cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2013.9.28.51 - Nicolas Coolman (28/09/2013)
~ Lanc� par Balaram (29/09/2013 22:09:51)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 24.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Logiciels de protection du syst�me
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.3.0216.0

---\\ Logiciels d'optimisation du syst�me

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI

---\\ Informations sur le syst�me
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (61% free)
System Restore: Activ� (Enable)
System drive E: has 19 GB (41%) free of 46 GB

---\\ Mode de connexion au syst�me
~ Computer Name: PCSOUND1
~ User Name: Balaram
~ All Users Names: UpdatusUser, SUPPORT_388945a0, HelpAssistant, Balaram, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : E:\
~ %AppZHP% : E:\Documents and Settings\Balaram\Application Data\ZHP\
~ %AppData% : E:\Documents and Settings\Balaram\Application Data\
~ %Desktop% : E:\Documents and Settings\Balaram\Bureau\
~ %Favorites% : E:\Documents and Settings\Balaram\Favoris\
~ %LocalAppData% : E:\Documents and Settings\Balaram\Local Settings\Application Data\
~ %StartMenu% : E:\Documents and Settings\Balaram\Menu D�marrer\
~ %Windir% : E:\WINDOWS\
~ %System% : E:\WINDOWS\system32\

---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 9 Go of 10 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 19 Go of 46 Go)
F: Hard drive, Flash drive, Thumb drive (Free 30 Go of 107 Go)
G: Hard drive, Flash drive, Thumb drive (Free 515 Go of 726 Go)
H: CD-ROM drive (Free 0 Go of 1 Go)



---\\ Etat du Centre de S�curit� Windows
~ Security Center: 29 Legitimates Filtered in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- E:\WINDOWS\Explorer.exe [1037824]
[MD5.EA7AB3839BE1FFE067A8131F3547160D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.08/08/2013 - 07:05:46.) -- E:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- E:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- E:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- E:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- E:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- E:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- E:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- E:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- E:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- E:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- E:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- E:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- E:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- E:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- E:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.13/04/2008 - 18:09:42.) -- E:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- E:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- E:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 17:57:36.) -- E:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.13/04/2008 - 17:56:06.) -- E:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/11
~ Mes Documents (My Documents) : 1/8250
~ Mon Bureau (My Desktop) : 0/12
~ Menu demarrer (Programs) : 1/72
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lanc�s
[MD5.3EA6A1A744D79328AE7E2C6FAE4C4420] - (.Microsoft Corporation - Antimalware Service Executable.) -- E:\Program Files\Microsoft Security Client\MsMpEng.exe [22216] [PID.1156]
[MD5.B8E69088190434068BF83061A537F36A] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- E:\WINDOWS\RTHDCPL.exe [19556968] [PID.188]
[MD5.8AFA9E689D0517A7F99928C62880A1D0] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- E:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600] [PID.164]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\RunDLL32.exe [0] [PID.212]
[MD5.1775BDBEF28FD1B0F0AC43F10F483E08] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896] [PID.248]
[MD5.F5FBA8724DE219E96D9ABAF4772D31A3] - (.CyberLink Corp. - PowerDVD RC Service.) -- E:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336] [PID.264]
[MD5.B196AD6815800558ECBBB8F5DE06FABB] - (.cyberlink - brs.) -- E:\Program Files\Cyberlink\Shared files\brs.exe [75048] [PID.292]
[MD5.A71EA5CB05DE4AEF2E9AEC97B7E00ED7] - (.Team H2O - Team H2O CLEDX.) -- E:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [385024] [PID.392]
[MD5.1A8010091771B3E3DC5D978B71BCF8EF] - (.Pinnacle Systems GmbH, Braunschweig - Pinnacle Scheduler Application.) -- E:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe [237568] [PID.508]
[MD5.BB0886BB3B7ED94E0C02B83DD6C0C1D4] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- E:\Program Files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.exe [148248] [PID.704]
[MD5.E076BAE968916E9D2980814CA7E7AB8C] - (.CybelSoft - Service de d�tection mat�riel.) -- E:\Program Files\ma-config.com\MaConfigAgent.exe [1786704] [PID.1844]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2096]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2116]
[MD5.F0FA6A2FE9DD2D164208384764110A36] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 327.2.) -- E:\WINDOWS\system32\nvsvc32.exe [156960] [PID.2140]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2552]
[MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- E:\Program Files\Mozilla Firefox\firefox.exe [274840] [PID.2404]
[MD5.12FD4EF8F2CBBF98E0A5CED88258DDF3] - (.Mozilla Corporation - Plugin Container for Firefox.) -- E:\Program Files\Mozilla Firefox\plugin-container.exe [17816] [PID.408]
[MD5.53B399A4785651C6B638541FD282E9AF] - (.Nicolas Coolman - ZHPDiag.) -- E:\Program Files\ZHPDiag\ZHPDiag.exe [8024576] [PID.644]
~ Processes Running: Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=E:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=E:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- E:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe =>.Microsoft Corporation
O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- E:\Program Files\Messenger\msmsgs.exe
O4 - GS\Program [UpdatusUser]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- E:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Balaram]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- E:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
~ Global Startup: 14 Legitimates Filtered in 00mn 00s



---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - GS\Program [AllUsers]: Pinnacle Scheduler.lnk . (.Pinnacle Systems GmbH, Braunschweig - Pinnacle Scheduler Application.) -- E:\Program Files\Pinnacle\Shared Files\Programs\Scheduler\PCLEScheduler.exe
O4 - GS\Program [Balaram]: Logitech . Enregistrement du produit.lnk . (.Leader Technologies/Logitech - Product Registration.) -- E:\Program Files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] . (...) -- E:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- E:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- E:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- E:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- E:\WINDOWS\system32\NvMCTray.dll
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- E:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- E:\Program Files\NVIDIA Corporation\nview\nwiz.exe
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
O4 - HKLM\..\Run: [RemoteControl9] . (.CyberLink Corp. - PowerDVD RC Service.) -- E:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- E:\Program Files\CyberLink\PowerDVD9\Language\Language.exe
O4 - HKLM\..\Run: [BDRegion] . (.cyberlink - brs.) -- E:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- E:\Program Files\CyberLink\Media Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [H2O] . (.Team H2O - Team H2O CLEDX.) -- E:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- E:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- E:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-1343024091-1682526488-839522115-1003\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- E:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
~ Application: Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- E:\Program Files\MICROS~3\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &li�es OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- E:\Program Files\MICROS~3\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- E:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1380360686843
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F3C7780-2852-4154-BE78-44B2F32A43B3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5F3C7780-2852-4154-BE78-44B2F32A43B3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{5F3C7780-2852-4154-BE78-44B2F32A43B3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- E:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- E:\Program Files\Fichiers communs\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- E:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- E:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- E:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- E:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- e:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- E:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- E:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- E:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- E:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- E:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- E:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- E:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Power Control [2013/09/28 16:35:47] ({B154377D-700F-42cc-9474-23858FBDF4BD}) . (.CyberLink Corp. - Pas de description.) - E:\Program Files\CyberLink\PowerDVD9\000.fcl
~ Services: 6 Legitimates Filtered in 00mn 05s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - E:\Documents and Settings\Balaram\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - E:\Documents and Settings\Balaram\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\InstalledThirdPartyPrograms]
[HKLM\Software\InstalledThirdPartyPrograms]
~ Key Software: 142 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.C8CB90E735C0541D7BF2ABCA6076D752] - 29/09/2013 - 21:09:54 ---A- . (...) -- E:\Documents [120]
O44 - LFC:[MD5.6DB5E65790486C66DD15BF3521112CA5] - 29/09/2013 - 21:07:17 ---A- . (...) -- E:\WINDOWS\system32\nvAppTimestamps [2018]
O44 - LFC:[MD5.9B520F3B786454BB135AC341C721918C] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\FaxSetup.log [883338]
O44 - LFC:[MD5.BB73DCA6EDDA52C4D4F3929394896F17] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\MedCtrOC.log [63210]
O44 - LFC:[MD5.97AF3E9C9D761B2344D9C264CC305403] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\comsetup.log [305750]
O44 - LFC:[MD5.0EC640A074A6854DE2CBE0B6164B9A18] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\iis6.log [986238]
O44 - LFC:[MD5.222FA0BCC983377D6FA3871163EDCCD2] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.5D4F7C6BF52B19EEBE6B8A910AB02EBD] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\msgsocm.log [44284]
O44 - LFC:[MD5.6143BFEBA3691909A4BFC8B0BBDDE5AE] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\netfxocm.log [155167]
O44 - LFC:[MD5.2C280FA975E7035D91A5A3529C47484A] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\ntdtcsetup.log [182920]
O44 - LFC:[MD5.510781A4ABAE711165D24E68EE950707] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\ocgen.log [431317]
O44 - LFC:[MD5.F6D00E60DE221FAB3452BAD53A78FE68] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\ocmsn.log [48926]
O44 - LFC:[MD5.0ACA8C31401CF1C3CD89B02D80D15815] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\tabletoc.log [45301]
O44 - LFC:[MD5.987A98C23F1E9DB911859A3B6EF50E8B] - 29/09/2013 - 18:33:35 ---A- . (...) -- E:\WINDOWS\tsoc.log [407011]
O44 - LFC:[MD5.D114BC8AD35FA624A1CDDFA0D537D688] - 29/09/2013 - 18:33:34 ---A- . (...) -- E:\WINDOWS\msmqinst.log [279714]
O44 - LFC:[MD5.EE9D8B7FAD6E066F255E7598D3CB25F4] - 29/09/2013 - 18:17:22 ---A- . (...) -- E:\WINDOWS\win.ini [552]
O44 - LFC:[MD5.38B4A0D72E773615A2B5CE1926396478] - 29/09/2013 - 05:38:14 ---A- . (...) -- E:\WINDOWS\spupdsvc.log [81679]
O44 - LFC:[MD5.B7DE98F24E27301C83202C4D201533E2] - 28/09/2013 - 23:21:34 ---A- . (...) -- E:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.2D50DFD2AFE1B91488F1215C9270452D] - 28/09/2013 - 23:21:25 ---A- . (...) -- E:\WINDOWS\updspapi.log [175597]
O44 - LFC:[MD5.657AA19BD3D63275B2C924C686E53FF7] - 28/09/2013 - 22:23:49 ---A- . (...) -- E:\WINDOWS\wiadebug.log [1550]
O44 - LFC:[MD5.246EA88F295C915FB941EF3D1B89AD97] - 28/09/2013 - 22:23:49 ---A- . (...) -- E:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.4895E947F403D3B11EB51C4C4250B63C] - 28/09/2013 - 21:16:40 ---A- . (...) -- E:\WINDOWS\WgaNotify.log [8023]
O44 - LFC:[MD5.FA36248D3340BAB59321817756716B8D] - 28/09/2013 - 19:51:27 ---A- . (...) -- E:\WINDOWS\ie8_main.log [153991]
O44 - LFC:[MD5.EC6E5623749C39E4F5897628D7B8CA87] - 28/09/2013 - 19:50:01 ---A- . (...) -- E:\WINDOWS\ie8.log [87029]
O44 - LFC:[MD5.939939B266DD9D404BBC2F8F0A254502] - 28/09/2013 - 19:29:20 ---A- . (...) -- E:\WINDOWS\wmsetup.log [17872]
O44 - LFC:[MD5.DA39F9EF28219BBDFC9D7CCE2AB8681B] - 28/09/2013 - 19:18:56 ---A- . (...) -- E:\WINDOWS\system32\TZLog.log [6138]
O44 - LFC:[MD5.E10225717335A6BF3E26FBDD01D239A2] - 28/09/2013 - 17:04:10 ---A- . (...) -- E:\WINDOWS\system32\IWUninstall.exe [153088]
O44 - LFC:[MD5.875F9079CABEE679D34B49E466B61701] - 28/09/2013 - 17:04:10 ---A- . (.VOB Computersysteme GmbH - ASAPI.) -- E:\WINDOWS\system32\Drivers\asapi.sys [11264]
O44 - LFC:[MD5.AA067EB26E84B7EB5532D7DBB1B54DBD] - 28/09/2013 - 17:04:10 ---A- . (.VOB Computersysteme GmbH - VOB Hardware Driver.) -- E:\WINDOWS\system32\vobhw.dll [611840]
O44 - LFC:[MD5.D7D4D7DC7A4B2EE2B8C8247C101FA85E] - 28/09/2013 - 17:04:10 ---A- . (.VoB Computersysteme GmbH - ASAPI Driver Library.) -- E:\WINDOWS\system32\asapi.dll [19456]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 28/09/2013 - 16:57:51 ---A- . (...) -- E:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.B53F9635457B56DCFFEF750E18AEC6CB] - 28/09/2013 - 16:55:14 ---A- . (.Team H2O - Team H2O CLEDX DevWhore.) -- E:\WINDOWS\system32\Drivers\cledx.sys [33792]
O44 - LFC:[MD5.AAD6725AD307EFBE3CCBFCE6959B53F9] - 28/09/2013 - 16:55:09 ---A- . (...) -- E:\WINDOWS\system32\SYNSOACC-Aide.chm [147425]
O44 - LFC:[MD5.4EAD77F0E82265D5FC552540E6122271] - 28/09/2013 - 16:55:09 ---A- . (...) -- E:\WINDOWS\system32\SYNSOACC-Help.chm [114279]
O44 - LFC:[MD5.E8A7B5467405E67E1D21E17B76BAD3DB] - 28/09/2013 - 16:55:09 ---A- . (...) -- E:\WINDOWS\system32\SYNSOACC-Hilfe.chm [120468]
O44 - LFC:[MD5.7CF8DA2A77FBD5B9102B6B55F5402822] - 28/09/2013 - 16:55:07 ---A- . (.Syncrosoft Hard- und Software GmbH - Syncrosoft Protected Object Server Dummy.) -- E:\WINDOWS\system32\Synsopos.exe [45056]
O44 - LFC:[MD5.6C7D924BC3BD099F0397A3541B15DBB0] - 28/09/2013 - 16:55:05 ---A- . (.Syncrosoft Hard- und Software GmbH - Pas de description.) -- E:\WINDOWS\system32\SynsoLChk.dll [147456]
O44 - LFC:[MD5.DC7FFFB0F6FBCC57976BA6CC67B94A8D] - 28/09/2013 - 16:55:04 ---A- . (.Syncrosoft Hard- und Software GmbH - Syncrosoft POS Access DLL.) -- E:\WINDOWS\system32\SYNSOACC.dll [704512]
O44 - LFC:[MD5.5B94D875BCCECDE6C7E9BDE8D90BBD4D] - 28/09/2013 - 10:25:37 ---A- . (...) -- E:\WINDOWS\bitssetup.log [2590]
O44 - LFC:[MD5.1C4BF16F2486610BFCD72630BC9C13F1] - 28/09/2013 - 08:50:26 ---A- . (...) -- E:\WINDOWS\dasetup.log [17759]
O44 - LFC:[MD5.9CC155101814BBC7EDF51143CBECECB1] - 28/09/2013 - 08:50:24 ----- . (...) -- E:\WINDOWS\TWAINCAP.INI [14025]
O44 - LFC:[MD5.FB2F4FA89BC61D2C6ADB33458831C7EB] - 28/09/2013 - 08:50:24 ----- . (...) -- E:\WINDOWS\TWAINCAP.SRC [5526]
O44 - LFC:[MD5.F2B3785D7282BAC66D4B644FC88749F0] - 28/09/2013 - 08:49:58 ----- . (.Padus, Inc. - Padus(R) ASPI Shell.) -- E:\WINDOWS\system32\Drivers\pfc.sys [14604]
O44 - LFC:[MD5.FFFA14F5BC164E6D371BAE97F26E3083] - 28/09/2013 - 08:49:57 ----- . (...) -- E:\WINDOWS\system32\Masd32.dll [57856]
O44 - LFC:[MD5.4D479B6F1473712E16D9103F6DD5361E] - 28/09/2013 - 08:49:57 ----- . (...) -- E:\WINDOWS\system32\Mase32.dll [138752]
O44 - LFC:[MD5.330A8642DCAEB99F5C5C46B02131B76E] - 28/09/2013 - 08:49:56 ----- . (...) -- E:\WINDOWS\system32\Ma32.dll [27648]
O44 - LFC:[MD5.FC405D5E105C111740B0B9F893973F2D] - 28/09/2013 - 08:49:56 ----- . (.Pas de propri�taire - MACD32 DLL.) -- E:\WINDOWS\system32\Macd32.dll [196096]
O44 - LFC:[MD5.5D3CC67ABB8812F050008D98574607D0] - 28/09/2013 - 08:49:56 ----- . (.Pas de propri�taire - MAMC32 DLL.) -- E:\WINDOWS\system32\Mamc32.dll [136192]
O44 - LFC:[MD5.1D09E8C5C7DDC667A1C8CF20465336C9] - 28/09/2013 - 08:15:33 ---A- . (...) -- E:\WINDOWS\system32\nvdrsdb1.bin [1114168]
O44 - LFC:[MD5.55A54008AD1BA589AA210D2629C1DF41] - 28/09/2013 - 08:15:33 ---A- . (...) -- E:\WINDOWS\system32\nvdrssel.bin [1]
O44 - LFC:[MD5.CF49E3AC679D616842642E58CC17D768] - 28/09/2013 - 08:15:31 ---A- . (...) -- E:\WINDOWS\system32\nvdrsdb0.bin [1114168]
O44 - LFC:[MD5.C0682CD58BB595CA66BE050F15588F10] - 28/09/2013 - 08:15:15 ---A- . (...) -- E:\WINDOWS\system32\nvdata.data [2313192]
O44 - LFC:[MD5.E405695DF60C05596AFCB7312D1A7E71] - 28/09/2013 - 06:47:17 ---A- . (...) -- E:\WINDOWS\OEWABLog.txt [1178]
O44 - LFC:[MD5.68330A172E1DBCF0FF0ABC346E33D383] - 28/09/2013 - 06:47:11 ---A- . (...) -- E:\WINDOWS\setuplog.txt [838878]
O44 - LFC:[MD5.F25EB88413151109106C61AEBE6F7DE6] - 28/09/2013 - 06:47:08 ---A- . (...) -- E:\WINDOWS\DtcInstall.log [359]
O44 - LFC:[MD5.B226DCF00E410C2C0F96907B46A3284B] - 28/09/2013 - 06:47:07 ---A- . (...) -- E:\WINDOWS\spupdsvc.log.1.log [187]
O44 - LFC:[MD5.C97864959A62F1FC8BCF015A35351951] - 28/09/2013 - 06:47:07 ---A- . (...) -- E:\WINDOWS\system32\spupdwxp.log [255]
O44 - LFC:[MD5.91681E28E473440C40573321CA855789] - 28/09/2013 - 06:46:07 ---A- . (...) -- E:\WINDOWS\svcpack.log [498907]
O44 - LFC:[MD5.A61882DEB81BAB25739A180B3B35F92B] - 28/09/2013 - 06:21:36 ---A- . (...) -- E:\WINDOWS\cmsetacl.log [373]
O44 - LFC:[MD5.1D0F6DD5CF492F60ACA79FD5356D204D] - 28/09/2013 - 06:21:33 ---A- . (...) -- E:\WINDOWS\sessmgr.setup.log [1281]
O44 - LFC:[MD5.8E59F9BE251C8AE32A1CEB068B3F96B1] - 28/09/2013 - 06:20:27 ----- . (...) -- E:\WINDOWS\system32\Drivers\ativmc20.cod [64352]
O44 - LFC:[MD5.3194C32E8A2403073B812183355E25C6] - 28/09/2013 - 06:20:27 ----- . (...) -- E:\WINDOWS\system32\Drivers\cxthsfs2.cty [129045]
O44 - LFC:[MD5.905CB655E93D39C97E078A3C4C884F31] - 28/09/2013 - 06:20:26 ----- . (...) -- E:\WINDOWS\system32\Drivers\netwlan5.img [67866]
O44 - LFC:[MD5.0B711542487E0B8C0974B54784111086] - 28/09/2013 - 06:03:47 ---A- . (...) -- E:\WINDOWS\LDPINST.LOG [5420]
O44 - LFC:[MD5.825E6489F563FD64D9816C3CB9215D3A] - 28/09/2013 - 06:03:46 ---A- . (...) -- E:\WINDOWS\LkmdfCoInst.log [201]
O44 - LFC:[MD5.7F63AAD217A4C98053C5108C2C5AEFE9] - 28/09/2013 - 06:03:46 ---A- . (...) -- E:\WINDOWS\Wdf01009Inst.log [4990]
O44 - LFC:[MD5.DE0F9F13B77E183FC3270F23C8A66F58] - 27/09/2013 - 18:58:02 ---A- . (...) -- E:\WINDOWS\system32\wpa.bak [2422]
~ Files: 456 Legitimates Filtered in 00mn 14s



---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.875F9079CABEE679D34B49E466B61701] - 17/04/2002 - 19:27:02 ---A- . (.VOB Computersysteme GmbH - ASAPI.) -- E:\WINDOWS\system32\Drivers\asapi.sys [11264]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 29/10/2007 - 13:00:00 ---A- . (...) -- E:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: 7 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- E:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- E:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.17C8BF490CA207D06EF2A0EC84F47191] [SPRF][28/09/2013] (...) -- E:\Documents and Settings\Balaram\Bureau\adwcleaner.exe [1042066]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 28/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - E:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - E:\WINDOWS\system32\dmadmin.exe
SS - | Demand 13/06/2013 293144 | (LBTServ) . (.Logitech, Inc..) - E:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe
SR - | Auto 08/09/2013 1786704 | (MaConfigAgent) . (.CybelSoft.) - E:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - E:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - E:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 12/09/2013 156960 | (NVSvc) . (.NVIDIA Corporation.) - E:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 27/08/2013 2155296 | (nvUpdatusService) . (.NVIDIA Corporation.) - E:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 01/09/2009 87536 | ({B154377D-700F-42cc-9474-23858FBDF4BD}) . (.CyberLink Corp..) - E:\Program Files\CyberLink\PowerDVD9\000.fcl
~ Services: Scanned in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : 12930 - (28/09/2013)
Cl�s trouv�es (Keys found) : 0
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0

~ Additionnel Scan: 181814 Items scanned in 00mn 12s



~ 1123 Legitimates filtered by white list
End of the scan (404 lines in 00mn 47s)(0)

Publicité


Signaler le contenu de ce document

Publicité