AntiGuide: ZhpDiagPasAdmin



PagePrincipale :: DerniersChangements :: ParametresUtilisateur :: Vous êtes 216.73.216.92 :: Signaler un abus :: le: 20250721 00:25:40
utopie: faire tourner ZhpDiag sans droits d'administration

solution 1: au naturel
comparaison avec/sans à voir en fin de page
évidemment, sans droits d'admin, certains éléments sont innaccessible

solution 2
runas
pas dispo sousXP Home, Vista familial ni starter (ne dit pad basic/premium ?), à préciser pour W7et plus...


Comparaison des fichiers pasadmin_zhpdiag.txt et \ZHP\ZHPDIAG.TXT
***** pasadmin_zhpdiag.txt
~ Rapport de ZHPDiag v2013.9.6.15 - Nicolas Coolman  (07/09/2013)
~ Lancé par Juliette (24/09/2013 12:05:00)
~ Adresse du Site Web http://nicolascoolman.webs.com
***** \ZHP\ZHPDIAG.TXT
~ Rapport de ZHPDiag v2013.9.6.15 - Nicolas Coolman  (07/09/2013)
~ Lancé par admin_juliette (24/09/2013 12:11:11)
~ Adresse du Site Web http://nicolascoolman.webs.com
*****

***** pasadmin_zhpdiag.txt
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user

***** \ZHP\ZHPDIAG.TXT
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

*****

***** pasadmin_zhpdiag.txt
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.19458
MFIE: Mozilla Firefox 24.0 (Defaut)
GCIE: Google Chrome v29.0.1547.76
***** \ZHP\ZHPDIAG.TXT
---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.19458 (Defaut)
MFIE: Mozilla Firefox 24.0
GCIE: Google Chrome v29.0.1547.76
*****

***** pasadmin_zhpdiag.txt
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (54% free)
System Restore: Activé (Enable)
***** \ZHP\ZHPDIAG.TXT
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (51% free)
System Restore: Activé (Enable)
*****

***** pasadmin_zhpdiag.txt
~ Computer Name: ACERM1641
~ User Name: Juliette
~ All Users Names: LogMeInRemoteUser, Juliette, geott-admin, dazibao, creesafemode, British, admin_juliette, admin_dazibao, admi
***** \ZHP\ZHPDIAG.TXT
~ Computer Name: ACERM1641
~ User Name: admin_juliette
~ All Users Names: LogMeInRemoteUser, Juliette, geott-admin, dazibao, creesafemode, British, admin_juliette, admin_dazibao, admi
*****

***** pasadmin_zhpdiag.txt
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as User

***** \ZHP\ZHPDIAG.TXT
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

*****

***** pasadmin_zhpdiag.txt
~ System Unit : C:\
~ %AppData% : C:\Users\Juliette\AppData\Roaming\
~ %Desktop% : C:\Users\Juliette\Desktop\
~ %Favorites% : C:\Users\Juliette\Favorites\
~ %LocalAppData% : C:\Users\Juliette\AppData\Local\
~ %StartMenu% : C:\Users\Juliette\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
***** \ZHP\ZHPDIAG.TXT
~ System Unit : C:\
~ %AppData% : C:\Users\admin_juliette\AppData\Roaming\
~ %Desktop% : C:\Users\admin_juliette\Desktop\
~ %Favorites% : C:\Users\admin_juliette\Favorites\
~ %LocalAppData% : C:\Users\admin_juliette\AppData\Local\
~ %StartMenu% : C:\Users\admin_juliette\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
*****

***** pasadmin_zhpdiag.txt
---\\ Processus lancés au démarrage du système
[MD5.151B2D097C7182898387994CEA34890B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe   [536985
***** \ZHP\ZHPDIAG.TXT
---\\ Processus lancés au démarrage du système
[MD5.1BF9D6476061B31CD7FC2BF848529A56] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton AntiVi
rus\Engine\20.4.0.40\ccSvcHst.exe   [144368] [PID.488]
[MD5.197F932671C6A92CE35F2FDE37159594] - (.Symantec Corporation - Norton Identity Safe.) -- C:\Program Files\Norton Identity Saf
e\Engine\2014.5.0.67\NST.exe   [129424] [PID.2068]
[MD5.151B2D097C7182898387994CEA34890B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe   [536985
*****

***** pasadmin_zhpdiag.txt
es\ATI Technologies\ATI.ACE\Core-Static\CCC.exe   [49152] [PID.3824]
[MD5.DFB2902086DEC1469F13C2BA839BC6E1] - (.Nicolas Coolman - ZHPDiag.) -- R:\Zhp-Usb\ZHPDiag\ZHPDiag.exe   [7909376] [PID.5888]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PI
***** \ZHP\ZHPDIAG.TXT
es\ATI Technologies\ATI.ACE\Core-Static\CCC.exe   [49152] [PID.3824]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PI
*****

***** pasadmin_zhpdiag.txt
D.5440]
~ Processes Running:  Scanned in 00mn 00s

***** \ZHP\ZHPDIAG.TXT
D.5440]
[MD5.DFB2902086DEC1469F13C2BA839BC6E1] - (.Nicolas Coolman - ZHPDiag.) -- R:\Zhp-Usb\ZHPDiag\ZHPDiag.exe   [7909376] [PID.5940]
[MD5.7A45D5222F3B65CA547615650D83156D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system3
2\Ati2evxx.exe   [704512] [PID.1024]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\sys
tem32\SLsvc.exe   [3408896] [PID.1296]
[MD5.517D30057C726C797764BFD70A55D82A] - (.CyberLink - CLMSServer.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\
Kernel\DMS\CLMSServer.exe   [269448] [PID.536]
[MD5.E91F2444DF54E725DDBBDDB7FBCE71F5] - (.Pas de propriétaire - MemCheck.Service.) -- C:\Acer\Empowering Technology\ePerformanc
e\MemCheck.exe   [28672] [PID.464]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Commo
n Files\Adobe\ARM\1.0\armsvc.exe   [65640] [PID.1244]
[MD5.CD3E06541CAA935C6C299A95D4E0F771] - (...) -- C:\Program Files\Belkin\Home Base Control Center\Hbapcs.exe   [40960] [PID.139
2]
[MD5.2893C9132F539FF3F964EFD38EAD1755] - (...) -- C:\Program Files\Belkin\Home Base Control Center\BkBackupScheduler.exe   [9062
4] [PID.1512]
[MD5.B7DC2580425225C320CEDA78DE55A3D0] - (.Egis Incorporated - Acer eDataSecurity Management Service.) -- C:\Acer\Empowering Tec
hnology\eDataSecurity\x86\eDSService.exe   [500784] [PID.1780]
[MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\Light
Scribe\LSSrvc.exe   [61440] [PID.724]
[MD5.DABCB3AD9B60BFDA876CB4F6081E822F] - (.LogMeIn, Inc. - LMIGuardianSvc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe  
 [375120] [PID.328]
[MD5.AB73A7C8594ABE0A7418626F0E742F40] - (.LogMeIn, Inc. - LogMeIn Maintenance Service.) -- C:\Program Files\LogMeIn\x86\RaMaint
.exe   [202576] [PID.1760]
[MD5.432618FA75B61059D2C57D6A7E55147A] - (.LogMeIn, Inc. - LogMeIn.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe   [390528] [PID
.1556]
[MD5.A035A7BF5132682F53F1E7B955690CE7] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\R
ichVideo.exe   [241734] [PID.2156]
[MD5.A275FBB7C99458C12E088DFF3E58EB4D] - (.Microsoft Corporation - TCP/IP Services Application.) -- C:\Windows\System32\tcpsvcs.
exe   [9728] [PID.2196]
[MD5.D9B422F37FCAF61BD80E12CC03E84816] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\system32\vmnat.exe   [437328] [PID.
2328]
[MD5.59FCCAF915BA89DD98CADF08DA91AFEE] - (.Acer Inc. - eRecoveryService.) -- C:\Acer\Empowering Technology\eRecovery\eRecoverySe
rvice.exe   [57344] [PID.2576]
[MD5.A9745687A57CDD71237915859ABA8DAC] - (.Pas de propriétaire - Service.) -- C:\Acer\Empowering Technology\eSettings\Service\ca
puserv.exe   [24576] [PID.2680]
[MD5.83C92F09C507BF8C2E2BED71F7B04A29] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files\VMware\VMware Playe
r\vmware-authd.exe   [86096] [PID.2756]
[MD5.5DC2DA538FF0806950B73F798A2444ED] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\system32\vmnetdhcp.exe   [35
8480] [PID.2856]
[MD5.DDB09C7BED90A78DC5C3B5F3A29E0A9B] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files\Common Files\VMwa
re\USB\vmware-usbarbitrator.exe   [719416] [PID.2880]
[MD5.BE01E566D1F569AAB32D0335613E1EEA] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe   [7168] [
PID.5064]
~ Processes Running:  Scanned in 00mn 01s

*****

***** pasadmin_zhpdiag.txt
es\Google\Google Toolbar\GoogleToolbar_32.dll  =>Toolbar.Google
~ Toolbar:  Scanned in 00mn 00s
***** \ZHP\ZHPDIAG.TXT
es\Google\Google Toolbar\GoogleToolbar_32.dll  =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{A13C2648-91D4-4BF3-BC6D-0079707C4389} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s
*****

***** pasadmin_zhpdiag.txt
O4 - HKCU\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-21-3932267062-2333959732-3676682981-1017\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
***** \ZHP\ZHPDIAG.TXT
O4 - HKCU\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
 
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
 
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-21-3932267062-2333959732-3676682981-1017\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
*****

***** pasadmin_zhpdiag.txt
O4 - GS\Programs: TrayMin300.exe.lnk . (...)  -- C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin600.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\i
***** \ZHP\ZHPDIAG.TXT
O4 - GS\Programs: TrayMin300.exe.lnk . (...)  -- C:\Program Files\Philips\SPC 600NC PC Camera\TrayMin600.exe
O4 - GS\QuickLaunch: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.)  -- C:\Program Files\Astonsoft\DeepBurner\DeepBu
rner.exe 
O4 - GS\Desktop: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.)  -- C:\Program Files\Astonsoft\DeepBurner\DeepBurner
.exe 
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\i
*****

***** pasadmin_zhpdiag.txt
ernet Explorer\iexplore.exe 
~ Global Startup:  Scanned in 00mn 00s

***** \ZHP\ZHPDIAG.TXT
ernet Explorer\iexplore.exe 
O4 - GS\Programs: Moovida.lnk . (...)  -- C:\Program Files\Fluendo\Moovida\Moovida.exe (.not file.)  =>Adware.SPointer
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\I
nternet Explorer\iexplore.exe 
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Me
dia Player\wmplayer.exe 
O4 - GS\Desktop: Moovida.lnk . (...)  -- C:\Program Files\Fluendo\Moovida\Moovida.exe (.not file.)  =>Adware.SPointer
O4 - GS\QuickLaunch: Device Monitoring Studio.lnk . (.HHD Software Ltd. - Device Monitoring Studio main executable.)  -- C:\Prog
ram Files\HHD Software\Device Monitoring Studio\studio.exe 
O4 - GS\Desktop: dazibao - Raccourci.lnk . (...)  -- C:\dazibao 
O4 - GS\Desktop: Hid FootSwitch V5.1.lnk . (...)  -- C:\Users\dazibao\AppData\Roaming\Microsoft\Installer\{D4714F9B-DB27-4361-81
C7-09AF65FA912E}\_FA3683DD01E89B273BB677.exe
O4 - GS\Desktop: LOG - Raccourci.lnk . (...)  -- C:\dazibao\LOG 
O4 - GS\Desktop: Mini LED Display.lnk . (.Le Shan - Pas de description.)  -- C:\Program Files\Mini LED Display\Mini LED Display.
exe 
O4 - GS\Programs: Mozilla Firefox.lnk . (...)  -- C:\Users\admin_juliette\AppData\Local\Mozilla Firefox\firefox.exe (.not file.)

O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (...)  -- C:\Users\admin_juliette\AppData\Local\Mozilla Firefox\firefox.exe (.not fil
e.)
O4 - GS\Desktop: Mozilla Firefox.lnk . (...)  -- C:\Users\admin_juliette\AppData\Local\Mozilla Firefox\firefox.exe (.not file.)
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files\Mozilla Firefox\firefox.exe 
O4 - GS\QuickLaunch: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.)  -- C:\Program Files\Mozilla Thunderbird\th
underbird.exe 
O4 - GS\SendTo: Add to archive.lnk . (.Giorgio Tani - PeaZip, file and archive manager.)  -- C:\Program Files\PeaZip\peazip.exe 

O4 - GS\SendTo: Browse path with PeaZip.lnk . (.Giorgio Tani - PeaZip, file and archive manager.)  -- C:\Program Files\PeaZip\pe
azip.exe 
O4 - GS\SendTo: Extract here (in new folder).lnk . (.Giorgio Tani - PeaZip, file and archive manager.)  -- C:\Program Files\PeaZ
ip\peazip.exe 
O4 - GS\SendTo: Extract here.lnk . (.Giorgio Tani - PeaZip, file and archive manager.)  -- C:\Program Files\PeaZip\peazip.exe 
O4 - GS\SendTo: Extract....lnk . (.Giorgio Tani - PeaZip, file and archive manager.)  -- C:\Program Files\PeaZip\peazip.exe 
O4 - GS\SendTo: Open as archive.lnk . (.Giorgio Tani - PeaZip, file and archive manager.)  -- C:\Program Files\PeaZip\peazip.exe
 
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files\Skype\Phone\Skype.exe 
O4 - GS\SendTo: Test archive(s).lnk . (.Giorgio Tani - PeaZip, file and archive manager.)  -- C:\Program Files\PeaZip\peazip.exe
 
O4 - GS\Desktop: Fichiers d’installation Norton.lnk . (...)  -- C:\Users\Public\Downloads\Norton\{NBRT50-B26-Retail-4abb-B07C-C0
84B04B4F12} 
O4 - GS\Desktop: ImageMagick Display.lnk . (.ImageMagick Studio LLC - IMDisplay MFC Application.)  -- C:\Program Files\ImageMagi
ck-6.8.5-Q16\imdisplay.exe 
O4 - GS\Desktop: KillWScript.lnk . (.Microsoft Corporation - Terminer les processus.)  -- C:\Windows\System32\taskkill.exe 
O4 - GS\Desktop: PeaZip.lnk . (.Giorgio Tani - PeaZip, file and archive manager.)  -- C:\Program Files\PeaZip\peazip.exe 
O4 - GS\Desktop: Virtual Machines.lnk - Clé orpheline
O4 - GS\Desktop: WxpVMware.lnk . (...)  -- D:\WxpVMware 
~ Global Startup:  Scanned in 00mn 02s

*****

***** pasadmin_zhpdiag.txt
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\system32\vmnat.exe
~ Services: 22 Legitimates Filtered in 00mn 15s

***** \ZHP\ZHPDIAG.TXT
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\system32\vmnat.exe
~ Services: 22 Legitimates Filtered in 00mn 14s

*****

***** pasadmin_zhpdiag.txt
[HKLM\Software\Zoom Telephonics Inc]
~ Key Software: 164 Legitimates Filtered in 00mn 00s

***** \ZHP\ZHPDIAG.TXT
[HKLM\Software\Zoom Telephonics Inc]
~ Key Software: 162 Legitimates Filtered in 00mn 00s

*****

***** pasadmin_zhpdiag.txt
O43 - CFD: 29/08/2012 - 10:04:15 - [0,683] ----D C:\Program Files\V92 Modem
~ Program Folder: 178 Legitimates Filtered in 00mn 39s

***** \ZHP\ZHPDIAG.TXT
O43 - CFD: 29/08/2012 - 10:04:15 - [0,683] ----D C:\Program Files\V92 Modem
~ Program Folder: 179 Legitimates Filtered in 00mn 03s

*****

***** pasadmin_zhpdiag.txt
O44 - LFC:[MD5.5CAD0BB65836B05E6A6F40E1544EEA3C] - 24/09/2013 - 11:05:10 ---A- . (...) -- C:\Windows\ntbtlog.txt   [8007488]
~ Files: 52 Legitimates Filtered in 00mn 03s

***** \ZHP\ZHPDIAG.TXT
O44 - LFC:[MD5.5CAD0BB65836B05E6A6F40E1544EEA3C] - 24/09/2013 - 11:05:10 ---A- . (...) -- C:\Windows\ntbtlog.txt   [8007488]
~ Files: 52 Legitimates Filtered in 00mn 01s

*****

***** pasadmin_zhpdiag.txt
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {3A2AC6DA-B10E-4698-B446-46ADF25929E7} [DefaultScope] - (Google) - http://www.google.com
~ Keys:  Scanned in 00mn 00s
***** \ZHP\ZHPDIAG.TXT
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {8C5ABED3-7B38-4135-A6B4-B8BE66F7768A} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} - (Norton Safe Search) - http://nortonsafe.search.ask.com
~ Keys:  Scanned in 00mn 00s
*****

***** pasadmin_zhpdiag.txt
TRUE | .(...) -- E:\search ip camera\search ip camera.exe (.not file.)
O87 - FAEL: "TCP Query User{6031FC77-E65A-482C-888C-9A27384E3C4B}C:\users\adminpo\desktop\wg\wget.exe" |In - Public - P6 - TRUE 
| .(...) -- C:\users\adminpo\desktop\wg\wget.exe (.not file.)
O87 - FAEL: "UDP Query User{F8DC26E9-9624-46CC-B921-88ABC3A86D0A}C:\users\adminpo\desktop\wg\wget.exe" |In - Public - P17 - TRUE
 | .(...) -- C:\users\adminpo\desktop\wg\wget.exe (.not file.)
~ Firewall: 219 Legitimates Filtered in 00mn 01s

***** \ZHP\ZHPDIAG.TXT
TRUE | .(...) -- E:\search ip camera\search ip camera.exe (.not file.)
O87 - FAEL: "TCP Query User{6031FC77-E65A-482C-888C-9A27384E3C4B}C:\users\adminpo\desktop\wg\wget.exe" | In - Public - P6 - TRUE
 | .(...) -- C:\users\adminpo\desktop\wg\wget.exe
O87 - FAEL: "UDP Query User{F8DC26E9-9624-46CC-B921-88ABC3A86D0A}C:\users\adminpo\desktop\wg\wget.exe" | In - Public - P17 - TRU
E | .(...) -- C:\users\adminpo\desktop\wg\wget.exe
~ Firewall: 219 Legitimates Filtered in 00mn 00s

*****

***** pasadmin_zhpdiag.txt
1053696]
~ WIS: 156 Legitimates Filtered in 00mn 07s

***** \ZHP\ZHPDIAG.TXT
1053696]
~ WIS: 156 Legitimates Filtered in 00mn 06s

*****

***** pasadmin_zhpdiag.txt
\armsvc.exe
SR - | Demand 11/09/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\F
lash\FlashPlayerUpdateService.exe
***** \ZHP\ZHPDIAG.TXT
\armsvc.exe
SS - | Demand 11/09/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\F
lash\FlashPlayerUpdateService.exe
*****

***** pasadmin_zhpdiag.txt
SR - | Auto 19/12/2007 24576 |  (eSettingsService) . (...) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
SR - | Demand 06/12/2010 655624 |  (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macro
vision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 30/08/2010 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Demand 30/08/2010 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Demand 22/08/2012 194032 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

***** \ZHP\ZHPDIAG.TXT
SR - | Auto 19/12/2007 24576 |  (eSettingsService) . (...) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
SS - | Demand 06/12/2010 655624 |  (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macro
vision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 30/08/2010 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/08/2010 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 22/08/2012 194032 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

*****

***** pasadmin_zhpdiag.txt
SR - | Auto 08/06/2012 390528 |  (LogMeIn) . (.LogMeIn, Inc..) - C:\Program Files\LogMeIn\x86\LogMeIn.exe
SR - | Demand 19/09/2013 118680 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\
maintenanceservice.exe
***** \ZHP\ZHPDIAG.TXT
SR - | Auto 08/06/2012 390528 |  (LogMeIn) . (.LogMeIn, Inc..) - C:\Program Files\LogMeIn\x86\LogMeIn.exe
SS - | Demand 19/09/2013 118680 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\
maintenanceservice.exe
*****

***** pasadmin_zhpdiag.txt
SR - | Auto 13/06/2008 241734 |  (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Demand 25/06/2010 117264 |  (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe
SR - | Auto 28/02/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 27/08/2013 86096 |  (VMAuthdService) . (.VMware, Inc..) - C:\Program Files\VMware\VMware Player\vmware-authd.exe
***** \ZHP\ZHPDIAG.TXT
SR - | Auto 13/06/2008 241734 |  (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SS - | Demand 25/06/2010 117264 |  (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe
SS - | Auto 28/02/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 27/08/2013 86096 |  (VMAuthdService) . (.VMware, Inc..) - C:\Program Files\VMware\VMware Player\vmware-authd.exe
*****

***** pasadmin_zhpdiag.txt
SR - | Auto 27/08/2013 437328 |  (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\
System32\svchost.exe
***** \ZHP\ZHPDIAG.TXT
SR - | Auto 27/08/2013 437328 |  (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe
SS - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\
System32\svchost.exe
*****

***** pasadmin_zhpdiag.txt
ost.exe
~ Services:  Scanned in 00mn 08s

***** \ZHP\ZHPDIAG.TXT
ost.exe
~ Services:  Scanned in 00mn 07s

*****

***** pasadmin_zhpdiag.txt
Database Version : v2.12894 - (07/09/2013)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 1
***** \ZHP\ZHPDIAG.TXT
Database Version : v2.12894 - (07/09/2013)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 1
*****

***** pasadmin_zhpdiag.txt

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}   =>Toolbar.Google^
C:\Program Files\Fluendo   =>Adware.SPointer^
***** \ZHP\ZHPDIAG.TXT

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}]   =>Adware.Softoma
te
[HKLM\Software\PIP]   =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}]   =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Tool
bar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}]   =>Toolbar.eDataSecurity
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}]   =>Toolbar.eDataSecurity
[HKLM\Software\Classes\CLSID\{5CBE3B7C-1E47-477E-A7DD-396DB0476E29}]   =>Toolbar.eDataSecurity
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}]   =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}   =>Toolbar.Google^
[HKLM\Software\Mozilla\Firefox\Extensions]:ClickPotatoLite@ClickPotatoLite.com   =>Adware.ClickPotato
C:\Program Files\Fluendo   =>Adware.SPointer^
*****

***** pasadmin_zhpdiag.txt
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll   =>Toolbar.Google^
~ Additionnel Scan: 380450 Items scanned in 00mn 24s

***** \ZHP\ZHPDIAG.TXT
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll   =>Toolbar.Google^
~ Additionnel Scan: 381256 Items scanned in 00mn 24s

*****

***** pasadmin_zhpdiag.txt
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer   =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo   =>Toolbar.Yahoo
~ MSI: 3 link(s) detected in 00mn 24s

***** \ZHP\ZHPDIAG.TXT
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer   =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/28345498-adware-softomate   =>Adware.Softomate
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask   =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo   =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/26630192-adware-clicpotato  =>Adware.ClickPotato
~ MSI: 6 link(s) detected in 00mn 24s

*****

***** pasadmin_zhpdiag.txt

~ 1187 Legitimates filtered by white list
End of the scan (406 lines in 02mn 50s)(0)
***** \ZHP\ZHPDIAG.TXT

~ 1195 Legitimates filtered by white list
End of the scan (479 lines in 01mn 30s)(0)
*****
2013-09-24 14:17:07 :: Propriétaire : PoF :: Commenter :: Recherche :
Recherche par Google (en travaux):
XHTML 1.0 valide ? :: CSS valide ? :: -- Fonctionne avec WikiNi 0.4.4 (interwiki)