> Tous les forums > Forum Sécurité
 Recherche virus
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
aliceadsl
  Posté le 22/09/2014 @ 15:54 
Aller en bas de la page 
Nouvel astucien

Bonjour,

je viens de faire des scans et voici ce que sa trouvre:

~ Riporto di ZHPDiag v2014.9.20.136 - Nicolas Coolman (20/09/2014)
~ Lanciato da gero (22/09/2014 13:10:32)
~ Indirizzo del sito Web : http://nicolascoolman.fr
~ Indirizzo del foum Web : http://forum.nicolascoolman.fr
~ Tradotto da
~ Stato della versione : Versione aggiornata.
~ Lista Bianca : Attivata dal programma
~ Elevazione dei privilegi : OK
~ Controllo dell'Account utente : Activate by user


---\\ Browser Internet
MSIE: Internet Explorer v10.0.9200.17089 (Defaut)

---\\ Informazioni sul prodotto Windows
~ Langage: Italien
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Software di protezione del sistema
Kaspersky PURE 3.0 v13.0.2.558
Malwarebytes Anti-Malware versione 2.0.2.1012
Windows Defender W7 (Activate)

---\\ Software di ottimizzazione del sistema
CCleaner v4.01

---\\ Condivisione di software PeerToPeer

---\\ Software di sorveglianza
Adobe Flash Player 15 Plugin
Java 7 Update 67

---\\ Informazioni sul sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (54% free)
System Restore: Désactivé (Disabled)
System drive C: has 121 GB (81%) free of 149 GB

---\\ Connessione alla modalità sistema
~ Computer Name: GERO-PC
~ User Name: gero
~ All Users Names: HomeGroupUser$, Guest, gero, Administrator,
~ Unselected Option: None
Logged in as Administrator

---\\ Variabili di ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\gero\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\gero\AppData\Roaming\
~ %Desktop% : C:\Users\gero\Desktop\
~ %Favorites% : C:\Users\gero\Favorites\
~ %LocalAppData% : C:\Users\gero\AppData\Local\
~ %StartMenu% : C:\Users\gero\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumerazione delle unità disco
C: Hard drive, Flash drive, Thumb drive (Free 121 Go of 149 Go)
D: CD-ROM drive (Not Inserted)



---\\ Stato di Windows Security Center
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Ricerca di particolari file generico
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Esplora risorse.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Applicazione di avvio di Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.7D9284D509F8D17EEADE8A486BB3FC19] - (.Microsoft Corporation - Internet Extensions per Win32.) (.17/08/2014 - 04:57:51.) -- C:\Windows\System32\wininet.dll [1766400]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Applicazione Accesso a Windows.) (.04/03/2014 - 10:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Libreria gestione licenze software.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:36:07.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver della porta i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver file system NT.) (.24/01/2014 - 03:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver della porta parallela.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver copia shadow del volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Stato dei file nascosti (nascosti/totale)
~ Mes images (My Pictures) : 2/6
~ Mes musiques (My Musics) : 3/660
~ Mes Videos (My Videos) : 2/14
~ Mes Favoris (My Favorites) : 1/17
~ Mes Documents (My Documents) : 1/43
~ Mon Bureau (My Desktop) : 1/25
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 00s



---\\ Processo avviato
[MD5.0B1B7568CED61ABF5FD717F28175C96A] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.2272]
[MD5.91AA4F4F0FAE0A1F0365B0DBBDF0F592] - (.TOSHIBA Corporation. - HDMICtrlMan.exe.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [832856] [PID.2360]
[MD5.BDEBD280923694CFD816E5C77B27F2D1] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) -- C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe [70728] [PID.2376]
[MD5.7092A66B99246B25F6E317609CADD659] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) -- C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe [1372232] [PID.2444]
[MD5.7E91655B4947EC1B18B3BC1645839145] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128] [PID.420]
[MD5.5A77E2A4DD76B0733CF30AAD21AB3587] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048] [PID.2476]
[MD5.308F2EE28005510DE616409148CF077B] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896] [PID.2484]
[MD5.E998F77C0943056319A6A46C330606A4] - (.none - WLAN Optimizer.) -- C:\Wlanopti\WLAN Optimizer.exe [109056] [PID.2608]
[MD5.99BF669611DB06126D72C5E965A9E938] - (.TOSHIBA CORPORATION. - Bluetooth Manager.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2750376] [PID.3060]
[MD5.AF27F87A2244BA56DFC868701C1AE33F] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [173160] [PID.3524]
[MD5.1660794E3619C73AE7170B3FEAE5A476] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [253032] [PID.3560]
[MD5.D7330569674CA0F889887075FB470011] - (.TOSHIBA Corporation. - SoundChanger.exe.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HCMSoundChanger.exe [705880] [PID.3632]
[MD5.CC9F2719B8BCE8298031517CA982A49E] - (.TOSHIBA CORPORATION. - TosA2DP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe [690072] [PID.3428]
[MD5.0D878F76B2B191F2B816FF4A18790D78] - (.TOSHIBA CORPORATION. - TosBtHid.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe [87960] [PID.3116]
[MD5.C2546BD4174CAD72C78D79339CB2347A] - (.TOSHIBA CORPORATION. - TosBtHSP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe [746384] [PID.2292]
[MD5.47B4FCDCE4C0A64A54BC9A66B176B0F1] - (.TOSHIBA CORPORATION. - TosAVRC.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe [447816] [PID.4412]
[MD5.A5561E55B5665492774CE051163F145D] - (.TOSHIBA CORPORATION. - tosOBEX.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe [341392] [PID.4580]
[MD5.6E1BC19CBCC452C03F30A70137551F1C] - (.Crystal Dew World - CrystalDiskInfo.) -- C:\CristalDisk\DiskInfo.exe [1186232] [PID.4816]
[MD5.B16912CC24B8DC6FCE986C0381B6CC0E] - (.TOSHIBA CORPORATION. - Bluetooth Information Exchanger.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe [2885056] [PID.5276]
[MD5.6F5E7DC779F12321A251DD6163DDB16D] - (.www.winpenpack.com - winPenPack X-Firefox Launcher.) -- C:\FF_temp\X-Firefox.exe [549888] [PID.4436]
[MD5.A4F9B383F2774DD3004A38A2BEC24C59] - (.Mozilla Corporation - Firefox.) -- C:\FF_temp\Bin\Firefox\Firefox.exe [275568] [PID.4436]
[MD5.7C5AF154B07BB57AF0EF26F156D5A022] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8106496] [PID.4252]
~ Processes Running: Scanned in 00mn 01s



---\\ Internet Explorer, start, cerca, URLSearchHook, Phishing (R0, R1, R3, R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) (No version) -- (.not file.)
~ IE Browser: 11 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, gestione Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analisi delle linee F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Iniziato da file e registro applicazioni (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] . (.Microsoft Corporation - Centro gestione dispositivi Windows Mobile.) -- C:\Windows\WindowsMobile\wmdcBase.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - No Comment.) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
O4 - HKLM\..\Run: [HDMICtrlMan] . (.TOSHIBA Corporation. - HDMICtrlMan.exe.) -- C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [ITSecMng] . (.TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
O4 - HKLM\..\Run: [EaseUs Watch] . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) -- C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe
O4 - HKLM\..\Run: [EaseUs Tray] . (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Application.) -- C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
O4 - HKLM\..\Run: [RUSB3MON] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [WLAN Optimizer] . (.none - WLAN Optimizer.) -- C:\Wlanopti\WLAN Optimizer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadget per il desktop di Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadget per il desktop di Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1595716990-1638793617-2638887238-1000\..\Run: [WLAN Optimizer] . (.none - WLAN Optimizer.) -- C:\Wlanopti\WLAN Optimizer.exe
~ Application: Scanned in 00mn 00s



---\\ I pulsanti sulla barra degli strumenti "principali strumenti" di Internet Explorer (O9)
O9 - Extra button: Tastiera Virtuale - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\kbrd.ico
O9 - Extra button: Controllo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\logo.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Oggetti ActiveX (Downloaded Program Files) (O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modificare gli indirizzi DNS domain (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B53D7B7-7894-4684-8B70-C6B711E6041B}: NameServer = 212.216.112.112,212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{173F4E39-B235-4239-8602-3B6A9AEB37A9}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{38605816-76F1-404C-9805-65882696BFE1}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{753EA6C1-12B9-49A5-890D-7D0F4C245B29}: NameServer = 212.216.112.112,212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{920F85BB-B3B9-431A-ABF8-ABEA4F5DC4A0}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B53D7B7-7894-4684-8B70-C6B711E6041B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{173F4E39-B235-4239-8602-3B6A9AEB37A9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{38605816-76F1-404C-9805-65882696BFE1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{753EA6C1-12B9-49A5-890D-7D0F4C245B29}: DhcpNameServer = 212.216.112.112 212.216.172.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{920F85BB-B3B9-431A-ABF8-ABEA4F5DC4A0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACB1F299-F66E-4B3B-B68A-EAF29E549FB4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B53D7B7-7894-4684-8B70-C6B711E6041B}: DhcpDomain = homenet.telecomitalia.it
O17 - HKLM\System\CCS\Services\Tcpip\..\{173F4E39-B235-4239-8602-3B6A9AEB37A9}: DhcpDomain = Sitecom
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B53D7B7-7894-4684-8B70-C6B711E6041B}: NameServer = 212.216.112.112,212.216.172.62
O17 - HKLM\System\CS1\Services\Tcpip\..\{173F4E39-B235-4239-8602-3B6A9AEB37A9}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{38605816-76F1-404C-9805-65882696BFE1}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{753EA6C1-12B9-49A5-890D-7D0F4C245B29}: NameServer = 212.216.112.112,212.216.172.62
O17 - HKLM\System\CS1\Services\Tcpip\..\{920F85BB-B3B9-431A-ABF8-ABEA4F5DC4A0}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B53D7B7-7894-4684-8B70-C6B711E6041B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{173F4E39-B235-4239-8602-3B6A9AEB37A9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{38605816-76F1-404C-9805-65882696BFE1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{753EA6C1-12B9-49A5-890D-7D0F4C245B29}: DhcpNameServer = 212.216.112.112 212.216.172.62
O17 - HKLM\System\CS1\Services\Tcpip\..\{920F85BB-B3B9-431A-ABF8-ABEA4F5DC4A0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ACB1F299-F66E-4B3B-B68A-EAF29E549FB4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B53D7B7-7894-4684-8B70-C6B711E6041B}: DhcpDomain = homenet.telecomitalia.it
O17 - HKLM\System\CS1\Services\Tcpip\..\{173F4E39-B235-4239-8602-3B6A9AEB37A9}: DhcpDomain = Sitecom
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B53D7B7-7894-4684-8B70-C6B711E6041B}: NameServer = 212.216.112.112,212.216.172.62
O17 - HKLM\System\CS2\Services\Tcpip\..\{173F4E39-B235-4239-8602-3B6A9AEB37A9}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{38605816-76F1-404C-9805-65882696BFE1}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{753EA6C1-12B9-49A5-890D-7D0F4C245B29}: NameServer = 212.216.112.112,212.216.172.62
O17 - HKLM\System\CS2\Services\Tcpip\..\{920F85BB-B3B9-431A-ABF8-ABEA4F5DC4A0}: NameServer = 8.8.8.8,8.8.4.4 =>.Google DNS Redirections
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B53D7B7-7894-4684-8B70-C6B711E6041B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{173F4E39-B235-4239-8602-3B6A9AEB37A9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{38605816-76F1-404C-9805-65882696BFE1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{753EA6C1-12B9-49A5-890D-7D0F4C245B29}: DhcpNameServer = 212.216.112.112 212.216.172.62
O17 - HKLM\System\CS2\Services\Tcpip\..\{920F85BB-B3B9-431A-ABF8-ABEA4F5DC4A0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{ACB1F299-F66E-4B3B-B68A-EAF29E549FB4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0B53D7B7-7894-4684-8B70-C6B711E6041B}: DhcpDomain = homenet.telecomitalia.it
O17 - HKLM\System\CS2\Services\Tcpip\..\{173F4E39-B235-4239-8602-3B6A9AEB37A9}: DhcpDomain = Sitecom
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocollo addizionale (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizzatore HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valore di registro AppInit_DLLs e sottochiavi Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Attività pianificate in modo automatico (039)
[MD5.00000000000000000000000000000000] [APT] [{5E310C18-9CE6-4AD6-B717-6FBE2E9A253A}] (...) -- C:\Nuova cartella (3)\HiJackThis.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [978]
~ Scheduled Task: 5 Legitimates Filtered in 00mn 03s



---\\ Pilota all'inizio del sistema (O41)
O41 - Driver: (CSN5PDTS82) . (.Colasoft Co., Ltd. - Colasoft NDIS 5.0 Protocol Driver.) - C:\Windows\System32\Drivers\CSN5PDTS82.sys
O41 - Driver: (CSN5PDTS82x64) . (. - .) - C:\Windows\System32\Drivers\CSN5PDTS82x64.sys (.not file.)
~ Drivers: 90 Legitimates Filtered in 00mn 00s



---\\ Software installato (O42)
O42 - Logiciel: CardMaster 2.1 Beta II - (...) [HKLM] -- CardMaster_is1
O42 - Logiciel: El Primero Striking 10th - (.Ivitech SA.) [HKLM] -- El Primero Striking 10th_is1
O42 - Logiciel: iDeer Blu-ray Player - (.iDeerApp Software Inc..) [HKLM] -- iDeer Blu-ray Player
~ Logic: 17 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Alticast serial download server]
[HKCU\Software\Cardmaster]
[HKCU\Software\iDeerApp]
[HKLM\Software\DVBDream]
~ Key Software: 197 Legitimates Filtered in 00mn 00s



---\\ Contenuto delle cartelle Programmi, ProgramFiles, ProgramData, AppData (O43)
O43 - CFD: 14/01/2013 - 12:47:10 - [] ----D C:\Program Files\CardMaster
O43 - CFD: 23/05/2010 - 09:30:09 - [] -SH-D C:\Program Files\File comuni
O43 - CFD: 10/01/2014 - 17:31:53 - [] ----D C:\Program Files\iDeerApp
O43 - CFD: 23/05/2010 - 09:30:09 - [] -SH-D C:\ProgramData\Documenti
O43 - CFD: 23/05/2010 - 09:30:09 - [] -SH-D C:\ProgramData\Menu Avvio
O43 - CFD: 23/05/2010 - 09:30:09 - [] -SH-D C:\ProgramData\Preferiti
O43 - CFD: 22/07/2011 - 14:16:09 - [0] ----D C:\Users\gero\AppData\Roaming\9243A2C5-8E19-43E5-AF21-1717E31CE2B6
O43 - CFD: 19/09/2012 - 19:13:27 - [] ----D C:\Users\gero\AppData\Roaming\aacs
O43 - CFD: 10/01/2014 - 17:33:04 - [] ----D C:\Users\gero\AppData\Local\iDeerApp
O43 - CFD: 16/08/2012 - 13:55:17 - [] ----D C:\Users\gero\AppData\Local\__
O43 - CFD: 10/01/2014 - 17:32:00 - [] ----D C:\Users\gero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iDeer Blu-ray Player
~ Program Folder: 159 Legitimates Filtered in 00mn 00s



---\\ Ultimi file modificati o creati su Windows e System32 (O44)
O44 - LFC:[MD5.677E42B94A806250163506341DD576F7] - 22/09/2014 - 11:33:44 ---A- . (...) -- C:\TDSSKiller.3.0.0.40_22.09.2014_12.31.08_log.txt [212458]
~ Files: 53 Legitimates Filtered in 00mn 01s



---\\ Chiave del Registro di sistema Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{903f17ee-907a-11e2-af80-001e33a55a39}\AutoRun\command. (...) -- E:\StartVMCLite.exe (.not file.)
O51 - MPSK:{903f17f9-907a-11e2-af80-001e33a55a39}\AutoRun\command. (...) -- E:\StartVMCLite.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumerazione della chiave del Registro di sistema StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\OODefragTray [Key] . (...) -- C:\Program Files\OO Software\Defrag\oodtray.exe (.not file.)
~ SMSR Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Enumerazione del Registro chiavi PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Elenco dei driver del sistema (SDL) (O58)
O58 - SDL:25/01/2011 - 11:17:30 ---A- . (.ITETech - AF9015 BDA Driver.) -- C:\Windows\System32\Drivers\AF15BDA.sys [489464]
O58 - SDL:02/06/2011 - 13:39:44 ---A- . (.Infowatch - Cryptographic Algorithm Lib Driver..) -- C:\Windows\System32\Drivers\CSCrySec.sys [88632]
O58 - SDL:20/05/2010 - 14:14:52 ---A- . (.Colasoft Co., Ltd. - Colasoft NDIS 5.0 Protocol Driver.) -- C:\Windows\System32\Drivers\CSN5PDTS82.sys [28184]
O58 - SDL:02/06/2011 - 13:39:44 ---A- . (.Infowatch - Virtual Volume Container Driver (wxp).) -- C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys [39736]
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:23/05/2010 - 10:05:13 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome.) -- C:\Windows\System32\Drivers\enecir.sys [59904]
O58 - SDL:16/03/2013 - 11:40:12 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Driver.) -- C:\Windows\System32\Drivers\eubakup.sys [50248]
O58 - SDL:16/03/2013 - 11:48:40 ---A- . (...) -- C:\Windows\System32\Drivers\EUBKMON.sys [41544]
O58 - SDL:16/03/2013 - 11:43:22 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Access Driver.) -- C:\Windows\System32\Drivers\eudskacs.sys [15944]
O58 - SDL:16/03/2013 - 11:51:52 ---A- . (.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Image Preview Driver.) -- C:\Windows\System32\Drivers\EuFdDisk.sys [186952]
O58 - SDL:24/08/2007 - 18:44:36 R--A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [23424]
O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:10/07/2012 - 17:07:58 ---A- . (.ITE - IT9135 BDA Driver.) -- C:\Windows\System32\Drivers\IT9135BDA.sys [94336]
O58 - SDL:07/09/2009 - 08:00:28 ---A- . (.REDC - RICOH SD/MMC Driver.) -- C:\Windows\System32\Drivers\rimmptsk.sys [48128]
O58 - SDL:15/09/2009 - 02:36:18 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\Drivers\rimsptsk.sys [44544]
O58 - SDL:15/09/2009 - 03:30:08 ---A- . (.REDC - RICOH XD SM Driver.) -- C:\Windows\System32\Drivers\rixdptsk.sys [38400]
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:09/07/2012 - 12:42:56 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [44032]
O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 125 Legitimates Filtered in 00mn 01s



---\\ Ultimi file modificati o creati (utente) (O61)
O61 - LFC: 21/09/2014 - 13:10:58 ---A- . (...) -- C:\Users\gero\AppData\Local\Microsoft\Windows\1040\StructuredQuerySchema.bin [306505]
O61 - LFC: 22/09/2014 - 13:11:06 ---A- . (...) -- C:\Users\gero\Desktop\adwcleaner_3.310.exe [1373475]
~ 69 Fichiers temporaires (Temporary files)
~ 3 Fichiers cookies (Cookies files)
~ Files: 6 Legitimates Filtered in 00mn 08s



---\\ File Alternate Data Stream (ADS) (O62)
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\jmcricon.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\NETw5c32.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\NETw5r32.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\RaCoInst.dat:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\RaCoInst.dll:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Drivers\arusb_win7.sys:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Drivers\b57nd60x.sys:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Drivers\enecir.sys:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Drivers\jmcr.sys:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Drivers\netr28u.sys:Zone.Identifier
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Drivers\NETw5s32.sys:Zone.Identifier
~ ADS: Scanned in 00mn 01s



---\\ Elenco di strumenti di disinfezione (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Elenco servizi registrati legacy (LALS) (O64)
O64 - Services: CurCS - 16/03/2013 - C:\Windows\System32\drivers\EUBKMON.sys (EUBKMON) .(...) - LEGACY_EUBKMON
O64 - Services: CurCS - 16/03/2013 - C:\Windows\system32\drivers\eudskacs.sys (EUDSKACS) .(.CHENGDU YIWO Tech Development Co., Ltd - Disk Access Driver.) - LEGACY_EUDSKACS
O64 - Services: CurCS - 16/03/2013 - C:\Windows\system32\drivers\EuFdDisk.sys (EUFDDISK) .(.CHENGDU YIWO Tech Development Co., Ltd - Disk Backup Image Preview Driver.) - LEGACY_EUFDDISK
~ Legacy: 88 Legitimates Filtered in 00mn 00s



---\\ Menu Start Internet (SMI) (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Cerca "infezione su browser internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Particolare ricerca nella directory principale del sistema (SPRF) (O84)
[MD5.1AF5E8E425BF18B5C4451AC913C54E4E] [SPRF][02/10/2011] (.No owner - Advanced Router Tester.) -- C:\Users\gero\Desktop\Advanced Router Tester V 2.1.exe [871936]
[MD5.1B151CCE618BE06C22B55FD4B502B75E] [SPRF][22/09/2014] (...) -- C:\Users\gero\Desktop\adwcleaner_3.310.exe [1373475]
[MD5.A93F3588206C771E0DC10EBF61A43A84] [SPRF][15/11/2000] (...) -- C:\Users\gero\Desktop\fxprog7.exe [599328]
[MD5.B47F7ACE10C3F99FC4D051078CAC1D19] [SPRF][06/04/2010] (...) -- C:\Users\gero\Desktop\HG553-kisumu custom.v0.2.bin [7134373]
[MD5.91E5F8106A81D787D8464534278CBE46] [SPRF][07/03/2014] (...) -- C:\Users\gero\Desktop\image_b21_es.bin [5991589]
[MD5.AB52C58954D72559EB3E7C59C4F8BBFF] [SPRF][13/08/2010] (...) -- C:\Users\gero\Desktop\sw_uninstaller.exe [195480]
[MD5.EF6003D09F086AD61C8E57073A819EB4] [SPRF][14/04/2010] (...) -- C:\Users\gero\Desktop\TC20077300A.exe [70786432]
~ Files: 10 Legitimates Filtered in 00mn 01s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\uTorrentPortable_3_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrentPortable_3_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 417 Legitimates Filtered in 00mn 00s



---\\ Condizioni generali dei servizi non Microsoft (GSR) (SR = esecuzione, SS = fermato)
SS - | Demand 21/09/2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 15/02/2012 163328 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 05/11/2013 356128 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
SR - | Auto 21/12/2012 819040 | (CSObjectsSrv) . (.Infowatch.) - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
SR - | Auto 16/03/2013 68168 | (EaseUS Agent) . (.CHENGDU YIWO Tech Development Co., Ltd.) - C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
SR - | Auto 16/03/2013 23624 | (Guard Agent) . (.CHENGDU YIWO Tech Development Co., Ltd.) - C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
SR - | Auto 07/08/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Demand 01/04/2011 152496 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 08s



---\\ Ricerche simultanee su Master Boot Record (MBR) (O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s



---\\ Ricerche simultanee sul Master Boot Record (MBRCheck) (O80)
Written by ad13, http://ad13.geekstog
Run by gero at 22/09/2014 13:11:45
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 05s



---\\ Scansione aggiuntive (O88)
Database Version : 13026 - (20/09/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 193878 Items scanned in 00mn 16s



---\\ Informationi complémentaires sul le segnalazione
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, gestione Proxy (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Iniziato da file e registro applicazioni (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Chiave del Registro di sistema Shell MountPoints2 (MPKS) (O51)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Riepilogo dei rilevamenti trovato sulla workstation
~ MSI: 0 link(s) detected in 00mn 00s



~ 757 Legitimates filtered by white list
End of the scan (506 lines in 01mn 30s)(0)

Merci d'avance

Cordialement

Gero

Publicité
G225
 Posté le 22/09/2014 à 16:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Salut, les logs de se genre ne vont pas sur le forum mais bien sur un hébergeur comme expliquer dans ma signature. Après vérification, tout est propre.

Je désactiverais Windows Defender qui fonctionne en même temps que Kaspersky.

Mettre à jour Ccleaner. Attention de décocher la toolbar si vous ne la voulez pas.

aliceadsl
 Posté le 22/09/2014 à 16:24 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

OK, merci.
La prochaine fois, je vais faire ce que vous m'avez dit.
J'ai lu plus tard comme un moyen de joindre des fichiers.
Excusez mon français.
Bonjour
Gero

Page : [1] 
Page 1 sur 1

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Sujets relatifs
virus moteur de recherche
A la recherche d'un anti virus vraiment gratuit...
recherche "paiement" virus Gendarmerie
Recherche anti virus light et gratuit
Ecran s'éteint tout seul et recherche de virus
recherche virus
virus? "302 moved" recherche impossible google
point virgule sur ligne recherche = virus ????
Recherche du meilleur anti-virus pour Vista
Recherche de virus
Plus de sujets relatifs à Recherche virus
 > Tous les forums > Forum Sécurité