cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.5.11.97 par Nicolas Coolman, Update du 11/05/2013
Run by Ez�chiel at 13/05/2013 17:24:00
State : Nouvelle version disponible
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16540 (Defaut)
MFIE: Mozilla Firefox 20.0.1
GCIE: Google Chrome v26.0.1410.64

---\\ Windows Product Information
~ Langage: Fran�ais
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : 6CKVT
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8

---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd

---\\ Peer To Peer (P2P)
Vuze v4.9.0.0 =>P2P.Azureus

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 17
Java 7 Update 21

---\\ System Information
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8063 MB (74% free)
System Restore: Activ� (Enable)
System drive C: has 1387 GB (75%) free of 1848 GB

---\\ Logged in mode
~ Computer Name: BREUB
~ User Name: Ez�chiel
~ All Users Names: UpdatusUser, HomeGroupUser$, Ez�chiel, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Ez�chiel\AppData\Roaming\
~ %Desktop% : C:\Users\Ez�chiel\Desktop\
~ %Favorites% : C:\Users\Ez�chiel\Favorites\
~ %LocalAppData% : C:\Users\Ez�chiel\AppData\Local\
~ %StartMenu% : C:\Users\Ez�chiel\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 1387 Go of 1848 Go)
D:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 27 Legitimates Filtered in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.27/01/2013 - 00:39:03.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.27/01/2013 - 00:38:57.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioth�que de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.27/01/2013 - 00:38:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parall�le.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de p�riph�rique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/35
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 1/165773
~ Mon Bureau (My Desktop) : 2/6564
~ Menu demarrer (Programs) : 1/41
~ Hidden Files: Scanned in 01mn 03s



---\\ Processus lanc�s
[MD5.724CB7A116F7E1A67009D751BCF86586] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120] [PID.5048]
[MD5.9388FBA0B9985B18B3693A32B530A16B] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888] [PID.4184]
[MD5.7189E14F5DFB0CC7F426FC42F5389335] - (.cyberlink - brs.) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe [76912] [PID.4212]
[MD5.872B3D5F6F9F9BDFD6A83EE8AA5824B4] - (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632] [PID.4208]
[MD5.76A3A30B58405C2C6D833895253A51A9] - (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files (x86)\QuickTime\qttask.exe [98304] [PID.4124]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.3844]
[MD5.883B2E1341E5BE906A7507308A6636DF] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.4312]
[MD5.8B3FD7B305F0DFF41C2B4DBCA7D4CE74] - (.SoftThinks - Dell - Dell Backup And Recovery Update Launcher.) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe [492904] [PID.2924]
[MD5.6D8A66D551A332DF0A1716272EC4ED50] - (.SoftThinks - Dell - Dell Backup And Recovery Toaster.) -- C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.exe [4047208] [PID.4924]
[MD5.C4A0673606F8A4D912646E2778630BDD] - (.Azureus Software, Inc - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe [316360] [PID.5604] =>P2P.Azureus
[MD5.AA59B15F83B24D0C709CDE556FB4F842] - (...) -- C:\Users\Ez�chiel\AppData\Roaming\winlogon\scvhost.exe [460800] [PID.4676]
[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.6440]
[MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.5964]
[MD5.D719477489E4EF1B987E5525D608F2A5] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe [1855880] [PID.2828]
[MD5.44B23B3FA81CD7E0197D5F1AA3611A8E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7307264] [PID.2408]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Ez�chiel\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [knfjealnimdkfoblidcgfkkmpgifijdn] rcplugin v.0.1 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [nchpfiddbhbdnagofhkjlaiaejmkdcla] Helper extension v.1.4 (D�sactiv�)
~ Google Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Ez�chiel\AppData\Roaming\Mozilla\Firefox\Profiles\7qm5se36.default\prefs.js
M2 - MFEP: prefs.js [Ez�chiel - 7qm5se36.default\NPCamfrogWeb@camfrogweb.com] [] Camfrog Web Plugin for Mozilla Firefox v2,0,18,111 (..)
M2 - MFEP: prefs.js [Ez�chiel - 7qm5se36.default\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}] [] Flash and Video Download v1.32 (..)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc\npMcSnFFPl64.dll
~ Firefox Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 25



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: PopupBlockerBHO.CPopupBlockerBHO [64Bits] - {0D929918-C804-4756-B0AC-640EF3F061E9} . (.aa - Pas de description.) -- C:\Program Files (x86)\SmartPopupBlocker\PopupBlockerBHO.dll
O2 - BHO: IE AdBlock [64Bits] - {46B37057-5BA8-4014-B28D-6448FD171A3E} . (.CatenaLogic - Internet Explorer Browser Extension to bloc.) -- C:\Program Files (x86)\IE AdBlock\IE AdBlock.dll
~ BHO: 6 Legitimates Filtered in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [winlogon] . (...) -- C:\Users\Ez�chiel\AppData\Roaming\winlogon\CCleanerstartup.bat =>Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer_For_P2G8] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
O4 - HKLM\..\Wow6432Node\Run: [CLVirtualDrive] . (.CyberLink Corp. - CyberLink Virtual Drive.) -- C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [BDRegion] . (.cyberlink - brs.) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [ISUSScheduler] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Computer, Inc. - Pas de description.) -- C:\Program Files (x86)\QuickTime\qttask.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: myCinema.lnk . (...) -- C:\Users\Ez�chiel\Downloads\myCinema_v1.10.4.jar
O4 - GS\Desktop: Ordinateur.lnk - Cl� orpheline
~ Global Startup: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D678C1B-CEF5-4E78-9EBF-81740F0400B6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{614FD7E0-4E0C-4A61-A860-F2CE87751D22}: DhcpNameServer = 10.72.0.72 10.72.0.73
O17 - HKLM\System\CCS\Services\Tcpip\..\{614FD7E0-4E0C-4A61-A860-F2CE87751D22}: DhcpDomain = lcj.emea.dell.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D678C1B-CEF5-4E78-9EBF-81740F0400B6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{614FD7E0-4E0C-4A61-A860-F2CE87751D22}: DhcpNameServer = 10.72.0.72 10.72.0.73
O17 - HKLM\System\CS1\Services\Tcpip\..\{614FD7E0-4E0C-4A61-A860-F2CE87751D22}: DhcpDomain = lcj.emea.dell.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\NVIDIA~1\3DVISI~1\NVSTIN~1.dll (.not file.)
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) . (.Dell Products, LP. - Dell Digital Delivery Windows Service.) - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services: 23 Legitimates Filtered in 00mn 02s



---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [286]
[MD5.07605ABEB10FC533881C91F19DECF69A] [APT] [AutoKMS] (...) -- C:\windows\AutoKMS\AutoKMS.exe [1923584]
[MD5.643A275BF9B51650CABE8BA22E31B3BD] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe [426600]
[MD5.78E8580D5C32E9627D1B69761B76ED72] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [1186376]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 05s



---\\ Logiciels install�s (O42)
O42 - Logiciel: Alien Spidy - (...) [HKLM][64Bits] -- Alien Spidy_is1
O42 - Logiciel: De Blob (alleen verwijderen) - (...) [HKLM][64Bits] -- De_Blob_EN
O42 - Logiciel: Lollipop - (...) [HKCU][64Bits] -- cpesobq =>Adware.Lollipop
O42 - Logiciel: Smart Popup Blocker version 1.20 - (...) [HKLM][64Bits] -- Smart Popup Blocker_is1
O42 - Logiciel: Solace - February 2011 - (.DigiPen Institute of Technology.) [HKLM][64Bits] -- {3DE19DBA-6F79-4E14-AE0B-1833B26DD184}_is1
O42 - Logiciel: The Bridge - (...) [HKLM][64Bits] -- The Bridge_is1
O42 - Logiciel: The Klub 17 - (.Team K17.) [HKCU][64Bits] -- The Klub 17
O42 - Logiciel: Vessel - (...) [HKLM][64Bits] -- Vessel_is1
~ Logic: 125 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\EMPIRE]
[HKCU\Software\ENJMIN]
[HKCU\Software\Enigma SP]
[HKCU\Software\FANiSO]
[HKCU\Software\Grupp 1]
[HKCU\Software\Richard E Flanagan]
[HKCU\Software\TeamK17]
[HKLM\Software\Wow6432Node\smartpopupblocker]
~ Key Software: 230 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/03/2013 - 13:14:20 - [1073,318] ----D C:\Program Files (x86)\Alien Spidy
O43 - CFD: 05/03/2013 - 06:40:20 - [627,664] ----D C:\Program Files (x86)\Antichamber
O43 - CFD: 17/03/2013 - 09:49:46 - [235,664] ----D C:\Program Files (x86)\De Blob
O43 - CFD: 22/03/2013 - 00:08:05 - [1040,967] ----D C:\Program Files (x86)\Dr.Kawashima
O43 - CFD: 17/03/2013 - 09:21:35 - [333,006] ----D C:\Program Files (x86)\PaperPlane
O43 - CFD: 21/02/2013 - 11:05:07 - [0,353] ----D C:\Program Files (x86)\SmartPopupBlocker
O43 - CFD: 26/02/2013 - 10:31:28 - [1454,792] ----D C:\Program Files (x86)\Strange Loop Games
O43 - CFD: 05/03/2013 - 06:50:49 - [495,640] ----D C:\Program Files (x86)\The Bridge
O43 - CFD: 04/04/2013 - 22:51:39 - [0,015] ----D C:\Users\Ez�chiel\AppData\Roaming\com.northwayGames.Incredipede
O43 - CFD: 05/03/2013 - 06:51:41 - [0,002] ----D C:\Users\Ez�chiel\AppData\Local\FANiSO
O43 - CFD: 17/03/2013 - 13:14:13 - [3,774] ----D C:\Users\Ez�chiel\AppData\Local\Films
O43 - CFD: 17/03/2013 - 09:48:50 - [0] ----D C:\Users\Ez�chiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\De Blob (English)
O43 - CFD: 22/03/2013 - 00:08:05 - [0,005] ----D C:\Users\Ez�chiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D�fi C�r�bral du Dr. Kawashima
~ Program Folder: 208 Legitimates Filtered in 00mn 41s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.0F1FFAF9DCAAD24E1820B9681F1F9943] - 12/05/2013 - 11:10:06 ---A- . (...) -- C:\Windows\ODBC.INI [136]
~ Files: 19 Legitimates Filtered in 02mn 10s



---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Cl� orpheline
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
O58 - SDL:[MD5.CBBD8F724C6C0B3D05477BB5C982D4B8] - 14/06/2012 - 02:41:10 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athw8x.sys [3578368]
~ Drivers: Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.EBE4B268C8850C5C83D93BECDE898259] [SPRF][13/05/2013] (...) -- C:\Users\Ez�chiel\AppData\Local\Temp\051b2b6f.exe [600415]
[MD5.0E771375445E13429E68CAE720A48B72] [SPRF][13/05/2013] (...) -- C:\Users\Ez�chiel\AppData\Local\Temp\i4jdel0.exe [35224]
[MD5.87985DD2DF21D17B8247CAC3896E2DD4] [SPRF][27/01/2013] (.Pas de propri�taire - Danceonmoon.) -- C:\Users\Ez�chiel\AppData\Local\Temp\msyozov.com [849213]
[MD5.82A2D4C1C3E2C19996EC5002E77029A2] [SPRF][07/05/2013] (.Macromedia, Inc. - Macromedia Flash Player 7.0 r14.) -- C:\Users\Ez�chiel\AppData\Roaming\secret fantaisy dream 2.exe [35380382]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]
[MD5.A7226E3C773911C7687299B3E2284CAB] [SPRF][13/04/2004] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [307200]
~ Files: Scanned in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : v2.12078 - (11/05/2013)
Cl�s trouv�es (Keys found) : 3
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C8B5FB7CB5DD447A0BAAAF637FBD77] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF96568971BEAC14B8815883832BD484] =>PUP.ClaroSearch
~ Additionnel Scan: 292186 Items scanned in 00mn 16s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 19/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SS - | Auto 13/07/2012 236144 | (CLKMSVC10_38F51D56) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
SS - | Demand 06/10/2012 277024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 13/03/2013 187912 | (DellDigitalDelivery) . (.Dell Products, LP..) - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
SS - | Auto 05/02/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/02/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 01/09/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 19/06/2012 634632 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 19/07/2012 166720 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 19/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 26/01/2012 332080 | (McAWFwk) . (.McAfee, Inc..) - C:\Program Files\mcafee\msc\McAWFwk.exe
SR - | Auto 31/08/2012 201304 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 201304 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 201304 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SS - | Demand 05/02/2013 384048 | (McODS) . (.McAfee, Inc..) - C:\Program Files\mcafee\VirusScan\mcods.exe
SS - | Disabled 31/08/2012 201304 | (McOobeSv) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 201304 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
SR - | Auto 19/02/2013 241456 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
SR - | Auto 19/02/2013 218760 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 19/02/2013 182752 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SS - | Demand 12/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 15/03/2013 877856 | (nvsvc) . (.NVIDIA Corporation.) - C:\windows\system32\nvvsvc.exe
SR - | Auto 15/03/2013 1266464 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 254512 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 26/11/2012 1914728 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
SR - | Auto 14/03/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 19/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SS - | Demand 27/01/2013 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/06/2012 77824 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services: Scanned in 00mn 03s



~ 1049 Legitimates filtered by white list
End of the scan (420 lines in 04mn 41s)(0)

Publicité


Signaler le contenu de ce document

Publicité