~ Rapport de ZHPDiag v2014.4.23.42 - Nicolas Coolman (23/04/2014) ~ Lancé par Administrateur (24/04/2014 13:56:00) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Not Found ---\\ Navigateurs Internet MSIE: Internet Explorer v6.0.3790.1830 (Defaut) OBIE: Wacom WebTabletPlugin for Internet Explorer and Netscape v2.1.0.2 ---\\ Informations sur les produits Windows ~ Langage: Français Microsoft Windows XP, 64-bit Service Pack 2 (Build 3790) Windows Automatic Updates : OK Windows Genuine Advantage : KO ---\\ Logiciels de protection du système avast! Free Antivirus v8.0.1489.0 Malwarebytes Anti-Malware version 2.0.1.1004 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Reader 8 - Français ---\\ Informations sur le système ~ Processor: EM64T Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4094.6 MB (81% free) System Restore: Activé (Enable) System drive C: has 49 GB (21%) free of 233 GB ---\\ Mode de connexion au système ~ Computer Name: BE15B ~ User Name: Administrateur ~ All Users Names: SUPPORT_388945a0, Guest, Administrator, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Documents and Settings\administrateur\Application Data\ZHP\ ~ %AppData% : C:\Documents and Settings\administrateur\Application Data\ ~ %Desktop% : C:\Documents and Settings\administrateur\desktop\ ~ %Favorites% : C:\Documents and Settings\administrateur\Favorites\ ~ %LocalAppData% : C:\Documents and Settings\administrateur\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\administrateur\Start Menu\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 49 Go of 233 Go) D: Floppy drive, Flash card reader, USB Key (Free 1 Go of 2 Go) E: Floppy drive, Flash card reader, USB Key (Free 3 Go of 7 Go) ---\\ Etat du Centre de Sécurité Windows ~ Security Center: 41 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.AE7A08C05F72A9242734C03230A5CD7F] - (.Microsoft Corporation - Windows Explorer.) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1364480] [MD5.39F24E3689F6768F01A51768BBBC1E47] - (.Microsoft Corporation - Internet Extensions for Win32.) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\wininet.dll [1190912] [MD5.901C7E44D11C00CA9D48BA1A866FDC4B] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [944128] [MD5.F0E008AC59FAA5ECD22C8891B3300378] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\AFD.sys [291840] [MD5.7A1814D0D112F50F828E25557A1ED29F] - (....) (.17/02/2007 - 00:03:34.) -- C:\WINDOWS\system32\Drivers\atapi.sys [150016] [MD5.4D99E36322FB51A8D1B2B6D6B69D9889] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [113152] [MD5.11663FE50E499FFEE77979542B285F38] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [77312] [MD5.73EA9000F8FB2E060954EB7C3377A3C7] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [50176] [MD5.50FD608643D9B56C4C75C0784513F77E] - (....) (.17/02/2007 - 00:28:56.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [93184] [MD5.D2E541613B72FF9FCEDF37B166930706] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [72704] [MD5.088ECB04137DF1F52EC10C29D57A8CCA] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [180736] [MD5.DB841EC6F027C780002EF47AABFDDF86] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [156672] [MD5.9899C0483AE641A9540731164FCA1AC5] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [786944] [MD5.FEDAAFB6CD700B9E0787C94D81C07DB5] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [347136] [MD5.C8904B5F90AB2236692E83D491C4D426] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1041920] [MD5.7DDAA09186DA9F1D304E819B5A6BBC5A] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [135680] [MD5.D81FDC53EE9C0F68D709E504342D1D74] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [135168] [MD5.0482A9BE0BE2098A12A61464306BF24B] - (....) (.17/02/2007 - 00:51:24.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [333824] [MD5.1D793394201000D2D56E848C18FE9A62] - (....) (.24/03/2005 - 18:24:04.) -- C:\WINDOWS\system32\Drivers\redbook.sys [64000] [MD5.9A7410739230F3AAF9390B79EB398570] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\smb.sys [99328] [MD5.FD6D28D1BBF31C719D9C5EC2D20FB5C2] - (....) (.18/02/2007 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [288768] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/302 ~ Mes musiques (My Musics) : 1/3 ~ Mes Videos (My Videos) : 1/3 ~ Mes Favoris (My Favorites) : 1/8 ~ Mes Documents (My Documents) : 3/1889 ~ Mon Bureau (My Desktop) : 1/12108 ~ Menu demarrer (Programs) : 1/43 ~ Hidden Files: Scanned in 00mn 04s ---\\ Processus lancés [MD5.D998FA33E11467D43A9BB7E9D3BAD124] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7867392] [PID.956] ~ Processes Running: Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 19 ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [AllUsers]: Brother Creative Center.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url O4 - GS\Desktop [AllUsers]: CATIA V5R20.lnk . (.Dassault Systemes - Administration.) -- C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSTART.exe O4 - GS\Desktop [AllUsers]: KeyShot 4 64.lnk . (...) -- C:\Program Files\KeyShot4\bin\keyshot4.exe O4 - GS\Desktop [AllUsers]: SolidWorks eDrawings 2011.lnk . (.Dassault Systèmes SolidWorks Corp. - EModelViewer Module.) -- C:\Program Files (x86)\SolidWorks Corp\SolidWorks eDrawings\EModelViewer.exe O4 - GS\Desktop [AllUsers]: SolidWorks Explorer 2011.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\WINDOWS\Installer\{5F590D74-AA75-410F-A778-3CDFCE12DCD4}\NewShortcut3_2723AB6ADE8640EEAA77EC7E47C4DF34.exe O4 - GS\Desktop [AllUsers]: TransMagic R8.lnk . (.TransMagic, Inc. - TransMagic Application.) -- C:\Program Files (x86)\TransMagic Inc\TransMagic R8\System\TransMagic.exe ~ Global Startup: 15 Legitimates Filtered in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - GS\Startup [AllUsers]: Adobe Reader Synchronizer.lnk . (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 8.0.) -- C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - GS\Startup [AllUsers]: Lancement rapide d'Adobe Reader.lnk . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - GS\Startup [AllUsers]: Logitech SetPoint.lnk . (.Logitech Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - GS\Startup [AllUsers]: Téléchargement en arrière-plan de SolidWorks.lnk . (.Dassault Systèmes SolidWorks Corp. - sldBgDwldresu.) -- C:\Program Files (x86)\Common Files\Gestionnaire d'installation SolidWorks\BackgroundDownloading\sldBgDwld.exe O4 - HKLM\..\Run: [NvCplDaemon] . (...) -- C:\WINDOWS\system32\NvCpl.dll O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe O4 - HKLM\..\Run: [NvMediaCenter] . (...) -- C:\WINDOWS\system32\NvMcTray.dll O4 - HKLM\..\Run: [Synchronization Manager] . (.Microsoft Corporation - Microsoft Synchronization Manager.) -- C:\WINDOWS\system32\mobsync.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe O4 - HKLM\..\Wow6432Node\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) -- C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe O4 - HKLM\..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe O4 - HKLM\..\Wow6432Node\Run: [Device Detector] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [BrStsMon01] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] . (...) -- C:\WINDOWS\system32\tscupgrd.exe O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] . (...) -- C:\WINDOWS\system32\tscupgrd.exe O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] . (...) -- C:\WINDOWS\system32\tscupgrd.exe O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] . (...) -- C:\WINDOWS\system32\tscupgrd.exe ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Windows Messenger [64Bits] - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14) O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com" ~ IE Paramètres WEB: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = CQFD.local ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wia [64Bits] - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (...) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (...) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (...) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (...) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (...) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Browseui preloader [64Bits] - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Browseui preloader [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- C:\WINDOWS\system32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Event Log (Eventlog) . (...) - C:\WINDOWS\system32\services.exe O23 - Service: HASP License Manager (hasplms) . (...) - C:\WINDOWS\system32\hasplms.exe O23 - Service: Net Logon (Netlogon) . (...) - C:\WINDOWS\system32\lsass.exe O23 - Service: Plug and Play (PlugPlay) . (...) - C:\WINDOWS\system32\services.exe O23 - Service: IPSEC Services (PolicyAgent) . (...) - C:\WINDOWS\system32\lsass.exe O23 - Service: Protected Storage (ProtectedStorage) . (...) - C:\WINDOWS\system32\lsass.exe ~ Services: 13 Legitimates Filtered in 00mn 01s ---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36) O36 - KnownDLLs: (wow64) . (...) -- C:\WINDOWS\system32\wow64.dll O36 - KnownDLLs: (wow64cpu) . (...) -- C:\WINDOWS\system32\wow64cpu.dll O36 - KnownDLLs: (wow64win) . (...) -- C:\WINDOWS\system32\wow64win.dll ~ Keys: Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (AFD) . (...) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (...) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (...) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (imapi) . (...) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (IPSec) . (...) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (...) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (...) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (...) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (...) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (...) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (...) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (...) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (...) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (...) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (...) - C:\WINDOWS\system32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (...) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (...) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: VGA Display Controller. (VgaSave) . (...) - C:\WINDOWS\system32\drivers\vga.sys ~ Drivers: 57 Legitimates Filtered in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: DATAKIT CrossManager 2010 - (.DATAKIT.) [HKLM][64Bits] -- {D14AD67F-DB76-42D8-927F-3C5742A7E963} O42 - Logiciel: GT-SUITE C:\GTI - (.Gamma Technologies, Inc..) [HKLM][64Bits] -- GT-SUITE_C:/GTI O42 - Logiciel: GT-SUITE v6.1.0 - (.Gamma Technologies, Inc..) [HKLM][64Bits] -- GT-SUITE v6.1.0 O42 - Logiciel: KeyShot4 4.0 64 bit - (.Luxion ApS.) [HKLM][64Bits] -- KeyShot4_64 O42 - Logiciel: TransMagic R8 - (.TransMagic, Inc..) [HKLM][64Bits] -- {B96CF7E1-FCFF-4450-A26D-DD05B5CE49B8} ~ Logic: 23 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Gamma Technologies, Inc.] [HKCU\Software\Luxion] [HKCU\Software\TransMagic] [HKLM\Software\ADFS] [HKLM\Software\Luxion] [HKLM\Software\Wow6432Node\Luxion] ~ Key Software: 188 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 03/05/2011 - 15:47:40 - [] ----D C:\Program Files (x86)\DATAKIT O43 - CFD: 03/05/2011 - 15:28:54 - [] ----D C:\Program Files (x86)\TransMagic Inc O43 - CFD: 16/04/2009 - 11:25:33 - [0] ----D C:\Documents and Settings\administrateur\Local Settings\Application Data\FEMAP O43 - CFD: 03/05/2011 - 15:47:47 - [] ----D C:\Documents and Settings\administrateur\Start Menu\Programs\Datakit ~ Program Folder: 111 Legitimates Filtered in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.5F1C733247938493C9E7C482F8303BFC] - 09/04/2014 - 16:17:45 ----- . (...) -- C:\UsbFix [Clean 7] BE15B.txt [8119] O44 - LFC:[MD5.299A08DAF8DA7C27C642EA9CC9B01F5F] - 11/04/2014 - 12:53:25 ----- . (...) -- C:\UsbFix [Clean 8] BE15B.txt [8709] O44 - LFC:[MD5.2E34867CD7EEC26A74B35242D282B175] - 11/04/2014 - 16:45:54 ----- . (...) -- C:\UsbFix [Clean 9] BE15B.txt [8500] O44 - LFC:[MD5.EC3BA4D1FA4DF8F6BC929CD4BEEF0F31] - 17/04/2014 - 17:27:46 ----- . (...) -- C:\UsbFix [Clean 10] BE15B.txt [6919] O44 - LFC:[MD5.8D511CDCB99CFB032AA886ADDCA820A1] - 18/04/2014 - 06:38:28 ----- . (...) -- C:\UsbFix [Scan 1] BE15B.txt [4382] O44 - LFC:[MD5.6F9FC3F7EDEE8D4BD7892F3C479B196D] - 18/04/2014 - 06:40:01 ----- . (...) -- C:\UsbFix [Clean 11] BE15B.txt [6469] O44 - LFC:[MD5.10F7C2D355A957C482A76627CDAE508A] - 21/04/2014 - 16:45:18 ----- . (...) -- C:\UsbFix [Clean 12] BE15B.txt [7828] O44 - LFC:[MD5.2A16CFBD9FBB4832FCB99793C4A089D5] - 23/04/2014 - 11:28:46 ----- . (...) -- C:\UsbFix [Clean 15] BE15B.txt [9850] O44 - LFC:[MD5.FD5465B876D55534117963FAAA4B9DFC] - 23/04/2014 - 12:01:48 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mbam.sys [25816] O44 - LFC:[MD5.4A1356200B82B852E137B687F03E8054] - 23/04/2014 - 12:01:48 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mbamchameleon.sys [88280] O44 - LFC:[MD5.D31DEC83A496E4C96BB091FEAFD3151D] - 23/04/2014 - 12:51:23 ----- . (...) -- C:\UsbFix [Clean 16] BE15B.txt [9015] O44 - LFC:[MD5.DDA3AC368F147487262A094E537AF750] - 23/04/2014 - 12:55:06 ----- . (...) -- C:\UsbFix [Clean 17] BE15B.txt [9498] O44 - LFC:[MD5.8F6E5597268D8A38E04174898D861BF9] - 23/04/2014 - 12:56:50 ----- . (...) -- C:\UsbFix [Scan 2] BE15B.txt [4093] O44 - LFC:[MD5.6140163BFE9D8F2DFDBA088ED5521C13] - 23/04/2014 - 13:55:45 ---A- . (...) -- C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys [119512] O44 - LFC:[MD5.F2C333CB56FD892A53DA5354E2349270] - 24/04/2014 - 09:01:27 ----- . (...) -- C:\UsbFix [Clean 13] BE15B.txt [7251] O44 - LFC:[MD5.B99813EE0EB081DDC0E169E35ADC93BF] - 24/04/2014 - 09:06:09 ----- . (...) -- C:\UsbFix [Clean 18] BE15B.txt [11746] O44 - LFC:[MD5.CF0A00C4756068469DD3CB45D8FFA7C5] - 24/04/2014 - 10:52:27 ----- . (...) -- C:\UsbFix [Clean 14] BE15B.txt [8385] O44 - LFC:[MD5.4C77D05D850E768E43551C993CC5116A] - 24/04/2014 - 10:57:10 ----- . (...) -- C:\UsbFix [Clean 19] BE15B.txt [12750] O44 - LFC:[MD5.999DB196E3D49E984E62F1D743F48F42] - 24/04/2014 - 10:58:27 ---A- . (...) -- C:\UsbFix [Clean 20] BE15B.txt [11816] ~ Files: 30 Legitimates Filtered in 00mn 00s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - URL Exec Hook [64Bits] - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Pas de propriétaire.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Dassault Systemes\B14\intel_a\code\bin\CATELFSlaveProcess.exe" [Disabled] .(...) -- C:\Program Files (x86)\Dassault Systemes\B14\intel_a\code\bin\CATELFSlaveProcess.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Dassault Systemes\B14\intel_a\code\bin\CNEXT.exe" [Disabled] .(...) -- C:\Program Files (x86)\Dassault Systemes\B14\intel_a\code\bin\CNEXT.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Dassault Systemes\B14\intel_a\code\bin\CATUTIL.exe" [Enabled] .(...) -- C:\Program Files (x86)\Dassault Systemes\B14\intel_a\code\bin\CATUTIL.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\orbixd.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\orbixd.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Pas de propriétaire.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\GTI\flexlm\GTISOFT.exe" [Enabled] .(...) -- C:\GTI\flexlm\GTISOFT.exe (.not file.) O47 - AAKE:Key Export DP - "C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe O47 - AAKE:Key Export DP - "C:\Program Files\KeyShot4\bin\keyshot4.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\KeyShot4\bin\keyshot4.exe O47 - AAKE:Key Export DP - "C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe" [Enabled] .(...) -- C:\Program Files\SolidWorks Corp\SolidWorks (2)\swScheduler\DTSCoordinatorService.exe (.not file.) ~ Keys Export: 14 Legitimates Filtered in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\wd.sys . (...) -- C:\WINDOWS\system32\Drivers\wd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (...) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (...) -- C:\WINDOWS\system32\Drivers\tdpipe.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (...) -- C:\WINDOWS\system32\Drivers\tdtcp.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (...) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys (.not file.) ~ CSB: 24 Legitimates Filtered in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "DisablePersonalDirChange"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoWelcomeScreen"=1 ~ MWPE Keys: 9 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\acpiec.sys [18432] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\afd.sys [291840] O58 - SDL:16/10/2006 - 18:34:56 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aksclass.sys [13952] O58 - SDL:13/12/2006 - 17:14:14 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aksdf.sys [65024] O58 - SDL:27/03/2008 - 18:50:12 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aksfridge.sys [128512] O58 - SDL:04/12/2006 - 09:44:14 ---A- . (...) -- C:\WINDOWS\system32\Drivers\akshasp.sys [90240] O58 - SDL:23/07/2007 - 15:13:06 ---A- . (...) -- C:\WINDOWS\system32\Drivers\akshhl.sys [56960] O58 - SDL:04/12/2006 - 09:44:14 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aksusb.sys [18688] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\amdk8.sys [51712] O58 - SDL:08/05/2006 - 19:19:40 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ASACPI.sys [8192] O58 - SDL:09/05/2013 - 09:59:06 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswFsBlk.sys [33400] O58 - SDL:09/05/2013 - 09:59:06 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswMonFlt.sys [80816] O58 - SDL:09/05/2013 - 09:59:07 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRdr.sys [59144] O58 - SDL:09/05/2013 - 09:59:07 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [65336] O58 - SDL:09/05/2013 - 09:59:07 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSnx.sys [1025808] O58 - SDL:09/05/2013 - 09:59:07 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSP.sys [378432] O58 - SDL:09/05/2013 - 09:59:07 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswTdi.sys [64288] O58 - SDL:09/05/2013 - 09:59:07 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [189936] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\asyncmac.sys [25088] O58 - SDL:17/02/2007 - 00:03:34 ---A- . (...) -- C:\WINDOWS\system32\Drivers\atapi.sys [150016] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\atmarpc.sys [106496] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\atmepvc.sys [57344] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\atmlane.sys [91648] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\atmuni.sys [569856] O58 - SDL:24/03/2005 - 18:12:02 ---A- . (...) -- C:\WINDOWS\system32\Drivers\audstub.sys [5632] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\beep.sys [6144] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\bridge.sys [116224] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\cdac15ba.sys [13312] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\cdad10ba.sys [13312] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\cdfs.sys [113152] O58 - SDL:17/10/2011 - 02:00:00 ----- . (...) -- C:\WINDOWS\system32\Drivers\cdr4_xp.sys [10224] O58 - SDL:17/10/2011 - 02:00:00 ----- . (...) -- C:\WINDOWS\system32\Drivers\cdralw2k.sys [10224] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\cdrom.sys [77312] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\classpnp.sys [88576] O58 - SDL:24/03/2005 - 18:15:54 ---A- . (...) -- C:\WINDOWS\system32\Drivers\crcdisk.sys [19968] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\disk.sys [63488] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\diskdump.sys [24064] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\dmboot.sys [415232] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\dmio.sys [244224] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\dmload.sys [9216] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\dxapi.sys [20992] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\dxg.sys [137216] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\fastfat.sys [247808] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\fdc.sys [36352] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\fips.sys [50176] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\flpydisk.sys [32256] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\fltMgr.sys [227328] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\fs_rec.sys [13824] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ftdisk.sys [240128] O58 - SDL:04/12/2006 - 09:44:14 ---A- . (...) -- C:\WINDOWS\system32\Drivers\hardlock.sys [314368] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\hidclass.sys [64512] O58 - SDL:21/06/2012 - 15:12:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\hidkmdf.sys [13728] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\hidparse.sys [41472] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\hidusb.sys [18944] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\http.sys [560640] O58 - SDL:17/02/2007 - 00:28:56 ---A- . (...) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [93184] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\imapi.sys [72704] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\intelppm.sys [49152] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ip6fw.sys [57856] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ipfltdrv.sys [49664] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ipnat.sys [180736] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ipsec.sys [156672] O58 - SDL:17/02/2007 - 01:31:14 ---A- . (...) -- C:\WINDOWS\system32\Drivers\irenum.sys [19456] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\isapnp.sys [14336] O58 - SDL:17/02/2007 - 00:34:06 ---A- . (...) -- C:\WINDOWS\system32\Drivers\kbdclass.sys [36864] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ks.sys [279552] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ksecdd.sys [187392] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ksthunk.sys [24192] O58 - SDL:23/01/2007 - 15:47:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\L8042Kbd.sys [35600] O58 - SDL:03/04/2014 - 08:50:58 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mbam.sys [25816] O58 - SDL:03/04/2014 - 08:51:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mbamchameleon.sys [88280] O58 - SDL:23/04/2014 - 13:55:45 ---A- . (...) -- C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys [119512] O58 - SDL:01/06/2011 - 14:27:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mcamvusb.sys [41984] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mcd.sys [20992] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mf.sys [94208] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mnmdd.sys [8192] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\modem.sys [49664] O58 - SDL:24/03/2005 - 17:21:12 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mouclass.sys [33792] O58 - SDL:24/03/2005 - 17:21:12 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mouhid.sys [19456] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mountmgr.sys [72192] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mqac.sys [154624] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mrxdav.sys [273408] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mrxsmb.sys [786944] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\msfs.sys [32768] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\msgpc.sys [71168] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mssmbios.sys [29696] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mup.sys [178688] O58 - SDL:25/05/2007 - 04:35:10 ---A- . (...) -- C:\WINDOWS\system32\Drivers\mv61xx.sys [159232] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ndis.sys [361984] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ndistapi.sys [15872] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ndisuio.sys [28160] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ndiswan.sys [161280] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ndproxy.sys [65024] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\netbios.sys [53760] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\netbt.sys [347136] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\nmnt.sys [71168] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\npfs.sys [56832] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1041920] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\null.sys [5632] O58 - SDL:26/05/2008 - 15:06:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\nv4_mini.sys [9525760] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\nwlnkipx.sys [138752] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\nwlnknb.sys [105472] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\nwlnkspx.sys [87552] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\oprghdlr.sys [6656] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\parport.sys [135680] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\partmgr.sys [45056] O58 - SDL:17/02/2007 - 00:44:22 ---A- . (...) -- C:\WINDOWS\system32\Drivers\pci.sys [115200] O58 - SDL:24/03/2005 - 17:22:08 ---A- . (...) -- C:\WINDOWS\system32\Drivers\pciide.sys [6144] O58 - SDL:17/02/2007 - 00:44:22 ---A- . (...) -- C:\WINDOWS\system32\Drivers\pciidex.sys [40448] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\pcmcia.sys [188416] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\processr.sys [47616] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\psched.sys [106496] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ptilink.sys [31232] O58 - SDL:03/11/2011 - 02:01:00 ----- . (...) -- C:\WINDOWS\system32\Drivers\PxHlpa64.sys [56208] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\rasacd.sys [18432] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\rasl2tp.sys [135168] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\raspppoe.sys [69120] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\raspptp.sys [120320] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\raspti.sys [31232] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\rawwan.sys [59904] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\rdbss.sys [309248] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys [7680] O58 - SDL:17/02/2007 - 00:51:24 ---A- . (...) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [333824] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\rdpwd.sys [230536] O58 - SDL:24/03/2005 - 18:24:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\redbook.sys [64000] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\RMCast.sys [181248] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\rndismp.sys [51200] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\rootmdm.sys [11776] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\scsiport.sys [171008] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sdbus.sys [119296] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\secdrv.sys [12800] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\serenum.sys [27648] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\serial.sys [121344] O58 - SDL:24/03/2005 - 16:24:40 ---A- . (...) -- C:\WINDOWS\system32\Drivers\serscan.sys [11776] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sffdisk.sys [16896] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sffp_sd.sys [17408] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sfloppy.sys [17920] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\smb.sys [99328] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\smclib.sys [23040] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sonydcam.sys [39680] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sr.sys [123904] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\srv.sys [646656] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\storport.sys [173056] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\stream.sys [84736] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\swenum.sys [5120] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\tape.sys [30720] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\tcpip.sys [768000] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\tcpip6.sys [375296] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\tdi.sys [33792] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\tdpipe.sys [20616] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\tdtcp.sys [37512] O58 - SDL:17/02/2007 - 00:59:40 ---A- . (...) -- C:\WINDOWS\system32\Drivers\termdd.sys [69768] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\tunmp.sys [19968] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\udfs.sys [107520] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\update.sys [81920] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\usb8023.sys [24064] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\usbcamd2.sys [43264] O58 - SDL:17/02/2007 - 01:00:46 ---A- . (...) -- C:\WINDOWS\system32\Drivers\usbccgp.sys [42752] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\usbd.sys [7552] O58 - SDL:17/02/2007 - 01:00:46 ---A- . (...) -- C:\WINDOWS\system32\Drivers\usbehci.sys [44160] O58 - SDL:17/02/2007 - 01:00:48 ---A- . (...) -- C:\WINDOWS\system32\Drivers\usbhub.sys [102400] O58 - SDL:17/02/2007 - 01:00:48 ---A- . (...) -- C:\WINDOWS\system32\Drivers\usbport.sys [212480] O58 - SDL:17/02/2007 - 01:00:50 ---A- . (...) -- C:\WINDOWS\system32\Drivers\USBSTOR.SYS [48128] O58 - SDL:17/02/2007 - 01:00:50 ---A- . (...) -- C:\WINDOWS\system32\Drivers\usbuhci.sys [32512] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\vga.sys [32768] O58 - SDL:24/03/2005 - 18:34:48 ---A- . (...) -- C:\WINDOWS\system32\Drivers\vgapnp.sys [33792] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\videoprt.sys [117760] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\volsnap.sys [288768] O58 - SDL:21/06/2012 - 15:12:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\wachidrouter.sys [68512] O58 - SDL:22/05/2012 - 14:07:18 ---A- . (...) -- C:\WINDOWS\system32\Drivers\wacomrouterfilter.sys [15736] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\wanarp.sys [55296] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\watchdog.sys [11264] O58 - SDL:14/07/2009 - 10:35:06 ----- . (...) -- C:\WINDOWS\system32\Drivers\wdf01000.sys [654072] O58 - SDL:14/07/2009 - 10:35:06 ----- . (...) -- C:\WINDOWS\system32\Drivers\wdfldr.sys [41192] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\wmilib.sys [9216] O58 - SDL:24/03/2005 - 17:35:08 ---A- . (...) -- C:\WINDOWS\system32\Drivers\WpdUsb.sys [29696] O58 - SDL:18/02/2007 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ws2ifsl.sys [23040] O58 - SDL:23/11/2006 - 08:01:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\yk51x64.sys [326656] O58 - SDL:11/10/2006 - 04:33:58 ---A- . (...) -- C:\WINDOWS\SysWOW64\drivers\ASUSHWIO.SYS [10288] ~ Drivers: 6 Legitimates Filtered in 00mn 00s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - SosVirus.net.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 13/12/2006 - C:\WINDOWS\system32\DRIVERS\aksdf.sys (aksdf) .(...) - LEGACY_AKSDF O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\DRIVERS\CdaD10BA.sys (CdaD10BA) .(...) - LEGACY_CDAD10BA O64 - Services: CurCS - 24/03/2005 - C:\WINDOWS\system32\DRIVERS\crcdisk.sys (crcdisk) .(...) - LEGACY_CRCDISK O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(...) - LEGACY_GPC O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(...) - LEGACY_IPSEC O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(...) - LEGACY_MRXSMB O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\lsass.exe (Netlogon) .(...) - LEGACY_NETLOGON O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\Drivers\PartMgr.sys (PartMgr) .(...) - LEGACY_PARTMGR O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(...) - LEGACY_POLICYAGENT O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(...) - LEGACY_RASACD O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(...) - LEGACY_SR O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(...) - LEGACY_TCPIP O64 - Services: CurCS - 18/02/2007 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(...) - LEGACY_WANARP ~ Legacy: 132 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: DMServer (DMServer) . (...) -- C:\WINDOWS\system32\dmserver.dll [37376] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (...) -- C:\WINDOWS\system32\srvsvc.dll [160256] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (...) -- C:\WINDOWS\system32\wkssvc.dll [226304] O83 - Search Svchost Services: Messenger (Messenger) . (...) -- C:\WINDOWS\system32\msgsvc.dll [57344] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (...) -- C:\WINDOWS\system32\ntmssvc.dll [794112] O83 - Search Svchost Services: SRService (SRService) . (...) -- C:\WINDOWS\system32\srsvc.dll [231424] O83 - Search Svchost Services: winmgmt (winmgmt) . (...) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [232960] O83 - Search Svchost Services: wscsvc (wscsvc) . (...) -- C:\WINDOWS\system32\wscsvc.dll [74752] O83 - Search Svchost Services: TermService (TermService) . (...) -- C:\WINDOWS\system32\termsrv.dll [364032] O83 - Search Svchost Services: BITS (BITS) . (...) -- C:\WINDOWS\system32\qmgr.dll [706560] O83 - Search Svchost Services: wuauserv (wuauserv) . (...) -- C:\WINDOWS\system32\wuauserv.dll [12288] ~ Services: 36 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.58FF3BA4A5A34A20D6E0E095F05D1939] [SPRF][23/04/2014] (...) -- C:\Documents and Settings\administrateur\desktop\adwcleaner.exe [1345299] [MD5.0D7B94A9D8068CAAF4FDD01D1C223C42] [SPRF][09/11/2011] (.The GIMP Team - GIMP Setup.) -- C:\Documents and Settings\administrateur\desktop\gimp-2.6.10-i686-setup-1.exe [20039632] [MD5.5C8C133D2154898683EF4846477817CD] [SPRF][05/11/2012] (...) -- C:\Documents and Settings\administrateur\desktop\pro633-4_int.exe [30947232] ~ Files: 4 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SS - | Auto 26/09/2009 36864 | (BBDemon) . (.Dassault Systemes.) - C:\Program Files (x86)\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe SS - | Demand 25/01/2010 245760 | (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe SS - | Demand 05/10/2010 87336 | (CoordinatorServiceHost) . (.Dassault Systèmes SolidWorks Corp..) - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe SS - | Demand 18/02/2007 399872 | (dmadmin) . (...) - C:\WINDOWS\system32\dmadmin.exe SS - | Demand 22/11/2010 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Demand 22/11/2010 1431888 | (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe SS - | Demand 23/09/2004 143360 | (gtexecd3490) . (...) - C:\GTI\services\v10\bin\win32\gtexecd.exe SS - | Demand 23/09/2004 217088 | (gtsched3491) . (...) - C:\GTI\services\v10\bin\win32\gtsched.exe SS - | Auto 17/07/2008 2549248 | (hasplms) . (...) - C:\WINDOWS\system32\hasplms.exe SS - | Demand 18/02/2007 14336 | (HTTPFilter) . (...) - C:\WINDOWS\system32\lsass.exe SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe SS - | Demand 18/02/2007 265728 | (ImapiService) . (...) - C:\WINDOWS\system32\imapi.exe SS - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe SS - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SS - | Demand 18/02/2007 6656 | (MSDTC) . (...) - C:\WINDOWS\system32\msdtc.exe SS - | Demand 18/02/2007 14336 | (NtLmSsp) . (...) - C:\WINDOWS\system32\lsass.exe SS - | Auto 26/05/2008 153600 | (NVSvc) . (...) - C:\WINDOWS\system32\nvsvc64.exe SS - | Demand 18/02/2007 212480 | (RDSessMgr) . (...) - C:\WINDOWS\system32\sessmgr.exe SS - | Demand 04/04/2014 79360 | (SolidWorks Licensing Service) . (.SolidWorks.) - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SS - | Auto 02/08/2012 8786848 | (TabletServiceWacom) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe SS - | Disabled 18/02/2007 113152 | (TlntSvr) . (...) - C:\WINDOWS\system32\tlntsvr.exe SS - | Auto 02/08/2012 565152 | (TouchServiceWacom) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe SS - | Demand 18/02/2007 613376 | (vds) . (...) - C:\WINDOWS\system32\vds.exe SS - | Demand 18/02/2007 2062336 | (VSS) . (...) - C:\WINDOWS\system32\vssvc.exe SS - | Demand 18/02/2007 223232 | (WmiApSrv) . (...) - C:\WINDOWS\system32\wbem\wmiapsrv.exe SR - | Auto 18/02/2007 224256 | (Eventlog) . (...) - C:\WINDOWS\system32\services.exe SR - | Auto 18/02/2007 14336 | (Netlogon) . (...) - C:\WINDOWS\system32\lsass.exe SR - | Auto 18/02/2007 224256 | (PlugPlay) . (...) - C:\WINDOWS\system32\services.exe SR - | Auto 18/02/2007 14336 | (PolicyAgent) . (...) - C:\WINDOWS\system32\lsass.exe SR - | Auto 18/02/2007 14336 | (ProtectedStorage) . (...) - C:\WINDOWS\system32\lsass.exe SR - | Auto 18/02/2007 14336 | (SamSs) . (...) - C:\WINDOWS\system32\lsass.exe ~ Services: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13045 - (23/04/2014) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 ~ Additionnel Scan: 493659 Items scanned in 00mn 22s ~ 684 Legitimates filtered by white list End of the scan (671 lines in 00mn 42s)(0)