Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de NCDiag v2014.9.2.108 - Copyright �2014 - Nicolas Coolman, Tous droits r�serv�s
~ Emplacement rapport : C:\Users\Alexandra\AppData\Roaming\ZHP\NCDiag.txt
~ Lanc� par Alexandra (07/09/2014 - 10:42:09)
~ Adresse du Site Web : http://nicolascoolman.fr
~ Etat de la version : OK
~ Liste blanche : D�sactiv�e par le programme
~ User Account Control (UAC): Activ� par l'utilisateur
~ El�vation des Privil�ges : OK
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7600.16385 (Default)
GCIE: Google Chrome v37.0.2062.103
MFIE: Mozilla Firefox (3.6.8)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Microsoft Windows 7 Professional Edition (build 7600), 32-bit
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 6P6GT
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Informations sur le syst�me
~ Operating System: 32 Bits
~ Boot Mode: Normal (Normal boot)
System Restore: Activ� (Enable)
Total RAM: 1782 MB (31% free)
---\\ Mode de connexion au syst�me
~ Nom d'Ordinateur: ALEXANDRA-PC
~ Nom d'utilisateur: Alexandra
~ Nom des utilisateurs: Alexandra,Public,
~ Connect� en administrateur
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (System) ( Free 33 Go of 80 Go)
D: Hard drive, Flash drive, Thumb drive ( Free 63 Go of 100 Go)
---\\ Logiciels de protection du syst�me
Windows Defender W7 (Activate)
avast! Free Antivirus v9.0.2021
Malwarebytes Anti-Malware version 2.0.2.1012
---\\ Variables d'environnement
~ %SYSTEMDRIVE% = C:
~ %USERPROFILE% = C:\Users\Alexandra
~ %APPDATA% = C:\Users\Alexandra\AppData\Roaming
~ %DESKTOP% = C:\Users\Alexandra\Desktop
~ %FAVORITES% = C:\Users\Alexandra\Favorites
~ %LOCALAPPDATA% = C:\Users\Alexandra\AppData\Local
~ %STARTMENU% = C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu
~ %WINDIR% = C:\Windows
~ %SYSTEM% = C:\Windows\System32
~ %PROGRAMFILES% = C:\Program Files
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] EnableLUA: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\svc] FirewallOverride: OK
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [2614784]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus h�te Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.6A02CB2EDC24630845D11B507952141A] - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d�ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioth�que de licences.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.D8714A5FB3141F8226D16861F20C5AC4] - (.Microsoft Corporation - DLL client de l�API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19968]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.A8F59428E9F361C7AC42A94AC1560BC9] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1210728]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74240]
[MD5.59F06B4968E58BC83DFC56CA4517960E] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) -- C:\Windows\System32\drivers\volsnap.sys [245616]
---\\ Processus lanc�s
[MD5.BDF37B36AC60A7D97161A103B14CEE65] - (...) --C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392]
[MD5.EA6EADF6314E43783BA8EEE79F93F73C] - (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe [1173504]
[MD5.D3F78E38C39AB0E7358735717FB52EAE] - (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe [1563440]
[MD5.760ACD103FFB86AD65DC41CDEB08ABCF] - (...) --C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560]
[MD5.286554883DEC5E022C2DB48018D9C83E] - (.Samsung - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568]
[MD5.3CF9C32FCBEEEB1011B330328DDB8476] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904]
[MD5.20CB286C4591EEA68778CA6626D70D47] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272]
[MD5.F0CE006E1D14F45959985A05F8E81204] - (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816]
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896]
[MD5.08E7173D1B74095335052459200CB1EA] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe [421888]
[MD5.603668084332DDB58D8C5AACE30B04FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392]
[MD5.3CF9C32FCBEEEB1011B330328DDB8476] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200]
[MD5.3CF9C32FCBEEEB1011B330328DDB8476] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432]
[MD5.827DBC22C96EECF6D36A13162FABAFD3] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe [81920]
[MD5.6B73E94F9FE82D45781B8C8A09483082] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504]
[MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384]
[MD5.5544D66F9A0CFF5429F7A750929407E9] - (.DigitalPersona, Inc. - DigitalPersona Local Host.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808]
[MD5.0796C1E47ADB9825269E64B9DAB4E741] - (.Teruten - FsUsbDevice.) -- C:\Windows\system32\FsUsbExService.Exe [233472]
[MD5.17938B727F5135147BCCABB723EDFF45] - (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [437080]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.58C91CCA61A948DC6E789C93C05A1D6F] - (.Hewlett-Packard - HP Health Check Service.) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344]
[MD5.F2889318AB3CD87CCA17CB3769CDC1E4] - (.Hewlett-Packard - HPPA_Service.) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [103992]
[MD5.9ABD12FCE4A62905731C286BB1D66789] - (.Hewlett-Packard - HPPA_Service.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [102968]
[MD5.8205DA7B4191ACD96F76B81E42945754] - (.Hewlett-Packard - HPFSService Application.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984]
[MD5.4D94F4D7782657E79EB1352570B563DB] - (.Hewlett-Packard Company - hpHotkeyMonitor Service.) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248]
[MD5.C0BEB56ED79B59B7B33D0AA6C38A0BA6] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\system32\Hpservice.exe [26168]
[MD5.3503F257B3203F824B1567238EBE17E2] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728]
[MD5.7060C98E81EB082C2AEC2491CCD41A02] - (...) - C:\Program Files\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [3211264]
[MD5.885A246D436D8040584A23F7C7F36347] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [635416]
[MD5.050A4112B00BCA2E13314CDE48C1DEEE] - (.Skype Technologies - Skype Updater Service.) -- C:\Program Files\Skype\Updater\Updater.exe [315008]
[MD5.9C1EA4217DC30E085F8418474DCC3616] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458]
[MD5.C92E13E0DB1548455CFFC4AAF80FDFE7] - (.ArcSoft, Inc. - ArcVCapture.) -- C:\Windows\system32\uArcCapture.exe [506472]
[MD5.8C72E0E88E5A1A70691135864F2F7F1B] - (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) -- C:\Windows\system32\vcsFPService.exe [1664304]
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\systempropertiesperformance.exe
~ 3 Internet Explorer Management found in 0 second(s)
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] 17D4D2D588A4C766B1B4FB31CA4F0E8F9363ECCDE75F7370AA50F1AFF0A51FAE",
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] GoogleStore v.0.2 ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.7 ( Activ� )
G2 - GCE: Preference [User Data\Default] [bepbmhgboaologfdajaanbcjmnhjmhfn] Google Voice Search Hotword (Beta) v.0.1.1.5023, ( Activ� )
G2 - GCE: Preference [User Data\Default] [dnhpdliibojhegemfjheidglijccjfmc] hotword helper v.0.0.2.0 ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.7.13, ( Activ� )
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2022.121, ( Activ� ) =>.�
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] GoogleWallet v.0.0.6.1 ( Activ� ) =>.�
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 ( D�sactiv� )
~ 19 Google Chrome Management found in 0 second(s)
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\aohghmighlieiainnegkcijnfilokake [Google Docs]
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\bepbmhgboaologfdajaanbcjmnhjmhfn [Google Voice Search Hotword (Beta)]
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\gighmmpiobklfepjocnamgkkbiglidom [AdBlock]
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security]
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\nmmhkkegccagdldgiimedpiccmgmieda [GoogleWallet]
~ 5 Google Chrome Extension Folfers found in 0 second(s)
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [Alexandra - 0gn4hl14.default] http://www.google.fr
M3 - MFPP: Plugins - [Alexandra] -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0gn4hl14.default\chrome
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla FireFox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape .) -- C:\Program Files\Mozilla FireFox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla FireFox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla FireFox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.775.) -- C:\Program Files\Mozilla FireFox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (Adobe� Flash� Player 14.0.0.145 Plugin) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (iTunes Application Detector) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (Google Earth Plug-in) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_37] - () -- C:\Windows\system32\npdeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (Oracle� Java� Plug-In) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (Ag Player) -- C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.775] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.775] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - () -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.775] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (Google Update) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (Google Update) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.3] - () -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (Adobe Reader Plugin for Firefox) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ 27 Mozilla Firefox Preference found in 0 second(s)
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com =>.� Microsoft Corp.
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr =>.� Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com =>.� Microsoft Corp.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com =>.� Microsoft Corp.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com =>.� Microsoft Corp.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com =>.� Microsoft Corp.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) - C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
~ 13 Internet Explorer Management found in 0 second(s)
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
~ 5 Proxy Management found in 0 second(s)
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File Scanned in 0 seconds
~ Nombre de lignes malwares (Malware Number Lines) : 0/21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} . (.DigitalPersona, Inc. - DigitalPersona OTS Feedback component.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll =>Toolbar.Avast
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ 5 Browser Helper Objects found in 0 second(s)
---\\ Scan Additionnel (O88 )
Database Version : 13036 (30/03/2014)
Cl�s trouv�es (Keys found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 1
C:\Windows\Prefetch\QUICKSTART.EXE-3151A650.pf =>PUP.QuickStart
~ Additionnal Scan: 186859 Items scanned in 8 seconds
---\\ Script de nettoyage avec ZHPFix
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
C:\Windows\Prefetch\QUICKSTART.EXE-3151A650.pf =>PUP.QuickStart
~ ATTENTION, ce script est donn� � titre indicatif, il doit �tre valid� par un expert dipl�m� en d�sinfection.
~ 10 ZHPFix Script Files found in 0 second(s)
---\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.fr/hijacker-ihavenet =>Hijacker.iHavenet
~ http://nicolascoolman.fr/pup-quickstart =>PUP.QuickStart
~ http://nicolascoolman.fr/adware-megasearch =>Adware.MegaSearch
~ MSI: 3 link(s) detected
~ End of the scan (0/1265 lines) in 66 seconds)
~ Emplacement rapport : C:\Users\Alexandra\AppData\Roaming\ZHP\NCDiag.txt
~ Lanc� par Alexandra (07/09/2014 - 10:42:09)
~ Adresse du Site Web : http://nicolascoolman.fr
~ Etat de la version : OK
~ Liste blanche : D�sactiv�e par le programme
~ User Account Control (UAC): Activ� par l'utilisateur
~ El�vation des Privil�ges : OK
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7600.16385 (Default)
GCIE: Google Chrome v37.0.2062.103
MFIE: Mozilla Firefox (3.6.8)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Microsoft Windows 7 Professional Edition (build 7600), 32-bit
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 6P6GT
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Informations sur le syst�me
~ Operating System: 32 Bits
~ Boot Mode: Normal (Normal boot)
System Restore: Activ� (Enable)
Total RAM: 1782 MB (31% free)
---\\ Mode de connexion au syst�me
~ Nom d'Ordinateur: ALEXANDRA-PC
~ Nom d'utilisateur: Alexandra
~ Nom des utilisateurs: Alexandra,Public,
~ Connect� en administrateur
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (System) ( Free 33 Go of 80 Go)
D: Hard drive, Flash drive, Thumb drive ( Free 63 Go of 100 Go)
---\\ Logiciels de protection du syst�me
Windows Defender W7 (Activate)
avast! Free Antivirus v9.0.2021
Malwarebytes Anti-Malware version 2.0.2.1012
---\\ Variables d'environnement
~ %SYSTEMDRIVE% = C:
~ %USERPROFILE% = C:\Users\Alexandra
~ %APPDATA% = C:\Users\Alexandra\AppData\Roaming
~ %DESKTOP% = C:\Users\Alexandra\Desktop
~ %FAVORITES% = C:\Users\Alexandra\Favorites
~ %LOCALAPPDATA% = C:\Users\Alexandra\AppData\Local
~ %STARTMENU% = C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu
~ %WINDIR% = C:\Windows
~ %SYSTEM% = C:\Windows\System32
~ %PROGRAMFILES% = C:\Program Files
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] EnableLUA: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\svc] FirewallOverride: OK
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [2614784]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus h�te Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.6A02CB2EDC24630845D11B507952141A] - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d�ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioth�que de licences.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.D8714A5FB3141F8226D16861F20C5AC4] - (.Microsoft Corporation - DLL client de l�API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19968]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.A8F59428E9F361C7AC42A94AC1560BC9] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1210728]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74240]
[MD5.59F06B4968E58BC83DFC56CA4517960E] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) -- C:\Windows\System32\drivers\volsnap.sys [245616]
---\\ Processus lanc�s
[MD5.BDF37B36AC60A7D97161A103B14CEE65] - (...) --C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392]
[MD5.EA6EADF6314E43783BA8EEE79F93F73C] - (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe [1173504]
[MD5.D3F78E38C39AB0E7358735717FB52EAE] - (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe [1563440]
[MD5.760ACD103FFB86AD65DC41CDEB08ABCF] - (...) --C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560]
[MD5.286554883DEC5E022C2DB48018D9C83E] - (.Samsung - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568]
[MD5.3CF9C32FCBEEEB1011B330328DDB8476] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904]
[MD5.20CB286C4591EEA68778CA6626D70D47] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272]
[MD5.F0CE006E1D14F45959985A05F8E81204] - (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816]
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896]
[MD5.08E7173D1B74095335052459200CB1EA] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe [421888]
[MD5.603668084332DDB58D8C5AACE30B04FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392]
[MD5.3CF9C32FCBEEEB1011B330328DDB8476] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200]
[MD5.3CF9C32FCBEEEB1011B330328DDB8476] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432]
[MD5.827DBC22C96EECF6D36A13162FABAFD3] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe [81920]
[MD5.6B73E94F9FE82D45781B8C8A09483082] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336]
[MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504]
[MD5.C5A75EB48E2344ABDC162BDA79E16841] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384]
[MD5.5544D66F9A0CFF5429F7A750929407E9] - (.DigitalPersona, Inc. - DigitalPersona Local Host.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808]
[MD5.0796C1E47ADB9825269E64B9DAB4E741] - (.Teruten - FsUsbDevice.) -- C:\Windows\system32\FsUsbExService.Exe [233472]
[MD5.17938B727F5135147BCCABB723EDFF45] - (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [437080]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648]
[MD5.58C91CCA61A948DC6E789C93C05A1D6F] - (.Hewlett-Packard - HP Health Check Service.) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344]
[MD5.F2889318AB3CD87CCA17CB3769CDC1E4] - (.Hewlett-Packard - HPPA_Service.) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [103992]
[MD5.9ABD12FCE4A62905731C286BB1D66789] - (.Hewlett-Packard - HPPA_Service.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [102968]
[MD5.8205DA7B4191ACD96F76B81E42945754] - (.Hewlett-Packard - HPFSService Application.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984]
[MD5.4D94F4D7782657E79EB1352570B563DB] - (.Hewlett-Packard Company - hpHotkeyMonitor Service.) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248]
[MD5.C0BEB56ED79B59B7B33D0AA6C38A0BA6] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\system32\Hpservice.exe [26168]
[MD5.3503F257B3203F824B1567238EBE17E2] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728]
[MD5.7060C98E81EB082C2AEC2491CCD41A02] - (...) - C:\Program Files\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe [3211264]
[MD5.885A246D436D8040584A23F7C7F36347] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [635416]
[MD5.050A4112B00BCA2E13314CDE48C1DEEE] - (.Skype Technologies - Skype Updater Service.) -- C:\Program Files\Skype\Updater\Updater.exe [315008]
[MD5.9C1EA4217DC30E085F8418474DCC3616] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458]
[MD5.C92E13E0DB1548455CFFC4AAF80FDFE7] - (.ArcSoft, Inc. - ArcVCapture.) -- C:\Windows\system32\uArcCapture.exe [506472]
[MD5.8C72E0E88E5A1A70691135864F2F7F1B] - (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) -- C:\Windows\system32\vcsFPService.exe [1664304]
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\systempropertiesperformance.exe
~ 3 Internet Explorer Management found in 0 second(s)
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] 17D4D2D588A4C766B1B4FB31CA4F0E8F9363ECCDE75F7370AA50F1AFF0A51FAE",
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] GoogleStore v.0.2 ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.7 ( Activ� )
G2 - GCE: Preference [User Data\Default] [bepbmhgboaologfdajaanbcjmnhjmhfn] Google Voice Search Hotword (Beta) v.0.1.1.5023, ( Activ� )
G2 - GCE: Preference [User Data\Default] [dnhpdliibojhegemfjheidglijccjfmc] hotword helper v.0.0.2.0 ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.7.13, ( Activ� )
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2022.121, ( Activ� ) =>.�
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, ( D�sactiv� )
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 ( D�sactiv� ) =>.�
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] GoogleWallet v.0.0.6.1 ( Activ� ) =>.�
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 ( D�sactiv� )
~ 19 Google Chrome Management found in 0 second(s)
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\aohghmighlieiainnegkcijnfilokake [Google Docs]
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\bepbmhgboaologfdajaanbcjmnhjmhfn [Google Voice Search Hotword (Beta)]
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\gighmmpiobklfepjocnamgkkbiglidom [AdBlock]
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\gomekmidlodglbbmalcneegieacbdmki [avast! Online Security]
G2 - EXT: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\nmmhkkegccagdldgiimedpiccmgmieda [GoogleWallet]
~ 5 Google Chrome Extension Folfers found in 0 second(s)
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [Alexandra - 0gn4hl14.default] http://www.google.fr
M3 - MFPP: Plugins - [Alexandra] -- C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\0gn4hl14.default\chrome
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla FireFox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape .) -- C:\Program Files\Mozilla FireFox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla FireFox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a w.) -- C:\Program Files\Mozilla FireFox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla FireFox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.775.) -- C:\Program Files\Mozilla FireFox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (Adobe� Flash� Player 14.0.0.145 Plugin) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (iTunes Application Detector) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (Google Earth Plug-in) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_37] - () -- C:\Windows\system32\npdeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (Oracle� Java� Plug-In) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (Ag Player) -- C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.775] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.775] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - () -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.775] - () -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (Google Update) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (Google Update) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.3] - () -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (Adobe Reader Plugin for Firefox) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ 27 Mozilla Firefox Preference found in 0 second(s)
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com =>.� Microsoft Corp.
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr =>.� Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com =>.� Microsoft Corp.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com =>.� Microsoft Corp.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com =>.� Microsoft Corp.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com =>.� Microsoft Corp.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) - C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
~ 13 Internet Explorer Management found in 0 second(s)
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
~ 5 Proxy Management found in 0 second(s)
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File Scanned in 0 seconds
~ Nombre de lignes malwares (Malware Number Lines) : 0/21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} . (.DigitalPersona, Inc. - DigitalPersona OTS Feedback component.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll =>Toolbar.Avast
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ 5 Browser Helper Objects found in 0 second(s)
---\\ Scan Additionnel (O88 )
Database Version : 13036 (30/03/2014)
Cl�s trouv�es (Keys found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 1
C:\Windows\Prefetch\QUICKSTART.EXE-3151A650.pf =>PUP.QuickStart
~ Additionnal Scan: 186859 Items scanned in 8 seconds
---\\ Script de nettoyage avec ZHPFix
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
C:\Windows\Prefetch\QUICKSTART.EXE-3151A650.pf =>PUP.QuickStart
~ ATTENTION, ce script est donn� � titre indicatif, il doit �tre valid� par un expert dipl�m� en d�sinfection.
~ 10 ZHPFix Script Files found in 0 second(s)
---\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.fr/hijacker-ihavenet =>Hijacker.iHavenet
~ http://nicolascoolman.fr/pup-quickstart =>PUP.QuickStart
~ http://nicolascoolman.fr/adware-megasearch =>Adware.MegaSearch
~ MSI: 3 link(s) detected
~ End of the scan (0/1265 lines) in 66 seconds)