par bonaparte75 - jeu. 22 mai 2014 13:36
- jeu. 22 mai 2014 13:36
#149329
ZHPDIAG fin
- Code: Tout sélectionner
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 22/05/2014 - 13:15:23 ---A- . (...) -- C:\Documents and Settings\Administrateur\Bureau\adwcleaner.exe [1326389]
O61 - LFC: 22/05/2014 - 13:15:24 ---A- . (.Malwarebytes Corporation.) -- C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\mbam-setup-2.0.2.1012.exe [17292760]
O61 - LFC: 22/05/2014 - 13:15:24 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Administrateur\Mes documents\Téléchargements\ZHPDiag2.exe [6780696] =>.Nicolas Coolman
~ 48 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 3 Scanned in 00mn 04s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net.)" onclick="window.open(this.href);return false; [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 18/02/2005 - C:\WINDOWS\system32\DRIVERS\a320raid.sys (a320raid) .(.Adaptec, Inc. - Adaptec hostRAID for Ultra320 SCSI.) - LEGACY_A320RAID
O64 - Services: CurCS - 07/04/2004 - C:\WINDOWS\system32\DRIVERS\aac.sys (aac) .(.Adaptec, Inc. - Adaptec RAID Miniport Driver.) - LEGACY_AAC
O64 - Services: CurCS - 18/05/2005 - C:\WINDOWS\system32\DRIVERS\aarich.sys (aarich) .(.Adaptec, Inc. - Adaptec hostRAID for Serial ATA.) - LEGACY_AARICH
O64 - Services: CurCS - 17/02/2004 - C:\WINDOWS\system32\drivers\adpu320.sys (adpu320) .(.Adaptec, Inc. - Adaptec Win2K/XP/Server2003 Ultra320 SCSI D.) - LEGACY_ADPU320
O64 - Services: CurCS - 19/12/2006 - C:\Program Files\Broadcom\ASFIPMon\BASFND.sys (BASFND) .(.Broadcom Corporation - Broadcom NetDetect Driver..) - LEGACY_BASFND
O64 - Services: CurCS - 15/08/2008 - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (btwdins) .(.Broadcom Corporation. - Bluetooth Support Server.) - LEGACY_BTWDINS
O64 - Services: CurCS - 07/03/2006 - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe (ccEvtMgr) .(.Symantec Corporation - Symantec Event Manager Service.) - LEGACY_CCEVTMGR
O64 - Services: CurCS - 07/03/2006 - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe (ccSetMgr) .(.Symantec Corporation - Symantec Settings Manager Service.) - LEGACY_CCSETMGR
O64 - Services: CurCS - 13/12/2004 - C:\WINDOWS\system32\drivers\cercsr6.sys (cercsr6) .(.Adaptec, Inc. - DELL CERC SATA1.5/6ch Miniport Driver.) - LEGACY_CERCSR6
O64 - Services: CurCS - 31/03/2006 - C:\Program Files\Symantec AntiVirus\DefWatch.exe (DefWatch) .(.Symantec Corporation - Virus Definition Daemon.) - LEGACY_DEFWATCH
O64 - Services: CurCS - 18/08/2006 - C:\WINDOWS\system32\DLA\DLABMFSM.sys (DLABMFSM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABMFSM
O64 - Services: CurCS - 18/08/2006 - C:\WINDOWS\system32\DLA\DLABOIOM.sys (DLABOIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABOIOM
O64 - Services: CurCS - 18/08/2006 - C:\WINDOWS\system32\DLA\DLADResM.sys (DLADResM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLADRESM
O64 - Services: CurCS - 18/08/2006 - C:\WINDOWS\system32\DLA\DLAIFS_M.sys (DLAIFS_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAIFS_M
O64 - Services: CurCS - 18/08/2006 - C:\WINDOWS\system32\DLA\DLAOPIOM.sys (DLAOPIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAOPIOM
O64 - Services: CurCS - 18/08/2006 - C:\WINDOWS\system32\DLA\DLAPoolM.sys (DLAPoolM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAPOOLM
O64 - Services: CurCS - 11/08/2006 - C:\WINDOWS\system32\Drivers\DLARTL_M.sys (DLARTL_M) .(.Roxio - Shared Driver Component.) - LEGACY_DLARTL_M
O64 - Services: CurCS - 18/08/2006 - C:\WINDOWS\system32\DLA\DLAUDFAM.sys (DLAUDFAM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDFAM
O64 - Services: CurCS - 18/08/2006 - C:\WINDOWS\system32\DLA\DLAUDF_M.sys (DLAUDF_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDF_M
O64 - Services: CurCS - 11/08/2006 - C:\WINDOWS\system32\Drivers\DRVNDDM.sys (DRVNDDM) .(.Roxio - Device Driver Manager.) - LEGACY_DRVNDDM
O64 - Services: CurCS - 13/02/2012 - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
O64 - Services: CurCS - 13/02/2012 - C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - 28/04/2003 - C:\WINDOWS\system32\DRIVERS\fasttx2k.sys (fasttx2k) .(.Promise Technology, Inc. - Promise FastTrak Series Driver for WindowsX.) - LEGACY_FASTTX2K
O64 - Services: CurCS - 07/09/2007 - C:\WINDOWS\system32\drivers\megasas.sys (megasas) .(.LSI Corporation - MEGASAS RAID Controller Driver for XP 32.) - LEGACY_MEGASAS
O64 - Services: CurCS - 18/08/2011 - C:\Program Files\FICHIE~1\SYMANT~1\VIRUSD~1\20120308.002\naveng.sys (NAVENG) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVENG
O64 - Services: CurCS - 18/08/2011 - C:\Program Files\FICHIE~1\SYMANT~1\VIRUSD~1\20120308.002\navex15.sys (NAVEX15) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVEX15
O64 - Services: CurCS - 20/12/2007 - C:\WINDOWS\system32\drivers\nvatabus.sys (nvatabus) .(.NVIDIA Corporation - NVIDIA® nForce(TM) IDE Performance Driver.) - LEGACY_NVATABUS
O64 - Services: CurCS - 20/12/2007 - C:\WINDOWS\system32\drivers\nvraid.sys (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - 04/06/2008 - C:\WINDOWS\system32\DRIVERS\PBADRV.sys (PBADRV) .(.Dell Inc - PBA Support Driver.) - LEGACY_PBADRV
O64 - Services: CurCS - 19/12/2005 - C:\Program Files\Symantec AntiVirus\savrt.sys (SAVRT) .(.Symantec Corporation - AutoProtect.) - LEGACY_SAVRT
O64 - Services: CurCS - 19/12/2005 - C:\Program Files\Symantec AntiVirus\Savrtpel.sys (SAVRTPEL) .(.Symantec Corporation - SAVRTPEL.) - LEGACY_SAVRTPEL
O64 - Services: CurCS - 06/02/2006 - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys (SPBBCDrv) .(.Symantec Corporation - SPBBC Driver.) - LEGACY_SPBBCDRV
O64 - Services: CurCS - 06/02/2006 - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe (SPBBCSvc) .(.Symantec Corporation - SPBBC Service.) - LEGACY_SPBBCSVC
O64 - Services: CurCS - 31/03/2006 - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec AntiVirus) .(.Symantec Corporation - Symantec AntiVirus.) - LEGACY_SYMANTEC_ANTIVIRUS
O64 - Services: CurCS - 31/01/2006 - C:\Program Files\Symantec\SYMEVENT.sys (SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT
O64 - Services: CurCS - 07/09/2007 - C:\WINDOWS\system32\drivers\symmpi.sys (Symmpi) .(.LSI Logic - LSI Logic Fusion-MPT MiniPort Driver (ScsiP.) - LEGACY_SYMMPI
O64 - Services: CurCS - 24/01/2006 - C:\WINDOWS\system32\Drivers\SYMTDI.sys (SYMTDI) .(.Symantec Corporation - Network Dispatch Driver.) - LEGACY_SYMTDI
~ Legacy: 168 Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - à‰diteur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
~ FASS Keys: 9 Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com" onclick="window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s
---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77824]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [127488]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll [247808] =>.Microsoft Corporation
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tà¢ches.) -- C:\WINDOWS\system32\schedsvc.dll [194560]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\system32\ipnathlp.dll [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\system32\tapisrv.dll [249856]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [483840]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685568]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400]
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll [293376]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll [61440]
~ Services: 39 Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.70F851F7A524071E13F17DC401A21906] [SPRF][22/05/2014] (...) -- C:\Documents and Settings\Administrateur\Bureau\adwcleaner.exe [1326389]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.6F88F1DE97B7BA6E2BE4DC29AEEACF0D] [SPRF][27/07/2004] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [323584]
~ Files: 4 Scanned in 00mn 00s
---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: Nero Scout - {3D6BE802-FC0D-4595-A304-E611F97089DC}
O92 - MNS: My Bluetooth Places - {6af09eca-b429-11d4-a1fb-0090960218cb}
O92 - MNS: Web Folders - {BDEADF00-C265-11D0-BCED-00A0C90AB50F}
O92 - MNS: Mes dossiers de partage - {FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}
~ MNS: 4 Scanned in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 22/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 19/12/2006 79432 | (ASFIPmon) . (.Broadcom Corporation.) - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
SS - | Auto 03/06/2008 386328 | (buttonsvc32) . (.Dell Inc..) - C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
SS - | Auto 31/07/2008 808296 | (Credential Vault Host Control Service) . (.Broadcom Corporation.) - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
SS - | Auto 31/07/2008 21352 | (Credential Vault Host Storage) . (.Broadcom Corporation.) - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Demand 03/03/2009 33176 | (getPlus(R) Helper) . (.NOS Microsystems Ltd..) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
SS - | Auto 13/04/2007 101528 | (IJPLMSVC) . (...) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
SS - | Auto 17/07/2010 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SS - | Demand 29/03/2006 2045632 | C:\Program Files\Symantec\LIVEUP~1\LUCOMS~1.exe (LiveUpdate) . (.Symantec Corporation.) - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
SS - | Auto 21/04/2008 69632 | (OCS INVENTORY) . (.http://www.ocsinventory-ng.org.)" onclick="window.open(this.href);return false; - C:\Program Files\OCS Inventory Agent\ocsservice.exe
SS - | Demand 31/03/2006 118928 | (SavRoam) . (.symantec.) - C:\Program Files\Symantec AntiVirus\SavRoam.exe
SS - | Auto 29/02/2012 158856 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 09/09/2008 69632 | (SMManager) . (.Smith Micro Software, Inc..) - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
SS - | Demand 24/01/2006 214720 | (SNDSrvc) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
SS - | Auto 30/06/2008 221273 | (STacSV) . (.IDT, Inc..) - c:\drivers\audio\r190031\stacsv.exe
SS - | Demand 14/09/2006 73728 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
SR - | Auto 15/08/2008 342624 | (btwdins) . (.Broadcom Corporation..) - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
SR - | Auto 07/03/2006 192160 | (ccEvtMgr) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
SR - | Auto 07/03/2006 169632 | (ccSetMgr) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
SR - | Auto 31/03/2006 30352 | (DefWatch) . (.Symantec Corporation.) - C:\Program Files\Symantec AntiVirus\DefWatch.exe
SR - | Auto 06/02/2006 1160848 | (SPBBCSvc) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
SR - | Auto 31/03/2006 1821328 | (Symantec AntiVirus) . (.Symantec Corporation.) - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
~ Services: Scanned in 00mn 05s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net" onclick="window.open(this.href);return false;
Run by Administrateur at 22/05/2014 13:15:40
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
C:\WINDOWS\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x804EF1A6] >> \Device\Harddisk0\DR0[0x8B1FF650]
3 CLASSPNP[0xBA0E8FD7] >> ntkrnlpa!IofCallDriver[0x804EF1A6] >> \Device\Ide\IAAStorageDevice-1[0x8AC08028]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 13 Scanned in 00mn 02s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog" onclick="window.open(this.href);return false;
Run by Administrateur at 22/05/2014 13:15:42
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
---\\ Scan Additionnel (O88)
Database Version : 13029 - (21/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 229766 Items scanned in 00mn 15s
---\\ Récapitulatif des détections trouvées sur votre station
~ MSI: 0 link(s) detected in 00mn 00s
End of the scan (1324 lines in 00mn 52s)(0)