Format du document : text/plain
Prévisualisation
~ Riporto di ZHPDiag v2015.5.2.45 - Nicolas Coolman (02/05/2015)
~ Lanciato da admin (03/05/2015 19.20.31)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Indirizzo del foum Web : http://forum.nicolascoolman.fr
~ Tradotto da
~ Stato della versione : Versione aggiornata.
~ Lista Bianca : Utente disattivato
~ Elevazione dei privilegi : OK
~ Controllo dell'Account utente : Activate by user
---\\ Browser Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 37.0.2 (Defaut)
---\\ Informazioni sul prodotto Windows
~ Langage: Italien
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
---\\ Software di protezione del sistema
COMODO Internet Security Premium v8.2.0.4508
Malwarebytes Anti-Malware versione 2.1.6.1022
---\\ Software di ottimizzazione del sistema
---\\ Condivisione di software PeerToPeer
---\\ Software di sorveglianza
Adobe Flash Player 17 NPAPI
Adobe Reader XI
---\\ Informazioni sul sistema
~ Processor: x86 Family 6 Model 23 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (58% free)
System Restore: Désactivé (Disabled)
System drive C: has 637 GB (92%) free of 688 GB
---\\ Connessione alla modalità sistema
~ Computer Name: PC-ADMIN
~ User Name: admin
~ All Users Names: Guest, ASPNET, Administrator, admin,
~ Unselected Option: None
Logged in as Administrator
---\\ Variabili di ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\admin\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\admin\AppData\Roaming\
~ %Desktop% : C:\Users\admin\Desktop\
~ %Favorites% : C:\Users\admin\Favorites\
~ %LocalAppData% : C:\Users\admin\AppData\Local\
~ %StartMenu% : C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\System32\
---\\ Enumerazione delle unità disco
C: Hard drive, Flash drive, Thumb drive (Free 637 Go of 688 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
E: Hard drive, Flash drive, Thumb drive (Free 516 Go of 699 Go)
F: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: CD-ROM drive (Not Inserted)
---\\ Stato di Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 47 Scanned in 00mn 00s
---\\ Ricerca di particolari file generico
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Esplora risorse.) (.11/04/2009 - 7.27.36.) -- C:\WINDOWS\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Applicazione di avvio di Windows.) (.18/01/2008 - 22.33.38.) -- C:\WINDOWS\System32\Wininit.exe [96768]
[MD5.19B481D70FBC176AE5D3E91347B0128F] - (.Microsoft Corporation - Internet Extensions per Win32.) (.01/05/2015 - 13.30.53.) -- C:\WINDOWS\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Applicazione Accesso a Windows.) (.11/04/2009 - 7.28.13.) -- C:\WINDOWS\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 7.53.22.) -- C:\WINDOWS\system32\Drivers\AFD.sys [273408]
[MD5.BFD3DF48C9ED81934FE21E8E3CFC2496] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.01/01/2007 - 22.50.14.) -- C:\WINDOWS\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.18/01/2008 - 20.28.04.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 5.39.17.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15.59.03.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 5.42.42.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Driver della porta i8042.) (.18/01/2008 - 20.49.20.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.18/01/2008 - 20.56.30.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14.24.40.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 5.45.37.) -- C:\WINDOWS\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Driver file system NT.) (.03/03/2013 - 20.07.52.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Driver della porta parallela.) (.02/11/2006 - 9.51.30.) -- C:\WINDOWS\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.18/01/2008 - 20.56.36.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10.03.00.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 5.45.22.) -- C:\WINDOWS\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 5.45.56.) -- C:\WINDOWS\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Driver copia shadow del volume.) (.21/08/2012 - 12.47.42.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Stato dei file nascosti (nascosti/totale)
~ Mes images (My Pictures) : 1/84
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 1/155
~ Mon Bureau (My Desktop) : 1/11
~ Menu demarrer (Programs) : 0/0
~ Hidden Files: Scanned in 00mn 00s
---\\ Processo avviato
[MD5.1013953949768FA3FC0811CCF7FDD51C] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1359064] [PID.2228]
[MD5.361CD47DC5BD83EE24407903233B0D9A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\WINDOWS\RtHDVCpl.exe [4874240] [PID.2436]
[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [PID.2444]
[MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784] [PID.2460]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.2468]
[MD5.DE37F9B256FABE999A03EA23B4CA26EC] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [52392] [PID.2476]
[MD5.E6DEED311D830678E1A0B4889F3C2F0E] - (.UASSOFT.COM - DRIVER AUTORUN.) -- C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe [212992] [PID.2484]
[MD5.0A15E929756AB59EEE6115996BF09313] - (.Macrovision - LaunchAnywhere.) -- C:\Program Files\MonitorSoftware\Winpower.exe [114688] [PID.2500]
[MD5.FCB74635483CE82FF2BE9F91D2C8558E] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432] [PID.2508]
[MD5.CDE07257FC2802001D930ADD1F25127C] - (.UASSOFT.COM - USB Keyboard And PS/2 Keyboard Driver.) -- C:\Program Files\Trust\Trust R-Series Mouse\KMConfig.exe [397312] [PID.2524]
[MD5.A63E46BECDDC697FF9C086D7AACBB0BE] - (.cyberlink - brs.) -- C:\Program Files\CyberLink\Shared Files\brs.exe [75048] [PID.2588]
[MD5.23479CC4EB2E0A22299D6F4F30C5851F] - (...) -- C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe [694008] [PID.2616]
[MD5.ECA139131FC9D36F92D81F85A1E08408] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\MonitorSoftware\jre\bin\javaw.exe [135168] [PID.2640]
[MD5.0AAB8C2C7012CDFFE719C6FDF83EDF87] - (...) -- C:\Program Files\Portrait Displays\Pivot Software\floater.exe [694008] [PID.2776]
[MD5.0A15E929756AB59EEE6115996BF09313] - (.Macrovision - LaunchAnywhere.) -- C:\Program Files\MonitorSoftware\wpRMI.exe [114688] [PID.2792]
[MD5.F0CAE8186C27E930261C2EE6FAE8B102] - (.UASSOFT.COM - Keyboard And Mouse Processing.) -- C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe [327680] [PID.2848]
[MD5.0A15E929756AB59EEE6115996BF09313] - (.Macrovision - LaunchAnywhere.) -- C:\Program Files\MonitorSoftware\monitor.exe [114688] [PID.2468]
[MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360] [PID.2948]
[MD5.1F29FCA528DD88DAF85C529C7194B5DA] - (.Portrait Displays, Inc - HP My Display.) -- C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe [336384] [PID.2968]
[MD5.0E0D415613C24E4382FAEF36669D60C8] - (.Portrait Displays Inc. - Context Menu Utility.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe [114688] [PID.3040]
[MD5.B7614F58B6D2AE8EFADE3A6E0916E49D] - (...) -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe [20572] [PID.2640]
[MD5.745A13EB241A081431C6FD26EB85367F] - (.Hewlett-Packard - Hewlett-Packard T-TR Status Client.) -- C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe [212992] [PID.3488]
[MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe [67128] [PID.4736]
[MD5.275CA9517BA62BBD9DE2FB43830C07B1] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [184320] [PID.4228]
[MD5.64CF691CE6957C44E495031C3C8319FC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [610304] [PID.3640]
[MD5.8FC85C14B6316745670816F98693A100] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [262144] [PID.3284]
[MD5.5A9EC2534F85163841F46000F281A3EE] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cis.exe [7689432] [PID.4916]
[MD5.53091911AB458088CF2BB5101B0AC184] - (.Microsoft Corporation - Microsoft Photo Editor.) -- C:\Users\admin\Documents\Microsoft PHOTO EDITOR\PHOTOED.exe [790528] [PID.2544]
[MD5.C06C9EC74A0971A31A40723432201C86] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8206336] [PID.4876]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5252]
[MD5.F8068FD29809634B6BB2DF5AB9E30AC9] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 347.8.) -- C:\Windows\system32\nvvsvc.exe [670352] [PID.1032]
[MD5.C9362AB376E06F0F91CD48A03D5B4E80] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4351816] [PID.1132]
[MD5.EDBA1382E5D7D1E71442B43E170CF8D4] - (.Creative Technology Ltd - Creative Audio Service.) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe [423424] [PID.1372]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Servizio gestione licenze software Microsof.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1400]
[MD5.62B56B55E6B310187BD41E23BB9F1FCD] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [973456] [PID.1996]
[MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.3744]
[MD5.73686FE0B2E0469F89FD2075BE724704] - (.Apple Computer, Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [229376] [PID.3788]
[MD5.1DB483097AA009C069CAFEBDAB4C57F3] - (...) -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [69632] [PID.3804]
[MD5.DEB82AF183F1CD06813D91ED104C645C] - (...) -- c:\hp\HPEZBTN\HPBtnSrv.exe [198240] [PID.3904]
[MD5.204A73A56751C68C6031E9D5D611EC98] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.3968]
[MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [112152] [PID.4004]
[MD5.A4A9ADB8E7005785D2C1F4FF8C7B70BB] - (.UASSOFT.COM - Keyboard And Mouse Communication Service.) -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe [208896] [PID.4032]
[MD5.83D8BE94E1CBCBE2EA8372DB1A95A159] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.4056]
[MD5.1BDB34A492109198CAB0575F2743BE70] - (.Seagate Technology LLC - Sync Windows Services.) -- C:\Program Files\Maxtor\Sync\SyncServices.exe [193888] [PID.4068]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.2432]
[MD5.7A8FD91FD806B1EB1743898DF4C6477A] - (.No owner - Reflect Service - Enables mounting of image.) -- C:\Program Files\Macrium\Reflect\ReflectService.exe [220824] [PID.2964]
[MD5.2FCEAD838E64A79250046DD2A15B6A8A] - (.No owner - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [241734] [PID.1852]
[MD5.0A15E929756AB59EEE6115996BF09313] - (.Macrovision - LaunchAnywhere.) -- C:\Program Files\MonitorSoftware\wpRMI.exe [114688] [PID.2792]
[MD5.14B21C1E09A79B89C49B47ED4021F486] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe [455384] [PID.1360]
~ Processes Running: Scanned in 00mn 03s
---\\ Mozilla Firefox, plugin, start, cerca, estensioni (P2, M0, M1, M2, M3)
M0 - MFSP: prefs.js [admin - 73b02pu3.default] http://startpage.com
M2 - MFEP: prefs.js [admin - 73b02pu3.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20131118 (..)
M2 - MFEP: Extension [admin - 73b02pu3.default] {73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
M2 - MFEP: Extension [admin - 73b02pu3.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-it.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-it.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\hoepli.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-it.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-it.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (...) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (.not file.)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.31211.0.) -- c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (...) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (.not file.)
P2 - FPN: [HKLM] [Adobe Acrobat] - (...) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (.not file.)
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 26 Scanned in 00mn 00s
---\\ Internet Explorer, start, cerca, URLSearchHook, Phishing (R0, R1, R3, R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startpage.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.10.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 14 Scanned in 00mn 00s
---\\ Internet Explorer, gestione Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analisi delle linee F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects da browser (O2)
O2 - BHO: Increase performance and video formats for your HTML5
