Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.12.24.251 Par Nicolas Coolman (2016/12/24)
~ Démarré par Manon Goudstikker (Administrator) (2016/12/24 13:35:06)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\Manon Goudstikker\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Manon Goudstikker\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393) =>.Microsoft Corporation
---\\ Informations sur les produits Windows (3) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK
---\\ Logiciels de protection (1) - 19s
Windows Defender (Activate) (Protection)
---\\ Surveillance de Logiciels (1) - 21s
~ Adobe Flash Player 23 PPAPI (Surveillance)
---\\ Logiciels de partage P2P (1) - 21s
~ µTorrent v3.4.9.43085 (P2P)
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4193.508 MB (47% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 127 GB (28%) free of 445 GB : OK =>.Disk Space
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: MANON
~ User Name: Manon Goudstikker
~ Logged in as Administrator
---\\ Etat du Centre de Sécurité Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulière de fichiers génériques (25) - 3s
[MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - 23/03/2016 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [327808] =>.Microsoft Windows®
[MD5.C7645D43451C6D94D87F4D07BDE59C89] - 23/03/2016 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [327808] =>.Microsoft Corporation
[MD5.99A19C9A74E2F9820E501DCE77F84F70] - 23/03/2016 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [327808] =>.Microsoft Windows Publisher®
[MD5.E584CDC70F694F9A984A060A8291EB04] - 23/03/2016 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [327808] =>.Microsoft Corporation
[MD5.DE6DF9BBBECAFDEF462A37D839167368] - 23/03/2016 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [327808] =>.Microsoft Corporation
[MD5.9600B7F2F89DE60A80D13DE42F672834] - 23/03/2016 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [327808] =>.Microsoft Corporation
[MD5.96B8A433F6407DE34850927C96C6CE9B] - 23/03/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [327808] =>.Microsoft Windows®
[MD5.227CFE3EDA82029AAC1C088A16297CD7] - 23/03/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [327808] =>.Microsoft Windows®
[MD5.7ABD5430F75A7FDDE5323B354C77514F] - 23/03/2016 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [327808] =>.Microsoft Corporation
[MD5.323AA1953ED9C01E23F740FA891FE064] - 23/03/2016 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [327808] =>.Microsoft Windows®
[MD5.A10F989A812B57B9695F6C305907C9C6] - 23/03/2016 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [327808] =>.Microsoft Windows®
[MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - 23/03/2016 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [327808] =>.Microsoft Corporation
[MD5.613D0137C269187FA298A157E3D14A18] - 23/03/2016 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [327808] =>.Microsoft Corporation
[MD5.0D1D392ED2597F295956D058D33BD7C3] - 23/03/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [327808] =>.Microsoft Corporation
[MD5.10E3515FE5DBA6656FA62C29342EC4A1] - 23/03/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [327808] =>.Microsoft Corporation
[MD5.B54B30992620C97230013A74461C8517] - 23/03/2016 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [327808] =>.Microsoft Corporation
[MD5.F1DAECC3B3D6399875D4F10529D6A77C] - 23/03/2016 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [327808] =>.Microsoft Corporation
[MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - 23/03/2016 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [327808] =>.Microsoft Windows®
[MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - 23/03/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [327808] =>.Microsoft Corporation
[MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - 23/03/2016 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [327808] =>.Microsoft Windows®
[MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - 23/03/2016 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [327808] =>.Microsoft Corporation
[MD5.17E565710172ED71B8531D8822E1C5D1] - 23/03/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [327808] =>.Microsoft Corporation
[MD5.7135785C21CA79D270D11037C43D3F19] - 23/03/2016 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [327808] =>.Microsoft Corporation
[MD5.9D2DD64A0B51C56285512DC9454340F6] - 23/03/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [327808] =>.Microsoft Windows®
[MD5.BF2546583BB75F01DDA60A7921DFB230] - 23/03/2016 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [327808] =>.Microsoft Windows®
---\\ Google Chrome, Démarrage,Recherche,Extensions (5) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients4.google.com =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda]
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (5) - 3s
M0 - MFSP: prefs.js [Manon Goudstikker - 1hszqyaq.default] http://fr-be.yahoo.com/ =>.Yahoo! Inc.
P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - EXT FILE: (.Microsoft Corporation - Bing Search.) -- C:\Users\Manon Goudstikker\AppData\Roaming\Mozilla\Firefox\Profiles\1hszqyaq.default\extensions\bingsearch.full@microsoft.com.xpi =>.Microsoft Corporation
P2 - EXT FILE: (.Yahoo® - Yahoo Search.) -- C:\Users\Manon Goudstikker\AppData\Roaming\Mozilla\Firefox\Profiles\1hszqyaq.default\searchplugins\yahoo-lavasoft.xml =>.Yahoo®
P2 - EXT: (.http://www.cacaoweb.org/ - cacaoweb.) -- C:\Users\Manon Goudstikker\AppData\Roaming\Mozilla\Firefox\Profiles\1hszqyaq.default\extensions\cacaoweb@cacaoweb.org =>.Superfluous.CacaoWeb
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (19) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr-be.yahoo.com/ =>.Yahoo! Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com =>.Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Scan Additionnel (1) - 0s
C:\Users\Manon Goudstikker\AppData\Roaming\Mozilla\Firefox\Profiles\1hszqyaq.default\extensions\cacaoweb@cacaoweb.org =>.Superfluous.CacaoWeb
---\\ Récapitulatif des éléments trouvés sur votre station (1) - 0s
https://www.anti-malware.top/2016/04/30/superfluous-cacaoweb/ =>.Superfluous.CacaoWeb
~ End of the scan, 83905 items in 00mn37s (130)
~ Démarré par Manon Goudstikker (Administrator) (2016/12/24 13:35:06)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\Manon Goudstikker\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Manon Goudstikker\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393) =>.Microsoft Corporation
---\\ Informations sur les produits Windows (3) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK
---\\ Logiciels de protection (1) - 19s
Windows Defender (Activate) (Protection)
---\\ Surveillance de Logiciels (1) - 21s
~ Adobe Flash Player 23 PPAPI (Surveillance)
---\\ Logiciels de partage P2P (1) - 21s
~ µTorrent v3.4.9.43085 (P2P)
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4193.508 MB (47% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 127 GB (28%) free of 445 GB : OK =>.Disk Space
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: MANON
~ User Name: Manon Goudstikker
~ Logged in as Administrator
---\\ Etat du Centre de Sécurité Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulière de fichiers génériques (25) - 3s
[MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - 23/03/2016 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [327808] =>.Microsoft Windows®
[MD5.C7645D43451C6D94D87F4D07BDE59C89] - 23/03/2016 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [327808] =>.Microsoft Corporation
[MD5.99A19C9A74E2F9820E501DCE77F84F70] - 23/03/2016 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [327808] =>.Microsoft Windows Publisher®
[MD5.E584CDC70F694F9A984A060A8291EB04] - 23/03/2016 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [327808] =>.Microsoft Corporation
[MD5.DE6DF9BBBECAFDEF462A37D839167368] - 23/03/2016 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [327808] =>.Microsoft Corporation
[MD5.9600B7F2F89DE60A80D13DE42F672834] - 23/03/2016 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [327808] =>.Microsoft Corporation
[MD5.96B8A433F6407DE34850927C96C6CE9B] - 23/03/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [327808] =>.Microsoft Windows®
[MD5.227CFE3EDA82029AAC1C088A16297CD7] - 23/03/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [327808] =>.Microsoft Windows®
[MD5.7ABD5430F75A7FDDE5323B354C77514F] - 23/03/2016 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [327808] =>.Microsoft Corporation
[MD5.323AA1953ED9C01E23F740FA891FE064] - 23/03/2016 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [327808] =>.Microsoft Windows®
[MD5.A10F989A812B57B9695F6C305907C9C6] - 23/03/2016 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [327808] =>.Microsoft Windows®
[MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - 23/03/2016 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [327808] =>.Microsoft Corporation
[MD5.613D0137C269187FA298A157E3D14A18] - 23/03/2016 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [327808] =>.Microsoft Corporation
[MD5.0D1D392ED2597F295956D058D33BD7C3] - 23/03/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [327808] =>.Microsoft Corporation
[MD5.10E3515FE5DBA6656FA62C29342EC4A1] - 23/03/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [327808] =>.Microsoft Corporation
[MD5.B54B30992620C97230013A74461C8517] - 23/03/2016 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [327808] =>.Microsoft Corporation
[MD5.F1DAECC3B3D6399875D4F10529D6A77C] - 23/03/2016 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [327808] =>.Microsoft Corporation
[MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - 23/03/2016 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [327808] =>.Microsoft Windows®
[MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - 23/03/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [327808] =>.Microsoft Corporation
[MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - 23/03/2016 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [327808] =>.Microsoft Windows®
[MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - 23/03/2016 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [327808] =>.Microsoft Corporation
[MD5.17E565710172ED71B8531D8822E1C5D1] - 23/03/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [327808] =>.Microsoft Corporation
[MD5.7135785C21CA79D270D11037C43D3F19] - 23/03/2016 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [327808] =>.Microsoft Corporation
[MD5.9D2DD64A0B51C56285512DC9454340F6] - 23/03/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [327808] =>.Microsoft Windows®
[MD5.BF2546583BB75F01DDA60A7921DFB230] - 23/03/2016 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [327808] =>.Microsoft Windows®
---\\ Google Chrome, Démarrage,Recherche,Extensions (5) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients4.google.com =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda]
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (5) - 3s
M0 - MFSP: prefs.js [Manon Goudstikker - 1hszqyaq.default] http://fr-be.yahoo.com/ =>.Yahoo! Inc.
P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - EXT FILE: (.Microsoft Corporation - Bing Search.) -- C:\Users\Manon Goudstikker\AppData\Roaming\Mozilla\Firefox\Profiles\1hszqyaq.default\extensions\bingsearch.full@microsoft.com.xpi =>.Microsoft Corporation
P2 - EXT FILE: (.Yahoo® - Yahoo Search.) -- C:\Users\Manon Goudstikker\AppData\Roaming\Mozilla\Firefox\Profiles\1hszqyaq.default\searchplugins\yahoo-lavasoft.xml =>.Yahoo®
P2 - EXT: (.http://www.cacaoweb.org/ - cacaoweb.) -- C:\Users\Manon Goudstikker\AppData\Roaming\Mozilla\Firefox\Profiles\1hszqyaq.default\extensions\cacaoweb@cacaoweb.org =>.Superfluous.CacaoWeb
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (19) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr-be.yahoo.com/ =>.Yahoo! Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com =>.Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Scan Additionnel (1) - 0s
C:\Users\Manon Goudstikker\AppData\Roaming\Mozilla\Firefox\Profiles\1hszqyaq.default\extensions\cacaoweb@cacaoweb.org =>.Superfluous.CacaoWeb
---\\ Récapitulatif des éléments trouvés sur votre station (1) - 0s
https://www.anti-malware.top/2016/04/30/superfluous-cacaoweb/ =>.Superfluous.CacaoWeb
~ End of the scan, 83905 items in 00mn37s (130)