cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.11.19.165 - Nicolas Coolman (19/11/2014)
~ Lancé par canto.85 (22/11/2014 18:29:58)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17420
MFIE: Mozilla Firefox 33.1.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : HKCFH
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.0.3.1025
McAfee Security Scan Plus v3.0.318.3
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v4.19

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 15 Plugin
Adobe Reader XI

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3327.6 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 16 GB (14%) free of 111 GB

---\\ Mode de connexion au système
~ Computer Name: CANTO85-PC
~ User Name: canto.85
~ All Users Names: lfgqfgephx, HomeGroupUser$, canto.85, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\canto.85\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\canto.85\AppData\Roaming\
~ %Desktop% : C:\Users\canto.85\Desktop\
~ %Favorites% : C:\Users\canto.85\Favorites\
~ %LocalAppData% : C:\Users\canto.85\AppData\Local\
~ %StartMenu% : C:\Users\canto.85\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 16 Go of 111 Go)
D: Hard drive, Flash drive, Thumb drive (Free 91 Go of 117 Go)
E: Hard drive, Flash drive, Thumb drive (Free 116 Go of 228 Go)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.6DD7D61A8EF3DFEC4FAEFEB395E77424] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/11/2014 - 02:52:35.) -- C:\Windows\System32\wininet.dll [1892864]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 02:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/13
~ Mes musiques (My Musics) : 1/119
~ Mes Favoris (My Favorites) : 0/63
~ Mes Documents (My Documents) : 0/2410
~ Mon Bureau (My Desktop) : 0/233
~ Menu demarrer (Programs) : 0/114
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lancés
[MD5.F89773DFA9B8C95A3AC2AF1E7D99E483] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [7229752] [PID.5500]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.5608]
[MD5.A2418D3C557C0A0C634DA713A8AC3789] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336] [PID.5912]
[MD5.28CE08B7BFED7586163957C6D942012A] - (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe [676520] [PID.5960]
[MD5.20ABFA7F188092C92573DAC2E6C7C6B7] - (.Lexmark International Inc. - Lexmark Fast Pics Application.) -- C:\Program Files\Lexmark 5600-6600 Series\ezprint.exe [131752] [PID.5064]
[MD5.1E85A77A3AA930C0681939A354D7EAA0] - (.Lexmark International, Inc. - Lexmark 1200 Series Button Manager.) -- C:\Program Files\Lexmark 1200 Series\LXCZbmgr.exe [74408] [PID.4268]
[MD5.8ADDE007EC6220C41C7B10DB15A10BC8] - (.Lexmark International, Inc. - Lexmark 1200 Series Button Monitor.) -- C:\Program Files\Lexmark 1200 Series\lxczbmon.exe [58024] [PID.5128]
[MD5.42E4E281D9646F15E5C4D0CFD61CE684] - (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192] [PID.4204]
[MD5.0F01BAC5042F046553D2EC0EE5E52B81] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5075104] [PID.5328]
[MD5.BB6D3748D86BC02D55ADD8ADC1D07633] - (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe [835288] [PID.1064]
[MD5.4B9949208944C50B1A16FD1F05ED0A04] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [299008] [PID.6416]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] - (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\canto.85\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [PID.7124]
[MD5.550B8CB98A8FA1D7A1A7371055A38DDA] - (...) -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [265240] [PID.7448]
[MD5.1A42F95615006278BC60D88118A1B696] - (.FireStarter - PrtScr.) -- E:\Program Files\PrtScr\PrtScr.exe [1700864] [PID.8092]
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe [884744] [PID.6180]
[MD5.12220BA871C6D7BAE08FFDD137BAB697] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Users\Public\temp\TeamViewer\Version9\TeamViewer.exe [13559056] [PID.7008]
[MD5.CB60C7455AC362CAA58458A613908B7F] - (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe [476056] [PID.7432]
[MD5.072678E0D68E9C3A7960328671134C7B] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [54240] [PID.7960]
[MD5.484B7846C119008DE39350B6952AF55D] - (.Orange - Executable Orange Inside.) -- C:\Users\canto.85\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1554072] [PID.7880]
[MD5.7B1D16E62307390371535CB2F2329001] - (.Orange - Assistance Livebox.) -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe [149824] [PID.7936]
[MD5.D87E0BF2E8BB7E5C49E79F32F8FEAFC4] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [4826904] [PID.7952]
[MD5.C64E9B1C9EA057DCECDCB98F34377811] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe [228552] [PID.8084]
[MD5.902054D6B4292329F9594FFF24EE02DB] - (...) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [680984] [PID.7920]
[MD5.A9950F1C63BA70151803C6F24CEE23F3] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299008] [PID.5304]
[MD5.EC60E6667477E8D816C47F5605799B20] - (.American Power Conversion Corporation - PowerChute System Tray Power Icon.) -- C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe [656640] [PID.7820]
[MD5.7115853FF96289DF7F65FB6B68E095ED] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.8008]
[MD5.72EC207C0B943180A368DB4B16D92793] - (.Orange - Assistance Livebox.) -- C:\Program Files\Orange\Assistance Livebox\dist\ST2.exe [13494592] [PID.8016]
[MD5.8180FF8E683B8A997746143F6286B668] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8129536] [PID.8132]
~ Processes Running: Scanned in 00mn 30s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\canto.85\AppData\Roaming\Mozilla\Firefox\Profiles\ecpio4ij.default\prefs.js (.not file.)
C:\Users\canto.85\AppData\Roaming\Mozilla\Firefox\Profiles\jif98jma.default-1415917771004\prefs.js
C:\Users\canto.85\AppData\Roaming\Mozilla\Firefox\Profiles\jif98jma.default-1415917771004\user.js
M2 - MFEP: Extension [canto.85 - ecpio4ij.default] {676ff95e-2211-4858-bcb9-811bda93b355}
M2 - MFEP: Extension [canto.85 - jif98jma.default-1415917771004] {676ff95e-2211-4858-bcb9-811bda93b355}
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.7] - (...) -- C:\Program Files\VideoLAN\VLC\npvlc.dll (.not file.)
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "HonorAutoRunSetting"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=0
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:12/10/2006 - 10:33:58 ---A- . (...) -- C:\Windows\System32\Drivers\ASUSHWIO.SYS [10288]
O58 - SDL:07/08/2009 - 07:42:36 ---A- . (...) -- C:\Windows\System32\Drivers\CAMTHWDM.sys [1053056]
O58 - SDL:11/05/2010 - 11:00:34 ---A- . (.Windows (R) Win 7 DDK provider - CPUID Driver.) -- C:\Windows\System32\Drivers\cpuz133_x32.sys [20072]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:12/09/2012 - 09:33:46 ---A- . (.Windows (R) Win 7 DDK provider - Kinoni Virtual Audio Device.) -- C:\Windows\System32\Drivers\kinonivad.sys [18432]
O58 - SDL:12/09/2012 - 09:33:52 ---A- . (.Windows (R) Win 7 DDK provider - AVStream Simulated Hardware Sample.) -- C:\Windows\System32\Drivers\kinonivd.sys [2782080]
O58 - SDL:07/05/2010 - 18:43:30 ---A- . (...) -- C:\Windows\System32\Drivers\LVPr2Mon.sys [25824]
O58 - SDL:20/07/2012 - 11:12:36 ---A- . (.ManyCam LLC - ManyCam Virtual Microphone.) -- C:\Windows\System32\Drivers\mcaudrv.sys [25088]
O58 - SDL:20/07/2012 - 11:11:58 ---A- . (.ManyCam LLC - ManyCam Virtual Webcam.) -- C:\Windows\System32\Drivers\mcvidrv.sys [34432]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [691696]
O58 - SDL:04/04/2010 - 13:01:51 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [5632]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:13/12/2012 - 13:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
O58 - SDL:28/09/2009 - 09:22:00 ---A- . (...) -- C:\Windows\System32\Drivers\yk62x86.sys [315392]
O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:07/04/2009 - 08:39:44 ---A- . (...) -- C:\Windows\System32\FsUsbExDisk.Sys [36608]
O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:18/01/2012 - 14:55:56 ----- . (...) -- C:\Windows\System32\pwdrvio.sys [16472]
O58 - SDL:18/01/2012 - 14:55:54 ----- . (...) -- C:\Windows\System32\pwdspio.sys [11104]
~ Drivers: 112 Legitimates Filtered in 00mn 13s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.SRWare - SRWare Iron.) -- C:\Program Files\SRWare Iron\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [canto.85 - jif98jma.default-1415917771004] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.18075B2C9F0F300BEE209744A8BEC353] [SPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32]
[MD5.169308DD5FBA9E9C34458248FBA135E4] [SPRF][28/05/2010] (...) -- C:\Windows\Downloaded Program Files\cfweb_activex.camfrogweb.com-advanced-2.0.2.20_instmodule.exe [99936]
[MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [SPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [741376]
[MD5.18075B2C9F0F300BEE209744A8BEC353] [SPRF][05/01/2009] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32]
[MD5.1B3C87DE7DDCFC23EDE7D41A49C7AC7C] [SPRF][17/05/2005] (.Winwise - WwGame.) -- C:\Windows\Downloaded Program Files\npwwg.dll [300032]
~ Files: 11 Legitimates Filtered in 00mn 02s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: Photos iCloud - {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{93CBE253-05D6-401D-BF63-E587913B5ED2}] (ULDOMNotation Class) =>Hijacker.Proxy
~ BCK: 6511 Legitimates Filtered in 00mn 13s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/11/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Auto 10/07/1658 0 | (BroadCamService) . (...) - C:\Program Files\NCH Software\BroadCam\broadcam.exe
SS - | Auto 13/08/2014 409304 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-Service.exe
SS - | Demand 10/07/1658 0 | (fsssvc) . (...) - C:\Program Files\Windows Live\Family Safety\fsssvc.exe
SS - | Demand 19/02/2011 30192 | (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 19/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 19/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 26/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 10/07/1658 0 | (iPod Service) . (...) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 20/07/2009 121360 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe
SS - | Demand 14/11/2011 311928 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Demand 15/11/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 15/09/2014 729608 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 31/08/2014 179200 | (Update service) . (.Company.) - C:\Program Files\Popcorn Time\Updater.exe
SS - | Disabled 10/07/1658 0 | (wlcrasvc) . (...) - C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
SR - | Auto 18/08/2011 819976 | (ABBYY.Licensing.FineReader.Professional.11.0) . (.ABBYY.) - C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe
SR - | Auto 23/09/2012 171600 | (AdobeActiveFileMonitor11.0) . (.Adobe Systems Incorporated.) - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
SR - | Auto 12/09/2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 16/11/2012 217088 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 05/11/2012 20992 | (ApacheServer) . (.Apache Software Foundation.) - D:\FILMS\wawamania films\SecureWAMP\Apache2\bin\httpd.exe
SR - | Auto 19/07/2007 689408 | (APC UPS Service) . (.American Power Conversion Corporation.) - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 13/08/2014 384728 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
SR - | Auto 13/08/2014 777944 | (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-UpdaterService.exe
SR - | Auto 02/08/2011 63488 | (CDMA Device Service) . (...) - C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
SR - | Auto 23/12/2010 19968 | (CronService) . (.Fork Ltd..) - C:\Prey\platform\windows\cronsvc.exe
SR - | Auto 17/10/2013 1970544 | (Dedicarz Service) . (...) - C:\Program Files\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
SR - | Auto 24/02/2014 1343408 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
SR - | Auto 12/09/2012 529408 | (KinoniSvc) . (...) - E:\EpocCam_and_Barcode_drivers\KinoniSvc.exe
SR - | Auto 19/04/2007 537520 | (lxcz_device) . (...) - C:\Windows\system32\lxczcoms.exe
SR - | Auto 16/10/2009 94208 | (lxduCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxduserv.exe
SR - | Auto 16/10/2009 589824 | (lxdu_device) . (...) - C:\Windows\system32\lxducoms.exe
SR - | Auto 01/10/2014 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 01/10/2014 968504 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 11/01/2013 8202752 | (MySQL) . (...) - D:\FILMS\wawamania films\SecureWAMP\mysql\bin\mysqld.exe
SR - | Auto 25/03/2010 490280 | (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe
SR - | Auto 17/05/2011 366872 | (PS3 Media Server) . (.Tanuki Software, Ltd..) - E:\PS3 Media Server\win32\service\wrapper.exe
SR - | Auto 12/09/2014 4799760 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Users\Public\temp\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 18/01/2012 450848 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 14s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [691696]
~ Emulateurs: Scanned in 00mn 14s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (19/11/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCR\CLSID\{93CBE253-05D6-401D-BF63-E587913B5ED2}] (ULDOMNotation Class) =>Hijacker.Proxy^
~ Additionnel Scan: 454469 Items scanned in 01mn 05s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy
~ MSI: 1 link(s) detected in 00mn 00s



~ 1446 Legitimates filtered by white list
End of the scan (619 lines in 03mn 37s)(0)