cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.6.18.56 by Nicolas Coolman (2015\06\01)
~ Run by user (Administrator) (2015/06/19 07:05:53)
~ Site : http://nicolascoolman.com/fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version :
~ Type : Scanner
~ Report : C:\Users\user\Desktop\ZHPDiag.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)

---\\ Navigateurs Internet (3) - 1s
GCIE: Google Chrome v43.0.2357.124
MFIE: Mozilla v38.0.5
MSIE: Internet Explorer v11.0.9600.17843

---\\ Informations sur les produits Windows (11) - 18s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 4193848
~ System Restore: Activé (Enable)
~ System drive C: has 17 GB free of 51 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: VBOX
~ User Name: user
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 17 GB free of 51 GB (System)
~ Drive D: has GB free of 0 GB

---\\ Etat du Centre de Sécurité Windows (13) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (25/02/2011) -- C:\Windows\Explorer.exe [2871808]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (14/07/2009) -- C:\Windows\SysWOW64\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (14/07/2009) -- C:\Windows\SysWOW64\Wininit.exe [96256]
[MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (23/05/2015) -- C:\Windows\SysWOW64\wininet.dll [1950720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (21/11/2010) -- C:\Windows\SysWOW64\sppcomapi.dll [193536]
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) (12/04/2011) -- C:\Windows\SysWOW64\fr-FR\user32.dll.mui [20480]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (30/05/2014) -- C:\Windows\System32\drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (14/07/2009) -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (14/07/2009) -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (21/11/2010) -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (21/11/2010) -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (21/11/2010) -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (14/07/2009) -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (14/07/2009) -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (27/04/2011) -- C:\Windows\System32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (21/11/2010) -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (24/01/2014) -- C:\Windows\System32\drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (14/07/2009) -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (21/11/2010) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (21/11/2010) -- C:\Windows\System32\drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (14/07/2009) -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (11/11/2014) -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (21/11/2010) -- C:\Windows\System32\drivers\volsnap.sys [295808]

---\\ Processus lancés (17) - 4s
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - (.Microsoft Corporation - Processus d’exécution client-serveur.) -- C:\Windows\system32\csrss.exe [7680] [PID.376]
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - (.Microsoft Corporation - Processus d’exécution client-serveur.) -- C:\Windows\system32\csrss.exe [7680] [PID.424]
[MD5.71C85477DF9347FE8E7BC55768473FCA] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe [328704] [PID.520]
[MD5.9662EE182644511439F1C53745DC1C88] - (.Microsoft Corporation - Service du gestionnaire de session locale.) -- C:\Windows\system32\lsm.exe [343040] [PID.536]
[MD5.67605E9C96AEC4473F92C1F4D4AA7B08] - (.Oracle Corporation - VirtualBox Guest Additions Service.) -- C:\Windows\system32\VBoxService.exe [1780152] [PID.712]
[MD5.516E29AD03BDF610CC36A95AE692FE42] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1432]
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.EXE [2871808] [PID.1628]
[MD5.2B983F067AEE3F9EB4DF5E97F45D21D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120] [PID.2036]
[MD5.D25EEF58831D1CF2054616A85B6E26BC] - (.Oracle Corporation - VirtualBox Guest Additions Tray Application.) -- C:\Windows\System32\VBoxTray.exe [1538656] [PID.1588]
[MD5.D7794832C3361BFAF6A3AFB0FB0EB0B4] - (.SHADOWDEFENDER.COM - Shadow Defender Daemon Application.) -- C:\Program Files\Shadow Defender\DefenderDaemon.exe [500608] [PID.1972]
[MD5.7E212E742BF06BF678AE35E9C1B74B8F] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6212920] [PID.1472]
[MD5.A9F3BFC9345F49614D5859EC95B9E994] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows M.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248] [PID.2196]
[MD5.8007AF9F2434F390AA51F0A516B9756F] - (.Tweaking.com - Tweaking.com - Windows Repair Tray Icon.) -- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [66816] [PID.3980]
[MD5.E17E0188BB90FAE42D83E98707EFA59C] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\system32\sppsvc.exe [3524608] [PID.3632]
[MD5.773212B2AAA24C1E31F10246B15B276C] - (.Microsoft Corporation - Programme d’installation pour les modules W.) -- C:\Windows\servicing\TrustedInstaller.exe [194048] [PID.4068]
[MD5.923FE895B22B22A9CA03C72F3D15CE20] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.3664]
[MD5.B4408936DA5DA5941D62009C03944742] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\user\Desktop\ZHPDiag3.exe [1834496] [PID.2012]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (17) - 1s
P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll
P2 - FPN: [HKLM] [@microsoft.com/GENUINE] - (...) -- disabled
P2 - FPN: [HKLM] [@microsoft.com/Lync,version=15.0] - (.Microsoft Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (.Microsoft Corporation.) -- c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (15) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object de navigateur (BHO) (O2) (3) - 0s
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL

---\\ Applications lancées au démarrage du sytème (O4) (2) - 0s
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

---\\ Modification Domaine/Adresses DNS (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Liste des services NT non Microsoft et non désactivés (O23) (6) - 0s
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: VirtualBox Guest Additions Service (VBoxService) . (.Oracle Corporation - VirtualBox Guest Additions Service.) - C:\Windows\System32\VBoxService.exe
O23 - Service: ({0CBD4F48-3751-475D-BE88-4F271385B672}) . (.SHADOWDEFENDER.COM - Shadow Defender Service Application.) - C:\Program Files\Shadow Defender\Service.exe

---\\ Tâches planifiées en automatique (O39) (6) - 1s
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1060]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1064]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2770]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3808]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4060]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon [3644]

---\\ Logiciels installés (O42) (37) - 1s
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CutePDF Writer 3.0 - (.Acro Software Inc..) [HKLM][64Bits] -- CutePDF Writer Installation
O42 - Logiciel: Oracle VM VirtualBox Guest Additions 4.3.28 - (.Oracle Corporation.) [HKLM][64Bits] -- Oracle VM VirtualBox Guest Additions
O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Shadow Defender - (.ShadowDefender.com.) [HKLM][64Bits] -- {93A07A0D-454E-43d1-86A9-5DE9C5F4411A}
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: AutoIt v3.3.12.0 - (.AutoIt Team.) [HKLM][64Bits] -- AutoItv3
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.6.1022 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: SciTE4AutoIt3 14.801.2025.0 - (.Jos van der Zande.) [HKLM][64Bits] -- SciTE4AutoIt3
O42 - Logiciel: SumatraPDF - (.Krzysztof Kowalczyk.) [HKLM][64Bits] -- SumatraPDF
O42 - Logiciel: Tweaking.com - Windows Repair - (.Tweaking.com.) [HKLM][64Bits] -- Tweaking.com - Windows Repair
O42 - Logiciel: ZebHelpProcess 2015 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZebHelpProcess_is1
O42 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 32-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{04ADDEC1-208F-4295-AA61-16789EA56814}
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-040C-0000-0000000FF1CE}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 32-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{04ADDEC1-208F-4295-AA61-16789EA56814}
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 32-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{AE1BB975-11D1-49A0-82E8-1D26DD62AFE7}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 32-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{04ADDEC1-208F-4295-AA61-16789EA56814}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

---\\ HKCU & HKLM Software Keys (41) - 1s
HKLM\SOFTWARE\Wow6432Node\Acro Software Inc
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\Ammyy
HKLM\SOFTWARE\Wow6432Node\AutoIt v3
HKLM\SOFTWARE\Wow6432Node\Borland
HKLM\SOFTWARE\Wow6432Node\Cygwin
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GPL Ghostscript
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OldTimer Tools
HKLM\SOFTWARE\Wow6432Node\Oracle
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\Ammyy
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\AutoIt v3
HKCU\SOFTWARE\Borland
HKCU\SOFTWARE\Cygwin
HKCU\SOFTWARE\Ghisler
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SysInternals
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\ZabaraKatranemia Plc
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/ (113) - 2s
O43 - CFD: 2014/12/61 - 18:00:00 - [] D -- C:\Program Files (x86)\Acro Software
O43 - CFD: 2015/06/61 - 45:15:15 - [] D -- C:\Program Files (x86)\AutoIt3
O43 - CFD: 2015/06/20 - 55:49:49 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/05/01 - 04:31:31 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2014/12/61 - 18:23:23 - [] D -- C:\Program Files (x86)\GPLGS
O43 - CFD: 2015/06/91 - 58:11:11 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/04/12 - 28:00:00 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/03/71 - 32:42:42 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2015/03/71 - 33:40:40 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/05/31 - 09:29:29 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2015/03/71 - 34:29:29 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2015/03/71 - 09:53:53 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/06/40 - 19:49:49 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/06/40 - 19:49:49 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2009/07/40 - 32:38:38 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2014/12/61 - 48:50:50 - [] D -- C:\Program Files (x86)\Notepad++
O43 - CFD: 2009/07/40 - 32:38:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/06/20 - 55:49:49 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/12/61 - 18:38:38 - [] D -- C:\Program Files (x86)\SumatraPDF
O43 - CFD: 2015/03/41 - 54:26:26 - [] D -- C:\Program Files (x86)\Tweaking.com
O43 - CFD: 2009/07/40 - 57:06:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2014/12/61 - 59:22:22 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2011/04/21 - 16:36:36 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/06/91 - 58:13:13 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/40 - 32:38:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2011/04/21 - 16:36:36 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2010/11/10 - 31:38:38 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2011/04/21 - 16:36:36 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/06/71 - 13:55:55 - [] D -- C:\Program Files (x86)\ZebHelpProcess
O43 - CFD: 2015/05/80 - 53:41:41 - [] D -- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 2014/12/61 - 57:21:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 2014/12/61 - 21:57:57 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/12/61 - 31:00:00 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/06/61 - 45:15:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
O43 - CFD: 2014/12/61 - 00:25:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2014/12/61 - 18:01:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
O43 - CFD: 2014/12/61 - 30:58:58 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/05/01 - 04:36:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2009/07/40 - 57:09:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/04/12 - 28:00:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/06/91 - 46:08:08 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/05/30 - 47:07:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2014/12/61 - 48:49:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2014/12/61 - 25:00:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Defender
O43 - CFD: 2015/06/20 - 55:50:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2009/07/40 - 54:24:24 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2011/04/21 - 27:56:56 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/06/71 - 13:36:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
O43 - CFD: 2015/03/91 - 20:11:11 - [] D -- C:\ProgramData\AMMYY
O43 - CFD: 2009/07/40 - 08:56:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/12/61 - 33:19:19 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2009/07/40 - 08:56:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/40 - 08:56:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/12/61 - 33:19:19 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 2009/07/40 - 08:56:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/06/41 - 31:33:33 - [] D -- C:\ProgramData\IsolatedStorage
O43 - CFD: 2014/12/61 - 38:20:20 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2014/12/61 - 33:19:19 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2015/03/11 - 21:48:48 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/06/91 - 45:59:59 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/12/61 - 33:19:19 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2014/12/61 - 42:38:38 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/03/71 - 34:18:18 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/05/01 - 02:36:36 - [] D -- C:\ProgramData\RogueKiller
O43 - CFD: 2015/06/61 - 54:17:17 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2009/07/40 - 08:56:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2009/07/40 - 08:56:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/12/61 - 32:09:09 - [] D -- C:\Program Files (x86)\Common Files\Borland Shared
O43 - CFD: 2015/03/71 - 34:40:40 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/03/71 - 09:52:52 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2009/07/40 - 20:08:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/06/20 - 55:49:49 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2009/07/40 - 20:08:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2015/03/71 - 07:24:24 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2014/12/61 - 04:40:40 - [] D -- C:\Users\user\AppData\Roaming\Adobe
O43 - CFD: 2015/03/42 - 25:47:47 - [] D -- C:\Users\user\AppData\Roaming\GHISLER
O43 - CFD: 2014/12/61 - 33:55:55 - [] D -- C:\Users\user\AppData\Roaming\Identities
O43 - CFD: 2014/12/61 - 58:23:23 - [] D -- C:\Users\user\AppData\Roaming\Macromedia
O43 - CFD: 2011/04/21 - 27:56:56 - [0] D -- C:\Users\user\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/03/71 - 57:10:10 - [] SD -- C:\Users\user\AppData\Roaming\Microsoft
O43 - CFD: 2014/12/61 - 43:17:17 - [] D -- C:\Users\user\AppData\Roaming\Mozilla
O43 - CFD: 2015/03/61 - 17:36:36 - [] D -- C:\Users\user\AppData\Roaming\Notepad++
O43 - CFD: 2015/06/52 - 05:47:47 - [] D -- C:\Users\user\AppData\Roaming\Skype
O43 - CFD: 2014/12/61 - 18:40:40 - [] D -- C:\Users\user\AppData\Roaming\SumatraPDF
O43 - CFD: 2015/03/41 - 29:59:59 - [] D -- C:\Users\user\AppData\Roaming\www.shadowexplorer.com
O43 - CFD: 2015/06/90 - 06:25:25 - [] D -- C:\Users\user\AppData\Roaming\ZHP
O43 - CFD: 2015/06/90 - 38:56:56 - [0] D -- C:\Users\user\AppData\Local\Adobe
O43 - CFD: 2014/12/61 - 33:31:31 - [0] SHD -- C:\Users\user\AppData\Local\Application Data
O43 - CFD: 2015/04/11 - 41:56:56 - [] D -- C:\Users\user\AppData\Local\AutoIt v3
O43 - CFD: 2015/06/32 - 26:52:52 - [0] D -- C:\Users\user\AppData\Local\CrashDumps
O43 - CFD: 2015/05/52 - 09:12:12 - [] D -- C:\Users\user\AppData\Local\Diagnostics
O43 - CFD: 2015/06/31 - 10:32:32 - [0] SHD -- C:\Users\user\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/31 - 10:32:32 - [0] SHD -- C:\Users\user\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/31 - 10:32:32 - [0] SHD -- C:\Users\user\AppData\Local\EmieUserList
O43 - CFD: 2015/01/61 - 02:16:16 - [] D -- C:\Users\user\AppData\Local\Google
O43 - CFD: 2014/12/61 - 33:31:31 - [0] SHD -- C:\Users\user\AppData\Local\Historique
O43 - CFD: 2014/12/61 - 58:23:23 - [] D -- C:\Users\user\AppData\Local\Macromedia
O43 - CFD: 2015/06/11 - 37:19:19 - [] D -- C:\Users\user\AppData\Local\Microsoft
O43 - CFD: 2015/03/71 - 32:29:29 - [0] D -- C:\Users\user\AppData\Local\Microsoft Help
O43 - CFD: 2014/12/61 - 43:17:17 - [] D -- C:\Users\user\AppData\Local\Mozilla
O43 - CFD: 2014/12/61 - 38:04:04 - [] D -- C:\Users\user\AppData\Local\Programs
O43 - CFD: 2015/06/20 - 55:56:56 - [] D -- C:\Users\user\AppData\Local\Skype
O43 - CFD: 2015/06/90 - 05:40:40 - [] D -- C:\Users\user\AppData\Local\Temp
O43 - CFD: 2014/12/61 - 33:31:31 - [0] SHD -- C:\Users\user\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/06/91 - 07:26:26 - [] D -- C:\Users\user\AppData\Local\VirtualStore
O43 - CFD: 2015/01/41 - 18:30:30 - [] D -- C:\Users\user\AppData\Local\WindowsUpdate
O43 - CFD: 2009/07/40 - 54:32:32 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/01 - 38:24:24 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2009/07/40 - 49:38:38 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/12/61 - 48:49:49 - [0] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2014/12/61 - 35:48:48 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox Guest Additions
O43 - CFD: 2015/03/01 - 38:24:24 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/05/31 - 22:32:32 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com

---\\ Recherche d'infection sur les navigateurs internet (SBI (2) - 5s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {38697C13-5AC7-4BE9-981B-6D6F2A44D82B} - (Google) - http://www.google.com/

~ End of the scan in 47 seconds (348)

Publicité


Signaler le contenu de ce document

Publicité