~ Rapport de NCDiag v2014.9.2.108 - Copyright ©2014 - Nicolas Coolman, Tous droits réservés ~ Emplacement rapport : C:\Users\Alexandra\AppData\Roaming\ZHP\NCDiag.txt ~ Lancé par Alexandra (07/09/2014 - 10:42:09) ~ Adresse du Site Web : http://nicolascoolman.fr ~ Etat de la version : OK ~ Liste blanche : Désactivée par le programme ~ User Account Control (UAC): Activé par l'utilisateur ~ Elévation des Privilèges : OK ---\\ Navigateurs Internet MSIE: Internet Explorer v8.0.7600.16385 (Default) GCIE: Google Chrome v37.0.2062.103 MFIE: Mozilla Firefox (3.6.8) ---\\ Informations sur les produits Windows ~ Langage: Français Microsoft Windows 7 Professional Edition (build 7600), 32-bit Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, OEM_SLP channel Windows ID Activation : OK ~ Windows Partial Key : 6P6GT Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Informations sur le système ~ Operating System: 32 Bits ~ Boot Mode: Normal (Normal boot) System Restore: Activé (Enable) Total RAM: 1782 MB (31% free) ---\\ Mode de connexion au système ~ Nom d'Ordinateur: ALEXANDRA-PC ~ Nom d'utilisateur: Alexandra ~ Nom des utilisateurs: Alexandra,Public, ~ Connecté en administrateur ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (System) ( Free 33 Go of 80 Go) D: Hard drive, Flash drive, Thumb drive ( Free 63 Go of 100 Go) ---\\ Logiciels de protection du système Windows Defender W7 (Activate) avast! Free Antivirus v9.0.2021 Malwarebytes Anti-Malware version 2.0.2.1012 ---\\ Variables d'environnement ~ %SYSTEMDRIVE% = C: ~ %USERPROFILE% = C:\Users\Alexandra ~ %APPDATA% = C:\Users\Alexandra\AppData\Roaming ~ %DESKTOP% = C:\Users\Alexandra\Desktop ~ %FAVORITES% = C:\Users\Alexandra\Favorites ~ %LOCALAPPDATA% = C:\Users\Alexandra\AppData\Local ~ %STARTMENU% = C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu ~ %WINDIR% = C:\Windows ~ %SYSTEM% = C:\Windows\System32 ~ %PROGRAMFILES% = C:\Program Files ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] EnableLUA: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\svc] FirewallOverride: OK [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Recherche particulière de fichiers génériques [MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [2614784] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.6A02CB2EDC24630845D11B507952141A] - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [981504] [MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [285696] [MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [193024] [MD5.D8714A5FB3141F8226D16861F20C5AC4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19968] [MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656] [MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544] [MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336] [MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888] [MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123392] [MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904] [MD5.A8F59428E9F361C7AC42A94AC1560BC9] - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1210728] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] [MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133120] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168] [MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74240] [MD5.59F06B4968E58BC83DFC56CA4517960E] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [245616] ---\\ Processus lancés [MD5.BDF37B36AC60A7D97161A103B14CEE65] - (...) --C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392] [MD5.EA6EADF6314E43783BA8EEE79F93F73C] - (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe [1173504] [MD5.D3F78E38C39AB0E7358735717FB52EAE] - (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe [1563440] [MD5.760ACD103FFB86AD65DC41CDEB08ABCF] - (...) --C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560] [MD5.286554883DEC5E022C2DB48018D9C83E] - (.Samsung - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568] [MD5.3CF9C32FCBEEEB1011B330328DDB8476] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200] [MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [MD5.20CB286C4591EEA68778CA6626D70D47] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272] [MD5.F0CE006E1D14F45959985A05F8E81204] - (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816] [MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896] [MD5.08E7173D1B74095335052459200CB1EA] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe [421888] [MD5.603668084332DDB58D8C5AACE30B04FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [MD5.3CF9C32FCBEEEB1011B330328DDB8476] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200] [MD5.3CF9C32FCBEEEB1011B330328DDB8476] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200] [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [MD5.827DBC22C96EECF6D36A13162FABAFD3] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe [81920] [MD5.6B73E94F9FE82D45781B8C8A09483082] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384] [MD5.5544D66F9A0CFF5429F7A750929407E9] - (.DigitalPersona, Inc. - DigitalPersona Local Host.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808] [MD5.0796C1E47ADB9825269E64B9DAB4E741] - (.Teruten - FsUsbDevice.) -- C:\Windows\system32\FsUsbExService.Exe [233472] [MD5.17938B727F5135147BCCABB723EDFF45] - (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [437080] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [MD5.58C91CCA61A948DC6E789C93C05A1D6F] - (.Hewlett-Packard - HP Health Check Service.) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344] [MD5.F2889318AB3CD87CCA17CB3769CDC1E4] - (.Hewlett-Packard - HPPA_Service.) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [103992] [MD5.9ABD12FCE4A62905731C286BB1D66789] - (.Hewlett-Packard - HPPA_Service.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [102968] [MD5.8205DA7B4191ACD96F76B81E42945754] - (.Hewlett-Packard - HPFSService Application.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984] [MD5.4D94F4D7782657E79EB1352570B563DB] - (.Hewlett-Packard Company - hpHotkeyMonitor Service.) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248] [MD5.C0BEB56ED79B59B7B33D0AA6C38A0BA6] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\system32\Hpservice.exe [26168] [MD5.3503F257B3203F824B1567238EBE17E2] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [MD5.7060C98E81EB082C2AEC2491CCD41A02] - (...) - C:\Program Files\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [3211264] [MD5.885A246D436D8040584A23F7C7F36347] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [635416] [MD5.050A4112B00BCA2E13314CDE48C1DEEE] - (.Skype Technologies - Skype Updater Service.) -- C:\Program Files\Skype\Updater\Updater.exe [315008] [MD5.9C1EA4217DC30E085F8418474DCC3616] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458] [MD5.C92E13E0DB1548455CFFC4AAF80FDFE7] - (.ArcSoft, Inc. - ArcVCapture.) -- C:\Windows\system32\uArcCapture.exe [506472] [MD5.8C72E0E88E5A1A70691135864F2F7F1B] - (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) -- C:\Windows\system32\vcsFPService.exe [1664304] ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\systempropertiesperformance.exe ~ 3 Internet Explorer Management found in 0 second(s) ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [User Data\Default][HomePage] 17D4D2D588A4C766B1B4FB31CA4F0E8F9363ECCDE75F7370AA50F1AFF0A51FAE", G1 - GCS: Preference [User Data\Default] None G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] GoogleStore v.0.2 ( Désactivé ) G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.7 ( Activé ) G2 - GCE: Preference [User Data\Default] [bepbmhgboaologfdajaanbcjmnhjmhfn] Google Voice Search Hotword (Beta) v.0.1.1.5023, ( Activé ) G2 - GCE: Preference [User Data\Default] [dnhpdliibojhegemfjheidglijccjfmc] hotword helper v.0.0.2.0 ( Désactivé ) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 ( Désactivé ) G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.7.13, ( Activé ) G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2022.121, ( Activé ) =>.© G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 ( Désactivé ) G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, ( Désactivé ) G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 ( Désactivé ) =>.© G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] GoogleWallet v.0.0.6.1 ( Activé ) =>.© G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 ( Désactivé ) ~ 19 Google Chrome Management found in 0 second(s) ---\\ Liste des dossiers d'extension Google Chrome G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\aohghmighlieiainnegkcijnfilokake [Google Docs] G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\bepbmhgboaologfdajaanbcjmnhjmhfn [Google Voice Search Hotword (Beta)] G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\gighmmpiobklfepjocnamgkkbiglidom [AdBlock] G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security] G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\nmmhkkegccagdldgiimedpiccmgmieda [GoogleWallet] ~ 5 Google Chrome Extension Folfers found in 0 second(s) ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M0 - MFSP: prefs.js [Alexandra - 0gn4hl14.default] http://www.google.fr M3 - MFPP: Plugins - [Alexandra] -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0gn4hl14.default\chrome P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla FireFox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape .) -- C:\Program Files\Mozilla FireFox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla FireFox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla FireFox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.775.) -- C:\Program Files\Mozilla FireFox\Plugins\nprpjplug.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (Adobe® Flash® Player 14.0.0.145 Plugin) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (iTunes Application Detector) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (Google Earth Plug-in) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_37] - () -- C:\Windows\system32\npdeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (Oracle® Java™ Plug-In) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (Ag Player) -- C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.775] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.775] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - () -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.775] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (Google Update) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (Google Update) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.3] - () -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [Adobe Reader] - (Adobe Reader Plugin for Firefox) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll ~ 27 Mozilla Firefox Preference found in 0 second(s) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com =>.© Microsoft Corp. R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr =>.© Google Inc. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com =>.© Microsoft Corp. R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) - C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0 ~ 13 Internet Explorer Management found in 0 second(s) ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local ~ 5 Proxy Management found in 0 second(s) ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File Scanned in 0 seconds ~ Nombre de lignes malwares (Malware Number Lines) : 0/21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} . (.DigitalPersona, Inc. - DigitalPersona OTS Feedback component.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll =>Toolbar.Avast O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ 5 Browser Helper Objects found in 0 second(s) ---\\ Scan Additionnel (O88 ) Database Version : 13036 (30/03/2014) Clés trouvées (Keys found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 1 C:\Windows\Prefetch\QUICKSTART.EXE-3151A650.pf =>PUP.QuickStart ~ Additionnal Scan: 186859 Items scanned in 8 seconds ---\\ Script de nettoyage avec ZHPFix Script ZHPFix FirewallRaz EmptyPrefetch EmptyTemp EmptyFlash [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch C:\Windows\Prefetch\QUICKSTART.EXE-3151A650.pf =>PUP.QuickStart ~ ATTENTION, ce script est donné à titre indicatif, il doit étre validé par un expert diplômé en désinfection. ~ 10 ZHPFix Script Files found in 0 second(s) ---\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.fr/hijacker-ihavenet =>Hijacker.iHavenet ~ http://nicolascoolman.fr/pup-quickstart =>PUP.QuickStart ~ http://nicolascoolman.fr/adware-megasearch =>Adware.MegaSearch ~ MSI: 3 link(s) detected ~ End of the scan (0/1265 lines) in 66 seconds)