cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par theo (06/02/2014 21:31:23)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16750
GCIE: Google Chrome v32.0.1700.107 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : RM2MG
Windows License : OK
~ Windows Remaining Initializations Number : 998
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.10 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3673 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 147 GB (78%) free of 186 GB

---\\ Mode de connexion au système
~ Computer Name: THÉO
~ User Name: theo
~ All Users Names: theo, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\theo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\theo\AppData\Roaming\
~ %Desktop% : C:\Users\theo\Desktop\
~ %Favorites% : C:\Users\theo\Favorites\
~ %LocalAppData% : C:\Users\theo\AppData\Local\
~ %StartMenu% : C:\Users\theo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 147 Go of 186 Go)
D: Hard drive, Flash drive, Thumb drive (Free 258 Go of 258 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.928791755FDDEA721B053535EF84FA17] - (.Microsoft Corporation - Explorateur Windows.) (.26/07/2012 - 05:49:13.) -- C:\Windows\Explorer.exe [2380440]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.E7099336BF7531B6FCC920DCB5101259] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/10/2013 - 07:19:22.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.93AB226C07A9789B2EC7B41F73602F76] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Winlogon.exe [516608]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.8D6810577E9C4F56DCB8E9BACAC7287B] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.26/07/2012 - 03:27:36.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/7
~ Mes Favoris (My Favorites) : 1/7
~ Mon Bureau (My Desktop) : 1/4
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.7C58A2513C3DA421A461D75C66C56D21] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1123536] [PID.544]
[MD5.5640B4C10682FBC39C86C8C7A8392B5E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866632] [PID.3328]
[MD5.2C35624F79B9ADBFE47090879F0D8673] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208] [PID.3428]
[MD5.A2791CF11D1ED52DBCD75D2FFD4D50E7] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [178848] [PID.3448]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.4056]
[MD5.01F1839AD462D146BB15B1DA9FDE2EE7] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1557664] [PID.4416]
[MD5.29769215DEB6E8418EF3656B0423776E] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352] [PID.4064]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8339968] [PID.3348]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\theo\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 16 Legitimates Filtered in 00mn 11s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\QuickLaunch [theo]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [theo]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [theo]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [theo]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [theo]: ASUS (2).lnk . (...) -- C:\Users\Public\Desktop\ASUS
O4 - GS\Program [theo]: ASUS.lnk . (...) -- C:\Users\Public\Desktop\ASUS
O4 - GS\Program [theo]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Global Startup: 35 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: AsusVibeLauncher.lnk . (.ASUSTeK Computer Inc. - AsusVibe Application.) -- C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ASUS Cloud Corporation - ASUS WebStorage Panel.) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{CAE2C5A0-A894-4743-AEC8-300ED2170C67}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{CAE2C5A0-A894-4743-AEC8-300ED2170C67}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1DCBB8A81F1872BF2CCEC4998709CA8D] - 04/02/2014 - 10:31:18 ---A- . (...) -- C:\Windows\System32\RaCoInst.log [2859]
O44 - LFC:[MD5.351EF211FC5DA078A02376D24E6829AF] - 04/02/2014 - 12:35:37 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386646]
O44 - LFC:[MD5.44546100E9495D0EE6D92593CEE243C7] - 04/02/2014 - 20:58:42 ---A- . (...) -- C:\Windows\DPINST.LOG [7914]
O44 - LFC:[MD5.18B7CB93C628B2E84C19D147F4AE881E] - 05/02/2014 - 07:26:25 ---A- . (...) -- C:\Windows\System32\par.txt [42]
O44 - LFC:[MD5.95970761AEE9A4B5678A839656168E51] - 05/02/2014 - 07:26:25 ---A- . (...) -- C:\Windows\System32\par2.txt [45]
O44 - LFC:[MD5.A8D374CEB37D5F518962B7F79F7D0786] - 05/02/2014 - 07:28:29 ---A- . (...) -- C:\Windows\cur.log [1203]
O44 - LFC:[MD5.532300289668FC59C7DE9BB15888DDB1] - 05/02/2014 - 07:30:46 ---A- . (...) -- C:\Windows\ori.log [1246]
O44 - LFC:[MD5.10F0F26B3A99898B94C3BFA4E56ECC1A] - 05/02/2014 - 07:36:35 ---A- . (...) -- C:\Windows\mot.log [1246]
O44 - LFC:[MD5.57622C3186F68B12942059D2A16FF6C4] - 05/02/2014 - 09:02:39 ---A- . (...) -- C:\Windows\Improvement.log [26]
O44 - LFC:[MD5.D662EC1D230A9418B6643698D3A4698F] - 05/02/2014 - 09:02:54 ---A- . (...) -- C:\Windows\comp.log [172]
~ Files: 381 Legitimates Filtered in 00mn 08s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.C14FCE1CD885C1845AA60E304B4F255D] - 04/02/2014 - 10:21:31 ---A- - C:\Windows\Prefetch\ASCALL.EXE-AEB321E4.pf
O45 - LFCP:[MD5.62CDD0A03DE014031F52957E66631524] - 04/02/2014 - 11:32:17 ---A- - C:\Windows\Prefetch\MISPREG.EXE-3031D383.pf
O45 - LFCP:[MD5.EE19B32F50548EDA22268C2575911147] - 04/02/2014 - 13:50:07 ---A- - C:\Windows\Prefetch\CLEANUPTXRLOGS.EXE-E3BABE71.pf
O45 - LFCP:[MD5.E740C04692FCC544D2F4B56226C0847F] - 05/02/2014 - 07:50:48 ---A- - C:\Windows\Prefetch\ALERTHOST.EXE-C015AEDE.pf
O45 - LFCP:[MD5.F246A76655299D5C3ED960051C8C6B69] - 05/02/2014 - 10:46:46 ---A- - C:\Windows\Prefetch\LZMA.EXE-634042D5.pf
O45 - LFCP:[MD5.9ED3B0BB4CA5BF72E2595F52E4192A46] - 05/02/2014 - 10:49:22 ---A- - C:\Windows\Prefetch\MCUIHOST.EXE-AE5E0AD4.pf
O45 - LFCP:[MD5.CB0565A8931664833865ABDE0CDCE3BA] - 05/02/2014 - 10:49:43 ---A- - C:\Windows\Prefetch\MCVSSHLD.EXE-71926677.pf
O45 - LFCP:[MD5.B9A5055DC91D5DD4F91B2FA09EEE2C1B] - 05/02/2014 - 10:49:47 ---A- - C:\Windows\Prefetch\INSTALLER.EXE-580EEEBD.pf
O45 - LFCP:[MD5.7699EDAC12303496979F828142EA5632] - 05/02/2014 - 10:49:55 ---A- - C:\Windows\Prefetch\FIRESVC.EXE-0D835FE5.pf
O45 - LFCP:[MD5.B5D7D94BF34A0A3401B532FAFFA06C20] - 05/02/2014 - 10:50:14 ---A- - C:\Windows\Prefetch\MCALERT.EXE-8AB70189.pf
O45 - LFCP:[MD5.16E1330F60CC1EC4800719A2DBEB2A0D] - 05/02/2014 - 10:51:44 ---A- - C:\Windows\Prefetch\MCMIGRATOR.EXE-B8880D01.pf
O45 - LFCP:[MD5.8483BE845A38C3E40588042A47AC2653] - 05/02/2014 - 10:51:57 ---A- - C:\Windows\Prefetch\ALERTH~1.EXE-07D1D4C2.pf
O45 - LFCP:[MD5.91159B17000D016B9699199754E73129] - 05/02/2014 - 10:52:13 ---A- - C:\Windows\Prefetch\MCVSCINS.EXE-DC4DAD9E.pf
O45 - LFCP:[MD5.FF77FEF5CA47E41E2D50320BC9FF52B4] - 05/02/2014 - 10:52:17 ---A- - C:\Windows\Prefetch\MFEHIDIN.EXE-829EBFD4.pf
O45 - LFCP:[MD5.D286BF357B74A62293DD873D54945AB7] - 06/02/2014 - 21:19:13 ---A- - C:\Windows\Prefetch\CTR.EXE-B9E3C91B.pf
~ Prefetcher: 222 Legitimates Filtered in 00mn 03s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.A8080BEBCDB7A16495CE1205921DCAC5] - 02/08/2012 - 04:22:48 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [14992]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
~ Drivers: 17 Legitimates Filtered in 00mn 02s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 04/02/2014 - 21:32:56 ---A- . (...) -- C:\Users\theo\AppData\Local\Google\Chrome\User Data\First Run [0]
O61 - LFC: 04/02/2014 - 21:33:02 ---A- . (...) -- C:\Users\theo\AppData\Roaming\ASUS WebStorage\Logs\AWS-AsusWSPanel.txt [0]
O61 - LFC: 04/02/2014 - 21:33:02 ---A- . (...) -- C:\Users\theo\AppData\Roaming\ASUS WebStorage\Logs\AWS-explorer.txt [0]
O61 - LFC: 04/02/2014 - 21:33:02 ---A- . (...) -- C:\Users\theo\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk [0]
O61 - LFC: 04/02/2014 - 21:33:14 ---A- . (...) -- C:\Users\theo\Links\Desktop.lnk [466]
O61 - LFC: 04/02/2014 - 21:33:15 ---A- . (...) -- C:\Users\theo\Links\Downloads.lnk [917]
O61 - LFC: 04/02/2014 - 21:33:15 ---A- . (...) -- C:\Users\theo\Links\RecentPlaces.lnk [383]
O61 - LFC: 04/02/2014 - 21:33:15 R-HA- . (...) -- C:\Users\theo\Searches\Everywhere.search-ms [248]
O61 - LFC: 04/02/2014 - 21:33:15 R-HA- . (...) -- C:\Users\theo\Searches\Indexed Locations.search-ms [248]
O61 - LFC: 05/02/2014 - 21:32:43 ---A- . (...) -- C:\Users\theo\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [273221]
O61 - LFC: 05/02/2014 - 21:32:56 ---A- . (...) -- C:\Users\theo\AppData\Local\Google\Chrome\User Data\fr-FR-3-0.bdic [1074744]
O61 - LFC: 05/02/2014 - 21:32:57 ---A- . (...) -- C:\Users\theo\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\manifest.fingerprint [66]
O61 - LFC: 05/02/2014 - 21:32:57 ---A- . (...) -- C:\Users\theo\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\manifest.json [845]
O61 - LFC: 05/02/2014 - 21:33:00 ---A- . (...) -- C:\Users\theo\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdm.dll [6940304]
O61 - LFC: 06/02/2014 - 21:32:56 ---A- . (...) -- C:\Users\theo\AppData\Local\Google\Chrome\User Data\Local State [57850]
O61 - LFC: 06/02/2014 - 21:33:03 ---A- . (...) -- C:\Users\theo\AppData\Roaming\ZHP\Log.txt [33341] =>.Nicolas Coolman
O61 - LFC: 06/02/2014 - 21:33:03 ---A- . (...) -- C:\Users\theo\AppData\Roaming\ZHP\TestsZHPDiag.txt [2799] =>.Nicolas Coolman
O61 - LFC: 06/02/2014 - 21:33:03 ---A- . (...) -- C:\Users\theo\AppData\Roaming\ZHP\ZHPDiag.txt [17811] =>.Nicolas Coolman
O61 - LFC: 06/02/2014 - 21:33:06 ---A- . (...) -- C:\Users\theo\Downloads\CTR.exe [959475]
~ 10 Fichiers temporaires (Temporary files)
~ Files: 799 Legitimates Filtered in 00mn 32s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (...) -- C:\ProgramData\SetStretch.exe [24576]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 04/02/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/02/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 26/07/2012 30208 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 08/08/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 23/07/2012 105120 | (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation

~ Services: Scanned in 00mn 04s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by theo at 06/02/2014 21:37:15
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by theo at 06/02/2014 21:37:17

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 145632 Items scanned in 01mn 04s



~ 2104 Legitimates filtered by white list
End of the scan (353 lines in 07mn 00s)(0)

Publicité


Signaler le contenu de ce document

Publicité