Apport de ZHPDiag v1.24.04 par Nicolas Coolman
Run by Administrateur at 11/11/2009 18:13:28
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v8.0.6001.18702
OPIE: Opera 10.01
MFIE: Mozilla Firefox (3.0.10)
Total RAM: 2048,0 Mb (76 % free)
System drive C: 142 Go (103 Go free)
---\\ Processus lancés
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe
c:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\services.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe
C:\WINDOWS\system32\lxducoms.exe
C:\WINDOWS\ehome\mcrdsvc.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\spoolsv.exe
---\\ Plugin du navigateur Opera (P1)
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\libdivx.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npdivx32.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\nppl3260.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin2.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin3.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin4.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin5.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin6.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\npqtplugin7.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\nprjplug.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\nprpjplug.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\NPSWF32.dll
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\NPSWF32_FlashUtil.exe
P1 - OPN:Opera Plugin Navigator - C:\Program Files\Opera\Program\Plugins\ssldivx.dll
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [lxdumon.exe] C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
O4 - HKLM\..\Run: [lxduamon] C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe
O4 - HKLM\..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1
O4 - HKLM\..\policies\Explorer: [LinkResolveIgnoreLinkInfo] Data=0
O4 - HKLM\..\policies\Explorer: [NoResolveSearch] Data=1
O4 - HKLM\..\policies\Explorer: [NoResolveTrack] Data=1
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=67108863
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=253
O4 - HKLM\..\policies\Explorer: [NoDrives] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun-] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun-] Data=0
O4 - HKLM\..\policies\Explorer: [NoFolderOptions] Data=0
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] c:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t
---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} () - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ARSVC (ARSVC) - C:\WINDOWS\arservice.exe
O23 - Service: Media Center Receiver Service (ehRecvr) - C:\WINDOWS\eHome\ehRecvr.exe
O23 - Service: Service de planification Media Center (ehSched) - C:\WINDOWS\eHome\ehSched.exe
O23 - Service: Google Updater Service (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: lxduCATSCustConnectService (lxduCATSCustConnectService) - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe
O23 - Service: lxdu_device (lxdu_device) - C:\WINDOWS\system32\lxducoms.exe -service
O23 - Service: Media Center Extender Service (McrdSvc) - C:\WINDOWS\ehome\mcrdsvc.exe
O23 - Service: Microsoft Antimalware Service (MsMpSvc) - c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Spouleur d'impression (Spooler) - C:\WINDOWS\system32\spoolsv.exe
End of the scan: 142 lines