScopes [HKCU] {58C9BFB3-5EB5-44AC-99BA-447F75D474DE} [DefaultScope] - (AOL Recherche) - http://slirsredirect.search.aol.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.9429F169F30FE2EE22BB705AB9099314] [SPRF][14/04/2013] (...) -- C:\ProgramData\1365968331.bdinstall.bin [569720] [MD5.AF6B281404B1D94EE2213BBC234AB4E3] [SPRF][14/04/2013] (...) -- C:\ProgramData\1365971686.2812.bin [0] [MD5.A59953A1A2BD90832BA5EAD61163DAFD] [SPRF][14/04/2013] (...) -- C:\ProgramData\1365971686.3016.bin [0] [MD5.A9F12B4E669FB4056ED27D1183FC09DC] [SPRF][14/04/2013] (...) -- C:\ProgramData\1365971686.4908.bin [0] [MD5.EF6DB9301E77150F6E266AB18C600257] [SPRF][14/04/2013] (...) -- C:\ProgramData\1365971686.5748.bin [0] [MD5.7B25CC9BEF33716206F706124F13F237] [SPRF][14/04/2013] (...) -- C:\ProgramData\1365972163.bdinstall.bin [100066] [MD5.4771385B0835A4C0620D5D97378656DD] [SPRF][14/04/2013] (...) -- C:\ProgramData\1365975773.bdinstall.bin [527199] [MD5.E3FBF42E0C5CC0E2F196EE5E6199D199] [SPRF][15/04/2013] (...) -- C:\ProgramData\1366005510.bdinstall.bin [148738] [MD5.C04925A6381ACF97A4042A586BBC7A83] [SPRF][15/04/2013] (...) -- C:\ProgramData\1366007075.bdinstall.bin [89250] [MD5.171655A3338001E6A4943A8D011345E4] [SPRF][15/04/2013] (...) -- C:\ProgramData\1366042831.bdinstall.bin [1715970] [MD5.7F11BFCE2FFAFA6E4F1A2B476A38EDEE] [SPRF][15/04/2013] (...) -- C:\ProgramData\1366049292.bdinstall.bin [100219] [MD5.D05584E440C83CC4D0F8D1E99B0E7BE2] [SPRF][15/04/2013] (...) -- C:\Users\Arnaud\AppData\Local\d3d9caps.dat [680] [MD5.FDE750124017DFF830EA6E60C929BE08] [SPRF][16/04/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Arnaud\Desktop\ZHPDiag2.exe [5570834] ~ Files: Scanned in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : v2.11554 - (15/04/2013) Clés trouvées (Keys found) : 2 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{B4089055-D468-45A4-A6BA-5A138DD715FC}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4089055-D468-45A4-A6BA-5A138DD715FC}] =>Toolbar.Agent ~ Additionnel: Scanned in 00mn 18s ---\\ Product Upgrade Codes (O90) O90 - PUC: "5509804B864D4A546AABA531D87D51CF" . (.Bing Bar.) -- C:\windows\Installer\{B4089055-D468-45A4-A6BA-5A138DD715FC}\icon_installer_ico O90 - PUC: "558491CACA7F40D44B9C70AB64CF6B79" . (.ActivClient 6.1 x86.) -- c:\Windows\Installer\{AC194855-F7AC-4D04-B4C9-07BA46FCB697}\ARPPRODUCTICON.exe ~ Update Products: 151 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 16/05/2007 182576 | (accoca) . (.ActivIdentity.) - c:\Program Files\ActivIdentity\ActivClient\accoca.exe SR - | Auto 19/10/2007 86016 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe SR - | Auto 11/12/2007 12800 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe SR - | Auto 08/05/2008 671744 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe SS - | Auto 21/10/2011 196176 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe SR - | Auto 13/10/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\BingBar\SeaPort.exe SR - | Auto 16/01/2008 440872 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe SR - | Demand 12/01/2010 227896 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe SR - | Auto 29/04/2008 13632 | (EngineServer) . (.McAfee, Inc..) - C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe SR - | Auto 15/04/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe SR - | Demand 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe SR - | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe SR - | Auto 18/04/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe SR - | Auto 05/01/2007 112152 | (IviRegMgr) . (.InterVideo.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe SR - | Auto 18/03/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe SR - | Auto 13/02/2007 540776 | (McAfee HackerWatch Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe SS - | Demand 29/04/2008 144704 | (McShield) . (.McAfee, Inc..) - C:\Program Files\McAfee\Managed VirusScan\VScan\McShield.exe SS - | Demand 14/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 23/05/2007 841256 | (MpfService) . (.McAfee, Inc..) - C:\Program Files\McAfee\MPF\MPFSrv.exe SS - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 12/05/2008 576024 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files\PDF Complete\pdfsvc.exe SS - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SS - | Demand 08/04/2008 1112560 | (RoxMediaDB10) . (.Sonic Solutions.) - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe SR - | Auto 14/04/2013 69792 | (rpcnet) . (.Absolute Software Corp..) - C:\windows\system32\rpcnet.exe SS - | Demand 24/03/2008 74384 | (stllssvr) . (.MicroVision Development, Inc..) - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe SS - | Auto 0 | (VSSERV) . (...) - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 00s ~ 1872 Legitimates filtered by white list End of the scan (483 lines in 02mn 07s)(0)