Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Rapport de ZHPDiag v2013.7.16.29 par Nicolas Coolman, Update du 17/07/2013
- Run by Benoit at 18/07/2013 11:12:30
- WebSite: http://nicolascoolman.webs.com
- State : Version à jour.
- WhiteList : Enable
- High Elevated Privileges : OK
- UAC : Activate by user
- ---\\ Web Browser
- MSIE: Internet Explorer v10.0.9200.16635
- MFIE: Mozilla Firefox 22.0
- GCIE: Google Chrome v28.0.1500.72 (Defaut)
- ---\\ Windows Product Information
- ~ Langage: Français
- Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
- Windows Server License Manager Script : OK
- ~ Windows(R) 7, OEM_COA_NSLP channel
- Windows ID Activation : OK
- ~ Windows Partial Key : YTWBR
- Windows License : OK
- ~ Windows Remaining Initializations Number : 0
- Software Protection Service (Protection logicielle) : OK
- Windows Automatic Updates : OK
- Windows Activation Technologies : OK
- ---\\ System Protection
- Kaspersky Endpoint Security 10 for Windows v10.1.0.867
- Windows Defender W7
- ---\\ System Optimizer
- ---\\ Peer To Peer (P2P)
- µTorrent v3.3.0.29342 =>P2P.µTorrent
- ---\\ Software Update
- Adobe Flash Player 11 Plugin
- ---\\ System Information
- ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
- ~ Operating System: 64 Bits
- Boot mode: Normal (Normal boot)
- Total RAM: 8100 MB (50% free)
- System Restore: Activé (Enable)
- System drive C: has 682 GB (76%) free of 896 GB
- ---\\ Logged in mode
- ~ Computer Name: BENOIT-PC
- ~ User Name: Benoit
- ~ All Users Names: ZendUser, Benoit, Administrateur,
- ~ Unselected Option: None
- Logged in as Administrator
- ---\\ Environnement Variables
- ~ System Unit : C:\
- ~ %AppData% : C:\Users\Benoit\AppData\Roaming\
- ~ %Desktop% : C:\Users\Benoit\Desktop\
- ~ %Favorites% : C:\Users\Benoit\Favorites\
- ~ %LocalAppData% : C:\Users\Benoit\AppData\Local\
- ~ %StartMenu% : C:\Users\Benoit\AppData\Roaming\Microsoft\Windows\Start Menu\
- ~ %Windir% : C:\Windows\
- ~ %System% : C:\Windows\System32\
- ---\\ DOS/Devices
- C:\ Hard drive, Flash drive, Thumb drive (Free 682 Go of 896 Go)
- D:\ CD-ROM drive (Not Inserted)
- E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
- F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
- G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
- H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
- ---\\ Security Center & Tools Informations
- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
- ~ Security Center: 29 Legitimates Filtered in 00mn 00s
- ---\\ Recherche particulière de fichiers génériques
- [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
- [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
- [MD5.FAF6EC2460AD5FBBD38D8E1AE28B0D77] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/06/2013 - 00:26:20.) -- C:\Windows\System32\wininet.dll [2241024]
- [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
- [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
- [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
- [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
- [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
- [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
- [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
- [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
- [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
- [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
- [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
- [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
- [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
- [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
- [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
- [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
- [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
- [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
- [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
- ~ Generic Processes: Scanned in 00mn 00s
- ---\\ Etat des fichiers cachés (Caché/Total)
- ~ Mes images (My Pictures) : 1/32
- ~ Mes Favoris (My Favorites) : 1/12
- ~ Mes Documents (My Documents) : 2/52280
- ~ Menu demarrer (Programs) : 1/42
- ~ Hidden Files: Scanned in 01mn 18s
- ---\\ Processus lancés
- [MD5.C066FF429B97CF645106A8CB38285A2F] - (...) -- C:\Users\Benoit\AppData\Roaming\Dashlane\Dashlane.exe [270520] [PID.2580] =>Toolbar.Dashlane
- [MD5.1F3A8448323CFA5E66AF02B1EDC2EEE4] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048] [PID.2596]
- [MD5.A005676B30AEB3C7703C317D992B193A] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648] [PID.2716]
- [MD5.7388DC5BCD229C8C5D27E41A19FB3F81] - (.Kaspersky Lab ZAO - Kaspersky Endpoint Security 10 for Windows.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [729744] [PID.2788]
- [MD5.B953D67F4CA1837EBB7D9D76BEC1C513] - (...) -- C:\Windows\SysWOW64\jmdp\stij.exe [15152] [PID.3616]
- [MD5.CB037F03178E31BA2985ADD15879CA56] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [846288] [PID.5132]
- [MD5.CD158AC3AF6F3EBC3B1051FF17A51BEB] - (.Oracle Corporation - MySQL Workbench.) -- C:\Program Files (x86)\MySQL\MySQL Workbench 5.2 CE\MySQLWorkbench.exe [703488] [PID.5568]
- [MD5.FACD39D43A47292E6F1B9D664E9B49C9] - (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe [1672616] [PID.5088]
- [MD5.C2A840DD27970DE34E7DBF5494AE1CD1] - (.Jan Fiala - PSPad editor.) -- C:\Program Files (x86)\PSPad editor\PSPad.exe [4795216] [PID.1040]
- [MD5.9F419AD2EBFF9044CA845484CFBEAC48] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7719936] [PID.6740]
- ~ Processes Running: Scanned in 00mn 00s
- ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Preferences
- G2 - GCE: Preference [User Data\Default] [demmlacpnijjgliknaehpamnnbncnodb] Smart Suggestor v.1.2.8.0 (Désactivé) =>Adware.SmartSuggestor
- ~ Google Browser: 14 Legitimates Filtered in 00mn 07s
- ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
- C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\2syh6h0r.default-1363680329649\prefs.js
- M3 - MFPP: Plugins - [Benoit] -- C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\2syh6h0r.default-1363680329649\searchplugins\MyStart Search.xml
- ~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s
- ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
- R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com =>Adware.IncrediBar
- ~ IE Browser: 14 Legitimates Filtered in 00mn 00s
- ---\\ Internet Explorer, Proxy Management (R5)
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
- ~ Proxy management: Scanned in 00mn 00s
- ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
- F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
- F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
- F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
- ~ Keys: Scanned in 00mn 00s
- ---\\ Redirection du fichier Hosts (O1)
- ~ Le fichier hosts est sain (The hosts file is clean).
- ~ Hosts File: Scanned in 00mn 00s
- ~ Nombre de lignes (Lines number): 26
- ---\\ Browser Helper Objects de navigateur (O2)
- O2 - BHO: IB Updater Helper [64Bits] - {336D0C35-8A85-403a-B9D2-65C292C39087} . (...) -- C:\Program Files\IB Updater\Extension32.dll =>Adware.InstallBrain
- O2 - BHO: Dashlane BHO [64Bits] - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} . (.Dashlane - Dashlane Dll.) -- C:\Users\Benoit\AppData\Roaming\Dashlane\ie\Dashlanei.dll =>Toolbar.Dashlane
- O2 - BHO: Incredibar.com Helper Object [64Bits] - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} . (.Montera Technologeis LTD - Pas de description.) -- C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll =>Adware.IncrediBar
- O2 - BHO: Smart Suggestor [64Bits] - {DB536AF2-E422-402d-B7FD-887297F1A198} . (.Think Tank Labs, LLC - Smart Suggestor.) -- C:\Program Files (x86)\Smart Suggestor\SmartSuggestor.dll =>Adware.SmartSuggestor
- ~ BHO: 5 Legitimates Filtered in 00mn 00s
- ---\\ Applications démarrées par registre & par dossier (O4)
- O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
- O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
- O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
- O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
- O4 - HKCU\..\Run: [Dashlane] . (...) -- C:\Users\Benoit\AppData\Roaming\Dashlane\Dashlane.exe =>Toolbar.Dashlane
- O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
- O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
- O4 - HKLM\..\Wow6432Node\Run: [BrMfcWnd] . (.Pas de propriétaire - Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
- O4 - HKLM\..\Wow6432Node\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
- O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Endpoint Security 10 for Windows.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
- O4 - HKUS\S-1-5-21-944861538-3330491202-3906306590-1000\..\Run: [Dashlane] . (...) -- C:\Users\Benoit\AppData\Roaming\Dashlane\Dashlane.exe =>Toolbar.Dashlane
- O4 - HKUS\S-1-5-21-944861538-3330491202-3906306590-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
- ~ Application: Scanned in 00mn 00s
- ---\\ Autres liens utilisateurs (O4)
- O4 - GS\TaskBar: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe
- O4 - GS\TaskBar: FileZilla.lnk . (.FileZilla Project - FileZilla FTP Client.) -- C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
- O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- O4 - GS\TaskBar: mRemoteNG.lnk . (...) -- C:\Program Files (x86)\mRemoteNG\mRemoteNG.exe
- O4 - GS\TaskBar: MySQL Workbench 5.2 CE.lnk . (.Oracle Corporation - MySQL Workbench.) -- C:\Program Files (x86)\MySQL\MySQL Workbench 5.2 CE\MySQLWorkbench.exe
- O4 - GS\TaskBar: NetBeans IDE 7.3.lnk . (...) -- C:\Program Files (x86)\NetBeans 7.3\bin\netbeans64.exe (.not file.)
- O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
- O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
- O4 - GS\Programs: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Benoit\AppData\Roaming\Spotify\spotify.exe
- O4 - GS\QuickLaunch: Foxit Reader.lnk . (...) -- C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Reader.exe
- O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
- O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
- O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
- O4 - GS\SendTo: Dropbox.lnk . (...) -- C:\Users\Benoit\Dropbox
- O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
- O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
- ~ Global Startup: Scanned in 00mn 00s
- ---\\ Modification Domaine/Adresses DNS (O17)
- O17 - HKLM\System\CCS\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpNameServer = 192.168.35.253 192.168.35.252
- O17 - HKLM\System\CCS\Services\Tcpip\..\{BF75E952-7B59-4672-9F9C-0EAC55B68476}: DhcpNameServer = 10.36.15.254
- O17 - HKLM\System\CCS\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpDomain = netec.local
- O17 - HKLM\System\CS1\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpNameServer = 192.168.35.253 192.168.35.252
- O17 - HKLM\System\CS1\Services\Tcpip\..\{BF75E952-7B59-4672-9F9C-0EAC55B68476}: DhcpNameServer = 10.36.15.254
- O17 - HKLM\System\CS1\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpDomain = netec.local
- O17 - HKLM\System\CS2\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpNameServer = 192.168.35.253 192.168.35.252
- O17 - HKLM\System\CS2\Services\Tcpip\..\{BF75E952-7B59-4672-9F9C-0EAC55B68476}: DhcpNameServer = 10.36.15.254
- O17 - HKLM\System\CS2\Services\Tcpip\..\{52561EA3-BC3B-4503-87E9-A3497F451835}: DhcpDomain = netec.local
- O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.35.253 192.168.35.252
- ~ Domain: Scanned in 00mn 00s
- ---\\ Protocole additionnel (O18)
- O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
- ~ Protocole Additionnel: Scanned in 00mn 00s
- ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
- O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
- ~ Winlogon: Scanned in 00mn 00s
- ---\\ Liste des services NT non Microsoft et non désactivés (O23)
- O23 - Service: DisplayFusionService (DisplayFusionService) . (...) - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe (.not file.)
- O23 - Service: IB Updater (IB Updater) . (...) - C:\Program Files\IB Updater\ExtensionUpdaterService.exe =>Adware.InstallBrain
- O23 - Service: (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe =>Adware.InstallBrain
- O23 - Service: Zend Deployment (ZendDeployment) . (.Zend Technologies Ltd. - Zend Deployment Daemon.) - C:\Program Files (x86)\Zend\ZendServer\bin\zdd.exe
- O23 - Service: Zend Job Queue (ZendJobQueue) . (.Zend Technologies Ltd. - Zend Job Queue Extension.) - C:\Program Files (x86)\Zend\ZendServer\bin\jqd.exe
- O23 - Service: Zend Monitor (ZendMonitor) . (.Zend Technologies Ltd. - Zend Monitor Node.) - C:\Program Files (x86)\Zend\ZendServer\bin\MonitorNode.exe
- O23 - Service: Zend Server Daemon (ZendServerDaemon) . (.Zend Technologies Ltd. - Zend Server Daemon.) - C:\Program Files (x86)\Zend\ZendServer\bin\zsd.exe
- O23 - Service: Zend Session Clustering (ZendSessionClustering) . (.Zend Technologies Ltd. - Zend Session Clustering.) - C:\Program Files (x86)\Zend\ZendServer\bin\scd.exe
- ~ Services: 18 Legitimates Filtered in 00mn 06s
- ---\\ Logiciels installés (O42)
- O42 - Logiciel: Cube World version 0.0.1 - (.Picroma.) [HKLM][64Bits] -- {D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1
- O42 - Logiciel: Dual Monitor 1.22 - (.Cristi Diaconu.) [HKLM][64Bits] -- {64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1
- O42 - Logiciel: Git version 1.8.1.2-preview20130201 - (.The Git Development Community.) [HKLM][64Bits] -- Git_is1
- O42 - Logiciel: IB Updater 2.0.0.578 - (.IncrediBar.) [HKLM][64Bits] -- {336D0C35-8A85-403a-B9D2-65C292C39087}_is1 =>Adware.InstallBrain
- O42 - Logiciel: IB Updater Service - (...) [HKLM][64Bits] -- WNLT =>Adware.IncrediBar
- O42 - Logiciel: Incredibar Toolbar on IE - (...) [HKLM][64Bits] -- incredibar =>Adware.IncrediBar
- O42 - Logiciel: QPST 2.7 - (.Qualcomm.) [HKLM][64Bits] -- {EDA714EC-11CC-41BC-A342-22C2F381D165}
- O42 - Logiciel: Smart Suggestor - (.Think Tank Labs, LLC.) [HKLM][64Bits] -- Smart Suggestor =>Adware.SmartSuggestor
- O42 - Logiciel: Zend Server - (.Zend Technologies.) [HKLM][64Bits] -- InstallShield_{C526D5A5-A59C-4D49-AB91-1F2EC80D8CC1}
- O42 - Logiciel: Zend Server - (.Zend Technologies.) [HKLM][64Bits] -- {C526D5A5-A59C-4D49-AB91-1F2EC80D8CC1}
- O42 - Logiciel: eSpeak version 1.46.02 - (...) [HKLM][64Bits] -- eSpeak_is1
- ~ Logic: 112 Legitimates Filtered in 00mn 00s
- ---\\ HKCU & HKLM Software Keys
- [HKCU\Software\APN PIP]
- [HKCU\Software\AppDataLow\Software\Smart Suggestor] =>Adware.SmartSuggestor
- [HKCU\Software\IM]
- [HKCU\Software\ImInstaller]
- [HKCU\Software\IncrediMail]
- [HKCU\Software\LdapAdmin]
- [HKCU\Software\MultiMonTaskBar]
- [HKCU\Software\SMConverter]
- [HKCU\Software\WNLT] =>Adware.IncrediBar
- [HKLM\Software\IB Updater] =>Adware.InstallBrain
- [HKLM\Software\WNLT] =>Adware.IncrediBar
- [HKLM\Software\WireframeSketcher Studio]
- [HKLM\Software\Wow6432Node\IB Updater] =>Adware.InstallBrain
- [HKLM\Software\Wow6432Node\IncrediMail]
- [HKLM\Software\Wow6432Node\Incredibar.com] =>Adware.IncrediBar
- [HKLM\Software\Wow6432Node\PIP]
- [HKLM\Software\Wow6432Node\Zend Technologies]
- ~ Key Software: 219 Legitimates Filtered in 00mn 00s
- ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
- O43 - CFD: 15/07/2013 - 13:31:09 - [72,992] ----D C:\Program Files (x86)\1-click run
- O43 - CFD: 11/07/2013 - 13:41:40 - [70,960] ----D C:\Program Files (x86)\Cube World
- O43 - CFD: 18/02/2013 - 10:07:45 - [2,540] ----D C:\Program Files (x86)\Dual Monitor
- O43 - CFD: 26/02/2013 - 13:35:39 - [5,903] ----D C:\Program Files (x86)\eSpeak
- O43 - CFD: 17/01/2013 - 15:06:02 - [1,825] ----D C:\Program Files (x86)\Incredibar.com =>Adware.IncrediBar
- O43 - CFD: 19/04/2013 - 15:48:27 - [11,119] ----D C:\Program Files (x86)\mRemoteNG
- O43 - CFD: 06/02/2013 - 12:34:00 - [0,741] ----D C:\Program Files (x86)\Smart Suggestor =>Adware.SmartSuggestor
- O43 - CFD: 21/03/2013 - 11:41:54 - [306,034] ----D C:\Program Files (x86)\Zend
- O43 - CFD: 17/05/2013 - 09:41:40 - [2,009] ----D C:\ProgramData\Composer
- O43 - CFD: 18/02/2013 - 10:13:02 - [0] ----D C:\ProgramData\DualMonitor
- O43 - CFD: 11/07/2013 - 13:35:08 - [0] ----D C:\ProgramData\Picroma
- O43 - CFD: 21/03/2013 - 11:41:18 - [0,041] ----D C:\ProgramData\Zend
- O43 - CFD: 17/05/2013 - 09:54:09 - [0,000] ----D C:\Users\Benoit\AppData\Roaming\Composer
- O43 - CFD: 18/02/2013 - 10:07:59 - [0,004] ----D C:\Users\Benoit\AppData\Roaming\Dual Monitor
- O43 - CFD: 17/07/2013 - 10:01:39 - [0,279] ----D C:\Users\Benoit\AppData\Roaming\mRemoteNG
- O43 - CFD: 17/05/2013 - 09:54:09 - [17,287] ----D C:\Users\Benoit\AppData\Local\Composer
- O43 - CFD: 18/01/2013 - 10:33:51 - [0,058] ----D C:\Users\Benoit\AppData\Local\mRemoteNG
- O43 - CFD: 15/07/2013 - 13:31:13 - [0,002] ----D C:\Users\Benoit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
- ~ Program Folder: 180 Legitimates Filtered in 00mn 58s
- ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
- O44 - LFC:[MD5.E210EABF90293F035F29E8C8EFC83F85] - 11/07/2013 - 12:27:31 ---A- . (...) -- C:\Windows\DirectX.log [10047]
- ~ Files: 240 Legitimates Filtered in 00mn 50s
- ---\\ MountPoints2 Shell Key (O51)
- O51 - MPSK:{999f23fd-7679-11e2-ad7a-3860772e8f51}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
- O51 - MPSK:{cce9ef50-d7e2-11e2-b0f4-3860772e8f51}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
- O51 - MPSK:{fcc362e3-bdf0-11e2-9554-3860772e8f51}\AutoRun\command. (...) -- C:\Windows\system32\http:\\www.ultimatebootcd.com\ (.not file.)
- ~ Keys: Scanned in 00mn 00s
- ---\\ Microsoft Windows Policies System (O55)
- O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
- O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
- O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
- ~ MWPS: 16 Legitimates Filtered in 00mn 00s
- ---\\ Microsoft Windows Policies Explorer (O56)
- O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
- ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
- ---\\ Liste des Drivers Système (O58)
- O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
- ~ Drivers: Scanned in 00mn 00s
- ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
- O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\32\frc\brrbtool.ex_ [53684]
- O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\brrbtool.ex_ [53684]
- O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\32\spa\brrbtool.ex_ [53684]
- O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\32\usa\brrbtool.ex_ [53684]
- O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\64\frc\brrbtool.ex_ [53684]
- O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\brrbtool.ex_ [53684]
- O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\64\spa\brrbtool.ex_ [53684]
- O61 - LFC: 10/05/2010 - 09:45:58 ---A- C:\Users\Benoit\Downloads\driver\64\usa\brrbtool.ex_ [53684]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9010cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9010mn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9120cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9125cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9320cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9325cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9010cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9010mn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9120cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9125cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9320cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9325cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9010cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9010mn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9120cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9125cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9320cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9325cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9010cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9010mn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9120cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9125cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9320cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9325cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9010cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9010mn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9120cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9125cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9320cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9325cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9010cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9010mn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9120cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9125cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9320cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9325cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9010cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9010mn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9120cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9125cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9320cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9325cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9010cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9010mn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9120cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9125cn.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9320cw.da_ [62]
- O61 - LFC: 15/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9325cw.da_ [62]
- O61 - LFC: 15/07/2013 - 08:39:06 ---A- C:\Users\Benoit\Documents\Base Psychos\scripts transfert sql.txt [2963]
- O61 - LFC: 15/07/2013 - 10:42:13 ---A- C:\Users\Benoit\Documents\Relevés d'heures\Relevé Heures 2013-08 Aout.xlsx [22442]
- O61 - LFC: 15/07/2013 - 10:42:13 ---A- C:\Users\Benoit\Downloads\Relevé d'heures Août 13.xlsx [22442]
- O61 - LFC: 15/07/2013 - 11:25:46 ---A- C:\Users\Benoit\Downloads\FernandaXXX_Schoolgirl_17102011.mp4 [234016190]
- O61 - LFC: 15/07/2013 - 12:30:32 ---A- C:\Users\Benoit\Downloads\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run)\My Wallpaper Gallery v1.3.torrent [12231]
- O61 - LFC: 15/07/2013 - 12:30:32 ---A- C:\Users\Benoit\Downloads\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run)\README.txt [200]
- O61 - LFC: 15/07/2013 - 12:30:38 ---A- C:\Users\Benoit\Downloads\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run)\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run).exe [33133446]
- O61 - LFC: 15/07/2013 - 13:22:41 ---A- C:\Users\Benoit\Downloads\RZ_5_thrash.m4a [927161]
- O61 - LFC: 15/07/2013 - 13:22:46 ---A- C:\Users\Benoit\Downloads\RZ_6_stoner.m4a [315650]
- O61 - LFC: 15/07/2013 - 13:36:30 ---A- C:\Users\Benoit\Downloads\groupes de musiques.docx [1935552]
- O61 - LFC: 15/07/2013 - 14:03:56 ---A- C:\Users\Benoit\Downloads\cv.pdf [44958]
- O61 - LFC: 16/07/2013 - 11:14:23 ---A- C:\Users\Benoit\Downloads\iNettutsDB.zip [51173]
- O61 - LFC: 16/07/2013 - 13:09:10 ---A- C:\Users\Benoit\Downloads\Cube World v0.1.0 (FIXED)(5 July 2013)(2-click run).zip [32935641]
- O61 - LFC: 16/07/2013 - 14:02:30 ---A- C:\Users\Benoit\Documents\Relevés d'heures\Relevé Heures 2013-07 Juillet.xlsx [15901]
- O61 - LFC: 16/07/2013 - 14:44:54 ---A- C:\Users\Benoit\Downloads\Cube World Updated 04-07-2013\server.cfg [5]
- O61 - LFC: 16/07/2013 - 14:45:08 ---A- C:\Users\Benoit\Downloads\Cube World Updated 04-07-2013\Save\world_server_26879.db [3072]
- O61 - LFC: 16/07/2013 - 16:00:40 ---A- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Local State~RF1699c17.TMP [33245]
- O61 - LFC: 17/07/2013 - 09:01:39 ---A- C:\Users\Benoit\AppData\Local\mRemoteNG\mRemoteNG.exe_Url_2joposk0sdzloff54inwswvbs45ekktw\1.70.4814.21440\user.config [22730]
- O61 - LFC: 17/07/2013 - 09:01:39 ---A- C:\Users\Benoit\AppData\Roaming\mRemoteNG\confCons.xml [23913]
- O61 - LFC: 17/07/2013 - 09:01:39 ---A- C:\Users\Benoit\AppData\Roaming\mRemoteNG\extApps.xml [51]
- O61 - LFC: 17/07/2013 - 09:01:39 ---A- C:\Users\Benoit\AppData\Roaming\mRemoteNG\pnlLayout.xml [5528]
- O61 - LFC: 17/07/2013 - 15:04:24 ---A- C:\Users\Benoit\Downloads\cakephp-cakephp-2.3.7-0-g06fc8db.zip [2091525]
- O61 - LFC: 17/07/2013 - 15:34:10 ---A- C:\Users\Benoit\AppData\Roaming\PSpad\Recent.INI [3692]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9015cn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\be9015mn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9015cn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\be9015mn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9015cn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\be9015mn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9015cn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\be9015mn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9015cn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\be9015mn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9015cn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\be9015mn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9015cn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\be9015mn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9015cn.da_ [62]
- O61 - LFC: 18/04/2011 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\be9015mn.da_ [62]
- O61 - LFC: 18/07/2013 - 08:13:49 ---A- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [258723]
- O61 - LFC: 18/07/2013 - 08:22:11 ---A- C:\Users\Benoit\Downloads\wakeonlan.zip [19712]
- O61 - LFC: 18/07/2013 - 08:43:27 ---A- C:\Users\Benoit\Downloads\Xbox360 mapped.rar [63482]
- O61 - LFC: 18/07/2013 - 08:50:01 ---A- C:\Users\Benoit\Downloads\Xpadder-v2012.12.31-Multilingual-Retail-WaLMaRT\file_id.diz [1430]
- O61 - LFC: 18/07/2013 - 08:50:01 ---A- C:\Users\Benoit\Downloads\Xpadder-v2012.12.31-Multilingual-Retail-WaLMaRT\walmart.nfo [4624]
- O61 - LFC: 18/07/2013 - 08:50:09 ---A- C:\Users\Benoit\Downloads\Xpadder-v2012.12.31-Multilingual-Retail-WaLMaRT\Xpadder.exe [1166848]
- O61 - LFC: 18/07/2013 - 09:05:31 --HA- C:\Users\Benoit\Documents\Default.rdp [2240]
- O61 - LFC: 18/07/2013 - 09:49:49 ---A- C:\Users\Benoit\AppData\Roaming\PSpad\PSPad.INI [8021]
- O61 - LFC: 18/07/2013 - 09:56:27 ---A- C:\Users\Benoit\Downloads\roles.sql [1130]
- O61 - LFC: 18/07/2013 - 10:16:59 ---A- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Local State [33421]
- O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\brpsm080.ex_ [26810]
- O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\brpsm080.ex_ [26810]
- O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\brpsm080.ex_ [26810]
- O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\brpsm080.ex_ [26810]
- O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\brpsma80.ex_ [26927]
- O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\brpsma80.ex_ [26927]
- O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\brpsma80.ex_ [26927]
- O61 - LFC: 20/07/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\brpsma80.ex_ [26927]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\brmd080.ex_ [35020]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\brmdw080.ex_ [32138]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\brmd080.ex_ [35020]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\brmdw080.ex_ [32138]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\brmd080.ex_ [35020]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\brmdw080.ex_ [32138]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\brmd080.ex_ [35020]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\brmdw080.ex_ [32138]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\brmda80.ex_ [36592]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\brmdwa80.ex_ [33034]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\brmda80.ex_ [36592]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\brmdwa80.ex_ [33034]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\brmda80.ex_ [36592]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\brmdwa80.ex_ [33034]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\brmda80.ex_ [36592]
- O61 - LFC: 24/09/2008 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\brmdwa80.ex_ [33034]
- O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\frc\bradc08a.da_ [69]
- O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\ptb\bradc08a.da_ [69]
- O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\spa\bradc08a.da_ [69]
- O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\32\usa\bradc08a.da_ [69]
- O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\frc\bradc08a.da_ [69]
- O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\ptb\bradc08a.da_ [69]
- O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\spa\bradc08a.da_ [69]
- O61 - LFC: 26/10/1999 - 17:00:00 ---A- C:\Users\Benoit\Downloads\driver\64\usa\bradc08a.da_ [69]
- ~ 16 Fichiers temporaires (Temporary files)
- ~ Files: 2870 Legitimates Filtered in 19mn 48s
- ---\\ Liste des outils de nettoyage (O63)
- O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
- ~ ADS: Scanned in 00mn 00s
- ---\\ File Associations Shell Spawning (O67)
- O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
- ~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
- ---\\ Start Menu Internet (O68)
- O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
- ~ Keys: Scanned in 00mn 00s
- ---\\ Search Browser Infection (O69)
- O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
- O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} [DefaultScope] - (MyStart Search) - http://mystart.incredibar.com =>Adware.IncrediBar
- ~ Keys: Scanned in 00mn 00s
- ---\\ Crack & Keygen Files (O82)
- C:\Program Files (x86)\Git\bin\ssh-keygen.exe
- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
- C:\Program Files (x86)\Git\bin\ssh-keygen.exe
- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
- C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
- ~ Files: Scanned in 03mn 53s
- ---\\ Recherche particuliere à la racine de certains dossiers (O84)
- [MD5.20A329C8B86D43A60153CEEC780D6A56] [SPRF][17/05/2013] (...) -- C:\ProgramData\hash.dat [32]
- [MD5.75DB5A0F9317A206E8CE59B0725F2984] [SPRF][15/11/2012] (.Think Tank Labs, LLC - Smart Suggestor Setup.) -- C:\Users\Benoit\AppData\Local\Temp\ap10013.exe [853184] =>Adware.SmartSuggestor
- [MD5.509842CCC1F9E1DCBE3A0E7A4D7D3CDF] [SPRF][11/07/2013] (.Microsoft Corporation - BingBarSetup-Partner.) -- C:\Users\Benoit\AppData\Local\Temp\BingBarSetup-Partner.exe [7850088]
- [MD5.B919F915239E373275D4836A019166C2] [SPRF][11/07/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\defaultCache.reg [1469030]
- [MD5.0A3B3936E54E4D0A995E03D16B6FFD60] [SPRF][15/05/2013] (.Foxit Corporation - Foxit Updater.) -- C:\Users\Benoit\AppData\Local\Temp\Foxit Reader Updater.exe [7672896]
- [MD5.5C8BF1592A4582BC4B4ADA1803646ADA] [SPRF][12/04/2013] (.Foxit Corporation - Foxit Updater.) -- C:\Users\Benoit\AppData\Local\Temp\Foxit Updater.exe [7672792]
- [MD5.A5F7B454773E2DC25D71550B76418C51] [SPRF][24/04/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\ICReinstall_vlmc-0-1-0-alpha-en-win-setup.exe [632856]
- [MD5.05FECA1B4B1F7F9D924191716AD3F0BA] [SPRF][17/01/2013] (.Pas de propriétaire - IncrediMail Installer.) -- C:\Users\Benoit\AppData\Local\Temp\incredibar_installer.exe [463184] =>Adware.IncrediBar
- [MD5.783B4B75CD1C249FFFE5D338CA3D33E6] [SPRF][17/01/2013] (.Pas de propriétaire - IZArc 4.1.7 Setup.) -- C:\Users\Benoit\AppData\Local\Temp\IZArcSetup.exe [5490568]
- [MD5.96AE974CEEA336A822272325811342ED] [SPRF][19/04/2013] (.Next Generation Software - mRemoteNG 1.70 Installer.) -- C:\Users\Benoit\AppData\Local\Temp\mRemote_Update.exe [2908917]
- [MD5.77DFB27D68CE46659A3D5E93410C0B75] [SPRF][17/01/2013] (.Babylon Ltd. - Babylon Client Setup.) -- C:\Users\Benoit\AppData\Local\Temp\MyBabylonTB_google_20120807.exe [899224] =>Toolbar.Babylon
- [MD5.01F3D76C7016A0D8BDDFF89C8B4F4D30] [SPRF][17/01/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\pricepeep_130001_0101.exe [456344] =>Adware.PricePeep
- [MD5.C5E74752E31CCB90AF310A694EEBF54F] [SPRF][24/04/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\Reg.reg [111958]
- [MD5.CF5AA645F19AAF02EFEE53C266B890E9] [SPRF][24/04/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\Reg2.reg [111958]
- [MD5.F10E9620F1D0EDEC56C0C1E1790CEAB9] [SPRF][19/06/2013] (.Skype Technologies S.A. - Skype.) -- C:\Users\Benoit\AppData\Local\Temp\SkypeSetup.exe [31668328]
- [MD5.B936F0F378B9A35489353E878154E899] [SPRF][07/11/2007] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\Benoit\AppData\Local\Temp\smd_runtime.exe [1821192]
- [MD5.93898116ACDD3EF5F7B536FA60574128] [SPRF][26/02/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\temp_presets.dat [2666]
- [MD5.8067FB1E819EA64C9C659407837B6D6C] [SPRF][27/03/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\uninstall.bat [1018]
- [MD5.06D5E5E952C61923C9D24C83E7FE1F45] [SPRF][27/06/2013] (...) -- C:\Users\Benoit\AppData\Local\Temp\vlc-2.0.7-win32.exe [22937227]
- ~ Files: Scanned in 00mn 00s
- ---\\ Firewall Active Exception List (FirewallRules) (O87)
- O87 - FAEL: "TCP Query User{D1B65A15-AB43-486C-B7E2-6C568298AE43}C:\program files\nodejs\node.exe" | In - Private - P6 - TRUE | .(.Joyent, Inc - Evented I/O for V8 JavaScript.) -- C:\program files\nodejs\node.exe
- O87 - FAEL: "UDP Query User{1AD1EC90-E981-40E8-987E-D6E611C79BB8}C:\program files\nodejs\node.exe" | In - Private - P17 - TRUE | .(.Joyent, Inc - Evented I/O for V8 JavaScript.) -- C:\program files\nodejs\node.exe
- O87 - FAEL: "{F20F13D9-F786-4DA0-8808-859B4F51549B}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
- O87 - FAEL: "{3E932DAB-0B38-411D-9CE4-42116302050E}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
- O87 - FAEL: "{C0C91E17-228B-477A-9F81-6924DF25547B}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
- O87 - FAEL: "{6ADF4FD5-31FB-4F80-9CAE-EAADA303FB3C}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
- ~ Firewall: 220 Legitimates Filtered in 00mn 00s
- ---\\ Scan Additionnel (O88)
- Database Version : v2.12771 - (17/07/2013)
- Clés trouvées (Keys found) : 43
- Valeurs trouvées (Values found) : 1
- Dossiers trouvés (Folders found) : 3
- Fichiers trouvés (Files found) : 5
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] =>Adware.IncrediBar
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] =>Adware.IncrediBar
- [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}] =>Adware.IncrediBar
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] =>Adware.IncrediBar
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] =>Adware.IncrediBar
- [HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService] =>Adware.IncrediBar
- [HKCU\Software\APN PIP] =>Toolbar.Ask
- [HKCU\Software\WNLT] =>Adware.IncrediBar
- [HKLM\SYSTEM\CurrentControlSet\Services\IB Updater] =>Adware.IncrediBar
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}] =>Adware.IncrediBar
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}] =>Adware.IncrediBar
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C}] =>Toolbar.Dashlane
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{669695BC-A811-4A9D-8CDF-BA8C795F261C}] =>Toolbar.Dashlane
- [HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
- [HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
- [HKLM\Software\Classes\esrv.IncredibarESrvc] =>Adware.Incredibar
- [HKLM\Software\Classes\esrv.IncredibarESrvc.1] =>Adware.Incredibar
- [HKLM\Software\Classes\Incredibar.dskBnd] =>Adware.Incredibar
- [HKLM\Software\Classes\Incredibar.dskBnd.1] =>Adware.Incredibar
- [HKLM\Software\Classes\Incredibar.IncredibarHlpr] =>Adware.Incredibar
- [HKLM\Software\Classes\Incredibar.IncredibarHlpr.1] =>Adware.Incredibar
- [HKLM\Software\Classes\IncredibarApp.appCore] =>Adware.Incredibar
- [HKLM\Software\Classes\IncredibarApp.appCore.1] =>Adware.Incredibar
- [HKLM\Software\Classes\AppID\escort.DLL] =>PUP.Funmoods
- [HKLM\Software\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
- [HKLM\Software\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
- [HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
- [HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
- [HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
- [HKLM\Software\Wow6432Node\Classes\esrv.IncredibarESrvc] =>Adware.Incredibar
- [HKLM\Software\Wow6432Node\Classes\esrv.IncredibarESrvc.1] =>Adware.Incredibar
- [HKLM\Software\Wow6432Node\Classes\Incredibar.dskBnd] =>Adware.Incredibar
- [HKLM\Software\Wow6432Node\Classes\Incredibar.dskBnd.1] =>Adware.Incredibar
- [HKLM\Software\Wow6432Node\Classes\Incredibar.IncredibarHlpr] =>Adware.Incredibar
- [HKLM\Software\Wow6432Node\Classes\Incredibar.IncredibarHlpr.1] =>Adware.Incredibar
- [HKLM\Software\Wow6432Node\Classes\IncredibarApp.appCore] =>Adware.Incredibar
- [HKLM\Software\Wow6432Node\Classes\IncredibarApp.appCore.1] =>Adware.Incredibar
- [HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
- [HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
- [HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
- [HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:Dashlane =>Toolbar.Dashlane
- C:\Program Files (x86)\Incredibar.com =>Adware.IncrediBar
- C:\Program Files (x86)\Smart Suggestor =>Adware.SmartSuggestor
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Suggestor =>Adware.SmartSuggestor
- C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\2syh6h0r.default-1363680329649\SearchPlugins\MyStart Search.xml =>Spyware.VMNToolbar
- C:\Users\Benoit\AppData\Local\Temp\incredibar_installer.exe =>Adware.IncrediBar
- C:\Users\Benoit\AppData\Local\Temp\MyBabylonTB_google_20120807.exe =>PUP.SweetIM
- C:\Users\Benoit\AppData\Local\Temp\pricepeep_130001_0101.exe =>Adware.PricePeep
- ~ Additionnel Scan: 244367 Items scanned in 00mn 12s
- ---\\ Product Upgrade Codes (O90)
- O90 - PUC: "5923976166327F040A543A4EA21863E5" . (.Bing Bar.) -- C:\Windows\Installer\{16793295-2366-40F7-A045-A3E42A81365E}\icon_installer_ico
- O90 - PUC: "5A5D625CC95A94D4BA19F1E28CD0C81C" . (.Zend Server.) -- C:\Windows\Installer\{C526D5A5-A59C-4D49-AB91-1F2EC80D8CC1}\ARPPRODUCTICON.exe
- O90 - PUC: "CE417ADECC11CB143A24222C3F181D56" . (.QPST 2.7.) -- C:\Windows\Installer\{EDA714EC-11CC-41BC-A342-22C2F381D165}\_6FEFF9B68218417F98F549.exe
- ~ Update Products: 30 Legitimates Filtered in 00mn 00s
- ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
- SR - | Demand 17/07/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- SR - | Auto 17/03/2013 27680 | (Apache2.2-Zend) . (.Apache Software Foundation.) - C:\Program Files (x86)\Zend\Apache2\bin\httpd.exe
- SR - | Auto 19/01/2013 729744 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
- SR - | Auto 13/02/2012 193816 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe
- SR - | Demand 13/02/2012 240408 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
- SR - | Demand 14/12/2012 277616 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
- SR - | Demand 26/06/2013 131912 | (Desura Install Service) . (.Desura Pty Ltd.) - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
- SR - | Auto 0 | (DisplayFusionService) . (...) - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
- SR - | Auto 17/01/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- SR - | Demand 17/01/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- SR - | Auto 188760 | (IB Updater) . (...) - C:\Program Files\IB Updater\ExtensionUpdaterService.exe =>Adware.InstallBrain
- SR - | Auto 1455408 | (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe =>Adware.InstallBrain
- SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
- SR - | Auto 17/07/2012 128896 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
- SR - | Auto 27/07/2012 170824 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
- SR - | Auto 17/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
- SR - | Auto 17/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- SR - | Demand 10/07/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
- SR - | Demand 08/01/2013 34528 | (OpenVPNService) . (.The OpenVPN Project.) - C:\Program Files\OpenVPN\bin\openvpnserv.exe
- SR - | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
- SR - | Demand 10/07/2013 559016 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
- SR - | Auto 14/12/2012 3467768 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
- SR - | Auto 17/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
- SR - | Demand 13/05/2012 22016 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
- SR - | Demand 9693696 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
- SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
- SR - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
- SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
- SR - | Auto 17/03/2013 782760 | (ZendDeployment) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\zdd.exe
- SR - | Auto 17/03/2013 998824 | (ZendJobQueue) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\jqd.exe
- SR - | Auto 17/03/2013 539048 | (ZendMonitor) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\MonitorNode.exe
- SR - | Auto 17/03/2013 1259432 | (ZendServerDaemon) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\zsd.exe
- SR - | Auto 17/03/2013 928680 | (ZendSessionClustering) . (.Zend Technologies Ltd..) - C:\Program Files (x86)\Zend\ZendServer\bin\scd.exe
- ~ Services: Scanned in 00mn 02s
- ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
- Written by ad13, http://ad13.geekstog
- Run by Benoit at 18/07/2013 11:41:26
- ********* Dump file Name *********
- C:\PhysicalDisk0_MBR.bin
- ~ MBR: Scanned in 00mn 04s
- ---\\ Malicius Software Information
- ~ http://nicolascoolman.webs.com/apps/blog/show/29335895-adware-smartsuggestor =>Adware.SmartSuggestor
- ~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
- ~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
- ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
- ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
- ~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
- ~ http://nicolascoolman.webs.com/apps/blog/show/27985391-spyware-vmntoolbar =>Spyware.VMNToolbar
- ~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
- ~ MSI: 8 link(s) detected in 00mn 04s
- ~ 4111 Legitimates filtered by white list
- End of the scan (709 lines in 28mn 56s)(6)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement