cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ZHPDiag v2015.8.19.121 Par Nicolas Coolman (2015/08/19)
~ Démarré par hop (Administrator) (2015/08/21 08:56:44)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: New Version Available
~ Mode: Scanner
~ Rapport: C:\Users\hop\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\hop\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows Seven Black Edition, 32-bit Service Pack 1 (Build 7601)

---\\ Navigateurs Internet (4) - 0s
GCIE: Google Chrome v44.0.2403.155
MFIE: Mozilla Firefox 37.0.1 (x86 fr) v37.0.1
OPIE: Opera 12.6 v12.6
MSIE: Internet Explorer v11.0.9600.17959

---\\ Informations sur les produits Windows (8) - 1s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
~ Windows Partial Key : HYRR2
~ Windows Remaining Initializations Number : 4
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Logiciels de protection (1) - 1s
Windows Defender W7 (Deactivate)
ÌÏÇÑ ÇáÍãÇíÉ åäÇ ãÚØá íÌÈ ÊÝÚíáå ãÚ ÇÓÊÚãÇá ÈÑäÇãÌ ÍãÇíÉ Þæí
---\\ Logiciels d'optimisation (1) - 1s
CCleaner v4.07

---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2056.812 MB (36% free)
~ System Restore: Activé (Enable)
~ System drive C: has 17 GB free of 99 GB
ÍÌã ÇáÑÇã æÇáÞÑÕ ÇáÑÆíÓí Þáíá æåÐÇ íÄËÑ Úáì ÃÏÇÁ ÇáÍÇÓæÈ æíÌÈ ÍÐÝ ÇáÈÑÇãÌ æÇáãáÝÇÊ ÇáÛíÑ ÖÑæÑíÉ æßá ãÇ áÇ íÊã ÇÓÊÚãÇáå
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: HOP-PC
~ User Name: hop
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 17 GB free of 99 GB (System)
~ Drive D: has 93 GB free of 99 GB

---\\ Etat du Centre de Sécurité Windows (14) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Recherche particulière de fichiers génériques (24) - 0s
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [96256]
ÖÇÑ æíÌÈ ÍÐÝå
[MD5.0AC8CD2138FD10C4A0E2FF08F892359C] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [1951232]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d?ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [304128]
ÖÇÑ ááÍÐÝ
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [193536]

[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l?API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]
ÖÇÑ ááÍÐÝ
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.FEDAAB6716B44DE8B9EFC14DD9A26215] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [124416]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [245632]

---\\ Processus lancés (30) - 2s
[MD5.FC4A9F237444993FC2E732C3E20C2787] - (.Copyright (C) 2015 - WtuSyste Application.) -- C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1195920] [PID.808] =>Toolbar.AVGSafeGuard
ÊæáÈÇÑ ÖÇÑ ááÍÐÝ
[MD5.59E94810343F06F1FFD718EEFB509263] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe [335656] [PID.408]
[MD5.900B4FDE4A19F867122F2D7F2ABAB5C2] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824] [PID.484]
[MD5.B00773539CBE0322991C4E3C6F67099A] - (.AVG Technologies CZ, s.r.o. - AVG Scanning Core Module - Server Part.) -- C:\Program Files\AVG\AVG2015\avgcsrvx.exe [825768] [PID.528]
[MD5.51A2C358BE912D65D8FFB65104EBE664] - (.BlueStack Systems, Inc. - BlueStacks Updater Service.) -- C:\Program Files\BlueStacks\HD-UpdaterService.exe [794328] [PID.1976]
[MD5.F665EE65E60513C59E2ADBEF33989AB1] - (.ClaraLabs - ClaraUpdater.) -- C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe [926832] [PID.2256] =>PUP.Optional.SupTab
ÖÇÑ ááÍÐÝ
[MD5.38E739B52CBAEFE78CC31DAACA541DBF] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe [1874320] [PID.2720] =>Toolbar.AVGSearch
[MD5.0ACCB81916A1C1A1925A7FAFFE77275D] - (.Copyright (C) 2013 - loggings Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe [168336] [PID.2848] =>Toolbar.AVGSearch
ÊæáÈÇÑÇÊ AVG ááÍÐÝ
[MD5.7139E7EEA74966995148B16B8559819D] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [138008] [PID.3892]
[MD5.356A26CB1A7FA81BE22CDDBE77067B76] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171288] [PID.3876]
[MD5.57EE515BD3E9C76EDD7D4414C95104A5] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [172824] [PID.3904]
[MD5.DA730213087848FFAD75AA5BBAC3BBBF] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2015\avgui.exe [3780520] [PID.3908]
[MD5.C57C7863343F47C6A4E786DEB5AF13B6] - (.Copyright (C) 2012 - VProtect Application.) -- C:\Program Files\AVG Web TuneUp\vprot.exe [3175312] [PID.1728] =>Toolbar.AVGSafeGuard
ÊæáÈÇÑ ááÍÐÝ
[MD5.D0E3509E52CC8F6B3A98293FBE06EC45] - (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe [847576] [PID.2368]
[MD5.3E58126EB9B288EBD1F638978BCA358A] - (.AVG Secure Search - avgcefrend.) -- C:\Program Files\AVG Web TuneUp\avgcefrend.exe [1402768] [PID.5520] =>Toolbar.AVGSafeGuard
ÇíÖÇ ÊæáÈÇÑ ÖÇÑ ááÍÐÝ
[MD5.ADE3D7AD36CA238C6D58E5E93392D2F8] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3903056] [PID.4748]
[MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.5188]
[MD5.176F353BC9B478D2CE689BE174EAC62B] - (.Piriform Ltd - Recuva.) -- C:\Program Files\Recuva\recuva.exe [3888920]
[PID.1340]

[MD5.2EC814B3AADB2B17765F4A63F5104679] - (...) -- C:\Program Files\Wondershare\Dr.Fone pour Android\adb.exe [825744] [PID.3548]
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.1972] =>PUP.Optional.UnicoBrowser
ÖÇÑ ááÍÐÝ
[MD5.E0A3E3BC4E710FEB0AE037475BD7A4CF] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\hop\AppData\Roaming\ZHP\ZHPDiag3.exe [1894400] [PID.2064]
Óáíã
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.5676] =>PUP.Optional.UnicoBrowser
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.5992] =>PUP.Optional.UnicoBrowser
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.5636] =>PUP.Optional.UnicoBrowser
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.5456] =>PUP.Optional.UnicoBrowser
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.1620] =>PUP.Optional.UnicoBrowser
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.5132] =>PUP.Optional.UnicoBrowser
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.6648] =>PUP.Optional.UnicoBrowser
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.6636] =>PUP.Optional.UnicoBrowser
[MD5.D2AB8A23E6154E11EC9B921702BA977C] - (.The Unico Browser Authors - Unico Browser.) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe [857224] [PID.3172] =>PUP.Optional.UnicoBrowser
ÌãíÚåÇ ÖÇÑÉ ááÍÐÝ
---\\ Google Chrome, Démarrage,Recherche,Extensions (15) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients5.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lh6.googleusercontent.com/
ááÍÐÝ
G0 - GCSP: Preferences [User Data\Default][HomePage] http://play.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://plus.google.com/

G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com/
ááÍÐÝ
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com/
G2 - GCE: Preference [User Data\Default] [addibmjelefaholbfacfnekmojekodaf] Photo Zoomer For Facebook
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module

G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
ÖÇÑ ááÍÐÝ

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (27) - 3s

M0 - MFSP: prefs.js [hop - 5rep6kvv.default] https://mysearch.avg.com?pid=wtu&sg=&cid=%7B84da1ccd-b6ee-459d-9cda-2795bd7cfe97%7D&mid=c6d3f4bb3ddb47cd899ad16d12148a4e-1a7874fe714d566b078977d30fa4477111eacc24&cmpid=0215pit&ds=AVG&v=4.1.0.411&lang=fr&pr=fr&d=2015-06-06%2023%3A52%3A38&sap=hp
P2 - EXT FILE: (...) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions\{3aba10bc-af2b-4490-a846-67258f4bf417}.xpi
P2 - EXT FILE: (...) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\searchplugins\avg-secure-search.xml
P2 - EXT FILE: (...) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\searchplugins\default-search.xml
ßáåÇ ááÍÐÝ
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
ááÍÐÝ áÇäåÇ ÊËÞá ÇáãÊÕÝÍ
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml
ÖÇÑì ááÍÐÝ
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
áÍÐÝ áÇäåÇ ÊËÞá ÇáãÊÕÝÍ
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml

P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
ááÍÐÝ
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (.AVG Technologies - AVG Web TuneUp.) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions\avg@toolbar

P2 - EXT: (. - Linkey for Firefox.) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions
\extension@linkeyproject.com =>PUP.Optional.LinkeySearch
ÖÇÑ ááÍÐÝ
P2 - EXT: (.DiscountFrenzy - I - Cinema.) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions\MGKN37049485@ACPSC11936960.com
P2 - EXT: (...) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions\staged

P2 - EXT: (. - Mozilla Firefox Hotfixer.) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions\veggy@veggyAddon.com =>PUP.Optional.VeggyAddon
P2 - EXT: (. - Zoom It.) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions\zzoomit@zoom.com =>PUP.Optional.ZoomIt
ÇíÖÇ ÖÇÑÉ ááÍÐÝ
P2 - EXT: (. - Zoom It.) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions\{13ccd001-0f59-f5ca-296a-1e7e42baa754}
P2 - EXT: (. - Zoom It.) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions\{63e49437-9e75-2217-5084-fbc788807882}
P2 - EXT: (. - Zoom It.) -- C:\Users\hop\AppData\Roaming\Mozilla\Firefox\Profiles\5rep6kvv.default\extensions\{97cb01e0-770a-d01d-00b5-e58dbd263e62}
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (...) -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.8.0\\npsitesafety.dll =>Toolbar.AVGSearch
ÊæáÈÇÑ ÖÇÑ ááÍÐÝ
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
ÇíÖÇ ÖÇÑ ááÍÐÝ
---\\ Opera, Démarrage,Recherche,Plugins (1) - 0s
B2 - EXT: [Glass Bottle] C:\Users\hop\AppData\Roaming\Opera Software\Opera Stable\Extensions\fjnfffadddalhgdjnfamfnfabihbaijo

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

---\\ Internet Explorer,Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
ÇáÓØÑíä ÇáÇÎíÑíä ãÕÇ Èíä ááÍÐÝ ÇáØÈíÚí Çä Êßæä ÇáÞíãÉ =0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
Óáíã
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,,C:\Program Files\kchlwyhy\sfybhyqp.exe
ÛíÑ ãÚÑæÝ ááÍÐÝ
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

---\\ Browser Helper Object de navigateur (BHO) (2) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG - AVG Web TuneUp.dll.) -- C:\Program Files\AVG Web TuneUp\4.1.5.143\AVG Web TuneUp.dll =>Toolbar.AVGSafeGuard
ÊæáÈÇÑ AVG ááÍÐÝ
---\\ Applications lancées au démarrage du système (20) - 1s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
O4 - HKLM\..\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files\AVG\AVG2015\avgui.exe
O4 - HKLM\..\Run: [vProt] . (.Copyright (C) 2012 - VProtect Application.) -- C:\Program Files\AVG Web TuneUp\vprot.exe =>Toolbar.AVGSafeGuard
ÇíÖÇ ÊæáÈÇÑ ááÍÐÝ
O4 - HKLM\..\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\hop\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_120C4CE0C40EFC7C36FAC4387F7C06DE] . (.Torch Media Inc. - Torch.) -- C:\Users\hop\AppData\Local\Torch\Application\torch.exe =>PUP.Optional.Torch
ÖÇÑ ááÍÐÝ
O4 - HKCU\..\Run: [CrashService] . (...) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\crash_service.exe =>PUP.Optional.UnicoBrowser
ÇíÖÇ ÖÇÑ ááÍÐÝ
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
ááÍÐÝ
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
ááÍÐÝ
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe

O4 - HKUS\S-1-5-21-722897642-3001306927-3999419580-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
ááÍÐÝ
O4 - HKUS\S-1-5-21-722897642-3001306927-3999419580-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\hop\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-722897642-3001306927-3999419580-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe


O4 - HKUS\S-1-5-21-722897642-3001306927-3999419580-1000\..\Run: [GoogleChromeAutoLaunch_120C4CE0C40EFC7C36FAC4387F7C06DE] . (.Torch Media Inc. - Torch.) -- C:\Users\hop\AppData\Local\Torch\Application\torch.exe =>PUP.Optional.Torch
O4 - HKUS\S-1-5-21-722897642-3001306927-3999419580-1000\..\Run: [CrashService] . (...) -- C:\Users\hop\AppData\Local\UnicoBrowser\Application\crash_service.exe =>PUP.Optional.UnicoBrowser
O4 - GS\Quicklaunch [hop]: Unico Browser.lnk . (.The Unico Browser Authors - Unico Browser.) C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe =>PUP.Optional.UnicoBrowser
O4 - GS\TaskBar [hop]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\TaskBar [hop]: Torch.lnk . (.Torch Media Inc. - Torch.) C:\Users\hop\AppData\Local\Torch\Application\torch.exe =>PUP.Optional.Torch
O4 - GS\Desktop [Invité]: Amazon.lnk . (.The Unico Browser Authors - Unico Browser.) C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe =>PUP.Optional.UnicoBrowser
O4 - GS\Desktop [Invité]: Facebook.lnk . (.The Unico Browser Authors - Unico Browser.) C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe =>PUP.Optional.UnicoBrowser
O4 - GS\Desktop [Invité]: Hotmail.lnk . (.The Unico Browser Authors - Unico Browser.) C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe =>PUP.Optional.UnicoBrowser
O4 - GS\Desktop [Invité]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Desktop [Invité]: Wikipedia.lnk . (.The Unico Browser Authors - Unico Browser.) C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe =>PUP.Optional.UnicoBrowser
O4 - GS\Desktop [Invité]: Youtube.lnk . (.The Unico Browser Authors - Unico Browser.) C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe =>PUP.Optional.UnicoBrowser
O4 - GS\Quicklaunch [Invité]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Quicklaunch [Invité]: Torch.lnk . (.Torch Media Inc. - Torch.) C:\Users\hop\AppData\Local\Torch\Application\torch.exe =>PUP.Optional.Torch
O4 - GS\Quicklaunch [Invité]: Unico Browser.lnk . (.The Unico Browser Authors - Unico Browser.) C:\Users\hop\AppData\Local\UnicoBrowser\Application\unicobrowser.exe =>PUP.Optional.UnicoBrowser
O4 - GS\TaskBar [Invité]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\TaskBar [Invité]: Torch.lnk . (.Torch Media Inc. - Torch.) C:\Users\hop\AppData\Local\Torch\Application\torch.exe =>PUP.Optional.Torch
O4 - GS\Programs [Public]: Torch.lnk . (.Torch Media Inc. - Torch.) C:\Users\hop\AppData\Local\Torch\Application\torch.exe =>PUP.Optional.Torch
ÌãíÚåÇ ÖÇÑÉ ááÍÐÝ
---\\Winsock hijacker (Layered Service Provider):
O10 - Broken Internet access because of LSP provider 'c:\program files\newdotnet\newdotnet6_38.dll'
O10 - Broken Internet access because of LSP provider 'rsvp322.dll'



---\\ Modification Domaine/Adresses DNS (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
Óáíã
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =223.0.4.888
ááÍÐÝ
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer =223.0.4.888

---\\ Valeurs de sous-clés Winlogon Notify (autorun) :
O20 - Winlogon Notify: 3434daef969 . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\deployJava132.dll => Infection BT
ááÍÐÝ
---\\ Liste des services NT non Microsoft et non désactivés (13) - 1s
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files\AVG\AVG2015\avgwdsvc.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc. - BlueStacks Service.) - C:\Program Files\BlueStacks\HD-Service.exe
ááÍÐÝ
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - C:\Program Files\BlueStacks\HD-UpdaterService.exe

O23 - Service: ClaraUpdater (ClaraUpdater) . (.ClaraLabs - ClaraUpdater.) - C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe =>PUP.Optional.BoBrowser
ÖÇÑ ááÍÐÝ
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
ááÍÐÝ
O23 - Service: Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2014 - .) - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe



O23 - Service: Torch Crash Handler (TorchCrashHandler) . (.TorchMedia Inc. - TorchCrashHandler.) - C:\Users\hop\AppData\Local\Torch\Update\TorchCrashHandler.exe =>PUP.Optional.Torch
O23 - Service: (vToolbarUpdater18.8.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
O23 - Service: WtuSystemSupport (WtuSystemSupport) . (.Copyright (C) 2015 - WtuSyste Application.) - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe =>Toolbar.AVGSafeGuard
ßáåÇ ÖÇÑÉ ááÍÐÝ
Read more at http://www.cjoint.com/c/EHAwOvNQSV6#X4ReMzUeSULWlts8.99

Publicité


Signaler le contenu de ce document

Publicité