cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.8.7.11 par Nicolas Coolman, Update du 07/08/2013
Run by Administrateur at 07/08/2013 19:40:09
WebSite: http://nicolascoolman.webs.com
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
GCIE: Google Chrome v28.0.1500.95

---\\ Windows Product Information
~ Langage: Fran�ais
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ System Protection
avast! Free Antivirus v8.0.1489.0
Malwarebytes Anti-Malware version 1.75.0.1300

---\\ System Optimizer
CCleaner v4.04 =>Piriform Ltd

---\\ Peer To Peer (P2P)

---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader XI
Java 7 Update 25

---\\ System Information
~ Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1534 MB (70% free)
System Restore: Activ� (Enable)
System drive C: has 88 GB (78%) free of 112 GB

---\\ Logged in mode
~ Computer Name: DELL
~ User Name: Administrateur
~ All Users Names: SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\
~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\
~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 88 Go of 112 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 53 Go of 74 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
~ Security Center: 26 Legitimates Filtered in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.08125B740C62E6DEA9483A15043AD0D5] - (.Microsoft Corporation - Internet Extensions for Win32.) (.07/06/2013 - 22:48:38.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 11:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 10:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 17:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 18:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 10:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 10:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 11:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 11:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.13/04/2008 - 18:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 11:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 17:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.13/04/2008 - 17:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/11
~ Mes musiques (My Musics) : 1/22
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 2/770
~ Mon Bureau (My Desktop) : 0/2
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lanc�s
[MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1520]
[MD5.D3FACB34FFF5DB91ADB70987838F8BA7] - (.brother Industries Ltd - brsvc01a.) -- C:\WINDOWS\system32\brsvc01a.exe [57344] [PID.1736]
[MD5.9E646CD378D4D0C996BAF9BCB18237C7] - (.brother Industries Ltd - brss01a.exe.) -- C:\WINDOWS\system32\brss01a.exe [45056] [PID.1776]
[MD5.01018F75F3F18CE629FAC9689954A2AE] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [77824] [PID.324]
[MD5.996ABAC2332DE28F3B6A179C6DA20205] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [114688] [PID.332]
[MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968] [PID.340]
[MD5.F0431C490F124A8CC874163E6A38DD28] - (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe [221184] [PID.396]
[MD5.FE6E15CC578C3278755CDDFF70C2787D] - (.Logitech Inc. - ImageStudio Tray Application.) -- C:\Program Files\Logitech\Video\LogiTray.exe [217088] [PID.432]
[MD5.4400C3143778C1DF92D46C98688A9925] - (.ScanSoft, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393] [PID.460]
[MD5.EF2BC662BB4D927702ACE107C0275439] - (.Brother Industries, Ltd. - ControlCenter2 Main Program.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe [933888] [PID.484]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.492]
[MD5.F83709D0BACBA84D297183825F089D98] - (.C-Media Electronic Inc. (www.cmedia.com.tw) - Mixer.) -- C:\WINDOWS\Mixer.exe [1818624] [PID.516]
[MD5.B9B7084F7DB3D1B036C0B9178472E96A] - (.Logicool - Logicool Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [20480] [PID.548]
[MD5.B141F8F8B0FF37FFC51F9B71EE7A641B] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [19875432] [PID.624]
[MD5.04D8591C9E048A0C5E7D2D8D07AEB157] - (.Brother Industries, Ltd. - Status Monitor (Main).) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [802816] [PID.720]
[MD5.70B68620C41C40580886B808FD7265DA] - (.Logitech Inc. - QuickCam Framework Server.) -- C:\Program Files\Logitech\Video\FxSvr2.exe [192512] [PID.2036]
[MD5.C065A539A39E01B26415926C87C9E4A9] - (.Brother Industries, Ltd. - Status Monitor (Local).) -- C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe [69632] [PID.204]
[MD5.9ECF00E19736054E019C532AED8228FC] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182184] [PID.2088]
[MD5.402794A75A899E296AB3EDEC4ECCB9A8] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [4153184] [PID.2384]
[MD5.0C25E18BEC407608ACB751A8B414562B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7634432] [PID.652]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.3860]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 11 Legitimates Filtered in 00mn 08s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl
O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] . (.Logitech Inc. - Logitech QuickCam Startup Application.) -- C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] . (.Logitech Inc. - ImageStudio Tray Application.) -- C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] . (.Scansoft, Inc. - SSBkgdUpdate.) -- C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
O4 - HKLM\..\Run: [PaperPort PTD] . (.ScanSoft, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] . (.ScanSoft, Inc. - PaperPort IndexSearch.) -- C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] . (.Brother Industories, Ltd. - BrStDvPt.) -- C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] . (.Brother Industries, Ltd. - ControlCenter2 Main Program.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [C-Media Mixer] . (.C-Media Electronic Inc. (www.cmedia.com.tw) - Mixer.) -- C:\WINDOWS\Mixer.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] . (.Logicool - Logicool Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] . (.Logitech Inc. - Logitech Software Update.) -- C:\Program Files\Logitech\Video\ManifestEngine.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BrowserChoice] . (.Microsoft Corporation - Choix de navigateur�.) -- C:\WINDOWS\system32\browserchoice.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-823518204-813497703-839522115-500\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-823518204-813497703-839522115-500\..\Run: [LDM] . (.Logicool - Logicool Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKUS\S-1-5-21-823518204-813497703-839522115-500\..\Run: [LogitechSoftwareUpdate] . (.Logitech Inc. - Logitech Software Update.) -- C:\Program Files\Logitech\Video\ManifestEngine.exe
O4 - HKUS\S-1-5-21-823518204-813497703-839522115-500\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-823518204-813497703-839522115-500\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-823518204-813497703-839522115-500\..\Run: [BrowserChoice] . (.Microsoft Corporation - Choix de navigateur�.) -- C:\WINDOWS\system32\browserchoice.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Assistance � distance.lnk . (.Microsoft Corporation - Assistance � distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1374776238531
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1374776748250
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1080107-07BB-42F4-9CC6-29D029A49342}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{B1080107-07BB-42F4-9CC6-29D029A49342}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B1080107-07BB-42F4-9CC6-29D029A49342}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS3\Services\Tcpip\..\{B1080107-07BB-42F4-9CC6-29D029A49342}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: BrSplService (Brother XP spl Service) . (.brother Industries Ltd - brsvc01a.) - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
~ Services: 6 Legitimates Filtered in 00mn 05s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/07/2013 - 23:22:34 - [0] ----D C:\Program Files\majtuto4pc_fr_a2 =>PUP.Eorezo
O43 - CFD: 25/07/2013 - 23:22:41 - [0,000] ----D C:\Documents and Settings\Administrateur\Local Settings\Application Data\supt4pc_fr_51
~ Program Folder: 102 Legitimates Filtered in 00mn 06s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.F57E0F8625F8374393DA6CE20B7B19CA] - 07/08/2013 - 18:21:12 ---A- . (...) -- C:\WINDOWS\wiadebug.log [259]
O44 - LFC:[MD5.8C1F76D1962C3715F82C4B0FE97B4211] - 07/08/2013 - 18:20:57 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.823C3D7CA291F8355BFEC92BA90AD2DD] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [49466]
O44 - LFC:[MD5.8ACD3C73DDD366CB1AB8BA098F2838D5] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [3400]
O44 - LFC:[MD5.18AA1D9F2E897C8F060CF660A27CE283] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\comsetup.log [16303]
O44 - LFC:[MD5.96A8370A439AC6C90EE92FFF4D8132B4] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\iis6.log [52662]
O44 - LFC:[MD5.CE9561134B1F8AE981FA8D12EA420587] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\imsins.log [1355]
O44 - LFC:[MD5.50B833F6376C89D79388DFDF7554A8F6] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\msgsocm.log [2472]
O44 - LFC:[MD5.2A6187DA6A3B9CC4B1CBFB94F3F89708] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\netfxocm.log [8664]
O44 - LFC:[MD5.7D11C912A81ACBC50A777A017DEF3666] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [9876]
O44 - LFC:[MD5.DA9A7F4B341D48E66D0337F0FE7CB865] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\ocgen.log [23648]
O44 - LFC:[MD5.81887E2A8D4C787D47BB2C6BE1940E6A] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\ocmsn.log [2736]
O44 - LFC:[MD5.102E5CE810484C878B851C9CA8697580] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\tabletoc.log [2488]
O44 - LFC:[MD5.77742E2323E0A8F42A94BE48E3AA5209] - 07/08/2013 - 18:18:34 ---A- . (...) -- C:\WINDOWS\tsoc.log [22568]
O44 - LFC:[MD5.310B3067518B8DE8E70B251C2D8C3EFD] - 07/08/2013 - 18:18:32 ---A- . (...) -- C:\WINDOWS\msmqinst.log [15002]
O44 - LFC:[MD5.6BF7E60DAEA9F7935E32C71EBEDB88FF] - 07/08/2013 - 18:18:30 ---A- . (...) -- C:\WINDOWS\updspapi.log [73985]
O44 - LFC:[MD5.2A4122FC82269063321B9B41AE4EB09E] - 07/08/2013 - 18:13:24 ---A- . (...) -- C:\WINDOWS\spupdsvc.log [7309]
O44 - LFC:[MD5.DB738B847B82F08198BAF659E5551FF9] - 07/08/2013 - 18:12:14 ---A- . (...) -- C:\WINDOWS\ie8_main.log [199060]
O44 - LFC:[MD5.27556DD34D2B6CDC3811029A6F3D2B26] - 07/08/2013 - 18:12:10 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1355]
O44 - LFC:[MD5.387C7695CD14C842C9449FE27237D056] - 07/08/2013 - 18:07:29 ---A- . (...) -- C:\WINDOWS\ie8.log [60999]
O44 - LFC:[MD5.1C111D9AABF367A45B25C0C9EC39276E] - 07/08/2013 - 17:58:43 ---A- . (...) -- C:\WINDOWS\ie8Uninst.log [32228]
O44 - LFC:[MD5.C5F2B40B2FC5B9733B7A4F6B8F3D4FAA] - 01/08/2013 - 21:36:11 ---A- . (...) -- C:\WINDOWS\BRPP2KA.INI [27]
O44 - LFC:[MD5.96AB5888BC087FACFDB69D0956738724] - 01/08/2013 - 21:36:11 ---A- . (...) -- C:\WINDOWS\BRWMARK.INI [434]
O44 - LFC:[MD5.1BD2A86B53E6DF072D25919C83AC268D] - 31/07/2013 - 08:59:13 ---A- . (...) -- C:\WINDOWS\CMMIXER.INI [143]
O44 - LFC:[MD5.3D6C79A2099B7E8CEE90EF3031BF3DCD] - 31/07/2013 - 08:31:20 ---A- . (...) -- C:\WINDOWS\ODBC.INI [28]
O44 - LFC:[MD5.2405E54ECDA0C42D642CDB6BB28DABB2] - 30/07/2013 - 19:20:11 ---A- . (...) -- C:\WINDOWS\mixerdef.ini [25]
O44 - LFC:[MD5.53661F1A3BEC687487D8E27813DECB09] - 29/07/2013 - 10:03:59 R--A- . (.Sensaura Ltd - Audio3D (OEM).) -- C:\WINDOWS\system32\AUDIO3D3.DLL [712704]
O44 - LFC:[MD5.F8015E1A57C8DC9D9248429AFC7DF27E] - 29/07/2013 - 10:03:57 R--A- . (.C-Media - cmuda.dll.) -- C:\WINDOWS\system32\CMUDA3.DLL [36864]
O44 - LFC:[MD5.0A7F9FD3AF4811315D57A761A0DC7159] - 29/07/2013 - 10:03:57 R--A- . (.C-Media Corporation - CMI UDA Property Page.) -- C:\WINDOWS\system32\UDAPROP3.DLL [32768]
O44 - LFC:[MD5.6BD1EB1CDAACCD3EB85F29AF25CAB040] - 29/07/2013 - 10:03:56 R--A- . (.C-Media Inc - C-Media Audio WDM Driver.) -- C:\WINDOWS\system32\Drivers\cmuda3.sys [798592]
O44 - LFC:[MD5.D6A755A42BD28535569F886164310CE1] - 29/07/2013 - 09:35:21 ---A- . (...) -- C:\WINDOWS\wininit.ini [16]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 27/07/2013 - 03:06:31 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 27/07/2013 - 03:06:31 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.F5C397BEFBE878EBBAA17055D06359C7] - 27/07/2013 - 03:06:26 ---A- . (...) -- C:\WINDOWS\win.ini [507]
O44 - LFC:[MD5.CF4D1AC04DB5CC5185EE6912A7EC2217] - 26/07/2013 - 16:42:21 -SHA- . (...) -- C:\WINDOWS\Thumbs.db [8192]
O44 - LFC:[MD5.78C2198AFEB936C1757DB4E83AB14A00] - 26/07/2013 - 10:54:52 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [6280]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 25/07/2013 - 20:12:46 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.0EFBE230E6FCC4FFB3802F8F4E7AC3B1] - 25/07/2013 - 20:10:52 ---A- . (...) -- C:\WINDOWS\system32\spupdwxp.log [247]
O44 - LFC:[MD5.8E59F9BE251C8AE32A1CEB068B3F96B1] - 25/07/2013 - 20:00:16 ----- . (...) -- C:\WINDOWS\system32\Drivers\ativmc20.cod [64352]
O44 - LFC:[MD5.3194C32E8A2403073B812183355E25C6] - 25/07/2013 - 20:00:15 ----- . (...) -- C:\WINDOWS\system32\Drivers\cxthsfs2.cty [129045]
O44 - LFC:[MD5.573C7D0A32852B48F3058CFD8026F511] - 25/07/2013 - 20:00:15 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O44 - LFC:[MD5.905CB655E93D39C97E078A3C4C884F31] - 25/07/2013 - 20:00:14 ----- . (...) -- C:\WINDOWS\system32\Drivers\netwlan5.img [67866]
O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 25/07/2013 - 16:21:27 ---A- . (...) -- C:\WINDOWS\system.ini [231]
O44 - LFC:[MD5.3951DDA5353E83D52DFEB09823201B3D] - 25/07/2013 - 14:25:45 ---A- . (...) -- C:\WINDOWS\system32\brss01a.ini [30]
O44 - LFC:[MD5.2F5854447E0BAA5E00BD5251AFB18DD0] - 25/07/2013 - 14:25:45 ---A- . (...) -- C:\WINDOWS\system32\brsvc01a.bsi [184]
O44 - LFC:[MD5.F8AFA67525EE7AC43F108DA79EB99625] - 25/07/2013 - 14:24:51 ---A- . (...) -- C:\WINDOWS\system32\bridf05a.dat [50]
O44 - LFC:[MD5.C0526E59E39ECE8F22FA00C8BA66F4EA] - 25/07/2013 - 14:24:40 ---A- . (.Brother Industries, Ltd - mddll.) -- C:\WINDOWS\system32\bsplmf01.dll [258048]
O44 - LFC:[MD5.2CFE3E7ABCDAE404508C20574F8AA9E7] - 25/07/2013 - 14:24:40 ---A- . (.Brother Industries, Ltd. - Brother MFC WIA minidriver.) -- C:\WINDOWS\system32\BrWia05a.dll [121856]
O44 - LFC:[MD5.0F218A20E08400513F63C934292B0058] - 25/07/2013 - 14:24:40 ---A- . (.Brother Industries, Ltd. - USB STI device accessing module for Brother.) -- C:\WINDOWS\system32\BrUSi05a.dll [37888]
O44 - LFC:[MD5.C1055545FA21979BE963EFD110313CCD] - 25/07/2013 - 14:24:40 ---A- . (.Brother Industries,ltd - brspl03x.) -- C:\WINDOWS\system32\bsplmf01.exe [131072]
O44 - LFC:[MD5.92A964547B96D697E5E9ED43B4297F5A] - 25/07/2013 - 14:24:39 ---A- . (.Brother Industries Ltd. - Brother USB Scanner Driver.) -- C:\WINDOWS\system32\Drivers\BrScnUsb.sys [15295]
O44 - LFC:[MD5.9E646CD378D4D0C996BAF9BCB18237C7] - 25/07/2013 - 14:24:39 ---A- . (.brother Industries Ltd - brss01a.exe.) -- C:\WINDOWS\system32\brss01a.exe [45056]
O44 - LFC:[MD5.D3FACB34FFF5DB91ADB70987838F8BA7] - 25/07/2013 - 14:24:39 ---A- . (.brother Industries Ltd - brsvc01a.) -- C:\WINDOWS\system32\brsvc01a.exe [57344]
O44 - LFC:[MD5.F774B31C142986C6B0DB7B9B155B9E57] - 25/07/2013 - 14:24:37 ----- . (.Brother Industries,Ltd. - brinsstr.) -- C:\WINDOWS\system32\brinsstr.dll [55296]
O44 - LFC:[MD5.2AC9A46B2738A0B39DDCFA292B869E36] - 25/07/2013 - 14:24:27 ----- . (.brother - BrWebIns.) -- C:\WINDOWS\system32\BrWebIns.dll [86016]
O44 - LFC:[MD5.09861EB3E8A682C51D4FA6B009F8C19A] - 25/07/2013 - 14:24:27 ----- . (.brother - brwebup.) -- C:\WINDOWS\system32\BRWEBUP.EXE [69632]
O44 - LFC:[MD5.6BE365E127E84D684B9A9E85F5C31455] - 25/07/2013 - 14:24:27 ----- . (.brother - printer driver installer.) -- C:\WINDOWS\system32\PDRVINST.DLL [188416]
O44 - LFC:[MD5.BC07B48DD982FEE6D17A1EBBDE600B58] - 25/07/2013 - 14:24:20 ----- . (...) -- C:\WINDOWS\CVRPAGE.bmp [6224]
O44 - LFC:[MD5.46AE67007ED872050DB3BA9615283EB5] - 25/07/2013 - 14:24:19 ----- . (.Brother Industries,Ltd. - brunin03.) -- C:\WINDOWS\brunin03.dll [147456]
O44 - LFC:[MD5.481C3CABA9160C3CC91560D837EA3E37] - 25/07/2013 - 14:22:06 ---A- . (...) -- C:\WINDOWS\maxlink.ini [27279]
O44 - LFC:[MD5.8C1DB21C44F64F495BD81940B820BD58] - 25/07/2013 - 14:13:21 ---A- . (...) -- C:\WINDOWS\system32\lvcoinst.log [1205]
O44 - LFC:[MD5.A6B0528D2AFC460F44323B4FCB95F5B4] - 25/07/2013 - 14:13:04 R--A- . (...) -- C:\WINDOWS\system32\lvcoinst.ini [9255]
O44 - LFC:[MD5.9A155D31B8E52F41B258282092CC93A7] - 25/07/2013 - 14:13:03 R--A- . (...) -- C:\WINDOWS\system32\Drivers\lvcm.sys [1317152]
O44 - LFC:[MD5.3BCA51839237B0B31D45DF27749B6FF1] - 25/07/2013 - 14:09:45 R--A- . (...) -- C:\WINDOWS\system32\InstMed.exe [53248]
O44 - LFC:[MD5.FB5C5A690706D669C8DBBAD30FDFFBD7] - 25/07/2013 - 14:08:49 ---A- . (.Ingenient Technologies, Inc. - Ingenient Technologies, Inc. G.726 CODEC.) -- C:\WINDOWS\system32\ITIG726.acm [29795]
O44 - LFC:[MD5.B0FEEC04E8D7DE3F38F41B0F5910AFD6] - 25/07/2013 - 14:08:30 R---- . (...) -- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe [81920]
O44 - LFC:[MD5.3FFBEE694566CADB0A64D8A1ACD7DBCE] - 25/07/2013 - 13:21:27 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSP.sys.sum [175]
O44 - LFC:[MD5.FAF091AA45A6A6CF3CF94FE065950956] - 25/07/2013 - 13:21:27 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSnx.sys.sum [175]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/07/2013 - 12:57:42 ---A- . (...) -- C:\WINDOWS\system32\h323log.txt [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/07/2013 - 12:56:45 ----- . (...) -- C:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.35448F3A71EBBECF8E997FAD3A99327D] - 25/07/2013 - 12:53:59 ---A- . (...) -- C:\WINDOWS\system32\c_28603.nls [66082]
O44 - LFC:[MD5.C37A21EE1ADFDC13FC707D97073148ED] - 25/07/2013 - 12:53:58 ---A- . (...) -- C:\WINDOWS\system32\c_28599.nls [66082]
O44 - LFC:[MD5.A8764750B22B528D85A691A52CB21856] - 25/07/2013 - 12:53:58 ---A- . (...) -- C:\WINDOWS\system32\c_857.nls [66594]
O44 - LFC:[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - 25/07/2013 - 12:53:57 ---A- . (...) -- C:\WINDOWS\system32\c_10081.nls [66082]
O44 - LFC:[MD5.E22D1B9AC7854C0A654E4C4232074E49] - 25/07/2013 - 12:53:56 ---A- . (...) -- C:\WINDOWS\system32\C_28595.NLS [66082]
O44 - LFC:[MD5.AF4A866226BD04ACF06135088D75BB63] - 25/07/2013 - 12:53:56 ---A- . (...) -- C:\WINDOWS\system32\c_10007.nls [66082]
O44 - LFC:[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - 25/07/2013 - 12:53:56 ---A- . (...) -- C:\WINDOWS\system32\c_10017.nls [66082]
O44 - LFC:[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - 25/07/2013 - 12:53:54 ---A- . (...) -- C:\WINDOWS\system32\C_28597.NLS [66082]
O44 - LFC:[MD5.0A206B5CACD3CA70D2044DA691304765] - 25/07/2013 - 12:53:54 ---A- . (...) -- C:\WINDOWS\system32\c_10006.nls [66082]
O44 - LFC:[MD5.BAC7072B365F9648CA318154BA7E03EC] - 25/07/2013 - 12:53:54 ---A- . (...) -- C:\WINDOWS\system32\c_737.nls [66594]
O44 - LFC:[MD5.780C444EB16B65E6DE96F794A732DA12] - 25/07/2013 - 12:53:54 ---A- . (...) -- C:\WINDOWS\system32\c_869.nls [66594]
O44 - LFC:[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - 25/07/2013 - 12:53:54 ---A- . (...) -- C:\WINDOWS\system32\c_875.nls [66082]
O44 - LFC:[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - 25/07/2013 - 12:53:53 ---A- . (...) -- C:\WINDOWS\system32\C_28594.NLS [66082]
O44 - LFC:[MD5.3E969213F35127D83DAB48FF1283E8E4] - 25/07/2013 - 12:53:53 ---A- . (...) -- C:\WINDOWS\system32\c_855.nls [66594]
O44 - LFC:[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - 25/07/2013 - 12:53:53 ---A- . (...) -- C:\WINDOWS\system32\c_866.nls [66594]
O44 - LFC:[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - 25/07/2013 - 12:53:51 ---A- . (...) -- C:\WINDOWS\system32\c_10010.nls [66082]
O44 - LFC:[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - 25/07/2013 - 12:53:51 ---A- . (...) -- C:\WINDOWS\system32\c_10029.nls [66082]
O44 - LFC:[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - 25/07/2013 - 12:53:51 ---A- . (...) -- C:\WINDOWS\system32\c_10082.nls [66082]
O44 - LFC:[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - 25/07/2013 - 12:53:51 ---A- . (...) -- C:\WINDOWS\system32\c_852.nls [66594]
O44 - LFC:[MD5.6CB26848BCDAA361B6EE21264FB362C3] - 25/07/2013 - 12:53:49 ---A- . (...) -- C:\WINDOWS\system32\c_20127.nls [66082]
O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 25/07/2013 - 12:53:46 ----- . (...) -- C:\WINDOWS\system32\CONFIG.TMP [3072]
O44 - LFC:[MD5.F08DBD8C48A168818A3DFC28929EE6B5] - 25/07/2013 - 12:53:46 ---A- . (...) -- C:\WINDOWS\system32\AUTOEXEC.NT [1896]
O44 - LFC:[MD5.9728065DFEB3E01FDC7ABC20A6973855] - 25/07/2013 - 11:33:09 R--A- . (...) -- C:\WINDOWS\system32\CMRMDRV3.DLL [28672]
O44 - LFC:[MD5.60C84853A0584395A9D9BED310D70D5D] - 25/07/2013 - 11:33:09 R--A- . (.Pas de propri�taire - CmiRemoveDriver MFC Application.) -- C:\WINDOWS\system32\CMRMDRV3.exe [233472]
O44 - LFC:[MD5.E97FE407C2C027098EF85FB4B97F85EB] - 25/07/2013 - 11:32:58 R---- . (.Pas de propri�taire - CmiUSBUninstall MFC Application.) -- C:\WINDOWS\CmiPCIUninstall.exe [28672]
O44 - LFC:[MD5.B466815F996245D08700FE049E6FC4B8] - 25/07/2013 - 11:25:08 ---A- . (...) -- C:\WINDOWS\system32\wpa.bak [13646]
O44 - LFC:[MD5.BDFC6C92E88C555EA39BD2F6634CD1FE] - 25/07/2013 - 11:19:25 ---A- . (...) -- C:\WINDOWS\system32\e100b325.din [5178]
O44 - LFC:[MD5.53661F1A3BEC687487D8E27813DECB09] - 25/07/2013 - 11:18:45 ---A- . (.Sensaura Ltd - Audio3D (OEM).) -- C:\WINDOWS\system32\a3d.dll [712704]
O44 - LFC:[MD5.A5A81183A937FF47C435FF4A682B5CAC] - 25/07/2013 - 11:06:48 ---A- . (...) -- C:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.D77BBE394E419A31AD8AF29B36D6F735] - 25/07/2013 - 11:05:33 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [261]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/07/2013 - 11:03:00 ---A- . (...) -- C:\AUTOEXEC.BAT [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/07/2013 - 11:03:00 ---A- . (...) -- C:\CONFIG.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/07/2013 - 11:03:00 ---A- . (...) -- C:\WINDOWS\control.ini [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/07/2013 - 11:03:00 RSHA- . (...) -- C:\IO.SYS [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/07/2013 - 11:03:00 RSHA- . (...) -- C:\MSDOS.SYS [0]
O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 25/07/2013 - 11:02:40 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 25/07/2013 - 11:01:49 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 25/07/2013 - 11:01:49 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 25/07/2013 - 11:01:42 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 25/07/2013 - 11:01:42 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 25/07/2013 - 11:01:42 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 25/07/2013 - 11:01:42 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 25/07/2013 - 11:01:42 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 25/07/2013 - 11:01:42 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 25/07/2013 - 11:00:59 ---A- . (...) -- C:\WINDOWS\desktop.ini [2]
O44 - LFC:[MD5.81051BCC2CF1BEDF378224B0A93E2877] - 25/07/2013 - 11:00:59 ---A- . (...) -- C:\WINDOWS\system32\desktop.ini [2]
O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 25/07/2013 - 11:00:59 -SH-- . (...) -- C:\WINDOWS\winnt.bmp [49102]
O44 - LFC:[MD5.8FBEC4D51D39DB985490F7C049AF488E] - 25/07/2013 - 11:00:59 -SH-- . (...) -- C:\WINDOWS\winnt256.bmp [49102]
O44 - LFC:[MD5.953F335605F3AF11F5FFA082E281A26A] - 25/07/2013 - 10:59:54 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [21892]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 25/07/2013 - 10:59:43 ---A- . (...) -- C:\WINDOWS\vb.ini [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 25/07/2013 - 10:59:43 ---A- . (...) -- C:\WINDOWS\vbaddin.ini [37]
O44 - LFC:[MD5.39F43DBCE366B2561DF073B4C0839299] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Bulles de savon.bmp [65978]
O44 - LFC:[MD5.1AC5E83598D4F2143B59A2D893C3279A] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Granit vert.bmp [26582]
O44 - LFC:[MD5.203EF178BF8B0A8EC34E27E4DEDB6349] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Jour de p�che.bmp [17336]
O44 - LFC:[MD5.EB3BFC14E41FBAA41B4FD4489AA82D39] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Mur de Santa Fe.bmp [65832]
O44 - LFC:[MD5.3A8B85AB7B415BF3F8AFE285DFE0CE29] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Plume.bmp [16730]
O44 - LFC:[MD5.927A66BD587E31CB12D3AB25381658DC] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Rhododendron.bmp [17362]
O44 - LFC:[MD5.5B4AC407E566076BB726BA91E067D313] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Rivi�re Sumida.bmp [26680]
O44 - LFC:[MD5.73D70ED3EC3BBFD8FD35DF431C38F374] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Tasse � caf�.bmp [17062]
O44 - LFC:[MD5.280920B6773C74C3649A934257112BE1] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Vent de prairie.bmp [65954]
O44 - LFC:[MD5.5290EA6951F4724259F423B12C8E1393] - 25/07/2013 - 10:59:07 ---A- . (...) -- C:\WINDOWS\Zapotec.bmp [9522]
O44 - LFC:[MD5.DAC71A10A6A71CB6E3F427AE3283734B] - 25/07/2013 - 10:59:06 ---A- . (...) -- C:\WINDOWS\Rosace bleue 16.bmp [1272]
O44 - LFC:[MD5.405E1EF8E3C88E9BCD2853382BB12430] - 25/07/2013 - 10:59:06 ---A- . (...) -- C:\WINDOWS\system32\bopomofo.uce [22984]
O44 - LFC:[MD5.4FDED87068052EEB9B72A97FDBC141DB] - 25/07/2013 - 10:59:06 ---A- . (...) -- C:\WINDOWS\system32\gb2312.uce [24006]
O44 - LFC:[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - 25/07/2013 - 10:59:06 ---A- . (...) -- C:\WINDOWS\system32\ideograf.uce [60458]
O44 - LFC:[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - 25/07/2013 - 10:59:06 ---A- . (...) -- C:\WINDOWS\system32\kanji_1.uce [6948]
O44 - LFC:[MD5.529BBD63519BBD654EF328454019693F] - 25/07/2013 - 10:59:06 ---A- . (...) -- C:\WINDOWS\system32\kanji_2.uce [8484]
O44 - LFC:[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - 25/07/2013 - 10:59:06 ---A- . (...) -- C:\WINDOWS\system32\korean.uce [12876]
O44 - LFC:[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - 25/07/2013 - 10:59:06 ---A- . (...) -- C:\WINDOWS\system32\shiftjis.uce [16740]
O44 - LFC:[MD5.30F5568679A54042F99CA9EC1102EBCD] - 25/07/2013 - 10:59:06 ---A- . (...) -- C:\WINDOWS\system32\subrange.uce [93702]
O44 - LFC:[MD5.4A547D74B435E78418BE06406250C1D3] - 25/07/2013 - 10:59:04 ---A- . (...) -- C:\WINDOWS\system32\tslabels.h [3286]
O44 - LFC:[MD5.F9A14C7B36E10052A1B0F071BC3C1C65] - 25/07/2013 - 10:59:04 ---A- . (...) -- C:\WINDOWS\system32\tslabels.ini [27768]
O44 - LFC:[MD5.9F27B27C8405FEAF7DFC4DA3751DEF22] - 25/07/2013 - 10:59:04 ---A- . (...) -- C:\WINDOWS\system32\usrlogon.cmd [1263]
O44 - LFC:[MD5.CDD932EDCB756FB5F7CE5E2F090BA838] - 25/07/2013 - 10:59:03 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.h [768]
O44 - LFC:[MD5.FDA18F513403E67CAE9BF0D2DD948B28] - 25/07/2013 - 10:59:03 ---A- . (...) -- C:\WINDOWS\system32\msdtcprf.ini [3914]
O44 - LFC:[MD5.2CE7B1EEB99C14032C0E2201B004F80E] - 25/07/2013 - 10:58:57 ---A- . (...) -- C:\WINDOWS\system32\wmimgmt.msc [63488]
~ Files: 650 Legitimates Filtered in 00mn 17s



---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13/04/2008 - 10:36:40 ----- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\Drivers\amdagp.sys [43008]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 02/03/2006 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {7ADFE31A-A24D-49CB-9403-9204B160578C} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.FD2FB30285C4E77FE998C510CE65EBCF] [SPRF][27/07/2013] (...) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat [137]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.3217F1F7D2F34FFAAE55F53AC3C4920F] [SPRF][16/10/2003] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [299008]
~ Files: Scanned in 00mn 00s



---\\ Windows Installer Scan (O93) (NTFS)
[MD5.6BFC814D54A943356AE540C5B19CD848] [WIS][09/06/2013] (.Cybelsoft - Hardware Detection Ma-Config.com.) -- C:\Windows\Installer\123c46.msi [4861952]
[MD5.8639F06BEDABCCE30EBCB6E80B9C5C72] [WIS][25/07/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\159931.msi [1615360]
[MD5.58B65381121F1EE6605BC922ACF3FF58] [WIS][06/08/2013] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\1ea829.msi [24576]
[MD5.5E3B264541D2A23D48CB3A92FDF393F7] [WIS][27/07/2013] (.The J2SE Runtime Environment with European - Additional Font and Media Support.) -- C:\Windows\Installer\39805.msi [180736]
[MD5.4764672D7CF52A6D879B36759B6C6AD7] [WIS][25/07/2013] (.ScanSoft, Inc. - PaperPort 9,0.) -- C:\Windows\Installer\8cf69.msi [23894528]
~ WIS: 26 Legitimates Filtered in 00mn 03s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 27/07/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 11/04/2002 57344 | (Brother XP spl Service) . (.brother Industries Ltd.) - C:\WINDOWS\system32\brsvc01a.exe
SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 31/07/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 31/07/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 06/08/2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 27/07/2013 182184 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SS - | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 08/07/2013 4153184 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
~ Services: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : v2.12839 - (07/08/2013)
Cl�s trouv�es (Keys found) : 5
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 1
Fichiers trouv�s (Files found) : 0

[HKLM\Software\Classes\CLSID\{1a03f196-9617-4ca0-842b-a83ceecb022b}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] =>Toolbar.Avast
C:\Program Files\majtuto4pc_fr_a2 =>PUP.Eorezo^
~ Additionnel Scan: 123877 Items scanned in 00mn 22s



---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/30898585-toolbar-avast =>Toolbar.Avast
~ MSI: 3 link(s) detected in 00mn 23s



~ 1334 Legitimates filtered by white list
End of the scan (545 lines in 01mn 18s)(0)

Publicité


Signaler le contenu de ce document

Publicité