Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2014.8.28.125 - Nicolas Coolman (28/08/2014)
~ Lancé par UTILISATEUR (21/10/2017 09:02:59)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.18792
MFIE: Mozilla Firefox 56.0 (Defaut)
GCIE: Google Chrome
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7TP9F
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Bitdefender 60-Second Virus Scanner v1.0.3.76
Malwarebytes Anti-Malware version 2.2.1.1043
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
CCleaner v4.18
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 27 NPAPI
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1976 MB (32% free)
System Restore: Activé (Enable)
System drive C: has 52 GB (44%) free of 117 GB
---\\ Mode de connexion au système
~ Computer Name: UTILISATEUR-PC
~ User Name: UTILISATEUR
~ All Users Names: UTILISATEUR, svzxxvnbe, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\UTILISATEUR\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\UTILISATEUR\AppData\Roaming\
~ %Desktop% : C:\Users\UTILISATEUR\Desktop\
~ %Favorites% : C:\Users\UTILISATEUR\Favorites\
~ %LocalAppData% : C:\Users\UTILISATEUR\AppData\Local\
~ %StartMenu% : C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 52 Go of 117 Go)
D: Hard drive, Flash drive, Thumb drive (Free 17 Go of 116 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.6DDCA324434FFA506CF7DC4E51DB7935] - (.Microsoft Corporation - Explorateur Windows.) (.29/08/2016 - 14:55:07.) -- C:\Windows\Explorer.exe [2972672]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.1B1AE8AF0EADBDA58DF2658E68EA1BE5] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/08/2017 - 15:17:15.) -- C:\Windows\System32\wininet.dll [2767872]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 01:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 12:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F582FC7976F1248AC5FBD6875C626B41] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/04/2017 - 14:52:22.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 08:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.EA9DBD76CE9254C77BAAB4339DD4C4FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.08/09/2016 - 14:49:56.) -- C:\Windows\system32\Drivers\DfsC.sys [81408]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 09:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.0D045D242E8E1095EDBF0832F1E2B0F4] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.11/08/2017 - 05:56:17.) -- C:\Windows\system32\Drivers\MRxSmb.sys [124416]
[MD5.2E226E666C6E11DC8C850071A90BE2DC] - (.Microsoft Corporation - MBT Transport driver.) (.11/08/2017 - 05:55:55.) -- C:\Windows\system32\Drivers\netBT.sys [188928]
[MD5.28B64D3792D4F692E45ECB0C3F98C19B] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.09/06/2017 - 15:17:18.) -- C:\Windows\system32\Drivers\ntfs.sys [1213672]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 10:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.8F143F86FDD8CF4F7BD25973C5983F9D] - (.Microsoft Corporation - TDI Translation Driver.) (.29/07/2017 - 14:50:58.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 12:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/7782
~ Mes musiques (My Musics) : 83/132
~ Mes Videos (My Videos) : 1/28
~ Mes Favoris (My Favorites) : 1/46
~ Mes Documents (My Documents) : 13/130
~ Mon Bureau (My Desktop) : 69/1618
~ Menu demarrer (Programs) : 1/62
~ Hidden Files: Scanned in 00mn 09s
---\\ Processus lancés
[MD5.706A74BC6E176DD9D4C8584B41B99076] - (...) -- C:\Program Files\Winamp\winampa.exe [24576] [PID.1984]
[MD5.08E7173D1B74095335052459200CB1EA] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe [421888] [PID.2016]
[MD5.6CCBE90D8EAE1A5A613B0777ED7E96EC] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [30208] [PID.248]
[MD5.F152A1C1F9CE2F13056D3BFB14F001CE] - (.Pas de propriétaire - AutoDect.) -- C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe [128864] [PID.308]
[MD5.FE7CE849DB8C3986B2E721C6A3184FAA] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [287800] [PID.360]
[MD5.FB0C8699B87F7140BB6201BE7B4B6778] - (.Pas de propriétaire - CameraMonitor Application.) -- C:\Windows\vsnpstd3.exe [827392] [PID.796]
[MD5.87D78CF6365BDDACBE9D34B60FE0E23B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.1020]
[MD5.89D3DE5E2C77DCD99C56F0E46310AEA0] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [172568] [PID.1108]
[MD5.AFD15F701B550037FFDDE6B18171479D] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816] [PID.1268]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.1236]
[MD5.84907971C76F93C3BF746EEED058DE8B] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [352648] [PID.1404]
[MD5.D60B612673B5C8AF060F4EB7204F62B5] - (.Pas de propriétaire - RealDownloader.) -- C:\Program Files\Real\RealDownloader\downloader2.exe [730864] [PID.1776]
[MD5.36175CB59779F47DB2D6E18F06D2F2CF] - (.Bitdefender - 60-Second Interface.) -- C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe [261984] [PID.1364]
[MD5.A7A1A43C0D9782E0E46C0D3F2E9DB4B2] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [28787840] [PID.2292]
[MD5.001B2CD2D45BC59575BA0F1A4A997682] - (. Hewlett-Packard Development Company, L.P. - Volume related element.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe [76856] [PID.2316]
[MD5.4AA72293C27BA6CF8C5F8A76542919F2] - (.RealNetworks, Inc. - RealPlayer with RealTimes.) -- C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [7425296] [PID.2544]
[MD5.F308D7378BF60B91DA495FCAA1C216E7] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [4811032] [PID.3120]
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.3212]
[MD5.12A819FD070C26877A2C2D32EEF276F9] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [6852224] [PID.944]
[MD5.52FFABA4273678BAE75442F2BC85B470] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [531408] [PID.6080]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8099328] [PID.2448]
[MD5.8737C6345141BB27430A836D359E23FF] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [136192] [PID.2324]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.0]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (1)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealTimes Video Downloader.) -- C:\program files\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [WinampAgent] . (...) -- C:\Program Files\Winamp\Winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [autodetect] . (.Pas de propriétaire - AutoDect.) -- C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [snpstd3] . (.Pas de propriétaire - CameraMonitor Application.) -- C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Run: [RealDownloader] . (.Pas de propriétaire - RealDownloader.) -- C:\Program Files\Real\RealDownloader\downloader2.exe
O4 - HKCU\..\Run: [Weather Widget (HTC Home)] . (.Pas de propriétaire - Weather widget for HTC Home 3.) -- C:\Program Files\HTC Home\Weather.exe
O4 - HKCU\..\Run: [pdiface] . (.Bitdefender - 60-Second Interface.) -- C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Update Core.) -- C:\Users\UTILISATEUR\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [SysinfY2X] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [Weather Widget (HTC Home)] . (.Pas de propriétaire - Weather widget for HTC Home 3.) -- C:\Program Files\HTC Home\Weather.exe
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [pdiface] . (.Bitdefender - 60-Second Interface.) -- C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [Google Update] . (.Google Inc. - Google Update Core.) -- C:\Users\UTILISATEUR\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [SysinfY2X] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{06869FB6-87B7-43CE-8FD8-4936E71817F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{06869FB6-87B7-43CE-8FD8-4936E71817F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{06869FB6-87B7-43CE-8FD8-4936E71817F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: IAM Imola Modem Device Helper (IAM Imola Modem Device Helper) . (...) - C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\program files\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe
~ Services: 14 Legitimates Filtered in 00mn 04s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{003792EE-C879-4E0C-932E-84ED726B3135}] (...) -- C:\Users\UTILISATEUR\Downloads\ZHPDiag2(1).exe (.not file.) [0]
~ Scheduled Task: 36 Legitimates Filtered in 00mn 05s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\Audio Explosion]
[HKCU\Software\PDF Tools AG]
[HKCU\Software\Popcorn Time]
[HKCU\Software\PopcornTime]
[HKLM\Software\Audio Explosion]
[HKLM\Software\PDF Tools AG]
~ Key Software: 227 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/11/2015 - 22:00:40 - [] ----D C:\Program Files\Common Files\AV
O43 - CFD: 22/07/2015 - 22:48:00 - [] ----D C:\Users\UTILISATEUR\AppData\Local\CEF
O43 - CFD: 15/06/2015 - 20:24:33 - [0] -SH-D C:\Users\UTILISATEUR\AppData\Local\EmieBrowserModeList
O43 - CFD: 02/06/2015 - 05:17:59 - [] ----D C:\Users\UTILISATEUR\AppData\Local\GWX
~ Program Folder: 185 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.163CA4DA63087B98CB19FEF1CE0F10A0] - 20/10/2017 - 17:30:49 ---A- . (...) -- C:\Windows\System32\rsslogs.20171020172949 [391128]
O44 - LFC:[MD5.BF95C8045BD80A6C04F2F6E966EB55F8] - 21/10/2017 - 08:28:00 ---A- . (...) -- C:\Windows\System32\rsslogs.20171021082700 [35028]
~ Files: 13 Legitimates Filtered in 00mn 13s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:18/05/2009 - 16:32:58 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys [381440]
O58 - SDL:14/07/2009 - 01:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:20/07/2007 - 18:50:08 ---A- . (.eMPIA Technology, Inc. - USB 27xx WDM Driver.) -- C:\Windows\System32\Drivers\etDevice.sys [471808]
O58 - SDL:14/06/2007 - 17:09:08 ---A- . (.eMPIA Technology Inc. - EM27xx / EM28xx Filter Driver.) -- C:\Windows\System32\Drivers\etFilter.sys [201216]
O58 - SDL:23/07/2007 - 21:55:24 ---A- . (.eMPIA Technology, Inc. - USB 27xx WDM Upper Filter.) -- C:\Windows\System32\Drivers\etScan.sys [6656]
O58 - SDL:18/08/2013 - 19:20:31 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [25856]
O58 - SDL:13/07/2009 - 22:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:18/08/2013 - 19:20:32 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [861696]
O58 - SDL:09/10/2008 - 03:31:10 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [34856]
O58 - SDL:09/10/2008 - 03:32:46 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1810856]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:22/08/2013 - 12:40:22 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [35288]
O58 - SDL:16/10/2014 - 12:59:32 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [34808]
O58 - SDL:13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 21:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 21:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 21:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 21:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 21:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 21:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 21:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 21:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 21:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 21:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 21:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 21:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 123 Legitimates Filtered in 00mn 03s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {969CACE4-CD96-457D-A1E8-8A453E9514E4} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.70461DA8B94C6CA5D2FDA3260C5A8C3B] [SPRF][01/04/2013] (...) -- C:\Users\UTILISATEUR\AppData\Roaming\A3EF.exe [162]
[MD5.DAB96BB8ADEB3BAC9896ADC1902F9F7D] [SPRF][01/04/2013] (...) -- C:\Users\UTILISATEUR\AppData\Roaming\EBA6.exe [285]
[MD5.70461DA8B94C6CA5D2FDA3260C5A8C3B] [SPRF][31/03/2013] (...) -- C:\Users\UTILISATEUR\AppData\Roaming\F6FC.exe [162]
~ Files: 4 Legitimates Filtered in 00mn 04s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 17/09/2017 272384 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/08/2013 655712 | (Internet Mobile. RunOuc) . (...) - C:\Program Files\Internet Mobile\UpdateDog\ouc.exe
SS - | Demand 06/10/2017 175568 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 23/10/2007 382248 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 10/07/1658 0 | (Update service) . (...) - C:\Program Files\Popcorn Time\Updater.exe
SR - | Auto 19/07/2017 83032 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 15/07/2008 90112 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe
SR - | Auto 03/12/2009 26112 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe
SR - | Demand 12/01/2010 227896 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 14/12/2016 2241992 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
SR - | Demand 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 14/03/2011 271712 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SR - | Auto 14/03/2012 53312 | (IAM Imola Modem Device Helper) . (...) - C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe
SR - | Auto 20/09/2007 853288 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Auto 11/11/2013 1221384 | (pdserv) . (.Bitdefender.) - C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
SR - | Auto 11/11/2016 35104 | (RealPlayerUpdateSvc) . (...) - C:\program files\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe
SR - | Auto 02/12/2016 987408 | (RealTimes Desktop Service) . (.RealNetworks, Inc..) - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
SR - | Auto 08/08/2005 167936 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 11s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (28/08/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKCU\Software\APN PIP] =>Toolbar.Ask
~ Additionnel Scan: 269212 Items scanned in 00mn 32s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 3 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
~ MSI: 1 link(s) detected in 00mn 00s
~ 823 Legitimates filtered by white list
End of the scan (396 lines in 01mn 52s)(0)
~ Lancé par UTILISATEUR (21/10/2017 09:02:59)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.18792
MFIE: Mozilla Firefox 56.0 (Defaut)
GCIE: Google Chrome
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7TP9F
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Bitdefender 60-Second Virus Scanner v1.0.3.76
Malwarebytes Anti-Malware version 2.2.1.1043
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
CCleaner v4.18
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 27 NPAPI
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1976 MB (32% free)
System Restore: Activé (Enable)
System drive C: has 52 GB (44%) free of 117 GB
---\\ Mode de connexion au système
~ Computer Name: UTILISATEUR-PC
~ User Name: UTILISATEUR
~ All Users Names: UTILISATEUR, svzxxvnbe, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\UTILISATEUR\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\UTILISATEUR\AppData\Roaming\
~ %Desktop% : C:\Users\UTILISATEUR\Desktop\
~ %Favorites% : C:\Users\UTILISATEUR\Favorites\
~ %LocalAppData% : C:\Users\UTILISATEUR\AppData\Local\
~ %StartMenu% : C:\Users\UTILISATEUR\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 52 Go of 117 Go)
D: Hard drive, Flash drive, Thumb drive (Free 17 Go of 116 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.6DDCA324434FFA506CF7DC4E51DB7935] - (.Microsoft Corporation - Explorateur Windows.) (.29/08/2016 - 14:55:07.) -- C:\Windows\Explorer.exe [2972672]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.1B1AE8AF0EADBDA58DF2658E68EA1BE5] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/08/2017 - 15:17:15.) -- C:\Windows\System32\wininet.dll [2767872]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 01:39:27.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 12:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F582FC7976F1248AC5FBD6875C626B41] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/04/2017 - 14:52:22.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 08:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.EA9DBD76CE9254C77BAAB4339DD4C4FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.08/09/2016 - 14:49:56.) -- C:\Windows\system32\Drivers\DfsC.sys [81408]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 09:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.0D045D242E8E1095EDBF0832F1E2B0F4] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.11/08/2017 - 05:56:17.) -- C:\Windows\system32\Drivers\MRxSmb.sys [124416]
[MD5.2E226E666C6E11DC8C850071A90BE2DC] - (.Microsoft Corporation - MBT Transport driver.) (.11/08/2017 - 05:55:55.) -- C:\Windows\system32\Drivers\netBT.sys [188928]
[MD5.28B64D3792D4F692E45ECB0C3F98C19B] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.09/06/2017 - 15:17:18.) -- C:\Windows\system32\Drivers\ntfs.sys [1213672]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 10:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.8F143F86FDD8CF4F7BD25973C5983F9D] - (.Microsoft Corporation - TDI Translation Driver.) (.29/07/2017 - 14:50:58.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 12:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/7782
~ Mes musiques (My Musics) : 83/132
~ Mes Videos (My Videos) : 1/28
~ Mes Favoris (My Favorites) : 1/46
~ Mes Documents (My Documents) : 13/130
~ Mon Bureau (My Desktop) : 69/1618
~ Menu demarrer (Programs) : 1/62
~ Hidden Files: Scanned in 00mn 09s
---\\ Processus lancés
[MD5.706A74BC6E176DD9D4C8584B41B99076] - (...) -- C:\Program Files\Winamp\winampa.exe [24576] [PID.1984]
[MD5.08E7173D1B74095335052459200CB1EA] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe [421888] [PID.2016]
[MD5.6CCBE90D8EAE1A5A613B0777ED7E96EC] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [30208] [PID.248]
[MD5.F152A1C1F9CE2F13056D3BFB14F001CE] - (.Pas de propriétaire - AutoDect.) -- C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe [128864] [PID.308]
[MD5.FE7CE849DB8C3986B2E721C6A3184FAA] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [287800] [PID.360]
[MD5.FB0C8699B87F7140BB6201BE7B4B6778] - (.Pas de propriétaire - CameraMonitor Application.) -- C:\Windows\vsnpstd3.exe [827392] [PID.796]
[MD5.87D78CF6365BDDACBE9D34B60FE0E23B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.1020]
[MD5.89D3DE5E2C77DCD99C56F0E46310AEA0] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [172568] [PID.1108]
[MD5.AFD15F701B550037FFDDE6B18171479D] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816] [PID.1268]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.1236]
[MD5.84907971C76F93C3BF746EEED058DE8B] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [352648] [PID.1404]
[MD5.D60B612673B5C8AF060F4EB7204F62B5] - (.Pas de propriétaire - RealDownloader.) -- C:\Program Files\Real\RealDownloader\downloader2.exe [730864] [PID.1776]
[MD5.36175CB59779F47DB2D6E18F06D2F2CF] - (.Bitdefender - 60-Second Interface.) -- C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe [261984] [PID.1364]
[MD5.A7A1A43C0D9782E0E46C0D3F2E9DB4B2] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [28787840] [PID.2292]
[MD5.001B2CD2D45BC59575BA0F1A4A997682] - (. Hewlett-Packard Development Company, L.P. - Volume related element.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe [76856] [PID.2316]
[MD5.4AA72293C27BA6CF8C5F8A76542919F2] - (.RealNetworks, Inc. - RealPlayer with RealTimes.) -- C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [7425296] [PID.2544]
[MD5.F308D7378BF60B91DA495FCAA1C216E7] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [4811032] [PID.3120]
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.3212]
[MD5.12A819FD070C26877A2C2D32EEF276F9] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [6852224] [PID.944]
[MD5.52FFABA4273678BAE75442F2BC85B470] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [531408] [PID.6080]
[MD5.33BF80A2291C54DC7D7601CDEF63138E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8099328] [PID.2448]
[MD5.8737C6345141BB27430A836D359E23FF] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [136192] [PID.2324]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.0]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (1)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealTimes Video Downloader.) -- C:\program files\real\realplayer\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [WinampAgent] . (...) -- C:\Program Files\Winamp\Winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [autodetect] . (.Pas de propriétaire - AutoDect.) -- C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [snpstd3] . (.Pas de propriétaire - CameraMonitor Application.) -- C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Run: [RealDownloader] . (.Pas de propriétaire - RealDownloader.) -- C:\Program Files\Real\RealDownloader\downloader2.exe
O4 - HKCU\..\Run: [Weather Widget (HTC Home)] . (.Pas de propriétaire - Weather widget for HTC Home 3.) -- C:\Program Files\HTC Home\Weather.exe
O4 - HKCU\..\Run: [pdiface] . (.Bitdefender - 60-Second Interface.) -- C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Update Core.) -- C:\Users\UTILISATEUR\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [SysinfY2X] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [Weather Widget (HTC Home)] . (.Pas de propriétaire - Weather widget for HTC Home 3.) -- C:\Program Files\HTC Home\Weather.exe
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [pdiface] . (.Bitdefender - 60-Second Interface.) -- C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [Google Update] . (.Google Inc. - Google Update Core.) -- C:\Users\UTILISATEUR\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKUS\S-1-5-21-572092862-3927737235-3867462957-1000\..\Run: [SysinfY2X] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{06869FB6-87B7-43CE-8FD8-4936E71817F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{06869FB6-87B7-43CE-8FD8-4936E71817F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{06869FB6-87B7-43CE-8FD8-4936E71817F3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: IAM Imola Modem Device Helper (IAM Imola Modem Device Helper) . (...) - C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\program files\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe
~ Services: 14 Legitimates Filtered in 00mn 04s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{003792EE-C879-4E0C-932E-84ED726B3135}] (...) -- C:\Users\UTILISATEUR\Downloads\ZHPDiag2(1).exe (.not file.) [0]
~ Scheduled Task: 36 Legitimates Filtered in 00mn 05s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\Audio Explosion]
[HKCU\Software\PDF Tools AG]
[HKCU\Software\Popcorn Time]
[HKCU\Software\PopcornTime]
[HKLM\Software\Audio Explosion]
[HKLM\Software\PDF Tools AG]
~ Key Software: 227 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/11/2015 - 22:00:40 - [] ----D C:\Program Files\Common Files\AV
O43 - CFD: 22/07/2015 - 22:48:00 - [] ----D C:\Users\UTILISATEUR\AppData\Local\CEF
O43 - CFD: 15/06/2015 - 20:24:33 - [0] -SH-D C:\Users\UTILISATEUR\AppData\Local\EmieBrowserModeList
O43 - CFD: 02/06/2015 - 05:17:59 - [] ----D C:\Users\UTILISATEUR\AppData\Local\GWX
~ Program Folder: 185 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.163CA4DA63087B98CB19FEF1CE0F10A0] - 20/10/2017 - 17:30:49 ---A- . (...) -- C:\Windows\System32\rsslogs.20171020172949 [391128]
O44 - LFC:[MD5.BF95C8045BD80A6C04F2F6E966EB55F8] - 21/10/2017 - 08:28:00 ---A- . (...) -- C:\Windows\System32\rsslogs.20171021082700 [35028]
~ Files: 13 Legitimates Filtered in 00mn 13s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:18/05/2009 - 16:32:58 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys [381440]
O58 - SDL:14/07/2009 - 01:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:20/07/2007 - 18:50:08 ---A- . (.eMPIA Technology, Inc. - USB 27xx WDM Driver.) -- C:\Windows\System32\Drivers\etDevice.sys [471808]
O58 - SDL:14/06/2007 - 17:09:08 ---A- . (.eMPIA Technology Inc. - EM27xx / EM28xx Filter Driver.) -- C:\Windows\System32\Drivers\etFilter.sys [201216]
O58 - SDL:23/07/2007 - 21:55:24 ---A- . (.eMPIA Technology, Inc. - USB 27xx WDM Upper Filter.) -- C:\Windows\System32\Drivers\etScan.sys [6656]
O58 - SDL:18/08/2013 - 19:20:31 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [25856]
O58 - SDL:13/07/2009 - 22:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:18/08/2013 - 19:20:32 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [861696]
O58 - SDL:09/10/2008 - 03:31:10 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [34856]
O58 - SDL:09/10/2008 - 03:32:46 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1810856]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:22/08/2013 - 12:40:22 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [35288]
O58 - SDL:16/10/2014 - 12:59:32 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys [34808]
O58 - SDL:13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 21:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 21:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 21:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 21:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 21:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 21:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 21:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 21:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 21:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 21:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 21:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 21:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 123 Legitimates Filtered in 00mn 03s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {969CACE4-CD96-457D-A1E8-8A453E9514E4} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.70461DA8B94C6CA5D2FDA3260C5A8C3B] [SPRF][01/04/2013] (...) -- C:\Users\UTILISATEUR\AppData\Roaming\A3EF.exe [162]
[MD5.DAB96BB8ADEB3BAC9896ADC1902F9F7D] [SPRF][01/04/2013] (...) -- C:\Users\UTILISATEUR\AppData\Roaming\EBA6.exe [285]
[MD5.70461DA8B94C6CA5D2FDA3260C5A8C3B] [SPRF][31/03/2013] (...) -- C:\Users\UTILISATEUR\AppData\Roaming\F6FC.exe [162]
~ Files: 4 Legitimates Filtered in 00mn 04s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 17/09/2017 272384 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 18/08/2013 655712 | (Internet Mobile. RunOuc) . (...) - C:\Program Files\Internet Mobile\UpdateDog\ouc.exe
SS - | Demand 06/10/2017 175568 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 23/10/2007 382248 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 10/07/1658 0 | (Update service) . (...) - C:\Program Files\Popcorn Time\Updater.exe
SR - | Auto 19/07/2017 83032 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 15/07/2008 90112 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe
SR - | Auto 03/12/2009 26112 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe
SR - | Demand 12/01/2010 227896 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 14/12/2016 2241992 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
SR - | Demand 30/04/2009 229944 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 14/03/2011 271712 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SR - | Auto 14/03/2012 53312 | (IAM Imola Modem Device Helper) . (...) - C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe
SR - | Auto 20/09/2007 853288 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Auto 11/11/2013 1221384 | (pdserv) . (.Bitdefender.) - C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe
SR - | Auto 11/11/2016 35104 | (RealPlayerUpdateSvc) . (...) - C:\program files\real\realplayer\UpdateService\RealPlayerUpdateSvc.exe
SR - | Auto 02/12/2016 987408 | (RealTimes Desktop Service) . (.RealNetworks, Inc..) - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
SR - | Auto 08/08/2005 167936 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 11s
---\\ Scan Additionnel (O88)
Database Version : 13026 - (28/08/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKCU\Software\APN PIP] =>Toolbar.Ask
~ Additionnel Scan: 269212 Items scanned in 00mn 32s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 3 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
~ MSI: 1 link(s) detected in 00mn 00s
~ 823 Legitimates filtered by white list
End of the scan (396 lines in 01mn 52s)(0)