Hello !
Comme d'habitude, je n'arrive pas à héberger un document sur SosUpload, alors
je colle le rapport ici:
Pourras-tu me dire ce qu'il en est ?
Merci
~ Rapport de ZHPDiag v2013.11.6.9 - Nicolas Coolman (06/11/2013)
~ Lancé par Alice (06/11/2013 17:24:07)
~ Adresse du Site Web
https://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection :
https://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
MFIE: Mozilla Firefox 24.0
---\\ Informations sur les produits Windows
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2006
Malwarebytes Anti-Malware version 1.75.0.1300
---\\ Logiciels d'optimisation du système
CCleaner v4.06 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
---\\ Informations sur le système
~ Processor: x86 Family 15 Model 72 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 894 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 22 GB (49%) free of 44 GB
---\\ Mode de connexion au système
~ Computer Name: ACER-3FAFADAADF
~ User Name: Alice
~ All Users Names: SUPPORT_388945a0, HelpAssistant, ASPNET, Alice, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Alice\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Alice\Application Data\
~ %Desktop% : C:\Documents and Settings\Alice\Bureau\
~ %Favorites% : C:\Documents and Settings\Alice\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Alice\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Alice\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 22 Go of 44 Go)
D: Hard drive, Flash drive, Thumb drive (Free 44 Go of 44 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 19:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.F8DD21FC65131E064FBF11F01E4F4BFD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.23/09/2013 - 19:23:34.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 19:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 12:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 11:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 18:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 09:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 19:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 11:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 11:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 12:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:32.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 12:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 12:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 19:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 12:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 18:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/11
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/28
~ Mes Documents (My Documents) : 3/1262
~ Mon Bureau (My Desktop) : 0/20
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.B2906F9E62A6AC6AD7F5F35DE9656098] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [401408] [PID.988]
[MD5.4BE7EC02133544CDE7A580875E130208] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1540]
[MD5.9C69E6A25F5500501B14AF43311F8D8B] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [64512] [PID.468]
[MD5.33F7659872C1C2CE295FBD1754B63957] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16248320] [PID.536]
[MD5.3B743D7A1B3C2162D475D4E34E5C6070] - (.Pas de propriétaire - Acer ePower Management DMC.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [421888] [PID.608]
[MD5.59307A84CACE50B66089DBD5F74EA17A] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946] [PID.712]
[MD5.3FD55016CA34850ED208F1A0D3FFD2DE] - (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe [602112] [PID.720]
[MD5.C67E00C1DCA52FB369DC54E9EE653D47] - (.Acer Inc. - eRecovery agent.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [413696] [PID.724]
[MD5.7C0704D4523BA671AFE6D028399942D3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3567800] [PID.832]
[MD5.DAEFB050AC8FEE4F1097FCF7CB97220E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\WINDOWS\eHome\ehmsas.exe [46592] [PID.1176]
[MD5.64C4C17BF6A40FF1CD21205E6FD415B8] - (.ATI Technologies Inc. - CLI Application (Command Line Interface).) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [45056] [PID.1192]
[MD5.72292AE254AD01236143E750D8952D03] - (.Adobe Systems Incorporated - Adobe Photo Downloader 3.0 component.) -- C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe [67752] [PID.1196]
[MD5.BF360421753C23D2DF870908276E336F] - (.PANTERASoft - Pas de description.) -- C:\Program Files\HDD Health\hddhealth.exe [1692672] [PID.1164]
[MD5.CC5CB8DC9144F3D3F86BC9FEA6843EAA] - (.Acer Inc. - Acer Empowering Techonology Framework Launc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [45056] [PID.1424]
[MD5.3CAABC2D0F87413EB1E0C7E0B3245E67] - (.Acer Inc. - Pas de description.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [28672] [PID.2112]
[MD5.63AB43534CBF5D7F3EB81DFDC8161490] - (...) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712] [PID.2268]
[MD5.D039A0C347632622934906BD59A4E1EA] - (.Microsoft Corporation - Media Center Receiver Service.) -- C:\WINDOWS\eHome\ehRecvr.exe [237568] [PID.2336]
[MD5.980EEEA91776357518892C5544768E2B] - (.Microsoft Corporation - Service de planification Media Center.) -- C:\WINDOWS\eHome\ehSched.exe [103424] [PID.2376]
[MD5.AB8134127F786C9603817B5318DCEEAA] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [73728] [PID.2512]
[MD5.52404CC76E9D53843BDF97564BB16BED] - (.Microsoft Corporation - MCRD Device Service.) -- C:\WINDOWS\ehome\mcrdsvc.exe [99328] [PID.3348]
[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120] [PID.1380]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.3024]
[MD5.E85885654C2E05ED6EEF9DDE0E4880C4] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8179712] [PID.1452]
~ Processes Running: Scanned in 00mn 01s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe =>.Microsoft Corporation
O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Alice]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Alice]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O4 - GS\Program [Administrateur]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
~ Global Startup: 17 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Program [AllUsers]: Acer Empowering Technology.lnk . (.Acer Inc. - Acer Empowering Techonology Framework Launc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
O4 - HKLM\..\Run: [ehTray] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Clé orpheline
O4 - HKLM\..\Run: [AzMixerSel] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [ntiMUI] . (...) -- C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] . (.Pas de propriétaire - AcerePre Application.) -- C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [ePower_DMC] . (.Pas de propriétaire - Acer ePower Management DMC.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] . (...) -- C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ATICCC] . (...) -- C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe
O4 - HKLM\..\Run: [eRecoveryService] . (.Acer Inc. - eRecovery agent.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Adobe Photo Downloader] . (.Adobe Systems Incorporated - Adobe Photo Downloader 3.0 component.) -- C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [hddhealth] . (.PANTERASoft - Pas de description.) -- C:\Program Files\HDD Health\hddhealth.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1062846636-3381622424-3916878105-1005\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1062846636-3381622424-3916878105-1005\..\Run: [hddhealth] . (.PANTERASoft - Pas de description.) -- C:\Program Files\HDD Health\hddhealth.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) -
https://update.microsoft.com/microsoftup ... 3461437265
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{55B2BEAB-E656-45E8-BDCD-29766525C946}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{55B2BEAB-E656-45E8-BDCD-29766525C946}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{55B2BEAB-E656-45E8-BDCD-29766525C946}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: LightScribeService Direct Disc Labeling (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
~ Services: 5 Legitimates Filtered in 00mn 06s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\Acer.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\Acer.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKLM\Software\TEXTware A/S]
~ Key Software: 136 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/11/2013 - 05:06:16 - [3,228] ----D C:\Program Files\TEXTware
~ Program Folder: 92 Legitimates Filtered in 00mn 24s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.08C92ACC6CD2957193C14B20153A5694] - 02/11/2013 - 04:56:12 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.910AD09C6CD3945F57513A412ED593E3] - 02/11/2013 - 04:57:30 ---A- . (...) -- C:\WINDOWS\regopt.log [4278]
O44 - LFC:[MD5.4B718D109217E78FA6781A64B56D932C] - 02/11/2013 - 05:01:16 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [37441]
O44 - LFC:[MD5.A60423F0F71BAE47B9AFB9680F917B33] - 02/11/2013 - 05:03:52 ---A- . (...) -- C:\RHDSetup.log [559]
O44 - LFC:[MD5.761025703D26ADD607B7CABA62E9EA27] - 02/11/2013 - 05:08:42 ---A- . (...) -- C:\WINDOWS\SynInst.log [615]
O44 - LFC:[MD5.7171E197044E987B1094F4E98021720F] - 02/11/2013 - 05:09:46 ---A- . (...) -- C:\WINDOWS\LManager.UNI [83]
O44 - LFC:[MD5.C1EDCC75FF20871AC6B1CB8D7AD082E9] - 02/11/2013 - 05:22:20 ---A- . (...) -- C:\WINDOWS\system32\Acer EULA.txt [7549]
O44 - LFC:[MD5.FF4CBFD9DC16A3334D50EC5DE7C65B6C] - 02/11/2013 - 05:22:20 ---A- . (...) -- C:\WINDOWS\system32\ClearEvent.exe [16384]
O44 - LFC:[MD5.F0A3381C068FD9797D0508322A2C9E42] - 02/11/2013 - 05:22:20 ---A- . (...) -- C:\WINDOWS\system32\setup.iss [552]
O44 - LFC:[MD5.70727E4147ABC5CF9BF8362FB4F4A911] - 02/11/2013 - 05:28:16 ---A- . (...) -- C:\WINDOWS\GridV.UNI [92]
O44 - LFC:[MD5.4E4743BF83581C88B20759EDFBB225EA] - 02/11/2013 - 05:28:28 ---A- . (...) -- C:\WINDOWS\ALaunch.ini [81]
O44 - LFC:[MD5.C1EEC2F7ABE39469D03AE5C5C62D1FD0] - 02/11/2013 - 05:53:53 ---A- . (...) -- C:\WINDOWS\AntiV.EXE [589824]
O44 - LFC:[MD5.4E62F28838D07ADD88EE668FE75EE68D] - 02/11/2013 - 05:53:53 ---A- . (...) -- C:\WINDOWS\GVista.exe [633446]
O44 - LFC:[MD5.59A19AB5FDD804121737758DB90EBB8B] - 02/11/2013 - 05:53:54 ---A- . (...) -- C:\WINDOWS\AntiV.INI [2790]
O44 - LFC:[MD5.24BCB56893AD1C611912893BBF5244EF] - 02/11/2013 - 05:53:56 ---A- . (...) -- C:\WINDOWS\CLEANUP.CMD [991]
O44 - LFC:[MD5.76669A64D2E6E21C81B0EED2F12D600C] - 02/11/2013 - 05:53:57 ---A- . (...) -- C:\WINDOWS\EMEAPAGE.EXE [159821]
O44 - LFC:[MD5.C1026A45EE866826BD463C1FC91168ED] - 02/11/2013 - 05:53:58 ---A- . (...) -- C:\WINDOWS\EMEAPAGE.INI [84]
O44 - LFC:[MD5.F1CFD87B0891DBF3E012829B1758BFB0] - 02/11/2013 - 05:54:00 ---A- . (...) -- C:\WINDOWS\HotFix.bat [903]
O44 - LFC:[MD5.7A48DCAAC099D3924125EF4CE4607A76] - 02/11/2013 - 05:54:00 ---A- . (...) -- C:\WINDOWS\Patch.Log [16657]
O44 - LFC:[MD5.8737F6F4C8EC1E2A9EA5516F1B3AE1AD] - 02/11/2013 - 07:15:32 ---A- . (...) -- C:\WINDOWS\002899_.tmp [19569]
O44 - LFC:[MD5.0A2E3DF307E0B295FF14E0E756FAB9AC] - 02/11/2013 - 07:15:40 ---A- . (...) -- C:\WINDOWS\SEC109.PNF [2948]
O44 - LFC:[MD5.7794C3221F670DE270586A2CF6E68383] - 02/11/2013 - 07:16:30 RSHA- . (...) -- C:\ntldr [252240]
O44 - LFC:[MD5.905CB655E93D39C97E078A3C4C884F31] - 02/11/2013 - 07:16:42 ----- . (...) -- C:\WINDOWS\system32\Drivers\netwlan5.img [67866]
O44 - LFC:[MD5.8E59F9BE251C8AE32A1CEB068B3F96B1] - 02/11/2013 - 07:16:43 ----- . (...) -- C:\WINDOWS\system32\Drivers\ativmc20.cod [64352]
O44 - LFC:[MD5.3194C32E8A2403073B812183355E25C6] - 02/11/2013 - 07:16:43 ----- . (...) -- C:\WINDOWS\system32\Drivers\cxthsfs2.cty [129045]
O44 - LFC:[MD5.62F241E3243F52E92A1484143F48C422] - 02/11/2013 - 07:20:20 ---A- . (...) -- C:\WINDOWS\sessmgr.setup.log [2998]
O44 - LFC:[MD5.9982BD2DB56B8809FA3141C0ECF4A26E] - 02/11/2013 - 07:20:30 ---A- . (...) -- C:\WINDOWS\cmsetacl.log [373]
O44 - LFC:[MD5.798EB1108F231101964603A98497CA82] - 02/11/2013 - 07:22:58 ---A- . (...) -- C:\WINDOWS\SEC13FC.PNF [8840]
O44 - LFC:[MD5.77AC98DDE6E95E0F85A9C0FD5B1557FA] - 02/11/2013 - 07:23:20 ---A- . (...) -- C:\WINDOWS\svcpack.log [492869]
O44 - LFC:[MD5.7ACE6A88A1E61F633E55FC70C42BF7FA] - 02/11/2013 - 07:25:14 ---A- . (...) -- C:\WINDOWS\setuplog.txt [1153556]
O44 - LFC:[MD5.B3E766EE74207AABEECE1DBC77904598] - 02/11/2013 - 07:25:54 ---A- . (...) -- C:\WINDOWS\OEWABLog.txt [1523]
O44 - LFC:[MD5.7BEC5150D0625748BE764AD6683008D7] - 02/11/2013 - 07:27:18 ---A- . (...) -- C:\WINDOWS\spupdsvc.log.1.log [187]
O44 - LFC:[MD5.5C174F8108BAB900D3AB1DF1A29A58E5] - 02/11/2013 - 07:27:18 ---A- . (...) -- C:\WINDOWS\system32\spupdwxp.log [90]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 02/11/2013 - 07:27:22 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.BBE90A6D033548E303EA630E7E2068D4] - 02/11/2013 - 07:27:26 ---A- . (...) -- C:\WINDOWS\DtcInstall.log [867]
O44 - LFC:[MD5.2C92E786665740F0534822A0B987634F] - 02/11/2013 - 07:31:32 ---A- . (...) -- C:\WINDOWS\ie8.log [40637]
O44 - LFC:[MD5.7F1586BD471E706974611261E55583FA] - 02/11/2013 - 07:31:48 ---A- . (...) -- C:\WINDOWS\ie8_main.log [30997]
O44 - LFC:[MD5.3D5DB644C736B0E5D0CF310D74A6B37E] - 02/11/2013 - 22:03:26 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [6138]
O44 - LFC:[MD5.8EA4F03B89E2BF1526C50BD21C0ED4F5] - 02/11/2013 - 22:34:28 ---A- . (...) -- C:\WINDOWS\updspapi.log [176614]
O44 - LFC:[MD5.82D4B9C1EC9A39F6E60C0ECBABDCD520] - 02/11/2013 - 22:34:34 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.488E3F76380A8A6D224E1DA709FE41EB] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [974979]
O44 - LFC:[MD5.2D44EE8DFBB89AF33766C5741654F1D4] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\comsetup.log [331009]
O44 - LFC:[MD5.DB7380A90F06F1EF7BBB7885F0550E49] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\ehOCGen.log [53837]
O44 - LFC:[MD5.E053827F10A3F6B7E08BB07D5B2DAB67] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\iis6.log [1064451]
O44 - LFC:[MD5.A6249B53075C7535D332707BAAAD2A6C] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.A58480493328B9F5D07B377E4FFD3BBB] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\msgsocm.log [47992]
O44 - LFC:[MD5.265927537C83BD999824F987757546A6] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\msmqinst.log [302688]
O44 - LFC:[MD5.5709FC300CC5E4A1E5185F74B91BE766] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\netfxocm.log [181205]
O44 - LFC:[MD5.9BF3B37F1AF92EFCF3CBC3F76BA159E0] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [197866]
O44 - LFC:[MD5.3B96E331F32333B33A853E357CDAF495] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\ocgen.log [466269]
O44 - LFC:[MD5.6F05083635E33FCC477F21B9F1967FA3] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\ocmsn.log [52688]
O44 - LFC:[MD5.8E2C065C5A0DFCE9BCB43BE9EA95FE9A] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\plusoc.log [109403]
O44 - LFC:[MD5.6BFA8EA3166488EA513318835BF01255] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\tabletoc.log [49033]
O44 - LFC:[MD5.6FC6DEC6B3BFF39377268C6D7D256DF7] - 02/11/2013 - 22:34:50 ---A- . (...) -- C:\WINDOWS\tsoc.log [442735]
O44 - LFC:[MD5.3D2EC12F700BB3CB09C16AC317E99AA1] - 02/11/2013 - 22:40:48 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [159023]
O44 - LFC:[MD5.0A7D2F75404D3821CD55DE5646ED0EA7] - 02/11/2013 - 22:40:52 ---A- . (...) -- C:\WINDOWS\medblker.Log [3248]
O44 - LFC:[MD5.F8B1BE9CB339374633AF679721621A12] - 02/11/2013 - 23:13:10 ---A- . (...) -- C:\WINDOWS\spupdsvc.log [56073]
O44 - LFC:[MD5.BE5F8368C87DA4F261A1B69CF6276AD8] - 03/11/2013 - 05:06:19 ---A- . (.TEXTware A/S - Illuminator Parser.) -- C:\WINDOWS\system32\Illprs.dll [199168]
O44 - LFC:[MD5.7D99A501FFF82838E48001EFB5485430] - 03/11/2013 - 05:06:20 ---A- . (.TEXTware A/S - Illuminator Kernel.) -- C:\WINDOWS\system32\ILLKRN.DLL [160768]
O44 - LFC:[MD5.E4A5D2EB9F8B58A046FD59F42DDED463] - 03/11/2013 - 05:06:20 ---A- . (.TEXTware A/S - Illuminator PlugIn.) -- C:\WINDOWS\system32\TWATBS.ILX [62464]
O44 - LFC:[MD5.D62AE0BC8EEF7D4FEEE4963E5118EB0A] - 03/11/2013 - 05:06:20 ---A- . (.TEXTware A/S - Pas de description.) -- C:\WINDOWS\system32\ListBox.ILX [81920]
O44 - LFC:[MD5.F4F81FE11FE0A04ED2CCC1916769D01D] - 03/11/2013 - 05:06:21 ---A- . (...) -- C:\WINDOWS\system32\ILXTBS.DLL [143360]
O44 - LFC:[MD5.9E8D8A2A068E01B6F54A822E4F756DE9] - 03/11/2013 - 05:06:23 ---A- . (...) -- C:\WINDOWS\system32\PolyHot.ILX [47104]
O44 - LFC:[MD5.7B4686A01EEF3F571AEEDB9100719D88] - 03/11/2013 - 05:06:23 ---A- . (.TEXTware A/S - HTML Viewer.) -- C:\WINDOWS\system32\HTML.ILX [434688]
O44 - LFC:[MD5.A784B3BFAF8C56B95BEFF8AC4D00E779] - 03/11/2013 - 05:06:23 ---A- . (.TEXTware A/S - Illuminator MPegPlayer.) -- C:\WINDOWS\system32\MPegPlay.ILX [162304]
O44 - LFC:[MD5.F3605BECD45BF268A015389D918DAB52] - 03/11/2013 - 05:06:23 ---A- . (.TEXTware A/S - Illuminator PlugIn.) -- C:\WINDOWS\system32\Textv.ILX [140288]
O44 - LFC:[MD5.466D8731BC5C4AD1C5628C80C2BCFB0A] - 03/11/2013 - 05:06:24 ---A- . (...) -- C:\WINDOWS\system32\ASpell.ILX [305152]
O44 - LFC:[MD5.4FA2C0DC19266EFB344EFCEBC28EE760] - 03/11/2013 - 05:06:24 ---A- . (...) -- C:\WINDOWS\system32\Bass.ILX [52224]
O44 - LFC:[MD5.4644D2C5DFAA0A10F4FA79911A2458BF] - 03/11/2013 - 05:06:24 ---A- . (...) -- C:\WINDOWS\system32\WavRecpk4.bpl [17408]
O44 - LFC:[MD5.960C3FC5D1BE0D190D3F97B88A65C754] - 03/11/2013 - 05:06:24 ---A- . (...) -- C:\WINDOWS\system32\bass.dll [99092]
O44 - LFC:[MD5.FF9F5C6E86452027F69675FD2F7E66B7] - 03/11/2013 - 05:06:24 ---A- . (.TEXTware A/S - Pas de description.) -- C:\WINDOWS\system32\Whelp.ILX [36352]
O44 - LFC:[MD5.4AFD52E2BDA5BC49FD8B0E439069F086] - 03/11/2013 - 05:06:25 ---A- . (...) -- C:\WINDOWS\system32\TWAIED02.DLL [18432]
O44 - LFC:[MD5.A1E49C7D9447614D79AA9F0FD4086EC5] - 03/11/2013 - 05:06:25 ---A- . (...) -- C:\WINDOWS\system32\TWATBS32.VBX [114688]
O44 - LFC:[MD5.2BDC73513C3FE7B3EC5316AC476C79E4] - 03/11/2013 - 05:06:25 ---A- . (...) -- C:\WINDOWS\system32\TWAVBX32.DLL [147456]
O44 - LFC:[MD5.C0EEB726654FF7D8A0F4500848A21BC1] - 03/11/2013 - 05:06:25 ---A- . (...) -- C:\WINDOWS\system32\TwaBcu.ILX [28672]
O44 - LFC:[MD5.80C61F596F8689BFDDBAA72F457986A9] - 03/11/2013 - 05:06:25 ---A- . (.Polar - Polar SpellChecker ActiveX Control Module.) -- C:\WINDOWS\system32\polspell.dll [70656]
O44 - LFC:[MD5.428168B1BD467884618C49C06A3D6A7D] - 03/11/2013 - 05:06:25 ---A- . (.TEXTware A/S - TwaBcu01.) -- C:\WINDOWS\system32\TwaBcu01.dll [69632]
O44 - LFC:[MD5.CA44D04708FECD41F2465636D3965FAF] - 03/11/2013 - 05:06:26 ---A- . (...) -- C:\WINDOWS\system32\QFClient.ILX [48128]
O44 - LFC:[MD5.2B17E36156517FC8B5673AB844B33680] - 03/11/2013 - 05:06:26 ---A- . (...) -- C:\WINDOWS\system32\TWABTE32.TBM [258048]
O44 - LFC:[MD5.FFAA8EBDE18C937336E7D882CBACFC1A] - 03/11/2013 - 05:06:32 ---A- . (...) -- C:\WINDOWS\TEXTware.ini [63]
O44 - LFC:[MD5.597ECD1EC5F5B3E0212B3407651AD730] - 03/11/2013 - 05:36:38 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205]
O44 - LFC:[MD5.E94129877F02F3833BBE01DFCBF23862] - 03/11/2013 - 05:37:08 ---A- . (...) -- C:\WINDOWS\wmsetup.log [22270]
O44 - LFC:[MD5.8715347D6B7B2E3A7CFE5ADF2D510CE3] - 03/11/2013 - 06:39:48 ---A- . (...) -- C:\WINDOWS\win.ini [477]
O44 - LFC:[MD5.D010D7D8481FACC0F7462810044280C9] - 05/11/2013 - 18:26:48 ---A- . (...) -- C:\UsbFix [Scan 1] ACER-3FAFADAADF.txt [6736]
O44 - LFC:[MD5.BEF19ED7C4BE33FB4F6F2C659F30E152] - 05/11/2013 - 21:55:42 ---A- . (...) -- C:\WINDOWS\bitssetup.log [6070]
O44 - LFC:[MD5.B61BC1D2FB7EEB155A465EA6D4287B22] - 05/11/2013 - 21:59:52 ---A- . (...) -- C:\WinUpdateFix.txt [1235]
O44 - LFC:[MD5.39D40ABF5BD862AF4DD9476F8719B2B2] - 06/11/2013 - 04:18:20 ---A- . (...) -- C:\UsbFix [Scan 2] ACER-3FAFADAADF.txt [7152]
O44 - LFC:[MD5.FFA5E6611EAEF5B4BF4BEE213177AD49] - 06/11/2013 - 04:21:42 ---A- . (...) -- C:\UsbFix [Scan 3] ACER-3FAFADAADF.txt [7116]
O44 - LFC:[MD5.574A57E4C71CB2D1DB2152206533B0AA] - 06/11/2013 - 09:32:14 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.0E622095E7F0728343893B90BEC5C621] - 06/11/2013 - 16:58:12 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.005CA4CA285AD846699D7CE5531C3F9A] - 06/11/2013 - 16:58:46 ---A- . (...) -- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt [4122]
~ Files: 473 Legitimates Filtered in 00mn 12s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.FECBAAEE822E39A3F475208DA1B4ACB9] - 02/11/2013 - 22:40:54 ---A- - C:\WINDOWS\Prefetch\CASPOL.EXE-25914F74.pf
O45 - LFCP:[MD5.CC823FA64813F96CD6BDE36446538778] - 06/11/2013 - 04:21:22 ---A- - C:\WINDOWS\Prefetch\FSUM.COM-2DF99E5A.pf
O45 - LFCP:[MD5.8B81941CA934AA304003858A4038B6A8] - 06/11/2013 - 04:21:24 ---A- - C:\WINDOWS\Prefetch\GO.EXE-2DCC3FAB.pf
O45 - LFCP:[MD5.7A8B699FB8ECB05EA050044CF8CAC306] - 06/11/2013 - 09:22:28 ---A- - C:\WINDOWS\Prefetch\SETUPSNK.EXE-1B791D5E.pf
O45 - LFCP:[MD5.18E8A0875CAB8D3DAA7AFEB5E794E14A] - 06/11/2013 - 09:31:12 ---A- - C:\WINDOWS\Prefetch\WINUPDATEFIX.EXE-2CC8C1FC.pf
O45 - LFCP:[MD5.867EB96AAFC173C3ADEA4F456CAA865A] - 06/11/2013 - 16:59:06 ---A- - C:\WINDOWS\Prefetch\SCNODVIS.EXE-17E99A96.pf
O45 - LFCP:[MD5.6949E8D305A63B9CCACA33E3EB579F93] - 06/11/2013 - 17:09:46 ---A- - C:\WINDOWS\Prefetch\WPGLDFSH.SCR-1D645552.pf
O45 - LFCP:[MD5.65F83784458A7EB44026C893BF930081] - 06/11/2013 - 17:24:40 ---A- - C:\WINDOWS\Prefetch\INSTUP.EXE-2D344058.pf
~ Prefetcher: 73 Legitimates Filtered in 00mn 00s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe" [Disabled] .(.Pas de propriétaire.) -- C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe
~ Keys Export: 6 Legitimates Filtered in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "InstallVisualStyle"=1
O55 - MWPS:[HKLM\...\Policies\System] - "InstallTheme"=1
~ MWPS: 7 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 10/08/2004 - 20:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 10/08/2004 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: 7 Legitimates Filtered in 00mn 00s