Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ~ Rapport de ZHPDiag v2014.9.20.136 - Nicolas Coolman (20/09/2014)
- ~ Lancé par François (23/09/2014 22:15:36)
- ~ Adresse du Site Web http://nicolascoolman.fr
- ~ Adresse du Forum http://forum.nicolascoolman.fr
- ~ Traduit par Nicolas Coolman
- ~ Etat de la version : Version à jour.
- ~ Liste blanche : Activée par le programme
- ~ Elévation des Privilèges : OK
- ~ User Account Control (UAC): Activate by user
- ---\\ Navigateurs Internet
- MSIE: Internet Explorer v11.0.9600.17107
- GCIE: Google Chrome v37.0.2062.120 (Defaut)
- ---\\ Informations sur les produits Windows
- ~ Langage: Français
- Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
- Windows Server License Manager Script : OK
- ~ Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
- Windows ID Activation : OK
- ~ Windows Partial Key : XRQVR
- Windows License : OK
- ~ Windows Remaining Initializations Number : 3
- Software Protection Service (Protection logicielle) : OK
- Windows Automatic Updates : OK
- Windows Activation Technologies : OK
- ---\\ Logiciels de protection du système
- avast! Free Antivirus v9.0.2021
- Windows Defender W7 (Activate)
- ---\\ Logiciels d'optimisation du système
- CCleaner v4.16
- ---\\ Logiciels de partage PeerToPeer
- Pando Media Booster v2.6.0.7
- ---\\ Surveillance de Logiciels
- Adobe Flash Player 15 Plugin
- Adobe Reader XI
- ---\\ Informations sur le système
- ~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
- ~ Operating System: 64 Bits
- Boot mode: Normal (Normal boot)
- Total RAM: 8130 MB (72% free)
- System Restore: Activé (Enable)
- System drive C: has 527 GB (56%) free of 931 GB
- ---\\ Mode de connexion au système
- ~ Computer Name: FRANÇOIS-PC
- ~ User Name: François
- ~ All Users Names: HomeGroupUser$, François, Administrateur,
- ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
- Logged in as Administrator
- ---\\ Variables d'environnement
- ~ System Unit : C:\
- ~ %AppZHP% : C:\Users\François\AppData\Roaming\ZHP\
- ~ %AppData% : C:\Users\François\AppData\Roaming\
- ~ %Desktop% : C:\Users\François\Desktop\
- ~ %Favorites% : C:\Users\François\Favorites\
- ~ %LocalAppData% : C:\Users\François\AppData\Local\
- ~ %StartMenu% : C:\Users\François\AppData\Roaming\Microsoft\Windows\Start Menu\
- ~ %Windir% : C:\Windows\
- ~ %System% : C:\Windows\System32\
- ---\\ Enumération des unités disques
- C: Hard drive, Flash drive, Thumb drive (Free 527 Go of 931 Go)
- D: CD-ROM drive (Free 0 Go of 1 Go)
- ---\\ Etat du Centre de Sécurité Windows
- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
- ~ Security Center: 41 Legitimates Filtered in 00mn 00s
- ---\\ Recherche particulière de fichiers génériques
- [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
- [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
- [MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 07:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
- [MD5.88AB9B72B4BF3963A0DE0820B4B0B06C] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/03/2014 - 10:43:50.) -- C:\Windows\System32\Winlogon.exe [455168]
- [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
- [MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
- [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
- [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
- [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
- [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
- [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
- [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
- [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
- [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
- [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
- [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
- [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
- [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
- [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
- [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
- [MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 07:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
- ~ Generic Processes: Scanned in 00mn 00s
- ---\\ Etat des fichiers cachés (Caché/Total)
- ~ Mes images (My Pictures) : 1/35
- ~ Mes musiques (My Musics) : 6/56
- ~ Mes Videos (My Videos) : 1/78
- ~ Mes Favoris (My Favorites) : 1/26
- ~ Mes Documents (My Documents) : 1/448
- ~ Mon Bureau (My Desktop) : 1/319
- ~ Menu demarrer (Programs) : 1/34
- ~ Hidden Files: Scanned in 00mn 03s
- ---\\ Processus lancés
- [MD5.1A8E315039857E0706CB0E958C122838] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [1406776] [PID.3908]
- [MD5.E009BACC88ACD9DB268F09515C260ED1] - (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe [3220640] [PID.3920]
- [MD5.12A660B7B2599F9841149517536EF208] - (...) -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1219896] [PID.2072]
- [MD5.143ECB242AF6ECE366AB477828E29D44] - (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320] [PID.4108]
- [MD5.90B0AEA1FFA2CAC78C2CB64BDEFE3C4B] - (.Orange - Executable Orange Inside.) -- C:\Users\François\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1526272] [PID.4120]
- [MD5.4F011F572DAC7057DF9D6E9064AA77E8] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488] [PID.4140]
- [MD5.5B522E61A39D2237F21CFB4A9612FF14] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\François\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752] [PID.4856]
- [MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896] [PID.4436]
- [MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.4452]
- [MD5.112854FD524F472159E8F32548A7F62D] - (...) -- C:\Program Files (x86)\SupTab\HpUI.exe [733576] [PID.5064] =>PUP.SupTab
- [MD5.D46415CD75DDA09F0A17D2FDA2235CB0] - (...) -- C:\Program Files (x86)\SupTab\Loader32.exe [64000] [PID.4200] =>PUP.SupTab
- [MD5.3FAFBCCE3F066EDCC263E25A786FFD50] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016] [PID.252]
- [MD5.66BFA4B513F24A675B6FBDB0767A8F03] - (.ASUSTeK Computer Inc. - Network Service Help.) -- C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetSvcHelp.exe [3138360] [PID.5624]
- [MD5.05955577B2BCF8919952E265A930CBA2] - (.ASUSTeK Computer Inc. - NetiCtrlTray.) -- C:\Program Files (x86)\ASUS\AI Suite III\Network iControl\NetSvcHelp\NetiCtrlTray.exe [889856] [PID.4852]
- [MD5.D342CD9148D4F9BC75304C658D52C25E] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192] [PID.3532]
- [MD5.76798A69DC48DD594C364CF75C75CF2D] - (...) -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\EPUShortCut.exe [1220408] [PID.4416]
- [MD5.AC08A03D7E579E2903925736E7AB48F2] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808] [PID.6568]
- [MD5.7C5AF154B07BB57AF0EF26F156D5A022] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8106496] [PID.5980]
- [MD5.AD5CE4DBBBAFB82B728BA0548876C5B6] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411968] [PID.984]
- [MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1368]
- [MD5.5E0C29FCD859AB8D5B1C859F034D8F2F] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginServices\PluginService.exe [715656] [PID.1624] =>PUP.IePluginService
- [MD5.397B966BBCA15D72AE702FDF31D02F99] - (.Fuyu LIMITED - WindowsProtectManger Service.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896] [PID.1752] =>PUP.Fuyu
- [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1972]
- [MD5.BBF8F831C7720DD5135D8C4C8325187A] - (...) -- C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728] [PID.1220]
- [MD5.E536856E96A7605EBF580D62A868E5FE] - (...) -- C:\Windows\SysWOW64\ASGT.exe [55296] [PID.1440]
- [MD5.03BAC13465BEFA17BFD26DE8EA79301D] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [945664] [PID.1600]
- [MD5.D7E6C4469902E87C0590B008412A7F05] - (.ASUSTeK Computer Inc. - ASUS Motherboard Fan Control Service.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.26\AsusFanControlService.exe [1652024] [PID.1036]
- [MD5.507E699BD36530491BA0F95251B22F06] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912] [PID.2092]
- [MD5.CD421DDB5C6E5458CE52EDC36DE7DC5B] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76152] [PID.2336]
- [MD5.E87213F37A13E2B54391E40934F071D0] - (.Microsoft Corporation - .NET Runtime Optimization Service.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144] [PID.4432]
- [MD5.D5854F77CEEAFC5A8405F8ECCBEC09DF] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344] [PID.1236]
- [MD5.BF5D3A2624177C413680DEF19A465AF8] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.1716]
- [MD5.3EA307C51069BC72DD74A4964F2A30A9] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [366552] [PID.3776]
- ~ Processes Running: Scanned in 00mn 00s
- ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
- C:\Users\François\AppData\Local\Google\Chrome\User Data\Default\Preferences
- ---\\ Liste des dossiers d'extension Google Chrome
- ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 03s
- ---\\ Internet Explorer, Proxy Management (R5)
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 195.175.62.190:8080
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
- R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
- ~ Proxy management: Scanned in 00mn 00s
- ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
- F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
- F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
- F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
- ~ Keys: Scanned in 00mn 00s
- ---\\ Hosts file redirection (O1)
- ~ Le fichier hôte est sain (The hosts file is clean) (21)
- ~ Hosts File: Scanned in 00mn 00s
- ---\\ Browser Helper Objects de navigateur (O2)
- O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll =>PUP.SupTab
- ~ BHO: 7 Legitimates Filtered in 00mn 00s
- ---\\ Internet Explorer Toolbars (O3)
- O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
- ~ Toolbar: Scanned in 00mn 00s
- ---\\ Applications lancées au démarrage du système (O4)
- O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
- O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
- O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
- O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\François\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
- O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
- O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\François\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
- O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
- O4 - HKCU\..\RunOnce: [Uninstall C:\Users\François\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
- O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
- O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
- O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
- O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
- O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
- O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
- O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\François\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
- O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
- O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\François\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
- O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
- O4 - HKUS\S-1-5-21-2296536429-312935811-466557617-1000\..\RunOnce: [Uninstall C:\Users\François\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
- ~ Application: Scanned in 00mn 00s
- ---\\ Modification Domaine/Adresses DNS (O17)
- O17 - HKLM\System\CCS\Services\Tcpip\..\{9E7D8D1F-5F2F-4D2D-A712-6767E568A739}: DhcpNameServer = 192.168.1.1 192.168.1.1
- O17 - HKLM\System\CS1\Services\Tcpip\..\{9E7D8D1F-5F2F-4D2D-A712-6767E568A739}: DhcpNameServer = 192.168.1.1 192.168.1.1
- O17 - HKLM\System\CS2\Services\Tcpip\..\{9E7D8D1F-5F2F-4D2D-A712-6767E568A739}: DhcpNameServer = 192.168.1.1 192.168.1.1
- O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
- ~ Domain: Scanned in 00mn 00s
- ---\\ Protocole additionnel (O18)
- O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
- ~ Protocole Additionnel: Scanned in 00mn 00s
- ---\\ Liste des services NT non Microsoft et non désactivés (O23)
- O23 - Service: ASGT (ASGT) . (...) - C:\Windows\SysWOW64\ASGT.exe
- O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
- O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
- ~ Services: 21 Legitimates Filtered in 00mn 03s
- ---\\ Tâches planifiées en automatique (O39)
- [MD5.B240ED07816893746CE7CDDD95C166BF] [APT] [{B7191B2A-09E5-4A88-81DF-EFC24302B9F2}] (...) -- C:\Riot Games\League of Legends\lol.launcher.exe [97856]
- [MD5.00000000000000000000000000000000] [APT] [{C620597F-41A0-4E65-88C1-8BD184A2FB6F}] (...) -- C:\Users\François\AppData\Roaming\istartsurf\UninstallManager.exe (.not file.) [0] =>PUP.IsStart
- [MD5.B240ED07816893746CE7CDDD95C166BF] [APT] [{F08D5336-BC8C-4419-AAE0-3130AE637E63}] (...) -- C:\Riot Games\League of Legends\lol.launcher.exe [97856]
- [MD5.12A660B7B2599F9841149517536EF208] [APT] [ASUS DIPAwayMode] (...) -- C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1219896]
- O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1068]
- O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1072]
- ~ Scheduled Task: 17 Legitimates Filtered in 00mn 02s
- ---\\ Pilotes lancés au démarrage du système (O41)
- O41 - Driver: (ndisrd) . (.NT Kernel Resources - NDISRD helper driver.) - C:\Windows\System32\DRIVERS\ndisrd.sys
- ~ Drivers: 81 Legitimates Filtered in 00mn 00s
- ---\\ Logiciels installés (O42)
- O42 - Logiciel: WindowsMangerProtect20.0.0.722 - (.WindowsProtect LIMITED.) [HKLM][64Bits] -- WindowsMangerProtect =>PUP.Fuyu
- ~ Logic: 22 Legitimates Filtered in 00mn 00s
- ---\\ HKCU & HKLM Software Keys
- [HKCU\Software\Boneloaf]
- [HKCU\Software\InstallCore] =>Adware.InstallCore
- [HKCU\Software\Pando Networks]
- [HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
- [HKLM\Software\Wow6432Node\Pando Networks]
- [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
- [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
- [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
- ~ Key Software: 275 Legitimates Filtered in 00mn 00s
- ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
- O43 - CFD: 07/02/2014 - 19:41:23 - [] ----D C:\Program Files (x86)\Pando Networks
- O43 - CFD: 23/09/2014 - 21:26:37 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
- O43 - CFD: 23/09/2014 - 21:26:36 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
- O43 - CFD: 23/09/2014 - 21:26:20 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
- ~ Program Folder: 176 Legitimates Filtered in 00mn 01s
- ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
- O44 - LFC:[MD5.62C3574901D2112D22AF58D1F08F2172] - 11/09/2014 - 16:37:55 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin [3961833]
- O44 - LFC:[MD5.FA05848A035A46FC66696CF1EC0D647B] - 14/09/2014 - 00:48:03 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [26956]
- ~ Files: 45 Legitimates Filtered in 01mn 41s
- ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
- O51 - MPSK:{bd8619d6-4334-11e4-927f-d850e6bc44ee}\AutoRun\command. (...) -- C:\Windows\system32\D:\setup.hta (.not file.)
- O51 - MPSK:{e7ddcd47-9016-11e3-8a27-806e6f6e6963}\AutoRun\command. (...) -- D:\Bin\ASSETUP.exe (.not file.)
- ~ Keys: Scanned in 00mn 00s
- ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
- O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
- O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
- ~ MWPS: 16 Legitimates Filtered in 00mn 00s
- ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
- O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
- ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
- ---\\ Liste des pilotes du système (SDL) (O58)
- O58 - SDL:08/08/2014 - 14:59:08 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
- O58 - SDL:08/08/2014 - 14:59:08 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
- O58 - SDL:08/08/2014 - 14:59:08 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
- O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
- O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
- O58 - SDL:07/02/2013 - 09:31:14 R--A- . (.NT Kernel Resources - NDISRD helper driver.) -- C:\Windows\System32\Drivers\ndisrd.sys [32840]
- O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
- O58 - SDL:21/08/2012 - 19:54:10 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [15232]
- O58 - SDL:14/09/2012 - 03:06:23 R--A- . (...) -- C:\Windows\SysWOW64\drivers\AsUpIO.sys [14464]
- O58 - SDL:02/04/2009 - 13:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]
- ~ Drivers: 69 Legitimates Filtered in 00mn 04s
- ---\\ Liste des outils de désinfection (LATC) (O63)
- O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
- ~ ADS: Scanned in 00mn 00s
- ---\\ Liste les services legacy du registre (LALS) (O64)
- O64 - Services: CurCS - 08/08/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
- ~ Legacy: 77 Legitimates Filtered in 00mn 00s
- ---\\ Associations Shell Spawning (O67)
- O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
- ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
- ---\\ Menu de démarrage Internet (SMI) (O68)
- O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
- ~ Keys: Scanned in 00mn 00s
- ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
- O69 - SBI: SearchScopes [HKCU] {5CA200E6-0A3F-4632-88D6-D1A798819350} [DefaultScope] - (Google) - http://www.google.com
- ~ Keys: Scanned in 00mn 00s
- ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
- SS - | Auto 07/02/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- SS - | Demand 07/02/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- SS - | Demand 02/01/2013 171632 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
- SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
- SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
- SS - | Demand 28/08/2014 833728 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
- SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
- SR - | Auto 04/06/2013 936728 | (asComSvc) . (...) - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
- SR - | Auto 17/01/2012 55296 | (ASGT) . (...) - C:\Windows\SysWOW64\ASGT.exe
- SR - | Auto 13/06/2013 945664 | (asHmComSvc) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
- SR - | Auto 25/06/2013 1652024 | (AsusFanControlService) . (.ASUSTeK Computer Inc..) - C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.26\AsusFanControlService.exe
- SR - | Auto 08/08/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
- SR - | Auto 17/09/2014 1148744 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
- SR - | Auto 18/07/2014 9216 | (HiPatchService) . (.Hi-Rez Studios.) - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
- SR - | Auto 31/01/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
- SR - | Auto 23/09/2014 715656 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
- SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
- SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
- SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
- SR - | Auto 17/09/2014 1795912 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
- SR - | Auto 17/09/2014 19439944 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
- SR - | Auto 13/09/2014 934216 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
- SR - | Auto 28/06/2014 76152 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
- SR - | Auto 13/09/2014 411968 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
- SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
- SR - | Auto 23/09/2014 528896 | (WindowsMangerProtect) . (.Fuyu LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu
- SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
- SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
- ~ Services: Scanned in 00mn 05s
- ---\\ Scan Additionnel (O88)
- Database Version : 13026 - (20/09/2014)
- Clés trouvées (Keys found) : 10
- Valeurs trouvées (Values found) : 0
- Dossiers trouvés (Folders found) : 3
- Fichiers trouvés (Files found) : 7
- [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] =>PUP.SupTab^
- [HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^
- [HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^
- [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect] =>PUP.Fuyu^
- [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
- [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
- [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
- [HKCU\Software\InstallCore] =>Adware.InstallCore
- [HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
- C:\Program Files (x86)\SupTab =>PUP.SupTab^
- C:\ProgramData\IePluginServices =>PUP.IePluginService^
- C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
- C:\Program Files (x86)\SupTab\HpUI.exe =>PUP.SupTab^
- C:\Program Files (x86)\SupTab\Loader32.exe =>PUP.SupTab^
- C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService^
- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu^
- [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
- [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
- [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
- ~ Additionnel Scan: 374894 Items scanned in 01mn 15s
- ---\\ Informations complémentaires sur les modules
- ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
- ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
- ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
- ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
- ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
- ~ AMI: 5 Legitimates Filtered in 00mn 00s
- ---\\ Récapitulatif des détections trouvées sur votre station
- http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
- http://nicolascoolman.fr/pup-isstart =>PUP.IsStart
- http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
- http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
- http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
- ~ MSI: 5 link(s) detected in 00mn 00s
- ~ 793 Legitimates filtered by white list
- End of the scan (452 lines in 03mn 47s)(0)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement