API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 23rd, 2014
2,940
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 31.56 KB | None | 0 0
raw download clone embed print report
  1. ~ Rapport de ZHPDiag v2014.9.20.136 - Nicolas Coolman (20/09/2014)
  2. ~ Lancé par François (23/09/2014 22:15:36)
  3. ~ Adresse du Site Web http://nicolascoolman.fr
  4. ~ Adresse du Forum http://forum.nicolascoolman.fr
  5. ~ Traduit par Nicolas Coolman
  6. ~ Etat de la version : Version à jour.
  7. ~ Liste blanche : Activée par le programme
  8. ~ Elévation des Privilèges : OK
  9. ~ User Account Control (UAC): Activate by user
  10.  
  11.  
  12. ---\\ Navigateurs Internet
  13. MSIE: Internet Explorer v11.0.9600.17107
  14. GCIE: Google Chrome v37.0.2062.120 (Defaut)
  15.  
  16. ---\\ Informations sur les produits Windows
  17. ~ Langage: Français
  18. Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
  19. Windows Server License Manager Script : OK
  20. ~ Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
  21. Windows ID Activation : OK
  22. ~ Windows Partial Key : XRQVR
  23. Windows License : OK
  24. ~ Windows Remaining Initializations Number : 3
  25. Software Protection Service (Protection logicielle) : OK
  26. Windows Automatic Updates : OK
  27. Windows Activation Technologies : OK
  28.  
  29. ---\\ Logiciels de protection du système
  30. avast! Free Antivirus v9.0.2021
  31. Windows Defender W7 (Activate)
  32.  
  33. ---\\ Logiciels d'optimisation du système
  34. CCleaner v4.16
  35.  
  36. ---\\ Logiciels de partage PeerToPeer
  37. Pando Media Booster v2.6.0.7
  38.  
  39. ---\\ Surveillance de Logiciels
  40. Adobe Flash Player 15 Plugin
  41. Adobe Reader XI
  42.  
  43. ---\\ Informations sur le système
  44. ~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
  45. ~ Operating System: 64 Bits
  46. Boot mode: Normal (Normal boot)
  47. Total RAM: 8130 MB (72% free)
  48. System Restore: Activé (Enable)
  49. System drive C: has 527 GB (56%) free of 931 GB
  50.  
  51. ---\\ Mode de connexion au système
  52. ~ Computer Name: FRANÇOIS-PC
  53. ~ User Name: François
  54. ~ All Users Names: HomeGroupUser$, François, Administrateur,
  55. ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
  56. Logged in as Administrator
  57.  
  58. ---\\ Variables d'environnement
  59. ~ System Unit : C:\
  60. ~ %AppZHP% : C:\Users\François\AppData\Roaming\ZHP\
  61. ~ %AppData% : C:\Users\François\AppData\Roaming\
  62. ~ %Desktop% : C:\Users\François\Desktop\
  63. ~ %Favorites% : C:\Users\François\Favorites\
  64. ~ %LocalAppData% : C:\Users\François\AppData\Local\
  65. ~ %StartMenu% : C:\Users\François\AppData\Roaming\Microsoft\Windows\Start Menu\
  66. ~ %Windir% : C:\Windows\
  67. ~ %System% : C:\Windows\System32\
  68.  
  69. ---\\ Enumération des unités disques
  70. C: Hard drive, Flash drive, Thumb drive (Free 527 Go of 931 Go)
  71. D: CD-ROM drive (Free 0 Go of 1 Go)
  72.  
  73.  
  74.  
  75. ---\\ Etat du Centre de Sécurité Windows
  76. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
  77. [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
  78. ~ Security Center: 41 Legitimates Filtered in 00mn 00s
  79.  
  80.  
  81.  
  82. ---\\ Recherche particulière de fichiers génériques
  83. [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
  84. [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
  85. [MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 07:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
  86. [MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
  87. [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
  88. [MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
  89. [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
  90. [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
  91. [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
  92. [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
  93. [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
  94. [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
  95. [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
  96. [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
  97. [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
  98. [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
  99. [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
  100. [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
  101. [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
  102. [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
  103. [MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 07:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
  104. ~ Generic Processes: Scanned in 00mn 00s
  105.  
  106.  
  107.  
  108. ---\\ Etat des fichiers cachés (Caché/Total)
  109. ~ Mes images (My Pictures) : 1/35
  110. ~ Mes musiques (My Musics) : 6/56
  111. ~ Mes Videos (My Videos) : 1/78
  112. ~ Mes Favoris (My Favorites) : 1/26
  113. ~ Mes Documents (My Documents) : 1/448
  114. ~ Mon Bureau (My Desktop) : 1/319
  115. ~ Menu demarrer (Programs) : 1/34
  116. ~ Hidden Files: Scanned in 00mn 03s
  117.  
  118.  
  119.  
  120. ---\\ Processus lancés
  121. [MD5.1A8E315039857E0706CB0E958C122838] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1406776] [PID.3908]
  122. [MD5.E009BACC88ACD9DB268F09515C260ED1] - (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe [3220640] [PID.3920]
  123. [MD5.12A660B7B2599F9841149517536EF208] - (...) -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1219896] [PID.2072]
  124. [MD5.143ECB242AF6ECE366AB477828E29D44] - (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320] [PID.4108]
  125. [MD5.90B0AEA1FFA2CAC78C2CB64BDEFE3C4B] - (.Orange - Executable Orange Inside.) -- C:\Users\François\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1526272] [PID.4120]
  126. [MD5.4F011F572DAC7057DF9D6E9064AA77E8] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488] [PID.4140]
  127. [MD5.5B522E61A39D2237F21CFB4A9612FF14] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\François\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752] [PID.4856]
  128. [MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896] [PID.4436]
  129. [MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.4452]
  130. [MD5.112854FD524F472159E8F32548A7F62D] - (...) -- C:\Program Files (x86)\SupTab\HpUI.exe [733576] [PID.5064] =>PUP.SupTab
  131. [MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files (x86)\SupTab\Loader32.exe [64000] [PID.4200] =>PUP.SupTab
  132. [MD5.3FAFBCCE3F066EDCC263E25A786FFD50] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016] [PID.252]
  133. [MD5.66BFA4B513F24A675B6FBDB0767A8F03] - (.ASUSTeK Computer Inc. - Network Service Help.) -- C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelp.exe [3138360] [PID.5624]
  134. [MD5.05955577B2BCF8919952E265A930CBA2] - (.ASUSTeK Computer Inc. - NetiCtrlTray.) -- C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetiCtrlTray.exe [889856] [PID.4852]
  135. [MD5.D342CD9148D4F9BC75304C658D52C25E] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192] [PID.3532]
  136. [MD5.76798A69DC48DD594C364CF75C75CF2D] - (...) -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe [1220408] [PID.4416]
  137. [MD5.AC08A03D7E579E2903925736E7AB48F2] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808] [PID.6568]
  138. [MD5.7C5AF154B07BB57AF0EF26F156D5A022] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8106496] [PID.5980]
  139. [MD5.AD5CE4DBBBAFB82B728BA0548876C5B6] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411968] [PID.984]
  140. [MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1368]
  141. [MD5.5E0C29FCD859AB8D5B1C859F034D8F2F] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginServices\PluginService.exe [715656] [PID.1624] =>PUP.IePluginService
  142. [MD5.397B966BBCA15D72AE702FDF31D02F99] - (.Fuyu LIMITED - WindowsProtectManger Service.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896] [PID.1752] =>PUP.Fuyu
  143. [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1972]
  144. [MD5.BBF8F831C7720DD5135D8C4C8325187A] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728] [PID.1220]
  145. [MD5.E536856E96A7605EBF580D62A868E5FE] - (...) -- C:\Windows\SysWOW64\ASGT.exe [55296] [PID.1440]
  146. [MD5.03BAC13465BEFA17BFD26DE8EA79301D] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945664] [PID.1600]
  147. [MD5.D7E6C4469902E87C0590B008412A7F05] - (.ASUSTeK Computer Inc. - ASUS Motherboard Fan Control Service.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.26\AsusFanControlService.exe [1652024] [PID.1036]
  148. [MD5.507E699BD36530491BA0F95251B22F06] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912] [PID.2092]
  149. [MD5.CD421DDB5C6E5458CE52EDC36DE7DC5B] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76152] [PID.2336]
  150. [MD5.E87213F37A13E2B54391E40934F071D0] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144] [PID.4432]
  151. [MD5.D5854F77CEEAFC5A8405F8ECCBEC09DF] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344] [PID.1236]
  152. [MD5.BF5D3A2624177C413680DEF19A465AF8] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.1716]
  153. [MD5.3EA307C51069BC72DD74A4964F2A30A9] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [366552] [PID.3776]
  154. ~ Processes Running: Scanned in 00mn 00s
  155.  
  156.  
  157.  
  158. ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
  159. C:\Users\François\AppData\Local\Google\Chrome\User Data\Default\Preferences
  160.  
  161. ---\\ Liste des dossiers d'extension Google Chrome
  162. ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 03s
  163.  
  164.  
  165.  
  166. ---\\ Internet Explorer, Proxy Management (R5)
  167. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.175.62.190:8080
  168. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
  169. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
  170. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
  171. R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
  172. ~ Proxy management: Scanned in 00mn 00s
  173.  
  174.  
  175.  
  176. ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
  177. F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
  178. F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
  179. F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
  180. ~ Keys: Scanned in 00mn 00s
  181.  
  182.  
  183.  
  184. ---\\ Hosts file redirection (O1)
  185. ~ Le fichier hôte est sain (The hosts file is clean) (21)
  186. ~ Hosts File: Scanned in 00mn 00s
  187.  
  188.  
  189.  
  190. ---\\ Browser Helper Objects de navigateur (O2)
  191. O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll =>PUP.SupTab
  192. ~ BHO: 7 Legitimates Filtered in 00mn 00s
  193.  
  194.  
  195.  
  196. ---\\ Internet Explorer Toolbars (O3)
  197. O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
  198. ~ Toolbar: Scanned in 00mn 00s
  199.  
  200.  
  201.  
  202. ---\\ Applications lancées au démarrage du système (O4)
  203. O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
  204. O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
  205. O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
  206. O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\François\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
  207. O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
  208. O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\François\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
  209. O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
  210. O4 - HKCU\..\RunOnce: [Uninstall C:\Users\François\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
  211. O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
  212. O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
  213. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
  214. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
  215. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
  216. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
  217. O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\François\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
  218. O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
  219. O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\François\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
  220. O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
  221. O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\RunOnce: [Uninstall C:\Users\François\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
  222. ~ Application: Scanned in 00mn 00s
  223.  
  224.  
  225.  
  226. ---\\ Modification Domaine/Adresses DNS (O17)
  227. O17 - HKLM\System\CCS\Services\Tcpip\..\{9E7D8D1F-5F2F-4D2D-A712-6767E568A739}: DhcpNameServer = 192.168.1.1 192.168.1.1
  228. O17 - HKLM\System\CS1\Services\Tcpip\..\{9E7D8D1F-5F2F-4D2D-A712-6767E568A739}: DhcpNameServer = 192.168.1.1 192.168.1.1
  229. O17 - HKLM\System\CS2\Services\Tcpip\..\{9E7D8D1F-5F2F-4D2D-A712-6767E568A739}: DhcpNameServer = 192.168.1.1 192.168.1.1
  230. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
  231. ~ Domain: Scanned in 00mn 00s
  232.  
  233.  
  234.  
  235. ---\\ Protocole additionnel (O18)
  236. O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
  237. O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
  238. ~ Protocole Additionnel: Scanned in 00mn 00s
  239.  
  240.  
  241.  
  242. ---\\ Liste des services NT non Microsoft et non désactivés (O23)
  243. O23 - Service: ASGT (ASGT) . (...) - C:\Windows\SysWOW64\ASGT.exe
  244. O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
  245. O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
  246. ~ Services: 21 Legitimates Filtered in 00mn 03s
  247.  
  248.  
  249.  
  250. ---\\ Tâches planifiées en automatique (O39)
  251. [MD5.B240ED07816893746CE7CDDD95C166BF] [APT] [{B7191B2A-09E5-4A88-81DF-EFC24302B9F2}] (...) -- C:\Riot Games\League of Legends\lol.launcher.exe [97856]
  252. [MD5.00000000000000000000000000000000] [APT] [{C620597F-41A0-4E65-88C1-8BD184A2FB6F}] (...) -- C:\Users\François\AppData\Roaming\istartsurf\UninstallManager.exe (.not file.) [0] =>PUP.IsStart
  253. [MD5.B240ED07816893746CE7CDDD95C166BF] [APT] [{F08D5336-BC8C-4419-AAE0-3130AE637E63}] (...) -- C:\Riot Games\League of Legends\lol.launcher.exe [97856]
  254. [MD5.12A660B7B2599F9841149517536EF208] [APT] [ASUS DIPAwayMode] (...) -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1219896]
  255. O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1068]
  256. O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1072]
  257. ~ Scheduled Task: 17 Legitimates Filtered in 00mn 02s
  258.  
  259.  
  260.  
  261. ---\\ Pilotes lancés au démarrage du système (O41)
  262. O41 - Driver: (ndisrd) . (.NT Kernel Resources - NDISRD helper driver.) - C:\Windows\System32\DRIVERS\ndisrd.sys
  263. ~ Drivers: 81 Legitimates Filtered in 00mn 00s
  264.  
  265.  
  266.  
  267. ---\\ Logiciels installés (O42)
  268. O42 - Logiciel: WindowsMangerProtect20.0.0.722 - (.WindowsProtect LIMITED.) [HKLM][64Bits] -- WindowsMangerProtect =>PUP.Fuyu
  269. ~ Logic: 22 Legitimates Filtered in 00mn 00s
  270.  
  271.  
  272.  
  273. ---\\ HKCU & HKLM Software Keys
  274. [HKCU\Software\Boneloaf]
  275. [HKCU\Software\InstallCore] =>Adware.InstallCore
  276. [HKCU\Software\Pando Networks]
  277. [HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
  278. [HKLM\Software\Wow6432Node\Pando Networks]
  279. [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
  280. [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
  281. [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
  282. ~ Key Software: 275 Legitimates Filtered in 00mn 00s
  283.  
  284.  
  285.  
  286. ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
  287. O43 - CFD: 07/02/2014 - 19:41:23 - [] ----D C:\Program Files (x86)\Pando Networks
  288. O43 - CFD: 23/09/2014 - 21:26:37 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
  289. O43 - CFD: 23/09/2014 - 21:26:36 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
  290. O43 - CFD: 23/09/2014 - 21:26:20 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
  291. ~ Program Folder: 176 Legitimates Filtered in 00mn 01s
  292.  
  293.  
  294.  
  295. ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
  296. O44 - LFC:[MD5.62C3574901D2112D22AF58D1F08F2172] - 11/09/2014 - 16:37:55 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin [3961833]
  297. O44 - LFC:[MD5.FA05848A035A46FC66696CF1EC0D647B] - 14/09/2014 - 00:48:03 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [26956]
  298. ~ Files: 45 Legitimates Filtered in 01mn 41s
  299.  
  300.  
  301.  
  302. ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
  303. O51 - MPSK:{bd8619d6-4334-11e4-927f-d850e6bc44ee}\AutoRun\command. (...) -- C:\Windows\system32\D:\setup.hta (.not file.)
  304. O51 - MPSK:{e7ddcd47-9016-11e3-8a27-806e6f6e6963}\AutoRun\command. (...) -- D:\Bin\ASSETUP.exe (.not file.)
  305. ~ Keys: Scanned in 00mn 00s
  306.  
  307.  
  308.  
  309. ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
  310. O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
  311. O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
  312. ~ MWPS: 16 Legitimates Filtered in 00mn 00s
  313.  
  314.  
  315.  
  316. ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
  317. O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
  318. ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
  319.  
  320.  
  321.  
  322. ---\\ Liste des pilotes du système (SDL) (O58)
  323. O58 - SDL:08/08/2014 - 14:59:08 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
  324. O58 - SDL:08/08/2014 - 14:59:08 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
  325. O58 - SDL:08/08/2014 - 14:59:08 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
  326. O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
  327. O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
  328. O58 - SDL:07/02/2013 - 09:31:14 R--A- . (.NT Kernel Resources - NDISRD helper driver.) -- C:\Windows\System32\Drivers\ndisrd.sys [32840]
  329. O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
  330. O58 - SDL:21/08/2012 - 19:54:10 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [15232]
  331. O58 - SDL:14/09/2012 - 03:06:23 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsUpIO.sys [14464]
  332. O58 - SDL:02/04/2009 - 13:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]
  333. ~ Drivers: 69 Legitimates Filtered in 00mn 04s
  334.  
  335.  
  336.  
  337. ---\\ Liste des outils de désinfection (LATC) (O63)
  338. O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
  339. ~ ADS: Scanned in 00mn 00s
  340.  
  341.  
  342.  
  343. ---\\ Liste les services legacy du registre (LALS) (O64)
  344. O64 - Services: CurCS - 08/08/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
  345. ~ Legacy: 77 Legitimates Filtered in 00mn 00s
  346.  
  347.  
  348.  
  349. ---\\ Associations Shell Spawning (O67)
  350. O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
  351. ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
  352.  
  353.  
  354.  
  355. ---\\ Menu de démarrage Internet (SMI) (O68)
  356. O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  357. O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  358. ~ Keys: Scanned in 00mn 00s
  359.  
  360.  
  361.  
  362. ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
  363. O69 - SBI: SearchScopes [HKCU] {5CA200E6-0A3F-4632-88D6-D1A798819350} [DefaultScope] - (Google) - http://www.google.com
  364. ~ Keys: Scanned in 00mn 00s
  365.  
  366.  
  367.  
  368. ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
  369. SS - | Auto 07/02/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  370. SS - | Demand 07/02/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  371. SS - | Demand 02/01/2013 171632 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
  372. SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
  373. SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
  374. SS - | Demand 28/08/2014 833728 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
  375. SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  376. SR - | Auto 04/06/2013 936728 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
  377. SR - | Auto 17/01/2012 55296 | (ASGT) . (...) - C:\Windows\SysWOW64\ASGT.exe
  378. SR - | Auto 13/06/2013 945664 | (asHmComSvc) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
  379. SR - | Auto 25/06/2013 1652024 | (AsusFanControlService) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.26\AsusFanControlService.exe
  380. SR - | Auto 08/08/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  381. SR - | Auto 17/09/2014 1148744 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
  382. SR - | Auto 18/07/2014 9216 | (HiPatchService) . (.Hi-Rez Studios.) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
  383. SR - | Auto 31/01/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
  384. SR - | Auto 23/09/2014 715656 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
  385. SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
  386. SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
  387. SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  388. SR - | Auto 17/09/2014 1795912 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
  389. SR - | Auto 17/09/2014 19439944 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
  390. SR - | Auto 13/09/2014 934216 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
  391. SR - | Auto 28/06/2014 76152 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
  392. SR - | Auto 13/09/2014 411968 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  393. SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
  394. SR - | Auto 23/09/2014 528896 | (WindowsMangerProtect) . (.Fuyu LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
  395. SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
  396. SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
  397. ~ Services: Scanned in 00mn 05s
  398.  
  399.  
  400.  
  401. ---\\ Scan Additionnel (O88)
  402. Database Version : 13026 - (20/09/2014)
  403. Clés trouvées (Keys found) : 10
  404. Valeurs trouvées (Values found) : 0
  405. Dossiers trouvés (Folders found) : 3
  406. Fichiers trouvés (Files found) : 7
  407.  
  408. [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] =>PUP.SupTab^
  409. [HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^
  410. [HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^
  411. [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect] =>PUP.Fuyu^
  412. [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
  413. [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
  414. [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
  415. [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
  416. [HKCU\Software\InstallCore] =>Adware.InstallCore
  417. [HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
  418. C:\Program Files (x86)\SupTab =>PUP.SupTab^
  419. C:\ProgramData\IePluginServices =>PUP.IePluginService^
  420. C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
  421. C:\Program Files (x86)\SupTab\HpUI.exe =>PUP.SupTab^
  422. C:\Program Files (x86)\SupTab\Loader32.exe =>PUP.SupTab^
  423. C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService^
  424. C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu^
  425. [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
  426. [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
  427. [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
  428. ~ Additionnel Scan: 374894 Items scanned in 01mn 15s
  429.  
  430.  
  431.  
  432. ---\\ Informations complémentaires sur les modules
  433. ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
  434. ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
  435. ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
  436. ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
  437. ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
  438. ~ AMI: 5 Legitimates Filtered in 00mn 00s
  439.  
  440.  
  441.  
  442. ---\\ Récapitulatif des détections trouvées sur votre station
  443. http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
  444. http://nicolascoolman.fr/pup-isstart =>PUP.IsStart
  445. http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
  446. http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
  447. http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
  448. ~ MSI: 5 link(s) detected in 00mn 00s
  449.  
  450.  
  451.  
  452. ~ 793 Legitimates filtered by white list
  453. End of the scan (452 lines in 03mn 47s)(0)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!