~ ZHPDiag v2015.9.10.139 Par Nicolas Coolman (2015/09/10) ~ Démarré par PHILIPPE PINCHI (Administrator) (2015/09/10 15:05:17) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Etat de la version: Version OK ~ Mode: Scanner ~ Rapport: C:\Documents and Settings\PHILIPPE PINCHI\Bureau\ZHPDiag.txt ~ Rapport: C:\Documents and Settings\PHILIPPE PINCHI\Application Data\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ Démarrage du système: Normal (Normal boot) Windows XP, 32-bit Service Pack 3 (Build 2600) ---\\ Navigateurs Internet (1) - 1s MSIE: Internet Explorer v8.0.6001.18702 ---\\ Informations sur les produits Windows (3) - 0s Windows Automatic Updates : KO Windows Activation Technologies : KO Windows Genuine Advantage : OK ---\\ Logiciels de protection (3) - 3s Avira Antivirus v15.0.12.420 Malwarebytes Anti-Malware version 2.1.8.1057 ZoneAlarm Firewall v11.0.000.057 ---\\ Logiciels d'optimisation (1) - 4s CCleaner v4.19 ---\\ Surveillance de Logiciels (2) - 4s Adobe Flash Player 18 NPAPI Adobe Reader X ---\\ Informations sur le système (6) - 0s ~ Operating System: x86 Family 15 Model 107 Stepping 1, AuthenticAMD ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 2096.228 MB (39% free) ~ System Restore: Activé (Enable) ~ System drive C: has 4 GB free of 60 GB ---\\ Mode de connexion au système (3) - 0s ~ Computer Name: P-PINCHI ~ User Name: PHILIPPE PINCHI ~ Logged in as Administrator ---\\ Enumération des unités disques (6) - 0s ~ Drive C: has 4 GB free of 60 GB (System) ~ Drive E: has 131 GB free of 158 GB ~ Drive F: has 70 GB free of 92 GB ~ Drive H: has 13 GB free of 158 GB ~ Drive I: has 130 GB free of 158 GB ~ Drive K: has 77 GB free of 305 GB ---\\ Etat du Centre de Sécurité Windows (9) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Recherche particulière de fichiers génériques (23) - 1s [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\WINDOWS\Explorer.exe [1037824] © [MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) () -- C:\WINDOWS\System32\rundll32.exe [33792] © [MD5.1643EF58F167E8EDA0566EA4402ECB8D] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [920064] © [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [512000] © [MD5.D76A076ADB74F8132924E498D63123A2] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\System32\dnsapi.dll [149504] © [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496] © [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [96512] © [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] © [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] © [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) () -- C:\WINDOWS\System32\drivers\Fips.sys [44672] © [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144] © [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] © [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] © [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] © [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456320] © [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816] © [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [574976] © [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80384] © [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] © [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224] © [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) () -- C:\WINDOWS\System32\drivers\redbook.sys [58752] © [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [53376] © ---\\ Processus lancés (15) - 5s [MD5.E20B4F23EB153635D67944F63454EC84] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\Antivirus\sched.exe [461672] [PID.1284] © [MD5.8D8D9C8486CB29D01000BFFFE132780A] - (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264] [PID.1692] © [MD5.27F8A7A78773427E5D931628F89D6839] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\Antivirus\avgnt.exe [782008] [PID.1768] © [MD5.1A42F95615006278BC60D88118A1B696] - (.FireStarter - PrtScr.) -- F:\Program Files\PrtScr\PrtScr.exe [1700864] [PID.1852] [MD5.E20B4F23EB153635D67944F63454EC84] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\Antivirus\avguard.exe [461672] [PID.180] © [MD5.1355EBE184F9DAB1718BC587F8A7E05E] - (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) -- C:\Program Files\Fichiers communs\MAGIX Services\Database\bin\FABS.exe [1253376] [PID.316] © [MD5.754EFD0B227B21160E3A27229F52FDDA] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.352] © [MD5.3585D8C36884D274F9047A1AC174D8D5] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [2117960] [PID.440] © [MD5.988CDC4DAE2186F3A5ED6EE7D3E6B5CA] - (.Nero AG - NeroUpdate.) -- C:\Program Files\Nero\Update\NASvc.exe [786256] [PID.1052] © [MD5.24680B56D862F1DE30C13FC64B80F568] - (.Avira Operations GmbH & Co. KG - Avira.ServiceHost.) -- C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [228104] [PID.1884] © [MD5.C063DA6EB1E91722611EE1ACE9A7DE96] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\Antivirus\avshadow.exe [434368] [PID.2972] © [MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [377000] [PID.800] © [MD5.69D4DC441AEC516F68FC659FBB4D453D] - (...) -- C:\UsbFix\UsbFix.exe [1806304] [PID.1948] [MD5.69D4DC441AEC516F68FC659FBB4D453D] - (...) -- C:\UsbFix\UsbFix.exe [1806304] [PID.1916] [MD5.886A7A8D794D4C8DB2D8ADC9990CCD7D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\PHILIPPE PINCHI\Bureau\ZHPDiag3(1).exe [1925632] [PID.148] © ---\\ Google Chrome, Démarrage,Recherche,Extensions (1) - 0s G2 - GCE: Preference [User Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep ---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (10) - 1s M0 - MFSP: prefs.js [PHILIPPE PINCHI - j28muf7c.default-1414066222718] http://www.google.fr P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\Myriad Music Plugin.rsr P2 - EXT: (.Myriad Software. - Myriad music plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\NPMyrMus.dll P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.FRA P2 - EXT FILE: (...) -- C:\Documents and Settings\PHILIPPE PINCHI\Application Data\Mozilla\Firefox\Profiles\j28muf7c.default-1414066222718\extensions\jid1-f3mYMbCpz2AZYl@jetpack.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\PHILIPPE PINCHI\Application Data\Mozilla\Firefox\Profiles\j28muf7c.default-1414066222718\extensions\translator@zoli.bod.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\PHILIPPE PINCHI\Application Data\Mozilla\Firefox\Profiles\j28muf7c.default-1414066222718\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} © P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll © P2 - FPN: [HKLM] [@myriad-online.com/x-myriad-music] - (.Myriad Software..) -- C:\Program Files\Mozilla Firefox\plugins\NPMyrMus.dll ---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (9) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer,Proxy Management (7) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Etude du fichier hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object de navigateur (BHO) (6) - 0s O2 - BHO: Increase performance and video formats for your HTML5