Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.12.24.251 Par Nicolas Coolman (2016/12/24)
~ Démarré par Legal (Administrator) (2016/12/24 08:47:09)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\Legal\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Legal\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 14393) =>.Microsoft Corporation
---\\ Informations sur les produits Windows (8) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : RJQ93
Windows License : OK
~ Windows Remaining Initializations Number : 1001
Windows Automatic Updates : OK
---\\ Logiciels de protection (1) - 5s
Windows Defender (Activate) (Protection)
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4108.908 MB (44% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 397 GB (83%) free of 476 GB : OK =>.Disk Space
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: DESKTOP-DMM2A1D
~ User Name: Legal
~ Logged in as Administrator
---\\ Etat du Centre de Sécurité Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulière de fichiers génériques (25) - 2s
[MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - 11/11/2016 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [4673304] =>.Microsoft Windows®
[MD5.C7645D43451C6D94D87F4D07BDE59C89] - 16/07/2016 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [69632] =>.Microsoft Corporation
[MD5.99A19C9A74E2F9820E501DCE77F84F70] - 16/07/2016 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [304240] =>.Microsoft Windows Publisher®
[MD5.E584CDC70F694F9A984A060A8291EB04] - 11/11/2016 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [2669056] =>.Microsoft Corporation
[MD5.DE6DF9BBBECAFDEF462A37D839167368] - 11/11/2016 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [673792] =>.Microsoft Corporation
[MD5.9600B7F2F89DE60A80D13DE42F672834] - 16/07/2016 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [402432] =>.Microsoft Corporation
[MD5.96B8A433F6407DE34850927C96C6CE9B] - 15/09/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [646136] =>.Microsoft Windows®
[MD5.227CFE3EDA82029AAC1C088A16297CD7] - 15/09/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [496872] =>.Microsoft Windows®
[MD5.7ABD5430F75A7FDDE5323B354C77514F] - 16/07/2016 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.323AA1953ED9C01E23F740FA891FE064] - 15/10/2016 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [584032] =>.Microsoft Windows®
[MD5.A10F989A812B57B9695F6C305907C9C6] - 16/07/2016 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - 16/07/2016 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.613D0137C269187FA298A157E3D14A18] - 16/07/2016 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173056] =>.Microsoft Corporation
[MD5.0D1D392ED2597F295956D058D33BD7C3] - 05/10/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [144896] =>.Microsoft Corporation
[MD5.10E3515FE5DBA6656FA62C29342EC4A1] - 16/07/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [83456] =>.Microsoft Corporation
[MD5.B54B30992620C97230013A74461C8517] - 16/07/2016 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114176] =>.Microsoft Corporation
[MD5.F1DAECC3B3D6399875D4F10529D6A77C] - 16/07/2016 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [212480] =>.Microsoft Corporation
[MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - 24/10/2016 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [450392] =>.Microsoft Windows®
[MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - 16/07/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279040] =>.Microsoft Corporation
[MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - 02/11/2016 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2255712] =>.Microsoft Windows®
[MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - 16/07/2016 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.17E565710172ED71B8531D8822E1C5D1] - 16/07/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.7135785C21CA79D270D11037C43D3F19] - 16/07/2016 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [177152] =>.Microsoft Corporation
[MD5.9D2DD64A0B51C56285512DC9454340F6] - 16/07/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118112] =>.Microsoft Windows®
[MD5.BF2546583BB75F01DDA60A7921DFB230] - 16/07/2016 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [391520] =>.Microsoft Windows®
---\\ Google Chrome, Démarrage,Recherche,Extensions (21) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://data1.recettes-en-ligne.eu
G0 - GCSP: Preferences [User Data\Default][HomePage] http://data1.recettes.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://rdc.apicit.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://tags.clickintext.net =>.Superfluous.Browser
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.fr =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.othersearch.info =>PUP.Optional.FastSearch
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fmapbeojcdgdpddpggeifkofbgepdblp] MapsGalaxy =>PUP.Optional.MapsGalaxy
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [giceanipjojfnkbciljjblakfkihbjdb] Recettes: le marque-page de recettes en ligne
G2 - GCE: Preference [User Data\Default] [jdbainmodfdbnmmmgjnmhljppjbljmea] Recettes En Ligne - Offres shopping
G2 - GCE: Preference [User Data\Default] [jmceggkgkmkgobfnngildcomcidnmedl] OnlineMapFinder =>.Superfluous.MindSpark
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (15) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
---\\ Internet Explorer,Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Scan Additionnel (32) - 13s
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmapbeojcdgdpddpggeifkofbgepdblp =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmceggkgkmkgobfnngildcomcidnmedl =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_mindjolt-a.akamaihd.net_0.localstorage =>.Superfluous.AkamaiHD
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_mindjolt-a.akamaihd.net_0.localstorage-journal =>.Superfluous.AkamaiHD
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.uk.at.atwola.com_0.localstorage =>.Superfluous.Atwola
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.uk.at.atwola.com_0.localstorage-journal =>.Superfluous.Atwola
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.audienceinsights.net_0.localstorage =>.Superfluous.AudienceInsights
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.audienceinsights.net_0.localstorage-journal =>.Superfluous.AudienceInsights
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_easydocmerge.dl.myway.com_0.localstorage =>PUP.Optional.MyWebSearch
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_easydocmerge.dl.myway.com_0.localstorage-journal =>PUP.Optional.MyWebSearch
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_easydocmerge.dl.tb.ask.com_0.localstorage =>Toolbar.Ask
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_easydocmerge.dl.tb.ask.com_0.localstorage-journal =>Toolbar.Ask
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free.gamingwonderland.com_0.localstorage =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free.gamingwonderland.com_0.localstorage-journal =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.myway.com_0.localstorage =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.myway.com_0.localstorage-journal =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.tb.ask.com_0.localstorage =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.tb.ask.com_0.localstorage-journal =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.myway.com_0.localstorage =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.myway.com_0.localstorage-journal =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.tb.ask.com_0.localstorage =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.tb.ask.com_0.localstorage-journal =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.myway.com_0.localstorage =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.myway.com_0.localstorage-journal =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.tb.ask.com_0.localstorage =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.tb.ask.com_0.localstorage-journal =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>.Superfluous.AudienceInsights
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal =>.Superfluous.AudienceInsights
---\\ Récapitulatif des éléments trouvés sur votre station (11) - 0s
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Browser
https://www.anti-malware.top/2016/07/05/pup-optional-fastsearch/ =>PUP.Optional.FastSearch
https://www.nicolascoolman.com/fr/adware-mapsgalaxy/ =>PUP.Optional.MapsGalaxy
https://www.anti-malware.top/2016/05/29/superfluous-mindspark/ =>.Superfluous.MindSpark
https://www.anti-malware.top/2016/08/31/cloudfront-net/ =>.Superfluous.CloudfrontNet
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.AkamaiHD
https://www.anti-malware.top/2016/07/21/superfluous-atwola/ =>.Superfluous.Atwola
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.AudienceInsights
https://www.nicolascoolman.com/fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
https://www.anti-malware.top/2016/09/22/toolbar-ask/ =>Toolbar.Ask
https://www.nicolascoolman.com/fr/hijacker-browser/ =>PUP.Optional.Browser
~ End of the scan, 8472 items in 00mn40s (173)
~ Démarré par Legal (Administrator) (2016/12/24 08:47:09)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\Legal\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Legal\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 14393) =>.Microsoft Corporation
---\\ Informations sur les produits Windows (8) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : RJQ93
Windows License : OK
~ Windows Remaining Initializations Number : 1001
Windows Automatic Updates : OK
---\\ Logiciels de protection (1) - 5s
Windows Defender (Activate) (Protection)
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4108.908 MB (44% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 397 GB (83%) free of 476 GB : OK =>.Disk Space
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: DESKTOP-DMM2A1D
~ User Name: Legal
~ Logged in as Administrator
---\\ Etat du Centre de Sécurité Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Recherche particulière de fichiers génériques (25) - 2s
[MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - 11/11/2016 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [4673304] =>.Microsoft Windows®
[MD5.C7645D43451C6D94D87F4D07BDE59C89] - 16/07/2016 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [69632] =>.Microsoft Corporation
[MD5.99A19C9A74E2F9820E501DCE77F84F70] - 16/07/2016 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [304240] =>.Microsoft Windows Publisher®
[MD5.E584CDC70F694F9A984A060A8291EB04] - 11/11/2016 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [2669056] =>.Microsoft Corporation
[MD5.DE6DF9BBBECAFDEF462A37D839167368] - 11/11/2016 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [673792] =>.Microsoft Corporation
[MD5.9600B7F2F89DE60A80D13DE42F672834] - 16/07/2016 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [402432] =>.Microsoft Corporation
[MD5.96B8A433F6407DE34850927C96C6CE9B] - 15/09/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [646136] =>.Microsoft Windows®
[MD5.227CFE3EDA82029AAC1C088A16297CD7] - 15/09/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [496872] =>.Microsoft Windows®
[MD5.7ABD5430F75A7FDDE5323B354C77514F] - 16/07/2016 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.323AA1953ED9C01E23F740FA891FE064] - 15/10/2016 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [584032] =>.Microsoft Windows®
[MD5.A10F989A812B57B9695F6C305907C9C6] - 16/07/2016 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - 16/07/2016 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.613D0137C269187FA298A157E3D14A18] - 16/07/2016 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173056] =>.Microsoft Corporation
[MD5.0D1D392ED2597F295956D058D33BD7C3] - 05/10/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [144896] =>.Microsoft Corporation
[MD5.10E3515FE5DBA6656FA62C29342EC4A1] - 16/07/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [83456] =>.Microsoft Corporation
[MD5.B54B30992620C97230013A74461C8517] - 16/07/2016 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114176] =>.Microsoft Corporation
[MD5.F1DAECC3B3D6399875D4F10529D6A77C] - 16/07/2016 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [212480] =>.Microsoft Corporation
[MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - 24/10/2016 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [450392] =>.Microsoft Windows®
[MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - 16/07/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279040] =>.Microsoft Corporation
[MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - 02/11/2016 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2255712] =>.Microsoft Windows®
[MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - 16/07/2016 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.17E565710172ED71B8531D8822E1C5D1] - 16/07/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.7135785C21CA79D270D11037C43D3F19] - 16/07/2016 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [177152] =>.Microsoft Corporation
[MD5.9D2DD64A0B51C56285512DC9454340F6] - 16/07/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118112] =>.Microsoft Windows®
[MD5.BF2546583BB75F01DDA60A7921DFB230] - 16/07/2016 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [391520] =>.Microsoft Windows®
---\\ Google Chrome, Démarrage,Recherche,Extensions (21) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://data1.recettes-en-ligne.eu
G0 - GCSP: Preferences [User Data\Default][HomePage] http://data1.recettes.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://rdc.apicit.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://tags.clickintext.net =>.Superfluous.Browser
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.fr =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.othersearch.info =>PUP.Optional.FastSearch
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fmapbeojcdgdpddpggeifkofbgepdblp] MapsGalaxy =>PUP.Optional.MapsGalaxy
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [giceanipjojfnkbciljjblakfkihbjdb] Recettes: le marque-page de recettes en ligne
G2 - GCE: Preference [User Data\Default] [jdbainmodfdbnmmmgjnmhljppjbljmea] Recettes En Ligne - Offres shopping
G2 - GCE: Preference [User Data\Default] [jmceggkgkmkgobfnngildcomcidnmedl] OnlineMapFinder =>.Superfluous.MindSpark
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (15) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
---\\ Internet Explorer,Proxy Management (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Scan Additionnel (32) - 13s
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmapbeojcdgdpddpggeifkofbgepdblp =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmceggkgkmkgobfnngildcomcidnmedl =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_mindjolt-a.akamaihd.net_0.localstorage =>.Superfluous.AkamaiHD
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_mindjolt-a.akamaihd.net_0.localstorage-journal =>.Superfluous.AkamaiHD
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.uk.at.atwola.com_0.localstorage =>.Superfluous.Atwola
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.uk.at.atwola.com_0.localstorage-journal =>.Superfluous.Atwola
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.audienceinsights.net_0.localstorage =>.Superfluous.AudienceInsights
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.audienceinsights.net_0.localstorage-journal =>.Superfluous.AudienceInsights
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_easydocmerge.dl.myway.com_0.localstorage =>PUP.Optional.MyWebSearch
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_easydocmerge.dl.myway.com_0.localstorage-journal =>PUP.Optional.MyWebSearch
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_easydocmerge.dl.tb.ask.com_0.localstorage =>Toolbar.Ask
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_easydocmerge.dl.tb.ask.com_0.localstorage-journal =>Toolbar.Ask
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free.gamingwonderland.com_0.localstorage =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free.gamingwonderland.com_0.localstorage-journal =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.myway.com_0.localstorage =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.myway.com_0.localstorage-journal =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.tb.ask.com_0.localstorage =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gamingwonderland.dl.tb.ask.com_0.localstorage-journal =>PUP.Optional.Browser
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.myway.com_0.localstorage =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.myway.com_0.localstorage-journal =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.tb.ask.com_0.localstorage =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapsgalaxy.dl.tb.ask.com_0.localstorage-journal =>PUP.Optional.MapsGalaxy
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.myway.com_0.localstorage =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.myway.com_0.localstorage-journal =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.tb.ask.com_0.localstorage =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.tb.ask.com_0.localstorage-journal =>.Superfluous.MindSpark
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage =>.Superfluous.AudienceInsights
C:\Users\Legal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal =>.Superfluous.AudienceInsights
---\\ Récapitulatif des éléments trouvés sur votre station (11) - 0s
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Browser
https://www.anti-malware.top/2016/07/05/pup-optional-fastsearch/ =>PUP.Optional.FastSearch
https://www.nicolascoolman.com/fr/adware-mapsgalaxy/ =>PUP.Optional.MapsGalaxy
https://www.anti-malware.top/2016/05/29/superfluous-mindspark/ =>.Superfluous.MindSpark
https://www.anti-malware.top/2016/08/31/cloudfront-net/ =>.Superfluous.CloudfrontNet
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.AkamaiHD
https://www.anti-malware.top/2016/07/21/superfluous-atwola/ =>.Superfluous.Atwola
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.AudienceInsights
https://www.nicolascoolman.com/fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
https://www.anti-malware.top/2016/09/22/toolbar-ask/ =>Toolbar.Ask
https://www.nicolascoolman.com/fr/hijacker-browser/ =>PUP.Optional.Browser
~ End of the scan, 8472 items in 00mn40s (173)