Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.12.24.251 Par Nicolas Coolman (2016/12/24)
~ Démarré par maryse Vaillant (Administrator) (2016/12/24 13:07:34)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\maryse Vaillant\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\maryse Vaillant\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 8.1, 64-bit (Build 9600) =>.Microsoft Corporation
---\\ Informations sur les produits Windows (3) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK
---\\ Logiciels de protection (1) - 2s
Windows Defender (Deactivate)
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4071.704 MB (53% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 780 GB (83%) free of 935 GB : OK =>.Disk Space
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: MARYSE
~ User Name: maryse Vaillant
~ Logged in as Administrator
---\\ Etat du Centre de Sécurité Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Recherche particulière de fichiers génériques (25) - 3s
[MD5.ED6B4C95E2A6D67480B9DBB8A8E7D9B4] - 14/10/2009 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [99688] =>.Microsoft Windows®
[MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - 14/10/2009 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [99688] =>.Microsoft Corporation
[MD5.EC302D06155F8E3C383750993FCB6B27] - 14/10/2009 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [99688] =>.Microsoft Corporation
[MD5.105954F9BEAD700A6DF4B5B489FCCB4B] - 14/10/2009 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [99688] =>.Microsoft Corporation
[MD5.B1102BBDDD9C87B3D609D6C08F7A3DBD] - 14/10/2009 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [99688] =>.Microsoft Corporation
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - 14/10/2009 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [99688] =>.Microsoft Corporation
[MD5.84B55134C5CA26063E7AA980BB15D976] - 14/10/2009 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [99688] =>.Microsoft Corporation
[MD5.4CD766EF361C27DAE50C84AC40C15DF2] - 14/10/2009 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\Syswow64\dnsapi.dll [99688] =>.Microsoft Corporation
[MD5.E37F897ED7B5AFF79B1398258DB96BD9] - 14/10/2009 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [99688] =>.Microsoft Corporation
[MD5.A460C3AF3755A2A79A3C8EFE72E147B5] - 14/10/2009 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\drivers\AFD.sys [99688] =>.Microsoft Corporation
[MD5.74B14192CF79A72F7536B27CB8814FBD] - 14/10/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [99688] =>.Microsoft Windows®
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - 14/10/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [99688] =>.Microsoft Corporation
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - 14/10/2009 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [99688] =>.Microsoft Corporation
[MD5.FBFF94FC1FE0699A6BC5ACE270AB9EA1] - 14/10/2009 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [99688] =>.Microsoft Corporation
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - 14/10/2009 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [99688] =>.Microsoft Corporation
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - 14/10/2009 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [99688] =>.Microsoft Corporation
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - 14/10/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [99688] =>.Microsoft Corporation
[MD5.C3B0566DE49265AE98405825938C20A1] - 14/10/2009 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\drivers\MRxSmb.sys [99688] =>.Microsoft Corporation
[MD5.9DC17B7D9D84C37C102D379FCC7D4942] - 14/10/2009 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [99688] =>.Microsoft Corporation
[MD5.9980B262DBE439AE6BDC91AA985F19EE] - 14/10/2009 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [99688] =>.Microsoft Windows®
[MD5.57DCE4FB0467986AE78E1C6FC5240D32] - 14/10/2009 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [99688] =>.Microsoft Corporation
[MD5.235624C147E3CB4C288D5D3D8E8D64A2] - 14/10/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [99688] =>.Microsoft Corporation
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - 14/10/2009 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\Windows\System32\drivers\rdpdr.sys [99688] =>.Microsoft Corporation
[MD5.E0BD2D83875464FEEEB242CBA8B7E073] - 14/10/2009 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [99688] =>.Microsoft Corporation
[MD5.17F7B0F2298D97F4B6C7A69511033D3D] - 14/10/2009 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [99688] =>.Microsoft Windows®
---\\ Google Chrome, Démarrage,Recherche,Extensions (8) - 1s
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Docs =>.Legitimate
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealDownloader =>.RealNetworks Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (8) - 5s
M0 - MFSP: prefs.js [maryse Vaillant - d2qgl8v3.default] http://www.google.fr/ =>.Google Inc.
M0 - MFSP: prefs.js [maryse Vaillant - d2qgl8v3.default] http://mail.google.com/ =>.Google Inc.
M0 - MFSP: prefs.js [maryse Vaillant - d2qgl8v3.default] http://messageriepro.orange.fr/ =>.Orange SA
M0 - MFSP: prefs.js [maryse Vaillant - d2qgl8v3.default] http://www.laposte.net/
P2 - EXT FILE: (.Firefox Hotfix - Firefox Hotfix: avoid updates that wou.) -- C:\Users\maryse Vaillant\AppData\Roaming\Mozilla\Firefox\Profiles\d2qgl8v3.default\extensions\firefox-hotfix@mozilla.org.xpi =>.Firefox Hotfix
P2 - EXT FILE: (.Adblock Plus - Ads were yesterday!.) -- C:\Users\maryse Vaillant\AppData\Roaming\Mozilla\Firefox\Profiles\d2qgl8v3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus
P2 - EXT FILE: (.Aaron Boodman; http://youngpup.net/ - A User Script Manager for Firefox.) -- C:\Users\maryse Vaillant\AppData\Roaming\Mozilla\Firefox\Profiles\d2qgl8v3.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi =>.Aaron Boodman; http://youngpup.net/
P2 - EXT FILE: (.Google - Google Search.) -- C:\Users\maryse Vaillant\AppData\Roaming\Mozilla\Firefox\Profiles\d2qgl8v3.default\searchplugins\Google.xml =>.Google
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (18) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ =>.Google Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ =>.Google Inc.
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ =>.Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ =>.Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ =>.Google Inc.
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Scan Additionnel (1) - 0s
~ Aucun élément malicieux ou superflu trouvé.
---\\ Récapitulatif des éléments trouvés sur votre station (1) - 0s
~ Aucun élément malicieux ou superflu trouvé.
~ End of the scan, 26193 items in 00mn15s (133)
~ Démarré par maryse Vaillant (Administrator) (2016/12/24 13:07:34)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\maryse Vaillant\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\maryse Vaillant\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 8.1, 64-bit (Build 9600) =>.Microsoft Corporation
---\\ Informations sur les produits Windows (3) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK
---\\ Logiciels de protection (1) - 2s
Windows Defender (Deactivate)
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4071.704 MB (53% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 780 GB (83%) free of 935 GB : OK =>.Disk Space
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: MARYSE
~ User Name: maryse Vaillant
~ Logged in as Administrator
---\\ Etat du Centre de Sécurité Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Recherche particulière de fichiers génériques (25) - 3s
[MD5.ED6B4C95E2A6D67480B9DBB8A8E7D9B4] - 14/10/2009 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [99688] =>.Microsoft Windows®
[MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - 14/10/2009 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [99688] =>.Microsoft Corporation
[MD5.EC302D06155F8E3C383750993FCB6B27] - 14/10/2009 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [99688] =>.Microsoft Corporation
[MD5.105954F9BEAD700A6DF4B5B489FCCB4B] - 14/10/2009 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [99688] =>.Microsoft Corporation
[MD5.B1102BBDDD9C87B3D609D6C08F7A3DBD] - 14/10/2009 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [99688] =>.Microsoft Corporation
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - 14/10/2009 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [99688] =>.Microsoft Corporation
[MD5.84B55134C5CA26063E7AA980BB15D976] - 14/10/2009 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [99688] =>.Microsoft Corporation
[MD5.4CD766EF361C27DAE50C84AC40C15DF2] - 14/10/2009 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\Syswow64\dnsapi.dll [99688] =>.Microsoft Corporation
[MD5.E37F897ED7B5AFF79B1398258DB96BD9] - 14/10/2009 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [99688] =>.Microsoft Corporation
[MD5.A460C3AF3755A2A79A3C8EFE72E147B5] - 14/10/2009 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\Windows\System32\drivers\AFD.sys [99688] =>.Microsoft Corporation
[MD5.74B14192CF79A72F7536B27CB8814FBD] - 14/10/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [99688] =>.Microsoft Windows®
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - 14/10/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [99688] =>.Microsoft Corporation
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - 14/10/2009 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [99688] =>.Microsoft Corporation
[MD5.FBFF94FC1FE0699A6BC5ACE270AB9EA1] - 14/10/2009 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [99688] =>.Microsoft Corporation
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - 14/10/2009 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [99688] =>.Microsoft Corporation
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - 14/10/2009 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [99688] =>.Microsoft Corporation
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - 14/10/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [99688] =>.Microsoft Corporation
[MD5.C3B0566DE49265AE98405825938C20A1] - 14/10/2009 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\Windows\System32\drivers\MRxSmb.sys [99688] =>.Microsoft Corporation
[MD5.9DC17B7D9D84C37C102D379FCC7D4942] - 14/10/2009 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [99688] =>.Microsoft Corporation
[MD5.9980B262DBE439AE6BDC91AA985F19EE] - 14/10/2009 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [99688] =>.Microsoft Windows®
[MD5.57DCE4FB0467986AE78E1C6FC5240D32] - 14/10/2009 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [99688] =>.Microsoft Corporation
[MD5.235624C147E3CB4C288D5D3D8E8D64A2] - 14/10/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [99688] =>.Microsoft Corporation
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - 14/10/2009 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\Windows\System32\drivers\rdpdr.sys [99688] =>.Microsoft Corporation
[MD5.E0BD2D83875464FEEEB242CBA8B7E073] - 14/10/2009 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [99688] =>.Microsoft Corporation
[MD5.17F7B0F2298D97F4B6C7A69511033D3D] - 14/10/2009 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [99688] =>.Microsoft Windows®
---\\ Google Chrome, Démarrage,Recherche,Extensions (8) - 1s
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Docs =>.Legitimate
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealDownloader =>.RealNetworks Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (8) - 5s
M0 - MFSP: prefs.js [maryse Vaillant - d2qgl8v3.default] http://www.google.fr/ =>.Google Inc.
M0 - MFSP: prefs.js [maryse Vaillant - d2qgl8v3.default] http://mail.google.com/ =>.Google Inc.
M0 - MFSP: prefs.js [maryse Vaillant - d2qgl8v3.default] http://messageriepro.orange.fr/ =>.Orange SA
M0 - MFSP: prefs.js [maryse Vaillant - d2qgl8v3.default] http://www.laposte.net/
P2 - EXT FILE: (.Firefox Hotfix - Firefox Hotfix: avoid updates that wou.) -- C:\Users\maryse Vaillant\AppData\Roaming\Mozilla\Firefox\Profiles\d2qgl8v3.default\extensions\firefox-hotfix@mozilla.org.xpi =>.Firefox Hotfix
P2 - EXT FILE: (.Adblock Plus - Ads were yesterday!.) -- C:\Users\maryse Vaillant\AppData\Roaming\Mozilla\Firefox\Profiles\d2qgl8v3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus
P2 - EXT FILE: (.Aaron Boodman; http://youngpup.net/ - A User Script Manager for Firefox.) -- C:\Users\maryse Vaillant\AppData\Roaming\Mozilla\Firefox\Profiles\d2qgl8v3.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi =>.Aaron Boodman; http://youngpup.net/
P2 - EXT FILE: (.Google - Google Search.) -- C:\Users\maryse Vaillant\AppData\Roaming\Mozilla\Firefox\Profiles\d2qgl8v3.default\searchplugins\Google.xml =>.Google
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (18) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ =>.Google Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ =>.Google Inc.
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ =>.Google Inc.
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ =>.Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ =>.Google Inc.
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ =>.Google Inc.
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Scan Additionnel (1) - 0s
~ Aucun élément malicieux ou superflu trouvé.
---\\ Récapitulatif des éléments trouvés sur votre station (1) - 0s
~ Aucun élément malicieux ou superflu trouvé.
~ End of the scan, 26193 items in 00mn15s (133)