Format du document : text/plain
Prévisualisation
~ ZHPDiag v2018.4.15.67 Par Nicolas Coolman (2018/04/15)
~ Démarré par thiba_000 (Administrator) (2018/04/16 20:41:40)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\thiba_000\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\thiba_000\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 16299) =>.Microsoft Corporation
---\\ MODE DE CONNEXION AU SYSTÈME (3) - 0s
~ Computer Name: CRAZYTIB
~ User Name: thiba_000
~ Logged in as Administrator
---\\ FIREFOX, Plugins,Démarrage,Recherche,Extensions (28) - 27s
P2 - EXT FILE: (.Citrix Systems, Inc. - Citrix CCM SDK DLL (Win32).) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\CCMSDK.dll =>.Citrix Systems, Inc.®
P2 - EXT FILE: (.Citrix Systems, Inc. - Program Neighborhood CGPCFG dll.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\cgpcfg.dll =>.Citrix Systems, Inc.®
P2 - EXT FILE: (.Citrix Systems, Inc. - CGP Core.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\CgpCore.dll {201129693CA37B1E63D8A77D3BDD705B} =>.Citrix Systems, Inc.
P2 - EXT FILE: (.Citrix Systems, Inc. - Citrix online plug-in Configuration DLL (Wi.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\confmgr.dll =>.Citrix Systems, Inc.®
P2 - EXT FILE: (.Citrix Systems, Inc. - Citrix ICA Client Logging DLL.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\ctxlogging.dll {201129693CA37B1E63D8A77D3BDD705B} =>.Citrix Systems, Inc.
P2 - EXT FILE: (.Citrix Systems, Inc. - Citrix online plug-in MUI DLL (Win32).) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\ctxmui.dll =>.Citrix Systems, Inc.®
P2 - EXT FILE: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\ICAClObj.class
P2 - EXT FILE: (.Citrix Systems, Inc. - Citrix Configuration Manager.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\icafile.dll =>.Citrix Systems, Inc.®
P2 - EXT FILE: (.Citrix Systems, Inc. - Citrix online plug-in Logon (Win32).) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\icalogon.dll {201129693CA37B1E63D8A77D3BDD705B} =>.Citrix Systems, Inc.
P2 - EXT FILE: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npicaN.dll =>.Citrix Systems, Inc.®
P2 - EXT FILE: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll =>.Adobe Systems, Incorporated®
P2 - EXT FILE: (.Adobe Inc. - Acrobate Reader.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.FRA =>.Adobe Inc.
P2 - EXT FILE: (.Citrix Systems, Inc. - Citrix SSL SDK (OpenSSL).) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\sslsdk_b.dll {201129693CA37B1E63D8A77D3BDD705B} =>.Citrix Systems, Inc.
P2 - EXT FILE: (.Citrix Systems, Inc. - TCP Proxy Service.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\TcpPServ.dll {201129693CA37B1E63D8A77D3BDD705B} =>.Citrix Systems, Inc.
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\shield-recipe-client@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla Corporation
P2 - FPN: [HKCU] [ubisoft.com/uplaypc] - (...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll =>.Google Inc.
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll =>.Google Inc.
P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll =>.WildTangent
---\\ INTERNET EXPLORER,Démarrage,Recherche,URLSearchHook (16) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://toshiba.eu/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.16299.15 (WinBuild.160101.0800)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
---\\ INTERNET EXPLORER, Site de confiance et site sensible (2) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)
~ Microsoft Internet Explorer Restricted Site(s) EscDomains: 0(Good) / 0(Bad)
---\\ COMPOSANTS ACTIVESETUP INSTALLÉS (ASIC) (4) - 3s
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Utilitaire d’installation du Lecteur Window.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
---\\ SCAN ADDITIONNEL (25) - 57s
C:\WINDOWS\System32\Drivers\6769f0cc7c417d3972dbffa6da082b0c.sys =>PUP.Optional.Wajam
C:\WINDOWS\System32\Drivers\86e3f90ca06df4d7ed38b82b1f950e62.sys =>PUP.Optional.Wajam
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\009 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\010 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\013 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\015 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\016 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\019 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\020 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\021 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\022 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\023 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\025 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\026 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\027 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\028 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\029 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\031 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\033 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\034 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\037 =>.SUP.Temporary.Chrome
C:\Users\thiba_000\AppData\Local\Google\Chrome\User Data\Default\File System\Plugins =>.SUP.Temporary.Chrome
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID]:{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} =>PUP.Optional.XTab
---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION (2) - 0s
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.XTab
~ Unselected Options: Browser, Windows, Software, Plateform, Unit, Security, Generics, O23, SRSS, O38, O4, Start Process, Google, Dragon, Opera, R5, F2,F3, O1, O2, O3, O4G, O10, O17, O18, O20, O34, O35, O36, O42, O43, O45, O46, O106, O108, O50, O53, O58, O61, O67, O68, O69, O82, O83, O87, O90, O93, O100,
~ End of the scan, 2583 items in 01mn31s (110)(0)