cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.6.4.54 - Nicolas Coolman (31/05/2015)
~ Lancé par boivent (16/06/2015 18:15:43)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.17377
GCIE: Google Chrome v43.0.2357.124 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : FM2MG
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8, 64-bit (Build 9200)

---\\ Logiciels de protection du système
Avira Antivirus v15.0.10.434
Trusteer Sécurité des points d'accès v3.5.1412.173
Windows Defender W8 (Deactivate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Reader XI

---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3800 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 121 GB (54%) free of 221 GB

---\\ Mode de connexion au système
~ Computer Name: MAISON
~ User Name: boivent
~ All Users Names: HomeGroupUser$, boivent, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\boivent\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\boivent\AppData\Roaming\
~ %Desktop% : C:\Users\boivent\Desktop\
~ %Favorites% : C:\Users\boivent\Favorites\
~ %LocalAppData% : C:\Users\boivent\AppData\Local\
~ %StartMenu% : C:\Users\boivent\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 121 Go of 221 Go)
D: Hard drive, Flash drive, Thumb drive (Free 214 Go of 221 Go)
F: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Free 2 Go of 4 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.5F448285F3C91222B670D4130A101B08] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/05/2015 - 03:03:51.) -- C:\Windows\System32\wininet.dll [2237440]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.12/04/2014 - 10:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/05/2014 - 23:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.12/07/2014 - 05:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04/07/2014 - 11:52:10.) -- C:\Windows\system32\Drivers\volsnap.sys [328000]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/3536
~ Mes musiques (My Musics) : 3/1616
~ Mes Videos (My Videos) : 1/28
~ Mes Favoris (My Favorites) : 1/6
~ Mes Documents (My Documents) : 2/1820
~ Mon Bureau (My Desktop) : 3/21
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 16s



---\\ Processus lancés
[MD5.7A5E3B9111A2253BAE627E2BC9893108] - (.Acer Incorporated - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [553616] [PID.1512]
[MD5.66177D4C99FD8B578C7C56DE445E4D5D] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312] [PID.2760]
[MD5.C3D70B5FF7AB043E8AEB94E7819CDD9B] - (.IBM Corp. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe [2976024] [PID.2980]
[MD5.34084D25BE6F48D072AA54DE630438FD] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896] [PID.3552]
[MD5.43B5696A844FB705D1E9595E8C3351B6] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864] [PID.972]
[MD5.49D91D1CA28209E954C0379611F95229] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222208] [PID.384]
[MD5.E8252DA109B538D920289BF9F5C0757E] - (.Avira Operations GmbH & Co. KG - Control Center.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe [715056] [PID.2316]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.5092]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\boivent\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 2 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKCU\..\Run: [KiesPDLR] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [Viber] . (.Pas de propriétaire - Viber.) -- C:\Users\boivent\AppData\Local\Viber\Viber.exe
O4 - HKCU\..\Run: [KiesPDLR.exe] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKUS\S-1-5-21-821619452-4177463564-929909499-1002\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKUS\S-1-5-21-821619452-4177463564-929909499-1002\..\Run: [KiesPDLR] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-821619452-4177463564-929909499-1002\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-821619452-4177463564-929909499-1002\..\Run: [Viber] . (.Pas de propriétaire - Viber.) -- C:\Users\boivent\AppData\Local\Viber\Viber.exe
O4 - HKUS\S-1-5-21-821619452-4177463564-929909499-1002\..\Run: [KiesPDLR.exe] . (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{019B54C3-5569-4A6F-B951-0D89188BA1CE}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C29D01BC-3327-43B3-805C-FB373107311E}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{019B54C3-5569-4A6F-B951-0D89188BA1CE}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C29D01BC-3327-43B3-805C-FB373107311E}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.0AEB80A539C5C3EC9C9ACD2413EAD475] [APT] [PinItAutoUpdate] (...) -- C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe [52224]
[MD5.00000000000000000000000000000000] [APT] [Test TimeTrigger] (...) -- C:\Users\boivent\AppData\Local\Temp\Runner.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1086]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1090]
~ Scheduled Task: 12 Legitimates Filtered in 00mn 12s



---\\ Logiciels installés (O42)
O42 - Logiciel: 5D Embroidery System - (.VSM Software Ltd..) [HKLM][64Bits] -- {C1B542D3-59CA-4540-932E-BF364EB2FDDE}
O42 - Logiciel: Pin It - (.Pinterest.) [HKLM][64Bits] -- Pin It_is1
~ Logic: 38 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\SP23]
~ Key Software: 263 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/02/2015 - 16:35:21 - [] ----D C:\Program Files (x86)\Pinterest
O43 - CFD: 15/01/2013 - 19:24:24 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 23/06/2013 - 11:09:24 - [] ----D C:\ProgramData\eTarget
O43 - CFD: 23/06/2013 - 15:50:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5D Embroidery System
O43 - CFD: 26/07/2012 - 09:52:44 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
~ Program Folder: 191 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.574F2184043FAF24B588BA12B3CC99CC] - 11/06/2015 - 17:43:52 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [410336]
O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 15/06/2015 - 20:41:46 ---A- . (...) -- C:\Windows\tweaking.com-regbackup-MAISON-Windows-8-(64-bit).dat [207]
~ Files: 52 Legitimates Filtered in 00mn 12s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 20 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:06/09/2010 - 08:19:54 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x64).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20552]
O58 - SDL:23/01/2014 - 04:21:06 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [108800]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:28/07/2014 - 13:52:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 57 Legitimates Filtered in 00mn 06s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {4FD1D6BA-CF3C-4AFC-AF18-EF72B56A5DD7} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.D56605A4F5CE2DBEBA1540304827B394] [SPRF][13/06/2015] (.Pas de propriétaire - AdwCleaner.) -- C:\Users\boivent\Desktop\adwcleaner_4.206.exe [2231296]
[MD5.873792AA200761D9CEC5D1CCFEF03EF7] [SPRF][15/06/2015] (.Pas de propriétaire - ZHPCleaner.) -- C:\Users\boivent\Desktop\ZHPCleaner.exe [1843200]
~ Files: 4 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 19/05/2015 827640 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
SS - | Auto 19/05/2015 1185584 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SS - | Demand 16/12/2014 265808 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 22/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/09/2014 640840 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 19/07/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 19/07/2012 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 19/05/2015 434424 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 19/05/2015 434424 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 28/08/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 21/05/2015 208632 | (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 22/08/2012 658576 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Auto 31/03/2015 373312 | (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
SR - | Auto 15/03/2013 4466120 | (hasplms) . (.SafeNet Inc..) - C:\Windows\system32\hasplms.exe
SR - | Auto 13/07/2012 2451456 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 26/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 28/05/2015 2222360 | (RapportMgmtService) . (.IBM Corp..) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
SR - | Demand 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 32s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/2015)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 280118 Items scanned in 01mn 34s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s



~ 683 Legitimates filtered by white list
End of the scan (345 lines in 04mn 05s)(0.10)

Publicité


Signaler le contenu de ce document

Publicité