cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.3.19.54 par Nicolas Coolman, Update du 19/03/2013
Run by hughes at 19/03/2013 19:48:36
State : Version � jour.
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v8.0.7601.17514
GCIE: Google Chrome v25.0.1364.172 (Defaut)

---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : 44Q2J
Windows License : OK
~ Windows Remaining Initializations Number : 5
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3035 MB (43% free)
System Restore: Activ� (Enable)
System drive C: has 29 GB (11%) free of 242 GB

---\\ Logged in mode
~ Computer Name: PC
~ User Name: hughes
~ All Users Names: Mcx1-PC, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\h\AppData\Roaming\
~ %Desktop% : C:\Users\h\Desktop\
~ %Favorites% : C:\Users\h\Favorites\
~ %LocalAppData% : C:\Users\h\AppData\Local\
~ %StartMenu% : C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 29 Go of 242 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Hard drive, Flash drive, Thumb drive (Free 199 Go of 223 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.989937C1C1333EE55CC2982340CB1DBA] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/02/2013 - 14:37:29.) -- C:\Windows\System32\wininet.dll [981504]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/10228
~ Mes musiques (My Musics) : 4/11591
~ Mes Videos (My Videos) : 2/1165
~ Mes Favoris (My Favorites) : 1/34
~ Mes Documents (My Documents) : 1/131
~ Mon Bureau (My Desktop) : 1/372
~ Menu demarrer (Programs) : 1/43
~ Scan Hidden Files in 00mn 33s



---\\ Processus lanc�s
[MD5.967DCD9F36AAEA34FE859C9B82E6A4B9] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248] [PID.2992]
[MD5.C6743F7622423C4A59EA8B0309DADC22] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe [233472] [PID.3004]
[MD5.543E009B1465864D9AE7C6F25DCFA83A] - (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe [729088] [PID.3012]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.3044]
[MD5.720EBCAD71DDB2E7FA0D3C26ABAFF42E] - (.TOSHIBA Corporation. - HDMICtrlMan.exe.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe [811008] [PID.3084]
[MD5.C1344BCC06A3161C9D86F05612F720C4] - (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe [503808] [PID.3320]
[MD5.C6F29FC4363AED8566DB6F9B52AAB5FB] - (.TOSHIBA Corporation - TOSHIBA eco Utility.) -- C:\Program Files\Toshiba\TECO\TEco.exe [1323008] [PID.3388]
[MD5.5C639276655D8AE95C9F1C6C98CA9116] - (.TOSHIBA Corporation - TosSENotify.exe.mui.) -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe [1011712] [PID.3452]
[MD5.91F4CDB6AE8F978EFCE5DDE4264BEB79] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe [468320] [PID.3464]
[MD5.C33EE8245897AEF45B7F0C70FDE0F78F] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [15872] [PID.3512]
[MD5.3CD5BBDA19A1AB4EBA359E0A14FDF0F0] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.3556]
[MD5.3142195521FEE436088EE8A5748DE1B1] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [170520] [PID.3568]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421776] [PID.3612]
[MD5.5DBC85C723E421198FD35C3355EBA996] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310280] [PID.3956]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.4044]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files\RocketDock\RocketDock.exe [495616] [PID.4072]
[MD5.B9AA850CDA55097EB13E03698C8F5828] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [266776] [PID.108]
[MD5.8E7AF6DD4E43C14D957C0AD7CA0A7B89] - (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe [1476104] [PID.2676]
[MD5.334206173B1DF9D68817E5F07789E955] - (.Samsung Electronics - Pas de description.) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560] [PID.1008]
[MD5.6A621E75D960C6DC2F1DD268F7D0F872] - (.Koninklijke Philips Electronics N.V. - Wi-Fi MediaConnect.) -- C:\Program Files\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe [2345472] [PID.3252]
[MD5.F2F3617C63B87AA2DE139DC9E37420B5] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [179224] [PID.3808]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.4332]
[MD5.B712E9BD1852C4C70E133E286C559F06] - (.Pas de propri�taire - HTSRecover.) -- C:\Program Files\Philips\Wi-Fi MediaConnect\HTSRecover.exe [308736] [PID.4620]
[MD5.6F74DB36565B470BB734ACD5C03CDBBA] - (.TOSHIBA Corporation. - SoundChanger.exe.) -- C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe [700416] [PID.5124]
[MD5.EB0AD0BBAB987A31AE6478D576403445] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe [54568] [PID.668]
[MD5.09EAABEC4C378C788E3137F0D31D0CFC] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\Apoint2K\Apntex.exe [49152] [PID.2668]
[MD5.EA7F750C761E49B544335D9AE39802CD] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\HidFind.exe [49250] [PID.3308]
[MD5.B95AC0CDB8F068F0C024CD344B354298] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1274320] [PID.740]
[MD5.10A9E36EC1C8E4911FE5C347ADCA1328] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5810688] [PID.5468]
~ Scan Processes Running in 00mn 01s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\hughes\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [hughes] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0042.0.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@google.com/npPicasa2,version=2.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Picasa2\npPicasa2.dll
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Picasa2\npPicasa3.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.17.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.17.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.17.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@t-immersion.com/DFusionHomeWebPlugIn] - (.Total Immersion - D'Fusion @Home Web Plug-In (2.30.11563.0).) -- C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.4".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propri�taire - Provides additional functionality on Facebook. See O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak�.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\9Giga Synchro [Key] . (...) -- C:\Program Files\SFR\9Giga Synchro\9Giga_Synchro.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\hughes\AppData\Local\Facebook\Update\FacebookUpdate.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\KiesHelper [Key] . (...) -- C:\Program Files\Samsung\Kies\KiesHelper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\KiesPDLR [Key] . (.Samsung - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O53 - SMSR:HKLM\...\startupreg\KiesTrayAgent [Key] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O53 - SMSR:HKLM\...\startupreg\MyTomTomSA.exe [Key] . (.TomTom - MyTomTom.) -- C:\Program Files\MyTomTom 3\MyTomTomSA.exe
O53 - SMSR:HKLM\...\startupreg\TOSHIBA Online Product Information [Key] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe
O53 - SMSR:HKLM\...\startupreg\TWebCamera [Key] . (.TOSHIBA - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 16/03/2013 - 21:09:16 ---A- C:\Users\h\AppData\Roaming\Microsoft\Office\Word12.pip [1684]
O61 - LFC: 17/03/2013 - 11:48:01 ---A- C:\Users\h\Music\Amazon MP3\Bruno Mars\Locked Out Of Heaven\01 - Locked Out Of Heaven.mp3 [7694608]
O61 - LFC: 17/03/2013 - 11:48:15 ---A- C:\Users\h\Music\iTunes\Album Artwork\Cache\2E61D4E97A64CEAC\02\00\11\2E61D4E97A64CEAC-BE40DC1709BACB02.itc2 [379453]
O61 - LFC: 17/03/2013 - 11:49:50 -SHA- C:\Users\h\Music\Amazon MP3\Bruno Mars\Locked Out Of Heaven\Thumbs.db [17920]
O61 - LFC: 17/03/2013 - 12:13:29 -SH-- C:\Users\h\Music\Amazon MP3\Bruno Mars\Locked Out Of Heaven\AlbumArtSmall.jpg [6940]
O61 - LFC: 17/03/2013 - 12:13:29 -SH-- C:\Users\h\Music\Amazon MP3\Bruno Mars\Locked Out Of Heaven\Folder.jpg [32292]
O61 - LFC: 17/03/2013 - 12:22:39 ---A- C:\Users\h\Music\Amazon MP3\Psy\Gangnam Style\01 - Gangnam Style.mp3 [6800868]
O61 - LFC: 17/03/2013 - 12:22:40 -SH-- C:\Users\h\Music\Amazon MP3\Psy\Gangnam Style\AlbumArtSmall.jpg [10000]
O61 - LFC: 17/03/2013 - 12:22:41 ---A- C:\Users\h\Music\iTunes\Album Artwork\Cache\2E61D4E97A64CEAC\07\09\09\2E61D4E97A64CEAC-293D2BD103763997.itc2 [472784]
O61 - LFC: 17/03/2013 - 12:22:41 -SH-- C:\Users\h\Music\Amazon MP3\Psy\Gangnam Style\Folder.jpg [52936]
O61 - LFC: 17/03/2013 - 12:25:05 -SHA- C:\Users\h\Music\Amazon MP3\Psy\Gangnam Style\Thumbs.db [30208]
O61 - LFC: 17/03/2013 - 12:34:00 ---A- C:\Users\h\AppData\Local\Apple Computer\iTunes\iPodDevices.xml [1458]
O61 - LFC: 17/03/2013 - 12:41:10 ---A- C:\Users\h\AppData\Roaming\Amazon\MP3 Downloader\DownloadQueue.amz [130]
O61 - LFC: 17/03/2013 - 12:41:10 ---A- C:\Users\h\AppData\Roaming\Amazon\MP3 Downloader\Settings.xml [825]
O61 - LFC: 17/03/2013 - 12:41:10 ---A- C:\Users\h\AppData\Roaming\Amazon\MP3 Downloader\amazonmp3.db [9216]
O61 - LFC: 17/03/2013 - 12:41:10 ---A- C:\Users\h\Documents\Amazon MP3\logs\amdlog.txt [20586]
O61 - LFC: 17/03/2013 - 17:07:24 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\session.lock [8]
O61 - LFC: 17/03/2013 - 17:17:28 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\data\villages.dat [55]
O61 - LFC: 17/03/2013 - 17:17:28 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\level.dat_old [1346]
O61 - LFC: 17/03/2013 - 17:17:31 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\region\r.-1.0.mca [3088384]
O61 - LFC: 17/03/2013 - 17:17:35 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\DIM1\region\r.-1.-1.mca [950272]
O61 - LFC: 17/03/2013 - 17:17:35 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\DIM1\region\r.-1.0.mca [1003520]
O61 - LFC: 17/03/2013 - 17:17:35 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\DIM1\region\r.0.-1.mca [1077248]
O61 - LFC: 17/03/2013 - 17:17:35 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\DIM1\region\r.0.0.mca [1208320]
O61 - LFC: 17/03/2013 - 17:17:35 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\level.dat [1345]
O61 - LFC: 17/03/2013 - 17:17:35 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\players\mama.dat [1023]
O61 - LFC: 17/03/2013 - 17:17:35 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\region\r.-1.-1.mca [2838528]
O61 - LFC: 17/03/2013 - 17:17:35 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\region\r.0.-1.mca [4308992]
O61 - LFC: 17/03/2013 - 17:17:35 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\1\region\r.0.0.mca [2969600]
O61 - LFC: 17/03/2013 - 17:19:21 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\level.dat_mcr [372]
O61 - LFC: 17/03/2013 - 17:19:22 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\session.lock [8]
O61 - LFC: 17/03/2013 - 17:59:41 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\data\villages.dat [55]
O61 - LFC: 17/03/2013 - 17:59:41 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\level.dat_old [939]
O61 - LFC: 17/03/2013 - 17:59:42 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\players\mama.dat [624]
O61 - LFC: 17/03/2013 - 17:59:42 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\region\r.-1.0.mca [1015808]
O61 - LFC: 17/03/2013 - 17:59:43 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\level.dat [938]
O61 - LFC: 17/03/2013 - 17:59:44 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\region\r.-1.-1.mca [2310144]
O61 - LFC: 17/03/2013 - 17:59:44 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\region\r.0.-1.mca [782336]
O61 - LFC: 17/03/2013 - 17:59:44 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde---------------\region\r.0.0.mca [499712]
O61 - LFC: 17/03/2013 - 18:23:51 ---A- C:\Users\h\Music\iTunes\iTunes Library Extras.itdb [16384]
O61 - LFC: 17/03/2013 - 18:36:20 ---A- C:\Users\h\Music\iTunes\iTunes Music Library.xml [247965]
O61 - LFC: 17/03/2013 - 18:36:35 ---A- C:\Users\h\AppData\Roaming\Apple Computer\Preferences\com.apple.iTunes.plist [124]
O61 - LFC: 17/03/2013 - 18:39:12 ---A- C:\Users\h\Music\iTunes\iTunes Library.itl [41078]
O61 - LFC: 17/03/2013 - 18:39:12 --HA- C:\Users\h\Music\iTunes\sentinel [8]
O61 - LFC: 17/03/2013 - 18:39:13 ---A- C:\Users\h\AppData\Local\Apple Computer\iTunes\Cache.db [16377856]
O61 - LFC: 17/03/2013 - 18:39:13 ---A- C:\Users\h\AppData\Local\Apple Computer\iTunes\iTunesPrefs.xml [1413305]
O61 - LFC: 17/03/2013 - 18:39:13 ---A- C:\Users\h\AppData\Roaming\Apple Computer\iTunes\Cookies\Cookies.binarycookies [1019]
O61 - LFC: 17/03/2013 - 18:39:13 ---A- C:\Users\h\AppData\Roaming\Apple Computer\iTunes\iTunesPrefs.xml [175333]
O61 - LFC: 17/03/2013 - 21:13:37 -SHA- C:\Users\h\Pictures\PHOTOS\2013\f�vrier 2013\Thumbs.db [97280]
O61 - LFC: 17/03/2013 - 21:13:38 -SHA- C:\Users\h\Pictures\PHOTOS\2013\janvier 2013\Thumbs.db [65536]
O61 - LFC: 17/03/2013 - 21:49:16 ---A- C:\Users\h\Pictures\le_monde_fantastique_d_oz_visuel-2.jpg [170724]
O61 - LFC: 17/03/2013 - 21:50:47 ---A- C:\Users\h\Pictures\Oz-120713-05-700x350.jpg [80941]
O61 - LFC: 17/03/2013 - 21:52:38 -SHA- C:\Users\h\Pictures\Thumbs.db [436224]
O61 - LFC: 17/03/2013 - 21:55:16 -SHA- C:\Users\h\Pictures\PHOTOS\2008\perros 2008\Thumbs.db [2804224]
O61 - LFC: 17/03/2013 - 21:55:22 -SHA- C:\Users\h\Pictures\PHOTOS\2008\Thumbs.db [352256]
O61 - LFC: 17/03/2013 - 21:55:28 -SHA- C:\Users\h\Pictures\PHOTOS\2012\juillet 2012\Thumbs.db [6947328]
O61 - LFC: 17/03/2013 - 21:55:29 -SHA- C:\Users\h\Pictures\PHOTOS\2012\juin 2012\Thumbs.db [510976]
O61 - LFC: 19/03/2013 - 16:55:09 ---A- C:\Users\h\AppData\Local\Temp\~DF2B6F9AB1EF85899D.TMP [16384]
O61 - LFC: 19/03/2013 - 16:55:10 ---A- C:\Users\h\AppData\Local\Temp\~DF216D75CCDDB0A14A.TMP [49152]
O61 - LFC: 19/03/2013 - 16:56:18 ---A- C:\Users\h\AppData\Local\Temp\e4jC551.tmp_dir\MinecraftSP.jar [139783]
O61 - LFC: 19/03/2013 - 16:56:23 ---A- C:\Users\h\AppData\Roaming\.minecraft\lastlogin [16]
O61 - LFC: 19/03/2013 - 16:56:52 ---A- C:\Users\h\AppData\Roaming\.minecraft\options.txt [900]
O61 - LFC: 19/03/2013 - 16:57:40 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\level.dat_mcr [389]
O61 - LFC: 19/03/2013 - 16:57:41 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\session.lock [8]
O61 - LFC: 19/03/2013 - 16:59:06 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\region\r.1.-1.mca [561152]
O61 - LFC: 19/03/2013 - 16:59:06 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\region\r.1.-2.mca [16384]
O61 - LFC: 19/03/2013 - 16:59:06 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\region\r.1.0.mca [24576]
O61 - LFC: 19/03/2013 - 16:59:08 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\region\r.-1.-2.mca [155648]
O61 - LFC: 19/03/2013 - 16:59:08 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\region\r.0.-2.mca [188416]
O61 - LFC: 19/03/2013 - 17:03:54 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\region\r.0.0.mca [1085440]
O61 - LFC: 19/03/2013 - 17:03:56 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\region\r.-1.0.mca [303104]
O61 - LFC: 19/03/2013 - 17:11:27 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\data\villages.dat [55]
O61 - LFC: 19/03/2013 - 17:11:27 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\level.dat_old [902]
O61 - LFC: 19/03/2013 - 17:11:29 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\players\mama.dat [562]
O61 - LFC: 19/03/2013 - 17:11:29 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\region\r.-1.-1.mca [811008]
O61 - LFC: 19/03/2013 - 17:11:29 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\region\r.0.-1.mca [1912832]
O61 - LFC: 19/03/2013 - 17:11:30 ---A- C:\Users\h\AppData\Roaming\.minecraft\saves\Nouveau monde----------------\level.dat [903]
O61 - LFC: 19/03/2013 - 17:11:32 ---A- C:\Users\h\AppData\Roaming\.minecraft\stats\stats_mama_unsent.dat [5927]
O61 - LFC: 19/03/2013 - 17:11:32 ---A- C:\Users\h\AppData\Roaming\.minecraft\stats\stats_mama_unsent.old [5927]
O61 - LFC: 19/03/2013 - 18:27:49 ---A- C:\Users\h\AppData\Local\Temp\~DFFE41551B06C38BB2.TMP [16384]
O61 - LFC: 19/03/2013 - 18:27:52 ---A- C:\Users\h\AppData\Local\Temp\~DF54D327946982D965.TMP [49152]
O61 - LFC: 19/03/2013 - 18:28:47 ---A- C:\Users\h\AppData\Local\Google\Google Desktop\6eec54c07963\sites.txt [2403]
O61 - LFC: 19/03/2013 - 18:50:49 ---A- C:\Users\h\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [265827]
O61 - LFC: 19/03/2013 - 18:50:49 ---A- C:\Users\h\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set [1672]
O61 - LFC: 19/03/2013 - 18:50:49 ---A- C:\Users\h\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json [34]
O61 - LFC: 19/03/2013 - 18:53:24 --HA- C:\Users\h\AppData\Local\IconCache.db [4682402]
O61 - LFC: 19/03/2013 - 18:54:52 ---A- C:\Users\h\AppData\Local\Temp\~DFBDEDCAE5D8D61E6F.TMP [16384]
O61 - LFC: 19/03/2013 - 18:54:53 ---A- C:\Users\h\AppData\Local\Temp\~DFAC391F87732AE162.TMP [49152]
O61 - LFC: 19/03/2013 - 18:54:56 ---A- C:\Users\h\AppData\Roaming\Intel\Wireless\WLANProfiles\Profiles.enc [48]
O61 - LFC: 19/03/2013 - 18:54:58 ---A- C:\Users\h\AppData\Roaming\Yontoo\PlugIns.cache [9]
O61 - LFC: 19/03/2013 - 19:07:16 ---A- C:\Users\h\AppData\Local\Google\Chrome\User Data\First Run [0]
O61 - LFC: 19/03/2013 - 19:07:30 ---A- C:\Users\h\AppData\Local\Google\Chrome\User Data\fr-FR-2-0.bdic [924593]
O61 - LFC: 19/03/2013 - 19:10:50 ---A- C:\Users\h\Documents\MARQUE PAGE.html [91846]
O61 - LFC: 19/03/2013 - 19:12:26 ---A- C:\Users\h\AppData\Local\Temp\~nsu.tmp\Au_.exe [499730]
O61 - LFC: 19/03/2013 - 19:14:54 ---A- C:\Users\h\AppData\Local\Temp\E1CB864A\InstallApps.txt [65]
O61 - LFC: 19/03/2013 - 19:15:19 ---A- C:\Users\h\AppData\Local\Temp\66bdd94c-d698-46cb-84aa-8410b32dc055.dmp [369039]
O61 - LFC: 19/03/2013 - 19:15:21 ---A- C:\Users\h\AppData\Local\Temp\E1CB864A\InstallHandler.txt [5]
O61 - LFC: 19/03/2013 - 19:16:03 ---A- C:\Users\h\AppData\Local\Temp\E1CB864A\x64\regsvr32.exe [7168]
O61 - LFC: 19/03/2013 - 19:16:03 ---A- C:\Users\h\AppData\Local\Temp\E1CB864A\x86\regsvr32.exe [6656]
O61 - LFC: 19/03/2013 - 19:17:25 ---A- C:\Users\h\Downloads\Firefox Setup 19.0.2 (1).exe [20721576]
O61 - LFC: 19/03/2013 - 19:22:05 ---A- C:\Users\h\AppData\Local\Temp\qs-fr-utf16.txt [5524]
O61 - LFC: 19/03/2013 - 19:23:50 ---A- C:\Users\h\AppData\Roaming\QuickScan\Report 2013-03-19 19.22.10.txt [71790]
O61 - LFC: 19/03/2013 - 19:31:19 ---A- C:\Users\h\AppData\Local\Temp\KiesLiveupdateTemp\PluginHost.xml [278]
O61 - LFC: 19/03/2013 - 19:49:50 ---A- C:\Users\h\AppData\Local\Google\Google Desktop\6eec54c07963\uinfo.dat [407040]
O61 - LFC: 19/03/2013 - 19:50:52 ---A- C:\Users\h\AppData\Local\Google\Chrome\User Data\Local State [24919]
~ Scan Files in 12mn 53s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE
O64 - Services: CurCS - 15/09/2010 - C:\Windows\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - 23/04/2009 - C:\Windows\system32\drivers\PMCF.sys (PMCF) .(.Pas de propri�taire - Privileged Mode Common Functions Driver.) - LEGACY_PMCF
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 09/03/2010 - C:\Program Files\Unlocker\UnlockerDriver5.sys - UnlockerDriver5 (UnlockerDriver5) .(...) - LEGACY_UNLOCKERDRIVER5
~ Scan Services in 01mn 04s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {50AB0C36-CD97-440A-8AF9-2E52DFA7BA34} [DefaultScope] - (Search the web (Softonic)) - http://search.softonic.com
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=gH7MSeXFWw6KPc8UAMz_br103Kc?q={searchTerms}
O69 - SBI: SearchScopes [HKCU] {76D1629D-FBC0-4919-84CB-47E2782F2D79} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {E5D79F13-CFBF-4FC8-B132-42965E7A68DC} - (Google) - http://www.google.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
Aucune entr�e ill�gitime dans ce module !
~ Scan Services in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.8CD4DEBC1BC1987C5CF81789F4B29493] [SPRF][17/03/2012] (...) -- C:\Users\hughes\AppData\Roaming\wklnhst.dat [3710]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][07/12/2012] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\hughes\Desktop\MinecraftSP.exe [695296]
[MD5.CB9DE7256147D52B56B2E4E1A17731EE] [SPRF][19/03/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\hughes\Desktop\ZHPDiag2.exe [5416616]
[MD5.77D31FB654A53DBFB151C7A8E11E3A02] [SPRF][17/07/2009] (.Adobe Systems Incorporated - Adobe� Flash� Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1962160]
~ Scan Files in 00mn 04s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{3C1A367E-1E1B-4971-BD0F-6110F1A81698}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "{03F32158-6B1F-482C-AEA8-D52461F1558A}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "TCP Query User{43A8D78B-736E-496C-97F9-4B0B02599BCD}C:\program files\google\google earth\plugin\geplugin.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\plugin\geplugin.exe
O87 - FAEL: "UDP Query User{30C3B688-26C6-46FE-980A-54395CCD29F6}C:\program files\google\google earth\plugin\geplugin.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\plugin\geplugin.exe
O87 - FAEL: "{5119A5AA-D4B6-4872-81EB-9EAAED9EAF0C}" | In - Public - P6 - TRUE | .(.Koninklijke Philips Electronics N.V. - Wi-Fi MediaConnect.) -- C:\Program Files\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe
O87 - FAEL: "{E030A2F3-7C1A-477C-84D5-1E4EA611C460}" | In - Public - P17 - TRUE | .(.Koninklijke Philips Electronics N.V. - Wi-Fi MediaConnect.) -- C:\Program Files\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe
O87 - FAEL: "TCP Query User{4B818065-8EF8-4E19-817E-252C27FCD2CE}C:\program files\philips\wi-fi mediaconnect\wi-fi mediaconnect.exe" | In - Private - P6 - TRUE | .(.Koninklijke Philips Electronics N.V..) -- C:\program files\philips\wi-fi mediaconnect\wi-fi mediaconnect.exe
O87 - FAEL: "UDP Query User{B9902977-A757-4728-97A0-FE6A53B695AC}C:\program files\philips\wi-fi mediaconnect\wi-fi mediaconnect.exe" | In - Private - P17 - TRUE | .(.Koninklijke Philips Electronics N.V..) -- C:\program files\philips\wi-fi mediaconnect\wi-fi mediaconnect.exe
O87 - FAEL: "TCP Query User{98D44202-4A39-4D1B-921A-EE709C9EA56B}C:\program files\hitachi\lifestudio\lifestudio.exe" | In - Private - P6 - TRUE | .(.Hitachi - LifeStudio.) -- C:\program files\hitachi\lifestudio\lifestudio.exe
O87 - FAEL: "UDP Query User{FA98E4E8-FBEC-4F3E-87F8-ECC2DE8C4CE9}C:\program files\hitachi\lifestudio\lifestudio.exe" | In - Private - P17 - TRUE | .(.Hitachi - LifeStudio.) -- C:\program files\hitachi\lifestudio\lifestudio.exe
O87 - FAEL: "TCP Query User{8FF4359C-8181-43A6-A7DF-C9494E141988}C:\program files\hitachi\lifestudio\lifestudio.exe" | In - Public - P6 - TRUE | .(.Hitachi - LifeStudio.) -- C:\program files\hitachi\lifestudio\lifestudio.exe
O87 - FAEL: "UDP Query User{9ABB0A4B-0AEC-4B42-8B7B-D085430D2333}C:\program files\hitachi\lifestudio\lifestudio.exe" | In - Public - P17 - TRUE | .(.Hitachi - LifeStudio.) -- C:\program files\hitachi\lifestudio\lifestudio.exe
O87 - FAEL: "{F7C35AFF-9099-4347-8EB4-8440BDBE1BD3}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{47E6BFBA-C6BC-40B6-A3EE-43D585D8D5BB}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{0E419BB1-5507-46D1-951A-9856C40D0DEC}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{C90924FD-2265-40B1-80F4-59F4E52607A9}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{FB5D1FAF-5324-4BF6-AE44-C2684AA16284}" | In - Public - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "{8B83AA83-010D-4FC2-9E46-FD75290BF5E1}" | In - Public - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "{8A4386CD-6D5D-42BD-80F1-B24F521331C1}" | In - None - P17 - TRUE | .(.Skype Limited - Facebook Video Calling.) -- C:\Users\hughes\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
O87 - FAEL: "TCP Query User{DC93EA07-93A4-4296-B77A-E2AB12859856}C:\windows\system32\javaw.exe" | In - Public - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\windows\system32\javaw.exe
O87 - FAEL: "UDP Query User{E3F91AC2-6BF3-41CF-80FB-1A848BD8556D}C:\windows\system32\javaw.exe" | In - Public - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\windows\system32\javaw.exe
O87 - FAEL: "{5146C304-2956-468E-9C47-F0000221EF1A}" | In - None - P17 - TRUE | .(.Pas de propri�taire - Wireless PAN DHCP and DNS Server.) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
~ Scan Firewall in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.11289 - (19/03/2013)
Cl�s trouv�es (Keys found) : 44
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 8
Fichiers trouv�s (Files found) : 0

[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}] =>Worm.SDBOT
[HKLM\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\CLSID\{699DDBCC-DC7E-11D0-BCF7-00C04FC2FB86}] =>Worm.SDBOT
[HKLM\Software\Classes\CLSID\{6D835690-900B-11D0-9484-00A0C91110ED}] =>Worm.SDBOT
[HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo
[HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo
[HKLM\Software\Classes\BrowserConnection.Loader.1] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO.1] =>Adware.Bandoo
[HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService] =>Adware.IncrediBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Tarma Installer] =>Toolbar.Agent
[HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings] =>PUP.SpecialSavings
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service] =>Adware.IncrediBar
[HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\SYSTEM\CurrentControlSet\Services\Partner Service] =>Spyware.Partner
C:\Program Files\yontoo =>Adware.Yontoo
C:\Program Files\Searchqu Toolbar =>Adware.Bandoo
C:\Program Files\SpecialSavings =>PUP.SpecialSavings
C:\Program Files\SearchCore for Browsers =>Adware.SearchCore
C:\ProgramData\IBUpdaterService =>Adware.IncrediBar
C:\ProgramData\Partner =>Spyware.Partner
C:\Users\hughes\AppData\Roaming\yontoo =>Adware.Yontoo
C:\Users\hughes\AppData\Roaming\SpecialSavings =>PUP.SpecialSavings
~ Scan Additionnel in 00mn 26s



---\\ Recherche d�tournement de DNS routeur (O89) (None)

---\\ Product Upgrade Codes (O90)
O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilit� pour Microsoft Office System 2007.) -- c:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- c:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0
O90 - PUC: "0212CE3624715264AA746C8AEA9C6CC4" . (.Apple Application Support.) -- C:\Windows\Installer\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}\WinInstall.ico
O90 - PUC: "0A72DDEF603BFE54FB855B7204B6248C" . (.TOSHIBA Value Added Package.) -- C:\Windows\Installer\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\ARPPRODUCTICON.exe
O90 - PUC: "1038C85769625584FA5435B4210089A0" . (.Samsung Kies.) -- C:\Windows\Installer\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe
O90 - PUC: "11328E8261681E11EB0B8BCAF6798BE8" . (.Google�Earth.) -- C:\Windows\Installer\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}\ARPPRODUCTICON.exe
O90 - PUC: "168061B30527E1545BEEB829FB037A01" . (.Microsoft Works.) -- c:\Windows\Installer\{3B160861-7250-451E-B5EE-8B92BF30A710}\MSWorks.exe
O90 - PUC: "1AAFDD4D73CE9254DAB54A33DA6E6826" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}\Installer.ico
O90 - PUC: "1F079377ABE54744DAEEE13A0B5A4929" . (.TOSHIBA Recovery Disk Creator Reminder.) -- c:\Windows\Installer\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\ARPPRODUCTICON.exe
O90 - PUC: "227C12A7952F67947BAA66855EDFDEFA" . (.Google Drive.) -- C:\Windows\Installer\{7A21C722-F259-4976-B7AA-6658E5FDEDAF}\DriveIcon
O90 - PUC: "37600F09672A85A46B574B623DD9E190" . (.Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed.) -- C:\Windows\Installer\{90F00673-A276-4A58-B675-B426D39D1E09}\IntelBluetoothICO
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "4CE86D69E110C144AA675B5EF591265C" . (.Microsoft Sync Framework 2.0 Core Components (x86) FRA .) -- C:\Windows\Installer\{96D68EC4-011E-441C-AA76-B5E55F1962C5}\ARPIco
O90 - PUC: "5F84FFBEAFC3F634F85D49BF103D0A7A" . (.TOSHIBA SD Memory Utilities.) -- C:\Windows\Installer\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}\ARPPRODUCTICON.exe
O90 - PUC: "60BBB56BE8F15F84A8450B429A1EF5FD" . (.TOSHIBA Recovery Disc Creator.) -- C:\Windows\Installer\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\ARPPRODUCTICON.exe
O90 - PUC: "6786F6F0433677945BDDFC1CE2914302" . (.iTunes.) -- C:\Windows\Installer\{0F6F6876-6334-4977-B5DD-CFC12E193420}\Installer.ico
O90 - PUC: "68AB67CA7DA76301B7449A0500000010" . (.Adobe Reader 9.5.4 - Fran�ais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A95000000001}\SC_Reader.ico
O90 - PUC: "80508A3D38DC3AC4681719A4B17CB816" . (.Microsoft Sync Framework 2.0 Provider Services (x86) ENU .) -- C:\Windows\Installer\{D3A80508-CD83-4CA3-8671-914A1BC78B61}\ARPIco
O90 - PUC: "812B5ECE680A81E43A261D1118864175" . (.Logiciel Intel� PROSet/Wireless WiFi.) -- C:\Windows\Installer\{ECE5B218-A086-4E18-A362-D11181681457}\ARPPRODUCTICON.exe
O90 - PUC: "8442234DFA6B61348B958D0A8ED4BC83" . (.TOSHIBA HDD/SSD Alert.) -- C:\Windows\Installer\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\ARPPRODUCTICON.exe
O90 - PUC: "8C00E0C12AC95FD4AA5780907992956B" . (.Microsoft Sync Framework 2.0 Provider Services (x86) FRA .) -- C:\Windows\Installer\{1C0E00C8-9CA2-4DF5-AA75-0809972959B6}\ARPIco
O90 - PUC: "96C09A491C17A074885FAA74CE9CB604" . (.TOSHIBA HDD Protection.) -- C:\Windows\Installer\{94A90C69-71C1-470A-88F5-AA47ECC96B40}\ARPPRODUCTICON.exe
O90 - PUC: "974635350BFDDE74D901343F07C822D2" . (.TOSHIBA eco Utility.) -- C:\Windows\Installer\{53536479-DFB0-47ED-9D10-43F3708C222D}\ARPPRODUCTICON.exe
O90 - PUC: "9A1DA4B6A37E4814D9B670F2A8C3E5AB" . (.VoiceOver Kit.) -- C:\Windows\Installer\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}\WinInstall.ico
O90 - PUC: "B2F5519759897D9468219D52080EEDB5" . (.Bonjour.) -- C:\Windows\Installer\{79155F2B-9895-49D7-8612-D92580E0DE5B}\Bonjour.ico
O90 - PUC: "BFB6BBEC807D99F46A33CB62000EE16F" . (.Bluetooth Stack for Windows by Toshiba.) -- C:\Windows\Installer\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}\ARPPRODUCTICON.exe
O90 - PUC: "C24E037CA539BB540A5C735E32D411B1" . (.TOSHIBA Face Recognition.) -- C:\Windows\Installer\{C730E42C-935A-45BB-A0C5-37E5234D111B}\ARPPRODUCTICON.exe
O90 - PUC: "D12136FF6C19CC243B141FAA2779827E" . (.Microsoft Sync Framework 2.0 Core Components (x86) ENU .) -- C:\Windows\Installer\{FF63121D-91C6-42CC-B341-F1AA729728E7}\ARPIco
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DF63C716EBC00064482B44C1BE21AFFD" . (.TOSHIBA Extended Tiles for Windows Mobility Center.) -- C:\Windows\Installer\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\ARPPRODUCTICON.exe
O90 - PUC: "E8D7C56ED681B484EB8AED0F33C16E00" . (.TRORDCLauncher.) -- C:\Windows\Installer\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 18/07/2012 509456 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 23/08/2012 104240 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 16/04/2009 20544 | (camsvc) . (.TOSHIBA.) - C:\Program Files\Toshiba\TOSHIBA Web Camera Application\TWebCameraSrv.exe
SR - | Auto 23/08/2012 500528 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 28/05/2010 233472 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe
SS - | Demand 23/08/2010 30192 | (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 23/04/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/04/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 26/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 06/01/2011 56832 | (HitachiBackupService) . (.Hitachi GST.) - C:\Program Files\Hitachi\Hitachi Backup\HitachiBackupService.exe
SR - | Auto 721688 | (IBUpdaterService) . (...) - C:\ProgramData\IBUpdaterService\ibsvc.exe
SR - | Demand 09/09/2012 821648 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 242480 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 19/06/2009 111088 | (Partner Service) . (.Google Inc..) - C:\ProgramData\Partner\partner.exe
SR - | Auto 23/08/2012 108336 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 24/08/2009 575552 | (Thpsrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\ThpSrv.exe
SR - | Auto 01/04/2009 62776 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
SR - | Auto 30/03/2009 83312 | (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
SR - | Auto 21/11/2007 129632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 06/03/2009 464224 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
SR - | Auto 30/07/2009 144752 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
SR - | Auto 24/04/2009 176128 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe
SR - | Auto 17/03/2009 73728 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 23/08/2012 2778416 | (ZeroConfigService) . (.Intel� Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Scan Services in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by hughes at 19/03/2013 20:09:27

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys thpdrv.sys halmacpi.dll iaStor.sys
C:\Windows\system32\DRIVERS\thpdrv.sys TOSHIBA Corporation TOSHIBA HDD Protection
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x83070BAA] -> \Device\Harddisk0\DR0[0x870C27F0]
3 CLASSPNP[0x8BBCB59E] -> ntkrnlpa!IofCallDriver[0x83070BAA] -> \Device\THPDRV1[0x870C18C0]
5 thpdrv[0x8BC0399F] -> ntkrnlpa!IofCallDriver[0x83070BAA] -> \Device\Ide\IAAStorageDevice-1[0x86270028]
kernel: MBR read successfully
user & kernel MBR OK
error: Read Impossible de satisfaire � la demande en raison d�une erreur de p�riph�rique d�E/S.
~ Scan MBR in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by hughes at 19/03/2013 20:09:30

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s



End of the scan (1306 lines in 20mn 53s)(0)