~ Rapport de ZHPDiag v2014.12.27.179 - Nicolas Coolman (27/12/2014) ~ Lancé par amouna (07/06/2015 12:42:41) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17728 MFIE: Mozilla Firefox 38.0.1 GCIE: Google Chrome v43.0.2357.81 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 2C9T3 Windows License : OK ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Kaspersky Anti-Virus 6.0 for Windows Workstations v6.0.4.1611 McAfee Security Scan Plus v3.8.150.1 Windows Defender W7 (Activate) ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 17 NPAPI Adobe Reader XI ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2997 MB (45% free) System Restore: Activé (Enable) System drive C: has 101 GB (36%) free of 280 GB ---\\ Mode de connexion au système ~ Computer Name: AMOUNA-PC ~ User Name: amouna ~ All Users Names: amouna, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\amouna\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\amouna\AppData\Roaming\ ~ %Desktop% : C:\Users\amouna\Desktop\ ~ %Favorites% : C:\Users\amouna\Favorites\ ~ %LocalAppData% : C:\Users\amouna\AppData\Local\ ~ %StartMenu% : C:\Users\amouna\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 101 Go of 280 Go) D: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) E: Hard drive, Flash drive, Thumb drive (Free 15 Go of 17 Go) F: CD-ROM drive (Not Inserted) G: Floppy drive, Flash card reader, USB Key (Not Inserted) H: CD-ROM drive (Free 0 Go of 0 Go) I: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 42 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 05:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.C46904F2E9E121A91DDDABB48D7648C3] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/03/2015 - 02:20:28.) -- C:\Windows\System32\wininet.dll [1888256] [MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 01:39:27.) -- C:\Windows\System32\Winlogon.exe [304128] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 12:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 06:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 08:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 08:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 09:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 08:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 02:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 10:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 01:32:14.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 12:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Generic Processes: Scanned in 00mn 04s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes musiques (My Musics) : 1/132 ~ Mes Favoris (My Favorites) : 1/26 ~ Mes Documents (My Documents) : 1/6 ~ Mon Bureau (My Desktop) : 1/32424 ~ Menu demarrer (Programs) : 1/26 ~ Hidden Files: Scanned in 01mn 09s ---\\ Processus lancés [MD5.138A025177F9958599D498F5B0267382] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [238160] [PID.2428] [MD5.157B5DF2CBCE17A0CEECB0FF4297700E] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [142616] [PID.2696] [MD5.9A30BDDE96721FE6D6B2BA0593F69C81] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [177432] [PID.2712] [MD5.FEC63BCD1A1DDE7A990223D0F12655D7] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [177944] [PID.2728] [MD5.F67991C4EE448C5FF03F148E0A79EF9D] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files\Athan\Athan.exe [1216512] [PID.2744] [MD5.3FDCA1F725CA8E367B9DBBC43F983423] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232] [PID.2812] [MD5.4D689B012DF7B1151553705A833DA80B] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [313440] [PID.1876] [MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.3100] [MD5.03B0931517D51148210CDE45176EB364] - (...) -- C:\Program Files\Modem HDM EC156\Modem HDM EC156.exe [232960] [PID.3304] [MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\program files\google\chrome\application\chrome.exe [813896] [PID.2068] [MD5.E47AC731D42B2452D4C0BF096DF3DD6E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8145408] [PID.5624] [MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1844] [MD5.8F5908131E0219ECD95400BAABE88BA1] - (.Pas de propriétaire - DCSHOST.) -- C:\ProgramData\DatacardService\HWDeviceService.exe [276048] [PID.1960] [MD5.7013F8755A6EB98EFC75E954999CAD97] - (.Flexera Software LLC - Flexera Software LLC.) -- C:\Program Files\MATLAB\MATLAB Production Server\R2015a\etc\win32\lmgrd.exe [1448752] [PID.2012] [MD5.53B8D9B905223CBB6317B0FFF61D155A] - (...) -- C:\ProgramData\Modem HDM EC156\OnlineUpdate\ouc.exe [651856] [PID.488] [MD5.CFA62AAFB27666BEB1F61F1C6830847D] - (.Sun Microsystems, Inc. - Java(TM) 2 Platform Standard Edition binary.) -- C:\app\amouna\product\11.2.0\dbhome_1\jdk\bin\java.exe [53344] [PID.1712] [MD5.18A54E132947CD98FEA9ACCC57F98F13] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.3080] [MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.4100] ~ Processes Running: Scanned in 00mn 03s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\amouna\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M2 - MFEP: RegExtension {e4f94d1e-2f53-401e-8885-681602c0ddd8} . (...) -- C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi ~ Firefox Browser: 13 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Athan] . (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [gpuminer] . (...) -- C:\Users\amouna\AppData\Roaming\cpuminer\sgminer\sgminer.cmd O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2388956483-3701855931-3028963097-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} . (.Kaspersky Lab ZAO - Script Monitor Internet Explorer plugin.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{0E2A8CA9-A262-4962-9070-E26AD972F096}: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CCS\Services\Tcpip\..\{DBB0F9C3-48A7-4C00-A4AB-0D9C03EA65F8}: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CCS\Services\Tcpip\..\{F2E7E79E-34AB-491D-A537-A7F223594299}: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CS1\Services\Tcpip\..\{0E2A8CA9-A262-4962-9070-E26AD972F096}: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CS1\Services\Tcpip\..\{DBB0F9C3-48A7-4C00-A4AB-0D9C03EA65F8}: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CS1\Services\Tcpip\..\{F2E7E79E-34AB-491D-A537-A7F223594299}: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CS2\Services\Tcpip\..\{0E2A8CA9-A262-4962-9070-E26AD972F096}: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CS2\Services\Tcpip\..\{DBB0F9C3-48A7-4C00-A4AB-0D9C03EA65F8}: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CS2\Services\Tcpip\..\{F2E7E79E-34AB-491D-A537-A7F223594299}: NameServer = 192.168.60.58 192.168.50.55 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.Kaspersky Lab ZAO - kldialhk.) - C:\Program Files\KASPER~1\KASPER~1.0FO\adialhk.dll ~ AppInit DLL: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe ~ Services: 9 Legitimates Filtered in 00mn 04s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [{563C0536-557F-4D1E-864B-BCAA802F2BBD}] (...) -- C:\Users\amouna\Downloads\Firefox Setup 38.0b1.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{8B562D4F-257E-4FA2-B308-E1800F325AAE}] (...) -- C:\Users\amouna\AppData\Roaming\do-search\UninstallManager.exe (.not file.) [0] =>PUP.DoSearches [MD5.C6C7A16CE09EF19A0A866AA013312255] [APT] [{9E588F7A-9757-4AB6-872A-CB39A5729DBA}] (...) -- C:\Users\amouna\Desktop\FS fes\S2\eclipse-modeling-luna-SR1-win32\eclipse\eclipse.exe [327384] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056] ~ Scheduled Task: 22 Legitimates Filtered in 00mn 12s ---\\ HKCU & HKLM Software Keys [HKCU\Software\InstallPath] [HKCU\Software\ProductSetup] ~ Key Software: 107 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 14/04/2015 - 19:23:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit O43 - CFD: 06/06/2015 - 23:26:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader O43 - CFD: 14/07/2009 - 10:00:32 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 06/06/2015 - 23:28:38 - [] ----D C:\Users\amouna\AppData\Roaming\cpuminer O43 - CFD: 26/05/2015 - 13:46:55 - [] -SH-D C:\Users\amouna\AppData\Local\EmieBrowserModeList ~ Program Folder: 141 Legitimates Filtered in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/06/2015 - 07:44:05 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_1_8_44_5.dmp [0] O44 - LFC:[MD5.EDBCF1F2AB1542C1B2C13948A5356622] - 01/06/2015 - 07:44:09 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_1_8_44_4.dmp [18695] O44 - LFC:[MD5.562AB6D0A7FEFACFD1FB8E2059BAB07B] - 01/06/2015 - 13:06:48 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_1_14_6_43.dmp [18695] O44 - LFC:[MD5.78B7EDF10B8114AC0CC15D77B88A7C45] - 01/06/2015 - 13:06:48 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_1_14_6_44.dmp [19809] O44 - LFC:[MD5.C0C8499304EBEE9786CA707AD72E4974] - 01/06/2015 - 16:55:08 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_1_17_55_6.dmp [20099] O44 - LFC:[MD5.D6F767A28AC39F99441E7D604C3AB098] - 01/06/2015 - 16:55:09 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_1_17_55_7.dmp [20099] O44 - LFC:[MD5.DF89AA27F433E9BDD3E1391B51149C31] - 02/06/2015 - 14:11:20 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_2_15_11_17.dmp [18695] O44 - LFC:[MD5.0618CDDF86C6CD3FF7050F24D9A6972F] - 02/06/2015 - 14:11:22 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_2_15_11_19.dmp [19383] O44 - LFC:[MD5.95E318653448E6F732CD15F4BD435EE2] - 02/06/2015 - 16:26:57 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_2_17_26_53.dmp [18695] O44 - LFC:[MD5.CAB7B60A18768E34F70596C6A2EFFF33] - 02/06/2015 - 16:26:57 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_2_17_26_54.dmp [18793] O44 - LFC:[MD5.DAB678646BCD5A02FBCE3875F716217D] - 03/06/2015 - 16:29:44 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_3_17_29_40.dmp [18793] O44 - LFC:[MD5.C1C1E4C088BBEDBA6286815213C9752C] - 03/06/2015 - 16:29:44 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_3_17_29_41.dmp [19859] O44 - LFC:[MD5.F0E971256F4ADD54DC1B17BC2A40EB8F] - 04/06/2015 - 07:29:18 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_4_8_29_15.dmp [20099] O44 - LFC:[MD5.B7E1488E278F24FA07CB64806510B9EB] - 04/06/2015 - 07:29:20 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_4_8_29_17.dmp [19563] O44 - LFC:[MD5.25588D6ADC8FF718BE0716AD1F44E08A] - 04/06/2015 - 13:47:20 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_4_14_47_17.dmp [18745] O44 - LFC:[MD5.87A85AEB00C4D8B1C9D6C103F1240EA9] - 04/06/2015 - 13:47:20 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_4_14_47_18.dmp [18843] O44 - LFC:[MD5.B18485AB0D27322809E849C01E3128F4] - 04/06/2015 - 19:18:14 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_4_20_18_11.dmp [18695] O44 - LFC:[MD5.1059665B8F92FA10351EA2D28056E4C9] - 04/06/2015 - 19:18:15 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_4_20_18_12.dmp [18505] O44 - LFC:[MD5.87E142E3E301321A64E849D3FAAE1F4E] - 05/06/2015 - 06:56:27 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_5_7_56_25.dmp [20099] O44 - LFC:[MD5.6F04A5E62F33D2B30FCDD1105A190C8A] - 05/06/2015 - 06:56:28 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_5_7_56_26.dmp [19909] O44 - LFC:[MD5.BEC3114738081CE2D8F4DFBE34DE62C3] - 05/06/2015 - 12:49:44 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_5_13_49_41.dmp [18793] O44 - LFC:[MD5.6C3D62FE543954BA249BC3332C33419B] - 05/06/2015 - 13:19:54 ---A- . (...) -- C:\Windows\System32\cpuminer-x86.exe [2410272] O44 - LFC:[MD5.C9A581448C456DB22DB4B8CEB1857CA2] - 05/06/2015 - 19:41:33 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_5_20_41_31.dmp [20099] O44 - LFC:[MD5.EBBABD7BAAD8A267AB8D473EE6D50921] - 06/06/2015 - 06:22:08 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_6_7_22_5.dmp [20099] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/06/2015 - 08:43:47 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_6_9_43_47.dmp [0] O44 - LFC:[MD5.8BE5B4911B2F6A8AE4699F5A29CD78C8] - 06/06/2015 - 08:43:49 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_6_9_43_46.dmp [20099] O44 - LFC:[MD5.C39BD89B0C97731165CAB2FD9A12DE62] - 06/06/2015 - 17:57:52 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_6_18_57_47.dmp [18695] O44 - LFC:[MD5.CA07957DAE756B4A8E97AD81B354FC9C] - 06/06/2015 - 17:57:52 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_6_18_57_48.dmp [19135] O44 - LFC:[MD5.B1069FB35B8B92A87FBE3E6327A92505] - 06/06/2015 - 18:30:38 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_6_19_30_34.dmp [18695] O44 - LFC:[MD5.54E4CE0281857226C1E02C821C091298] - 06/06/2015 - 19:14:37 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_6_20_14_34.dmp [20099] O44 - LFC:[MD5.7F107E7AC8430F5164B96FEA3E8EA49A] - 06/06/2015 - 19:14:38 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_6_20_14_35.dmp [19563] O44 - LFC:[MD5.7EF63426F404A2478CE864A95BD15564] - 07/06/2015 - 06:55:07 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_7_7_55_3.dmp [18695] O44 - LFC:[MD5.5A55D59A8C7FB931CEC957A3DE000678] - 07/06/2015 - 06:55:07 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_7_7_55_4.dmp [18505] O44 - LFC:[MD5.E0310B99A441892633D8AB3374BDA72C] - 07/06/2015 - 10:49:39 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_7_11_49_32.dmp [16919] O44 - LFC:[MD5.3BFA71EFE2C1944515F007AFC94C0822] - 07/06/2015 - 10:49:39 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_7_11_49_34.dmp [17739] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/06/2015 - 11:17:44 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_7_12_17_44.dmp [0] O44 - LFC:[MD5.B9531BCCA05550C8D1A8A2BD910CFC92] - 07/06/2015 - 11:17:45 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_7_12_17_43.dmp [18695] O44 - LFC:[MD5.E1B8543F82FF9C3DFB7C77596822E424] - 07/06/2015 - 11:26:29 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_7_12_26_25.dmp [18793] O44 - LFC:[MD5.62400C47AFD61DF2FFD3BFA146338D20] - 07/06/2015 - 11:26:29 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_6_7_12_26_26.dmp [19811] O44 - LFC:[MD5.202D804A2A19F926993B388AF91AD939] - 26/05/2015 - 07:20:31 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_26_8_20_27.dmp [18695] O44 - LFC:[MD5.AB9CBE9A774D2D7D71BABADDF039DBCD] - 26/05/2015 - 07:20:31 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_26_8_20_28.dmp [18793] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/05/2015 - 11:14:11 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_26_12_14_11.dmp [0] O44 - LFC:[MD5.0AC938BE622466EB4B285588FF88322E] - 26/05/2015 - 11:28:34 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_26_12_28_31.dmp [20099] O44 - LFC:[MD5.71E8FD4FD0D564F279D665E437622D4E] - 26/05/2015 - 11:28:35 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_26_12_28_32.dmp [20099] O44 - LFC:[MD5.09C4A40C3BD5E4736F01BD51E2257EA6] - 26/05/2015 - 12:09:41 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_26_13_9_38.dmp [20099] O44 - LFC:[MD5.C31EBFBB90CDAA310CE29A1585698C18] - 26/05/2015 - 12:09:42 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_26_13_9_39.dmp [20099] O44 - LFC:[MD5.5410E98ADD0BA22D034A565F6B0FE882] - 27/05/2015 - 07:41:56 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_27_8_41_52.dmp [18695] O44 - LFC:[MD5.8086B7302BFEB937C0EC5813A86F7F18] - 27/05/2015 - 07:41:56 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_27_8_41_53.dmp [19859] O44 - LFC:[MD5.5FD30FC36B26034B746C1C6097092114] - 27/05/2015 - 18:03:59 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_27_19_3_55.dmp [18793] O44 - LFC:[MD5.C1F87CBB81F008F9285C674AEB6223DA] - 27/05/2015 - 18:03:59 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_27_19_3_56.dmp [19857] O44 - LFC:[MD5.F2DCD6FDE6094A36B78AA8E64A3FA440] - 28/05/2015 - 17:26:40 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_28_18_26_37.dmp [20099] O44 - LFC:[MD5.BA9B6B23CB78A7D470AF49AC17FFD7A4] - 28/05/2015 - 17:26:42 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_28_18_26_40.dmp [21213] O44 - LFC:[MD5.73EE9079ED10158EC6E3C269AE0D85D9] - 29/05/2015 - 07:30:36 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_29_8_30_27.dmp [20099] O44 - LFC:[MD5.AC78244299E7BC5E18875A839DB16780] - 29/05/2015 - 07:30:36 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_29_8_30_28.dmp [19909] O44 - LFC:[MD5.18F42BD3A80306EC11683CEBC7EE8A28] - 30/05/2015 - 05:18:50 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_30_6_18_46.dmp [18793] O44 - LFC:[MD5.97A4B078C47FFA08DFCC6439E9FB4E31] - 30/05/2015 - 05:18:50 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_30_6_18_47.dmp [18695] O44 - LFC:[MD5.E2E7B0F19C521FDB5F04919C2B142BF8] - 31/05/2015 - 06:41:58 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_31_7_41_54.dmp [18695] O44 - LFC:[MD5.17FA4D5CD30E72587A9666D080A2CD00] - 31/05/2015 - 06:41:58 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_31_7_41_55.dmp [18793] O44 - LFC:[MD5.2817089F15290220CCD21BB5E60D1B5F] - 31/05/2015 - 07:46:28 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_31_8_46_25.dmp [20099] O44 - LFC:[MD5.78DA6A70D58E7EDEC84DA961C7F5DEC8] - 31/05/2015 - 07:46:28 ---A- . (...) -- C:\Windows\System32\nmesrvc_core_2015_5_31_8_46_26.dmp [20099] ~ Files: 69 Legitimates Filtered in 01mn 28s ---\\ Clé de registre Shell MountPoints2 (MPSK) (O51) O51 - MPSK:{6a08f2c5-d7d3-11e4-85be-78acc0439fa6}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 17 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:14/07/2009 - 01:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712] O58 - SDL:05/12/2013 - 05:17:45 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [25856] O58 - SDL:13/07/2009 - 22:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624] O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072] O58 - SDL:13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:13/07/2009 - 21:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:13/07/2009 - 21:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:13/07/2009 - 21:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:13/07/2009 - 21:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:13/07/2009 - 21:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:13/07/2009 - 21:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:13/07/2009 - 21:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:13/07/2009 - 21:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:13/07/2009 - 21:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:13/07/2009 - 21:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:13/07/2009 - 21:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:13/07/2009 - 21:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672] ~ Drivers: 78 Legitimates Filtered in 00mn 03s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\amouna\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 17/05/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Auto 06/06/2015 144200 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 06/06/2015 144200 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 09/04/2014 235696 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe SS - | Auto 05/12/2013 651856 | (Modem HDM EC156. RunOuc) . (...) - C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe SS - | Demand 27/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 02/03/2010 49152 | (OracleDBConsoleorcl) . (.Oracle Corporation.) - C:\app\amouna\product\11.2.0\dbhome_1\bin\nmesrvc.exe SS - | Auto 02/03/2010 49152 | (OracleDBConsoleorcl2) . (.Oracle Corporation.) - C:\app\amouna\product\11.2.0\dbhome_1\bin\nmesrvc.exe SS - | Disabled 02/04/2010 49152 | (OracleJobSchedulerORCL) . (...) - c:\app\amouna\product\11.2.0\dbhome_1\Bin\extjob.exe SS - | Disabled 02/04/2010 49152 | (OracleJobSchedulerORCL2) . (...) - c:\app\amouna\product\11.2.0\dbhome_1\Bin\extjob.exe SS - | Auto 01/04/2010 69632 | (OracleMTSRecoveryService) . (.Oracle Corporation.) - C:\app\amouna\product\11.2.0\dbhome_1\bin\omtsreco.exe SS - | Demand 28/02/2010 38400 | (OracleOraDb11g_home1ClrAgent) . (.Oracle Corporation.) - C:\app\amouna\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe SS - | Demand 10/07/1658 0 | (OracleOraDb11g_home1TNSListener) . (...) - C:\app\amouna\product\11.2.0\dbhome_1\BIN\TNSLSNR SS - | Demand 02/04/2010 106487808 | (OracleServiceORCL) . (.Oracle Corporation.) - c:\app\amouna\product\11.2.0\dbhome_1\bin\ORACLE.exe SS - | Demand 02/04/2010 106487808 | (OracleServiceORCL2) . (.Oracle Corporation.) - c:\app\amouna\product\11.2.0\dbhome_1\bin\ORACLE.exe SS - | Demand 02/04/2010 159744 | (OracleVssWriterORCL) . (...) - c:\app\amouna\product\11.2.0\dbhome_1\bin\OraVSSW.exe SS - | Demand 02/04/2010 159744 | (OracleVssWriterORCL2) . (...) - c:\app\amouna\product\11.2.0\dbhome_1\bin\OraVSSW.exe SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 07/03/2012 313440 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe SR - | Auto 28/10/2013 276048 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe SR - | Auto 29/12/2014 1448752 | (MATLAB License Server) . (.Flexera Software LLC.) - C:\Program Files\MATLAB\MATLAB Production Server\R2015a\etc\win32\lmgrd.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 19s ---\\ Scan Additionnel (O88) Database Version : 13026 - (27/12/2014) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 ~ Additionnel Scan: 640877 Items scanned in 11mn 29s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51) ~ AMI: 3 Legitimates Filtered in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/pup-dosearches =>PUP.DoSearches ~ MSI: 1 link(s) detected in 00mn 00s ~ 667 Legitimates filtered by white list End of the scan (462 lines in 15mn 23s)(0)