~ Rapport de ZHPDiag v2015.6.4.54 - Nicolas Coolman (31/05/2015) ~ Lancé par Prodi_000 (08/06/2015 18:13:27) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by program ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17801 MFIE: Mozilla Firefox 38.0.5 (Defaut) GCIE: Google Chrome v43.0.2357.81 ---\\ Informations sur les produits Windows ~ Langage: Français Windows Server License Manager Script : OK ~ Windows(R) Operating System, OEM_DM channel Windows ID Activation : OK ~ Windows Partial Key : 7H3HT Windows License : OK ~ Windows Remaining Initializations Number : 1000 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK Windows 8.1, 64-bit (Build 9600) ---\\ Logiciels de protection du système avast! Free Antivirus v9.0.2021 Malwarebytes Anti-Malware version 2.1.6.1022 Ad-Aware Antivirus v11.6.306.7947 Ad-Aware Web Companion v2.0.1013.2086 Windows Defender W8 (Deactivate) ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 17 PPAPI Adobe Reader XI ---\\ Informations sur le système ~ Processor: AMD64 Family 22 Model 0 Stepping 1, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 5565 MB (66% free) System Restore: Activé (Enable) System drive C: has 283 GB (62%) free of 456 GB ---\\ Mode de connexion au système ~ Computer Name: PC-OTHNIEL ~ User Name: Prodi_000 ~ All Users Names: Rophy, Prodi_000, Othniel, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Prodi_000\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Prodi_000\AppData\Roaming\ ~ %Desktop% : C:\Users\Prodi_000\Desktop\ ~ %Favorites% : C:\Users\Prodi_000\Favorites\ ~ %LocalAppData% : C:\Users\Prodi_000\AppData\Local\ ~ %StartMenu% : C:\Users\Prodi_000\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 283 Go of 456 Go) D: Hard drive, Flash drive, Thumb drive (Free 455 Go of 457 Go) E: CD-ROM drive (Not Inserted) F: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 49 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.28/01/2015 - 00:47:12.) -- C:\Windows\Explorer.exe [2501368] [MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/11/2014 - 00:18:00.) -- C:\Windows\System32\Wininit.exe [145920] [MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2015 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128] [MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2014 - 00:18:37.) -- C:\Windows\System32\Winlogon.exe [572416] [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2014 - 23:55:08.) -- C:\Windows\System32\sppcomapi.dll [447488] [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.21/11/2014 - 00:17:59.) -- C:\Windows\system32\Drivers\AFD.sys [563200] [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464] [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576] [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352] [MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2014 - 00:57:06.) -- C:\Windows\system32\Drivers\DfsC.sys [134144] [MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2014 - 00:17:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800] [MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - Pilote de port i8042.) (.21/11/2014 - 00:17:55.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520] [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.20/11/2014 - 23:55:10.) -- C:\Windows\system32\Drivers\IpNat.sys [142848] [MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.21/11/2014 - 00:18:02.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504] [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624] [MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/11/2014 - 00:18:00.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792] [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208] [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832] [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.20/11/2014 - 23:27:21.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584] [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520] [MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2014 - 00:17:55.) -- C:\Windows\system32\Drivers\volsnap.sys [310080] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes Favoris (My Favorites) : 1/5 ~ Mes Documents (My Documents) : 1/18 ~ Mon Bureau (My Desktop) : 2/240 ~ Menu demarrer (Programs) : 1/31 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.0E8204BF13F0BC1F96ADAB3C998E4A3B] - (...) -- C:\Program Files (x86)\MaxComputerCleaner_v17.437\MaxComputerCleaner_Maintenance.exe [31432] [PID.6908] =>PUP.MaxComputerCleaner [MD5.280B64F6BFCEDE6D67D261EB808AA617] - (.Acer Incorporated - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [524944] [PID.5832] [MD5.E429410581E60535B555DDA729424885] - (.DuckLink Software - DuckLink Screen Capture.) -- C:\Program Files (x86)\DuckLink\DuckCapture\DuckCapture.exe [436736] [PID.6488] [MD5.78E70968C04DE6C85541CF70F8CF4E78] - (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616] [PID.4680] [MD5.BEFFB2D021E7FA9E92249F3997930A68] - (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe [522144] [PID.1964] [MD5.BB24B1B12791DF931ECD2CFF60CF4640] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe [166912] [PID.4396] [MD5.7636713B4F0944045AB4AF7CED5245AB] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704] [PID.5352] [MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [4085896] [PID.5800] [MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [96056] [PID.664] [MD5.B511C06CB5A2A58A9AFDFA51501EE2DB] - (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480] [PID.4332] [MD5.923FE895B22B22A9CA03C72F3D15CE20] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.5944] [MD5.7AE4D6C70C2D7912AB2B4651DF595575] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [990320] [PID.4840] [MD5.ABBE1C4859D697F11276D490AEB215F0] - (...) -- C:\Users\Prodi_000\AppData\Local\Temp\newversion.exe [11062925] [PID.5712] [MD5.9303156631EE2436DB23827E27337BE4] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\Prodi_000\AppData\Local\Temp\is-24239.tmp\newversion.tmp [708096] [PID.2432] [MD5.489C5EFD50C4CC367028C335D4AAE23A] - (...) -- C:\Users\Prodi_000\AppData\Local\Temp\is-U16I9.tmp\Z2VudGxlbWptcF9pZXU=.exe [10373915] [PID.6396] [MD5.9303156631EE2436DB23827E27337BE4] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\Prodi_000\AppData\Local\Temp\is-BSEPT.tmp\Z2VudGxlbWptcF9pZXU=.tmp [708096] [PID.2308] [MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.3128] ~ Processes Running: Scanned in 00mn 03s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Prodi_000\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Liste des dossiers d'extension Google Chrome G2 - EXT: C:\Users\Prodi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah [Linkey] =>PUP.LinkeySearch G2 - EXT: C:\Users\Prodi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [Bookmark Manager] G2 - EXT: C:\Users\Prodi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [Avast Online Security] G2 - EXT: C:\Users\Prodi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module] G2 - EXT: C:\Users\Prodi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [Skype Click to Call] G2 - EXT: C:\Users\Prodi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__] G2 - EXT: C:\Users\Prodi_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [__MSG_extname__] ~ Google Lines Browser: 14 Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\1t6ko4ay.Utilisateur par défaut\prefs.js (.not file.) C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\aeb2bono.default-1432404829443\prefs.js C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\aeb2bono.default-1432404829443\user.js C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\ayi70ps3.default-1433500848278\prefs.js C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\ayi70ps3.default-1433500848278\user.js C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\cte8rj8c.Hiram\prefs.js C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\cte8rj8c.Hiram\user.js C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\dh7xr4xm.default\prefs.js C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\dh7xr4xm.default\user.js C:\Users\Prodi_000\AppData\Roaming\Mozilla\Firefox\Profiles\fe5bytlh.default-1433575279388\prefs.js M2 - MFEP: Extension [Prodi_000 - 1t6ko4ay.Utilisateur par défaut] googledictionary@toptip.ca.xpi M2 - MFEP: Extension [Prodi_000 - 1t6ko4ay.Utilisateur par défaut] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox M2 - MFEP: Extension [Prodi_000 - 1t6ko4ay.Utilisateur par défaut] facefont@mc.com M2 - MFEP: Extension [Prodi_000 - 1t6ko4ay.Utilisateur par défaut] staged M2 - MFEP: Extension [Prodi_000 - aeb2bono.default-1432404829443] googledictionary@toptip.ca.xpi M2 - MFEP: Extension [Prodi_000 - aeb2bono.default-1432404829443] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox M2 - MFEP: Extension [Prodi_000 - aeb2bono.default-1432404829443] facefont@mc.com M2 - MFEP: Extension [Prodi_000 - aeb2bono.default-1432404829443] staged M2 - MFEP: Extension [Prodi_000 - ayi70ps3.default-1433500848278] googledictionary@toptip.ca.xpi M2 - MFEP: Extension [Prodi_000 - ayi70ps3.default-1433500848278] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox M2 - MFEP: Extension [Prodi_000 - ayi70ps3.default-1433500848278] facefont@mc.com M2 - MFEP: Extension [Prodi_000 - ayi70ps3.default-1433500848278] staged M2 - MFEP: Extension [Prodi_000 - cte8rj8c.Hiram] googledictionary@toptip.ca.xpi M2 - MFEP: Extension [Prodi_000 - cte8rj8c.Hiram] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox M2 - MFEP: Extension [Prodi_000 - cte8rj8c.Hiram] facefont@mc.com M2 - MFEP: Extension [Prodi_000 - cte8rj8c.Hiram] staged M2 - MFEP: Extension [Prodi_000 - dh7xr4xm.default] googledictionary@toptip.ca.xpi M2 - MFEP: Extension [Prodi_000 - dh7xr4xm.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox M2 - MFEP: Extension [Prodi_000 - dh7xr4xm.default] facefont@mc.com M2 - MFEP: Extension [Prodi_000 - dh7xr4xm.default] staged M2 - MFEP: Extension [Prodi_000 - fe5bytlh.default-1433575279388] googledictionary@toptip.ca.xpi M2 - MFEP: Extension [Prodi_000 - fe5bytlh.default-1433575279388] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox M2 - MFEP: Extension [Prodi_000 - fe5bytlh.default-1433575279388] facefont@mc.com M2 - MFEP: Extension [Prodi_000 - fe5bytlh.default-1433575279388] staged P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.11.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml =>Hijacker.Browsers P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.40416.0.) -- C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ~ Firefox Browser: 59 Scanned in 00mn 01s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17728 (winblue_r9.150312-1720)) -- C:\Windows\SysWOW64\ieframe.dll ~ IE Browser: 18 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Increase performance and video formats for your HTML5