Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.7.14.114 Par Nicolas Coolman (2016/07/14)
~ Démarré par xp (Administrator) (2016/07/16 00:53:15)
~ Site: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Documents and Settings\xp\Bureau\ZHPDiag.txt
~ Rapport: C:\Documents and Settings\xp\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ Navigateurs Internet (2) - 0s
MFIE: Mozilla Firefox 47.0 (x86 fr)
MSIE: Internet Explorer v8.0.6001.18702
---\\ Informations sur les produits Windows (3) - 0s
Windows Automatic Updates : OK
Windows Activation Technologies : KO
Windows Genuine Advantage : OK
---\\ Logiciels de protection (2) - 2s
Computer Security 12.83.107.0
Pack Sécurité v1.83.315.0
---\\ Surveillance de Logiciels (2) - 3s
Adobe Flash Player 22 NPAPI
Adobe Reader XI
---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3536.368 MB (70% free)
System Restore: Activé (Enable)
System drive C: has 180 GB () free of 476 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: XP-BEAF7512C0A3
~ User Name: xp
~ Logged in as Administrator
---\\ Enumération des unités disques (1) - 0s
~ Drive C: has 180 GB free of 476 GB (System)
---\\ Etat du Centre de Sécurité Windows (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - 14/04/2008 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [1037824] =>.Microsoft Corporation
[MD5.93AD0B78C7357A05F50E594EC7C22300] - 14/04/2008 - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe [33792] =>.Microsoft Corporation
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - 06/03/2014 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [920064] =>.Microsoft Corporation
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - 14/04/2008 - (.Microsoft Corporation - Application d'ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [512000] =>.Microsoft Corporation
[MD5.D76A076ADB74F8132924E498D63123A2] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [149504] =>.Microsoft Corporation
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - 17/08/2011 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [138496] =>.Microsoft Corporation
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 14/04/2008 - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [96512] =>.Microsoft Corporation
[MD5.C885B02847F5D2FD45A24E219ED93B32] - 14/04/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] =>.Microsoft Corporation
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - 14/04/2008 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] =>.Microsoft Corporation
[MD5.31F923EB2170FC172C81ABDA0045D18C] - 14/04/2008 - (.Microsoft Corporation - Pilote de cryptographie FIPS.) -- C:\WINDOWS\System32\drivers\Fips.sys [44672] =>.Microsoft Corporation
[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - 14/04/2008 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144] =>.Microsoft Corporation
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 14/04/2008 - (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] =>.Microsoft Corporation
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 14/04/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] =>.Microsoft Corporation
[MD5.23C74D75E36E7158768DD63D92789A91] - 14/04/2008 - (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] =>.Microsoft Corporation
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - 15/07/2011 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456320] =>.Microsoft Corporation
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 14/04/2008 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [162816] =>.Microsoft Corporation
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - 14/04/2008 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [574976] =>.Microsoft Corporation
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - 14/04/2008 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [80384] =>.Microsoft Corporation
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 14/04/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] =>.Microsoft Corporation
[MD5.15CABD0F7C00C47C70124907916AF3F1] - 13/04/2008 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224] =>.Microsoft Corporation
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - 13/04/2008 - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\System32\drivers\redbook.sys [58752] =>.Microsoft Corporation
[MD5.46DE1126684369BACE4849E4FC8C43CA] - 14/04/2008 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [53376] =>.Microsoft Corporation
---\\ Liste des services NT non Microsoft et non désactivés (7) - 3s
O23 - Service: F-Secure Dll Hoster (fshoster) . (.F-Secure Corporation - F-Secure Host Process.) - C:\Program Files\SFR\Pack_Securite\fshoster32.exe =>.F-Secure Corporation®
O23 - Service: F-Secure ORSP Client (FSORSPClient) . (.F-Secure Corporation - F-Secure ORSP Service.) - C:\Program Files\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe =>.F-Secure Corporation®
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: lxeaCATSCustConnectService (lxeaCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaserv.exe =>.Lexmark International, Inc.®
O23 - Service: lxea_device (lxea_device) . (. - Printer Communication System.) - C:\WINDOWS\system32\lxeacoms.exe =>.Lexmark International, Inc.®
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe =>.TomTom International BV®
O23 - Service: Vodafone Connector Service (VodafoneConnectorService) . (.Vodafone Group - VodafoneConnectorService.) - C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe
---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (18) - 13s
SS - Demand [13/07/2016] [ 270016] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Disabl [11/02/2010] [ 602112] (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\ati2evxx.exe =>.ATI Technologies Inc.
SS - Disabl [10/02/2010] [ 593920] ATI Smart (ATI Smart) . (.Copyright (C) 1998 - 2007 ATI Technologies Inc..) - C:\WINDOWS\system32\ati2sgag.exe
SR - Auto [15/05/2013] [ 191424] F-Secure Dll Hoster (fshoster) . (.F-Secure Corporation.) - C:\Program Files\SFR\Pack_Securite\fshoster32.exe =>.F-Secure Corporation®
SR - Demand [09/10/2015] [ 216104] FSMA (FSMA) . (.F-Secure Corporation.) - C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.EXE =>.F-Secure Corporation®
SR - Auto [09/03/2015] [ 60456] F-Secure ORSP Client (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe =>.F-Secure Corporation®
SS - Auto [28/08/2015] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [28/08/2015] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [25/10/2014] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
SS - Auto [14/04/2010] [ 193192] lxeaCATSCustConnectService (lxeaCATSCustConnectService) . (.Lexmark International, Inc..) - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaserv.exe =>.Lexmark International, Inc.®
SR - Auto [14/04/2010] [ 598696] lxea_device (lxea_device) . (...) - C:\WINDOWS\system32\lxeacoms.exe =>.Lexmark International, Inc.®
SS - Disabl [08/06/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Disabl [28/11/2007] [ 800040] NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe =>.Nero AG®
SS - Disabl [27/06/2007] [ 279848] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe =>.Nero AG®
SS - Disabl [29/08/2013] [ 1073160] Orange update Core Service (Orange update Core Service) . (.Orange SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe =>.ORANGE®
SR - Auto [13/07/2015] [ 93040] TomTomHOMEService (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe =>.TomTom International BV®
SR - Auto [14/05/2010] [ 233472] Vodafone Connector Service (VodafoneConnectorService) . (.Vodafone Group.) - C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe
---\\ Processus lancés (29) - 1s
[MD5.BDBD361050F436856AAD571F981819BA] - (. - Printer Device Monitor.) -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe [772712] [PID.1856] =>.Lexmark International, Inc.®
[MD5.8EA3BE4CCC814F5AE1EA4E4EEF4D577A] - (.Copyright (c) 2008 - .) -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe [150264] [PID.1864] =>.Lexmark International, Inc.®
[MD5.C9B67BCB8E384064A8C2263740B0C437] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [595480] [PID.1880] =>.Oracle America, Inc.®
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe [959880] [PID.1940] =>.Societe Francaise de Radiotelephone (SFR)®
[MD5.706A181D11D8589B0A9E2625E72423CF] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176] [PID.2032] =>.TomTom International BV®
[MD5.56FE3C885B0901601549E23E7A435984] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe [250008] [PID.1032] =>.Google Inc®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1172] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1796] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1804] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1848] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1980] =>.F-Secure Corporation®
[MD5.391E29C022F828C0114027CF7B9DF708] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe [874464] [PID.292] {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
[MD5.37B19585E146D283ADFFCBEDDA01DE70] - (. - Printer Communication System.) -- C:\WINDOWS\system32\lxeacoms.exe [598696] [PID.676] =>.Lexmark International, Inc.®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1276] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.500] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1068] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1544] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1632] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.2052] =>.F-Secure Corporation®
[MD5.0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [93040] [PID.2856] =>.TomTom International BV®
[MD5.3F08838E262984EF555A50B9D6C8BC34] - (.Vodafone Group - VodafoneConnectorService.) -- C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe [233472] [PID.2884]
[MD5.533A1B163357835098066D5EB1691D55] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.EXE [216104] [PID.2912] =>.F-Secure Corporation®
[MD5.9449C90FCA6640E6D8B2BC0CA6D36C6D] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1394656] [PID.3752] {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.148] =>.F-Secure Corporation®
[MD5.825FB6DE39FE63B3F59B78D760F0619C] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [392136] [PID.632] =>.Mozilla Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.3272] =>.F-Secure Corporation®
[MD5.BE8AF57233ED857D653AF2B0CC8099F1] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.EXE [310312] [PID.1432] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1996] =>.F-Secure Corporation®
[MD5.F47EA916B980B5F519382E016B4F4D61] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\xp\Application Data\ZHP\ZHPDiag3.exe [2228224] [PID.2396] =>.Nicolas Coolman
---\\ Google Chrome, Démarrage,Recherche,Extensions (8) - 0s
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [engaigpbgdjjmanonjcjkcmomgibneba] ["update_url": "http://dlmanager.net/chro] Boxore =>Hijacker.Browser
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (7) - 2s
M0 - MFSP: prefs.js [xp - jq72cq4i.Utilisateur par défaut] https://www.google.com
P2 - EXT FILE: (...) -- C:\Documents and Settings\xp\Application Data\Mozilla\Firefox\Profiles\jq72cq4i.Utilisateur par défaut\searchplugins\t411.xml
P2 - EXT: (...) -- C:\Documents and Settings\xp\Application Data\Mozilla\Extensions\home2@tomtom.com
P2 - EXT: (.Wips.com -
~ Démarré par xp (Administrator) (2016/07/16 00:53:15)
~ Site: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Documents and Settings\xp\Bureau\ZHPDiag.txt
~ Rapport: C:\Documents and Settings\xp\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ Navigateurs Internet (2) - 0s
MFIE: Mozilla Firefox 47.0 (x86 fr)
MSIE: Internet Explorer v8.0.6001.18702
---\\ Informations sur les produits Windows (3) - 0s
Windows Automatic Updates : OK
Windows Activation Technologies : KO
Windows Genuine Advantage : OK
---\\ Logiciels de protection (2) - 2s
Computer Security 12.83.107.0
Pack Sécurité v1.83.315.0
---\\ Surveillance de Logiciels (2) - 3s
Adobe Flash Player 22 NPAPI
Adobe Reader XI
---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3536.368 MB (70% free)
System Restore: Activé (Enable)
System drive C: has 180 GB () free of 476 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: XP-BEAF7512C0A3
~ User Name: xp
~ Logged in as Administrator
---\\ Enumération des unités disques (1) - 0s
~ Drive C: has 180 GB free of 476 GB (System)
---\\ Etat du Centre de Sécurité Windows (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - 14/04/2008 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [1037824] =>.Microsoft Corporation
[MD5.93AD0B78C7357A05F50E594EC7C22300] - 14/04/2008 - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) -- C:\WINDOWS\System32\rundll32.exe [33792] =>.Microsoft Corporation
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - 06/03/2014 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [920064] =>.Microsoft Corporation
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - 14/04/2008 - (.Microsoft Corporation - Application d'ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [512000] =>.Microsoft Corporation
[MD5.D76A076ADB74F8132924E498D63123A2] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [149504] =>.Microsoft Corporation
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - 17/08/2011 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [138496] =>.Microsoft Corporation
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 14/04/2008 - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [96512] =>.Microsoft Corporation
[MD5.C885B02847F5D2FD45A24E219ED93B32] - 14/04/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] =>.Microsoft Corporation
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - 14/04/2008 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] =>.Microsoft Corporation
[MD5.31F923EB2170FC172C81ABDA0045D18C] - 14/04/2008 - (.Microsoft Corporation - Pilote de cryptographie FIPS.) -- C:\WINDOWS\System32\drivers\Fips.sys [44672] =>.Microsoft Corporation
[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - 14/04/2008 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144] =>.Microsoft Corporation
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 14/04/2008 - (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] =>.Microsoft Corporation
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 14/04/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] =>.Microsoft Corporation
[MD5.23C74D75E36E7158768DD63D92789A91] - 14/04/2008 - (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] =>.Microsoft Corporation
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - 15/07/2011 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456320] =>.Microsoft Corporation
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 14/04/2008 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [162816] =>.Microsoft Corporation
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - 14/04/2008 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [574976] =>.Microsoft Corporation
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - 14/04/2008 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [80384] =>.Microsoft Corporation
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 14/04/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] =>.Microsoft Corporation
[MD5.15CABD0F7C00C47C70124907916AF3F1] - 13/04/2008 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224] =>.Microsoft Corporation
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - 13/04/2008 - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\System32\drivers\redbook.sys [58752] =>.Microsoft Corporation
[MD5.46DE1126684369BACE4849E4FC8C43CA] - 14/04/2008 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [53376] =>.Microsoft Corporation
---\\ Liste des services NT non Microsoft et non désactivés (7) - 3s
O23 - Service: F-Secure Dll Hoster (fshoster) . (.F-Secure Corporation - F-Secure Host Process.) - C:\Program Files\SFR\Pack_Securite\fshoster32.exe =>.F-Secure Corporation®
O23 - Service: F-Secure ORSP Client (FSORSPClient) . (.F-Secure Corporation - F-Secure ORSP Service.) - C:\Program Files\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe =>.F-Secure Corporation®
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: lxeaCATSCustConnectService (lxeaCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaserv.exe =>.Lexmark International, Inc.®
O23 - Service: lxea_device (lxea_device) . (. - Printer Communication System.) - C:\WINDOWS\system32\lxeacoms.exe =>.Lexmark International, Inc.®
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe =>.TomTom International BV®
O23 - Service: Vodafone Connector Service (VodafoneConnectorService) . (.Vodafone Group - VodafoneConnectorService.) - C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe
---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (18) - 13s
SS - Demand [13/07/2016] [ 270016] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Disabl [11/02/2010] [ 602112] (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\ati2evxx.exe =>.ATI Technologies Inc.
SS - Disabl [10/02/2010] [ 593920] ATI Smart (ATI Smart) . (.Copyright (C) 1998 - 2007 ATI Technologies Inc..) - C:\WINDOWS\system32\ati2sgag.exe
SR - Auto [15/05/2013] [ 191424] F-Secure Dll Hoster (fshoster) . (.F-Secure Corporation.) - C:\Program Files\SFR\Pack_Securite\fshoster32.exe =>.F-Secure Corporation®
SR - Demand [09/10/2015] [ 216104] FSMA (FSMA) . (.F-Secure Corporation.) - C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.EXE =>.F-Secure Corporation®
SR - Auto [09/03/2015] [ 60456] F-Secure ORSP Client (FSORSPClient) . (.F-Secure Corporation.) - C:\Program Files\SFR\Pack_Securite\apps\CCF_Reputation\fsorsp.exe =>.F-Secure Corporation®
SS - Auto [28/08/2015] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [28/08/2015] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [25/10/2014] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
SS - Auto [14/04/2010] [ 193192] lxeaCATSCustConnectService (lxeaCATSCustConnectService) . (.Lexmark International, Inc..) - C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeaserv.exe =>.Lexmark International, Inc.®
SR - Auto [14/04/2010] [ 598696] lxea_device (lxea_device) . (...) - C:\WINDOWS\system32\lxeacoms.exe =>.Lexmark International, Inc.®
SS - Disabl [08/06/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Disabl [28/11/2007] [ 800040] NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe =>.Nero AG®
SS - Disabl [27/06/2007] [ 279848] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe =>.Nero AG®
SS - Disabl [29/08/2013] [ 1073160] Orange update Core Service (Orange update Core Service) . (.Orange SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe =>.ORANGE®
SR - Auto [13/07/2015] [ 93040] TomTomHOMEService (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe =>.TomTom International BV®
SR - Auto [14/05/2010] [ 233472] Vodafone Connector Service (VodafoneConnectorService) . (.Vodafone Group.) - C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe
---\\ Processus lancés (29) - 1s
[MD5.BDBD361050F436856AAD571F981819BA] - (. - Printer Device Monitor.) -- C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe [772712] [PID.1856] =>.Lexmark International, Inc.®
[MD5.8EA3BE4CCC814F5AE1EA4E4EEF4D577A] - (.Copyright (c) 2008 - .) -- C:\Program Files\Lexmark S300-S400 Series\ezprint.exe [150264] [PID.1864] =>.Lexmark International, Inc.®
[MD5.C9B67BCB8E384064A8C2263740B0C437] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [595480] [PID.1880] =>.Oracle America, Inc.®
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe [959880] [PID.1940] =>.Societe Francaise de Radiotelephone (SFR)®
[MD5.706A181D11D8589B0A9E2625E72423CF] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176] [PID.2032] =>.TomTom International BV®
[MD5.56FE3C885B0901601549E23E7A435984] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe [250008] [PID.1032] =>.Google Inc®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1172] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1796] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1804] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1848] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1980] =>.F-Secure Corporation®
[MD5.391E29C022F828C0114027CF7B9DF708] - (.F-Secure Corporation - F-Secure Gatekeeper Handler 32-bit.) -- C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fsgk32.exe [874464] [PID.292] {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
[MD5.37B19585E146D283ADFFCBEDDA01DE70] - (. - Printer Communication System.) -- C:\WINDOWS\system32\lxeacoms.exe [598696] [PID.676] =>.Lexmark International, Inc.®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1276] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.500] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1068] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1544] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1632] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.2052] =>.F-Secure Corporation®
[MD5.0FE2FC59C0B9A3CA3EC2B18E1CCCF2DD] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [93040] [PID.2856] =>.TomTom International BV®
[MD5.3F08838E262984EF555A50B9D6C8BC34] - (.Vodafone Group - VodafoneConnectorService.) -- C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe [233472] [PID.2884]
[MD5.533A1B163357835098066D5EB1691D55] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSMA32.EXE [216104] [PID.2912] =>.F-Secure Corporation®
[MD5.9449C90FCA6640E6D8B2BC0CA6D36C6D] - (.F-Secure Corporation - F-Secure Scanner Manager 32-bit.) -- C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Anti-Virus\fssm32.exe [1394656] [PID.3752] {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.148] =>.F-Secure Corporation®
[MD5.825FB6DE39FE63B3F59B78D760F0619C] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [392136] [PID.632] =>.Mozilla Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.3272] =>.F-Secure Corporation®
[MD5.BE8AF57233ED857D653AF2B0CC8099F1] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\SFR\Pack_Securite\apps\ComputerSecurity\Common\FSM32.EXE [310312] [PID.1432] =>.F-Secure Corporation®
[MD5.A876BA917EBD9E629CFD344EEBE240AD] - (.F-Secure Corporation - F-Secure Host Process.) -- C:\Program Files\SFR\Pack_Securite\fshoster32.exe [191424] [PID.1996] =>.F-Secure Corporation®
[MD5.F47EA916B980B5F519382E016B4F4D61] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\xp\Application Data\ZHP\ZHPDiag3.exe [2228224] [PID.2396] =>.Nicolas Coolman
---\\ Google Chrome, Démarrage,Recherche,Extensions (8) - 0s
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [engaigpbgdjjmanonjcjkcmomgibneba] ["update_url": "http://dlmanager.net/chro] Boxore =>Hijacker.Browser
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (7) - 2s
M0 - MFSP: prefs.js [xp - jq72cq4i.Utilisateur par défaut] https://www.google.com
P2 - EXT FILE: (...) -- C:\Documents and Settings\xp\Application Data\Mozilla\Firefox\Profiles\jq72cq4i.Utilisateur par défaut\searchplugins\t411.xml
P2 - EXT: (...) -- C:\Documents and Settings\xp\Application Data\Mozilla\Extensions\home2@tomtom.com
P2 - EXT: (.Wips.com -