cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2013.11.13.29 - Nicolas Coolman (12/11/2013)
~ Lancé par laurent (14/11/2013 17:11:08)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16466
MFIE: Mozilla Firefox 25.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : RM2MG
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Avira Antivirus Premium v13.0.0.4042
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.07 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Java 7 Update 45

---\\ Informations sur le système
~ Processor: AMD64 Family 22 Model 0 Stepping 1, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3517 MB (66% free)
System Restore: Activé (Enable)
System drive C: has 418 GB (91%) free of 458 GB

---\\ Mode de connexion au système
~ Computer Name: LAURENT
~ User Name: laurent
~ All Users Names: laurent, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\laurent\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\laurent\AppData\Roaming\
~ %Desktop% : C:\Users\laurent\Desktop\
~ %Favorites% : C:\Users\laurent\Favorites\
~ %LocalAppData% : C:\Users\laurent\AppData\Local\
~ %StartMenu% : C:\Users\laurent\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 418 Go of 458 Go)
D: Hard drive, Flash drive, Thumb drive (Free 458 Go of 458 Go)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.AAEF73606F58ADE710208F4B1B988FBF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/11/2012 - 05:22:19.) -- C:\Windows\System32\wininet.dll [2246656]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/6
~ Mes Favoris (My Favorites) : 1/6
~ Mes Documents (My Documents) : 1/9
~ Mon Bureau (My Desktop) : 1/14
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3032]
[MD5.280B64F6BFCEDE6D67D261EB808AA617] - (.Acer Incorporated - Hotkey Utility.) -- C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [524944] [PID.2288]
[MD5.7AE4D6C70C2D7912AB2B4651DF595575] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [990320] [PID.3480]
[MD5.C130C4FDAF16D8DBCB43DD6EA233C343] - (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe [524184] [PID.4076]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3432]
[MD5.AEA677B8668697C311799CF6CA369D3E] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192] [PID.2720]
[MD5.0CED501E811F5C4745415FCC000CE043] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe [164864] [PID.3184]
[MD5.EF01D104449CC654FDCF423C92BD8846] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3620]
[MD5.2A43A30EF7FCFD1284F8C3318B784A68] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.4840]
[MD5.EB68851F020D35293EADAADEB18B8220] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe [1862536] [PID.4028]
[MD5.65C05CC168F30145E893641A4C4167C8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.4352]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\4fg7d4cy.default\prefs.js
M3 - MFPP: Plugins - [laurent] -- C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\4fg7d4cy.default\searchplugins\googlefr.xml
M3 - MFPP: Plugins - [laurent] -- C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\4fg7d4cy.default\searchplugins\privatelee-https.xml
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acer Remote.lnk . (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe
O4 - GS\Desktop [Public]: Help and Support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [laurent]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [laurent]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [laurent]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [laurent]: Packard Bell Power Button.lnk . (...) -- C:\Program Files (x86)\Packard Bell\Packard Bell Power Management\ePowerButton.exe (.not file.)
O4 - GS\Program [laurent]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [laurent]: Brother DCP-153C Printer - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [laurent]: Flash Player Pro.lnk . (.FlashPlayerPro.com - Flash Player and manager.) -- C:\Program Files (x86)\Flash Player Pro\Flash Player Pro.exe
O4 - GS\Desktop [laurent]: mbam-log-2013-11-14 (14-31-27) - Raccourci.lnk . (...) -- C:\Users\laurent\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-11-14 (14-31-27).txt
O4 - GS\Desktop [laurent]: Sync Folder.lnk . (...) -- C:\Users\laurent\SyncFolder
O4 - GS\Desktop [laurent]: WBFS Manager 3.0.lnk . (...) -- C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe
O4 - GS\Desktop [laurent]: µTorrent.lnk . (...) -- C:\Users\laurent\AppData\Roaming\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
~ Global Startup: 49 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Acer Remote.lnk . (.Acer - ArcServer.) -- C:\Program Files (x86)\Acer Remote\ArcServer.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{84514107-25A2-4BFE-8D9B-3AC63D2E1732}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{84514107-25A2-4BFE-8D9B-3AC63D2E1732}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr
~ Logic: 86 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/11/2013 - 17:08:06 - [75,703] ----D C:\Program Files (x86)\PokerStars.FR
O43 - CFD: 13/11/2013 - 19:49:45 - [4,307] ----D C:\Users\laurent\AppData\Local\PokerStars.FR
~ Program Folder: 115 Legitimates Filtered in 00mn 04s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.351EF211FC5DA078A02376D24E6829AF] - 12/11/2013 - 22:18:53 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml [386646]
O44 - LFC:[MD5.351EF211FC5DA078A02376D24E6829AF] - 12/11/2013 - 22:18:53 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386646]
O44 - LFC:[MD5.C6D9924A98FFF222C3EFB48B18FF944C] - 13/11/2013 - 09:07:13 ---A- . (...) -- C:\Windows\BRPP2KA.INI [27]
O44 - LFC:[MD5.96AB5888BC087FACFDB69D0956738724] - 13/11/2013 - 09:07:13 ---A- . (...) -- C:\Windows\BRWMARK.INI [434]
O44 - LFC:[MD5.9950888268FC1B7DE205CE5170E6B654] - 14/11/2013 - 15:45:41 ---A- . (...) -- C:\Windows\SysNative\spu_storage.bin [65536]
O44 - LFC:[MD5.9950888268FC1B7DE205CE5170E6B654] - 14/11/2013 - 15:45:41 ---A- . (...) -- C:\Windows\System32\spu_storage.bin [65536]
O44 - LFC:[MD5.83E5DE14949A19091A932BF099FD0BC7] - 14/11/2013 - 17:01:32 ---A- . (...) -- C:\Shortcut_Module_14_11_2013_17_01_32.txt [6276]
~ Files: 388 Legitimates Filtered in 00mn 45s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E7689F3BFD1012B0280E077402365F2] - 16/04/2012 - 13:32:18 ---A- . (.Windows (R) Codename Longhorn DDK provider - NDIS User mode I/O Driver.) -- C:\Windows\System32\Drivers\RtkIOAC60.sys [38504]
~ Drivers: 18 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "25946514D2147365007A7A857BC06000" . (.Avira SearchFree Toolbar.) -- C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0600}\ToolbarIcon.exe =>Toolbar.Avira
~ Update Products: 61 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D1CC83CE82B0A5BB1DE4B57648A7E5A6] [WIS][23/10/2013] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\260a80.msi [814592] =>Toolbar.Avira
~ WIS: 61 Legitimates Filtered in 00mn 06s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/11/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 19/03/2013 241152 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 14/11/2013 623160 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
SR - | Auto 14/11/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 14/11/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 14/11/2013 815160 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SR - | Demand 18/01/2013 660040 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 26/10/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 14/07/2012 769432 | (NAUpdate) . (.Nero AG.) - c:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s



---\\ Scan Additionnel (O88)
Database Version : 12994 - (12/11/2013)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

C:\Windows\Installer\260a80.msi =>Toolbar.Avira^
~ Additionnel Scan: 170562 Items scanned in 00mn 35s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/28419247-toolbar-avira =>Toolbar.Avira
~ MSI: 1 link(s) detected in 00mn 35s



~ 1178 Legitimates filtered by white list
End of the scan (320 lines in 02mn 13s)(0)

Publicité


Signaler le contenu de ce document

Publicité