cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.5.4.53 - Nicolas Coolman (04/05/2014)
~ Lancé par francois (04/05/2014 21:45:56)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17105
MFIE: Mozilla Firefox 28.0 (Defaut)
GCIE: Google Chrome v34.0.1847.131
OBIE: Safari v5.34.55.3

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2018
McAfee Security Scan Plus v3.8.141.11
Spyware Terminator 2012 v3.0.0.54
Sophos Anti-Rootkit 1.5.4 v1.5.4
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.13

---\\ Logiciels de partage PeerToPeer
µTorrent v3.1.3 =>P2P.µTorrent

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader 9.5.4 - Français
Java 7 Update 55

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6143 MB (76% free)
System Restore: Désactivé (Disabled)
System drive C: has 514 GB (62%) free of 820 GB

---\\ Mode de connexion au système
~ Computer Name: FRANCOIS-PC
~ User Name: francois
~ All Users Names: HomeGroupUser$, francois, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\francois\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\francois\AppData\Roaming\
~ %Desktop% : C:\Users\francois\Desktop\
~ %Favorites% : C:\Users\francois\Favorites\
~ %LocalAppData% : C:\Users\francois\AppData\Local\
~ %StartMenu% : C:\Users\francois\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 514 Go of 820 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E: CD-ROM drive (Free 0 Go of 8 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: CD-ROM drive (Not Inserted)
K: Hard drive, Flash drive, Thumb drive (Free 5 Go of 98 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/03/2014 - 07:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 06s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/111
~ Mes musiques (My Musics) : 1/332
~ Mes Videos (My Videos) : 1/55
~ Mes Favoris (My Favorites) : 1/287
~ Mes Documents (My Documents) : 1/1758
~ Mon Bureau (My Desktop) : 2/1860
~ Menu demarrer (Programs) : 1/88
~ Hidden Files: Scanned in 01mn 04s



---\\ Processus lancés
[MD5.AB329CA377E47901DDD0502507B474D8] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777296] [PID.2864]
[MD5.25168861540EA6F3BAB5BF3059EC4BC6] - (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488] [PID.2988]
[MD5.536EFCE2544EBFD209EDED39CAA3901A] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [128296] [PID.2632]
[MD5.30426544CDDC55B8B71DEB556722ECE3] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [210216] [PID.2428]
[MD5.4BB64C52326B2043B36FBBED40C925B2] - (.ACD Systems - acdID InTouch2.) -- C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe [1414984] [PID.3308]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3320]
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.3336]
[MD5.1C10F303117EC9139C3B8618A45EB33A] - (.D-Link Corp. - D-Link WLAN Application.) -- C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe [582976] [PID.3344]
[MD5.8FC1CB51C7460DC994CA71CDD90F7F43] - (...) -- C:\Program Files (x86)\La Chaîne Météo\La Chaîne Météo.exe [142336] [PID.3388]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.3352]
[MD5.FA99CEEB3F778DC30D48A07708B11E8F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7869440] [PID.4728]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1292]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2008]
[MD5.E1095A89EB4BFCA2AB2F4E1F2BA56612] - (.Logitech Inc. - Logitech LVPrS64H Module..) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe [125464] [PID.2216]
[MD5.7D2633295EB6FF2B938185874884059D] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.2224]
[MD5.205E1B699FD3F2F9B036EEA2EC30C620] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.2436]
[MD5.D827A50CEC8A16180EEC4F1951B7A842] - (.TeamViewer GmbH - TeamViewer Service.) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [172328] [PID.2572]
[MD5.EFC34FE5F152999EA081192D9047D1C9] - (.TeamViewer GmbH - TeamViewer.) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe [5150504] [PID.2748]
[MD5.C71EE856C4F5B52E2D094F494CEE4936] - (.Pas de propriétaire - WlanSvc Application.) -- C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [167936] [PID.2880]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\francois\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [francois]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 09s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [SpywareTerminatorShield] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKLM\..\Wow6432Node\Run: [ACSW17EN] . (.ACD Systems - acdID InTouch2.) -- C:\Program Files (x86)\ACD Systems\ACDSee\17.0\acdIDInTouch2.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-21-965097798-4093898242-3069599211-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
~ Application: Scanned in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Envoyer à OneNote - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: envoyer le texte sélectionné par sms - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: envoyer par sms - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: envoyer un mail - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: orange.fr - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: rechercher le texte sélectionné - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: traduire la page - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: traduire le texte sélectionné - (.not file.) - C:\Program Files (x86)\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
~ IE Menu Contextuel: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5BA602BC-BD64-4F6D-B599-F4F8E21ABAF1}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{5BA602BC-BD64-4F6D-B599-F4F8E21ABAF1}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{5BA602BC-BD64-4F6D-B599-F4F8E21ABAF1}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\Windows\system32\CbFsMntNtf3.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {5FF49FE8-B332-4CB9-B102-FB6951629E55} . (.EldoS Corporation - CbFs Mount Notifier.) -- C:\Windows\SysWOW64\CbFsMntNtf3.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Switch Off (Switch Off) . (...) - C:\Program Files (x86)\Switch Off\swoff.exe (.not file.)
O23 - Service: Tool Manager service (ToolManagerService) . (.Pas de propriétaire - ToolManager.) - C:\Program Files (x86)\ToolManager\ToolManager.exe
~ Services: 15 Legitimates Filtered in 00mn 08s



---\\ Tâches planifiées en automatique (O39)
[MD5.E8E5FA2F4F77BFAC9C647BB1B5F62B64] [APT] [{4592C29B-F5B5-429D-AB1E-7EFC0B61DFAD}] (...) -- C:\JEUX\runaway\Video card setup.exe [45056]
[MD5.DC11353C9AA40A73CCF36C968E1D2104] [APT] [{6ADCC4AA-288D-4599-89A7-A751141DE406}] (.ALLPlayer.) -- C:\Program Files (x86)\OpenSubtitlesPlayer\OpenSubtitlesPlayer.exe [5199360]
[MD5.6BC44F764CF8E5AD20AE21FE430F4BE3] [APT] [{B462BD59-9BD3-4435-A2AA-A1051124B021}] (...) -- C:\Users\francois\Downloads\avgarkt-setup-1.1.0.42.exe [423736]
[MD5.DC11353C9AA40A73CCF36C968E1D2104] [APT] [{E83A8950-E601-4D0E-B37A-B7BB8B0391A3}] (.ALLPlayer.) -- C:\Program Files (x86)\OpenSubtitlesPlayer\OpenSubtitlesPlayer.exe [5199360]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1068]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1072]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\PCDRScheduledMaintenance [552]
~ Scheduled Task: 28 Legitimates Filtered in 00mn 06s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (SAVRKBootTasks) . (. - .) - C:\Windows\system32\SAVRKBootTasks.sys (.not file.)
O41 - Driver: (UnHooker) . (. - .) - C:\Windows\System32\DRIVERS\UnHooker.sys (.not file.)
~ Drivers: 81 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: A New Beginning version 1.0 - (.Deadalic Entertainment.) [HKLM][64Bits] -- {A7A5B96D-0B42-47E8-8168-9B7C3C459454}_is1
O42 - Logiciel: AutoShut - (...) [HKLM][64Bits] -- AutoShut
O42 - Logiciel: BearPaw 1200CU Plus v1.2 - (.Nom de votre société.) [HKLM][64Bits] -- InstallShield_{243AA596-2B64-4DBF-B765-374B8328F504}
O42 - Logiciel: BearPaw 1200CU Plus v1.2 - (.Nom de votre société.) [HKLM][64Bits] -- {243AA596-2B64-4DBF-B765-374B8328F504}
O42 - Logiciel: Bluetooth Radar - (.Shai Raiten.) [HKLM][64Bits] -- {0CFC5EE9-1E99-4B01-8B0B-70BB4B502732}
O42 - Logiciel: Briz Video Joiner - (...) [HKLM][64Bits] -- Briz Video Joiner_is1
O42 - Logiciel: Jivaro 1.8 - (.Aquafadas.) [HKLM][64Bits] -- {A30C16BF-E8B5-4DD9-8F9B-FA45237186DF}_is1
O42 - Logiciel: PI Free PC (Désintallation seule) - (...) [HKLM][64Bits] -- PiFreePC
O42 - Logiciel: Pix Resize - (...) [HKLM][64Bits] -- Pix Resize_is1
O42 - Logiciel: Power Video Joiner 5.0 - (.AML SOFT, Inc..) [HKLM][64Bits] -- {9404E8E5-B453-43A7-9A4A-6FFBB07D5CC8}_is1
O42 - Logiciel: Severe Streaming Notifier - (...) [HKLM][64Bits] -- Severe Streaming Notifier
O42 - Logiciel: ToolManager version 1.0 - (.Ventury Media.) [HKLM][64Bits] -- {56F9A55C-060C-484E-A6D2-D192677333E3}_is1
O42 - Logiciel: UltimateDefrag V1 FREE Public Domain Version - (.DiskTrix.) [HKLM][64Bits] -- UltimateDefrag V1 FREE Public Domain Version
O42 - Logiciel: WinFile.v1.1 - (.brydon.net.) [HKLM][64Bits] -- {4C821167-6475-443F-BC4F-18C5CC572DC9}
~ Logic: 67 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\#title]
[HKCU\Software\31056InstEnd]
[HKCU\Software\Diamond Ridge]
[HKCU\Software\MustekSystem]
[HKCU\Software\Mustek]
[HKCU\Software\Thomas Wright Consulting]
[HKCU\Software\X-Wire Technology Inc.]
[HKCU\Software\brydon.net]
[HKLM\Software\Wow6432Node\Shortcut_Module]
[HKLM\Software\Wow6432Node\Thomas Wright Consulting]
~ Key Software: 705 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 14/01/2014 - 20:05:34 - [] ----D C:\Program Files (x86)\AutoShut
O43 - CFD: 27/11/2010 - 22:58:26 - [] ----D C:\Program Files (x86)\BearPaw 1200CU Plus
O43 - CFD: 22/06/2011 - 01:48:32 - [] ----D C:\Program Files (x86)\BrizVideoJoin
O43 - CFD: 13/01/2012 - 13:26:20 - [] ----D C:\Program Files (x86)\Jivaro
O43 - CFD: 04/05/2012 - 16:26:56 - [] ----D C:\Program Files (x86)\LightningRadar
O43 - CFD: 30/03/2011 - 19:19:57 - [] ----D C:\Program Files (x86)\NT Email Notifier
O43 - CFD: 09/04/2010 - 10:28:26 - [] ----D C:\Program Files (x86)\PixResize
O43 - CFD: 07/05/2010 - 14:57:25 - [] ----D C:\Program Files (x86)\Severe Streaming
O43 - CFD: 06/07/2010 - 17:22:58 - [] ----D C:\Program Files (x86)\Shai Raiten
O43 - CFD: 22/06/2011 - 01:01:58 - [] ----D C:\Program Files (x86)\Thomas Wright Consulting
O43 - CFD: 02/05/2014 - 22:50:35 - [] ----D C:\Program Files (x86)\ToolManager
O43 - CFD: 21/07/2012 - 18:13:51 - [] ----D C:\Program Files (x86)\TorrentSearch
O43 - CFD: 10/02/2014 - 18:07:35 - [] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 15/08/2009 - 07:59:25 - [] --H-D C:\ProgramData\{ADCBF7A8-716E-4B21-AF03-E3F11C06C309}
O43 - CFD: 13/01/2012 - 13:26:22 - [0] ----D C:\Users\francois\AppData\Roaming\JivaroPref
O43 - CFD: 26/02/2011 - 20:14:03 - [] ----D C:\Users\francois\AppData\Roaming\M05
O43 - CFD: 16/09/2010 - 21:35:13 - [] ----D C:\Users\francois\AppData\Roaming\MSGView
O43 - CFD: 08/12/2013 - 20:49:32 - [] ----D C:\Users\francois\AppData\Roaming\webdirecttv
O43 - CFD: 26/02/2011 - 20:15:08 - [] ----D C:\Users\francois\AppData\Local\M05
O43 - CFD: 10/12/2013 - 18:50:40 - [] ----D C:\Users\francois\AppData\Local\webdirecttv
O43 - CFD: 20/10/2011 - 12:37:16 - [] ----D C:\Users\francois\AppData\Local\{FEB3A1E5-5C56-461A-A854-888B6545CC0E}
O43 - CFD: 25/06/2011 - 20:37:15 - [] ----D C:\Users\francois\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crypter et Protéger les Fichiers 2011
~ Program Folder: 389 Legitimates Filtered in 00mn 04s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.62803A13AC4F91C8A0CE9EE944C8A22E] - 02/05/2014 - 08:44:05 ---A- . (...) -- C:\rkill.log [361]
O44 - LFC:[MD5.4734A19701AF128DE67089087C114FEC] - 02/05/2014 - 09:31:35 ---A- . (...) -- C:\Ad-Report-SCAN[7].txt [9970]
O44 - LFC:[MD5.557563A97EE1C5BC8EDC99A50056C01E] - 02/05/2014 - 22:22:55 ---A- . (...) -- C:\Shortcut_Module.txt [15815]
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 02/05/2014 - 23:28:16 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O44 - LFC:[MD5.653144706C341595704387C8B1B0777C] - 03/05/2014 - 21:46:42 ---A- . (...) -- C:\UsbFix [Scan 1] FRANCOIS-PC.txt [8324]
O44 - LFC:[MD5.AC4ED3C32F69D16B52071CC76D982D25] - 04/05/2014 - 09:33:45 ---A- . (...) -- C:\Windows\ntbtlog.txt [283588]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/04/2014 - 20:21:08 ---A- . (...) -- C:\dfu.log [0]
O44 - LFC:[MD5.3EBB6F936CA7362CC561E05E073030D8] - 28/04/2014 - 18:48:03 ---A- . (...) -- C:\sc-cleaner.txt [1814]
~ Files: 25 Legitimates Filtered in 01mn 02s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Switch Off [Key] . (...) -- C:\Program Files (x86)\Switch Off\swoff.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\WinPatrol [Key] . (...) -- C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (.not file.)
~ SMSR Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:02/05/2014 - 23:28:16 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:02/05/2014 - 23:28:16 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:02/05/2014 - 23:28:16 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:06/04/2011 - 16:28:55 ---A- . (...) -- C:\Windows\System32\Drivers\atksgt.sys [314016]
O58 - SDL:08/12/2009 - 09:54:30 ---A- . (.Windows (R) Win 7 DDK provider - BulkUsb Driver.) -- C:\Windows\System32\Drivers\br_mcu2usb.sys [23552]
O58 - SDL:29/05/2012 - 14:53:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - hpvhd 64bit support driver.) -- C:\Windows\System32\Drivers\cpqdfw.sys [27456]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:06/02/2007 - 13:19:32 ---A- . (.Pas de propriétaire - USB Scanner Driver.) -- C:\Windows\System32\Drivers\gt680X.sys [22528]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:06/04/2011 - 16:28:54 ---A- . (...) -- C:\Windows\System32\Drivers\lirsgt.sys [43680]
O58 - SDL:07/10/2009 - 01:45:50 ---A- . (...) -- C:\Windows\System32\Drivers\LVPr2M64.sys [30232]
O58 - SDL:11/11/2010 - 20:12:02 ---A- . (.Pas de propriétaire - 1.00.) -- C:\Windows\System32\Drivers\ntiopnp.sys [19544]
O58 - SDL:13/10/2009 - 15:22:40 ---A- . (...) -- C:\Windows\System32\Drivers\nvflash.sys [13416]
O58 - SDL:03/11/2005 - 15:40:56 ---A- . (.Protection Technology - StarForce Protection VFS Driver.) -- C:\Windows\System32\Drivers\sfvfs02.sys [89600]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:11/01/2012 - 19:53:04 ---A- . (.Windows (R) Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\System32\Drivers\stflt.sys [51496]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:21/02/2010 - 17:51:36 ---A- . (.Pas de propriétaire - DisplayLink TB Filter.) -- C:\Windows\System32\Drivers\WSR_TBF.sys [51712]
O58 - SDL:10/05/2010 - 11:03:46 ---A- . (.Pas de propriétaire - WSR_USF.) -- C:\Windows\System32\Drivers\WSR_USF.sys [48640]
O58 - SDL:10/01/2012 - 14:16:40 ---A- . (...) -- C:\Windows\SysWOW64\drivers\cpuidlep.sys [4484]
O58 - SDL:20/01/2010 - 18:39:18 ---A- . (...) -- C:\Windows\SysWOW64\drivers\UnHooker.sys [25400]
~ Drivers: 93 Legitimates Filtered in 00mn 10s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 02/05/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 11/01/2012 - C:\Windows\System32\DRIVERS\stflt.sys (sp_rsdrv2) .(.Windows (R) Win 7 DDK provider - Spyware Terminator 2012 driver.) - LEGACY_SP_RSDRV2
~ Legacy: 96 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Mozilla Firefox\Firefox.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Safari\Safari.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {73ccfd25-abe2-4bdf-ac5d-28a470a4d234} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://www.orange.fril
O69 - SBI: SearchScopes [HKCU] {A5811EAF-6180-472B-80B3-BBEA4BE7B258} - (Yahoo!) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {AC9AD0F8-5B31-4CBE-BE00-9E7A0DCD66D6} - (Yahoo! Search) - http://fr.search.yahoo.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.E152C2E083BB18DF3770DE4040E3F391] [SPRF][24/11/2013] (...) -- C:\Users\francois\AppData\Roaming\SetValue.bat [35]
[MD5.C9422D430F19B0DDAF1433F383A33164] [SPRF][24/12/2009] (...) -- C:\Users\francois\AppData\Roaming\wklnhst.dat [140]
[MD5.D6A5DF83938AD59E78F03CF2C0C69A7D] [SPRF][14/12/2012] (...) -- C:\Users\francois\Desktop\C-MD5.exe [30592]
[MD5.8CCFCCAFFC3262EC8091F49648CAC283] [SPRF][14/06/2011] (.ALLPlayer - www.OpenSubtitles.org.) -- C:\Users\francois\Desktop\OpenSubtitlesPlayer.exe [20251821]
[MD5.69984B053A3C546AB634635A4877C009] [SPRF][13/11/2008] (.mustek - Setup Launcher.) -- C:\Users\francois\Desktop\PackardBellDiamond1200PlusScanner.exe [76132699]
[MD5.7196AC3610A8940FBB9B5229A0AD3B9D] [SPRF][21/10/2012] (...) -- C:\Users\francois\Desktop\Paint.NET.3.5.10.Install.exe [810648]
[MD5.C7D040F4C3C0214B460AABDE52BE9189] [SPRF][22/05/2012] (...) -- C:\Users\francois\Desktop\rkill.exe [1012656]
[MD5.D64AE7D819823F261ACAD8AD9A95180C] [SPRF][10/12/2012] (...) -- C:\Users\francois\Desktop\RogueKiller.exe [756224]
[MD5.35A2BE452142B051A1A732A8CB04AC9B] [SPRF][02/05/2014] (.Pas de propriétaire - Shortcut_Module.) -- C:\Users\francois\Desktop\Shortcut_Module.exe [2558976]
[MD5.FDBE6123BB5B243D2B4647A5D0D14E10] [SPRF][16/03/2010] (...) -- C:\Users\francois\Desktop\TeamViewer_Setup.exe [2729912]
[MD5.3B8DF5EC974CA8B09CC4FE47916C0EDD] [SPRF][19/07/2011] (.Pas de propriétaire - Self-extracting installation program..) -- C:\Users\francois\Desktop\UltimateDefragFREEPublicDomainEditionSetup.exe [2277376]
[MD5.39A81D679519419C0E8E42ED705A54F8] [SPRF][13/05/2012] (.BitTorrent, Inc. - µTorrent.) -- C:\Users\francois\Desktop\uTorrent.exe [880496] =>P2P.BitTorrent
[MD5.47C30BC6C5161307EA9B8B12BA8B5AF9] [SPRF][22/05/2012] (.Atribune.org - VundoFix.exe.) -- C:\Users\francois\Desktop\VundoFix.exe [119808]
~ Files: 17 Legitimates Filtered in 00mn 03s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{0270DA9A-40FF-4592-BD72-D027D772F8B3}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A4667A5B-130A-4C34-AF6B-C1177833E3C4}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 05s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 599 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 16/04/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/04/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Demand 17/09/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 13/06/2013 357144 | (LBTServ) . (.Logitech, Inc..) - C:\PROGRAM FILES\COMMON FILES\LOGISHRD\BLUETOOTH\LBTSERV.exe
SS - | Demand 16/01/2014 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\PROGRAM FILES\MCAFEE SECURITY SCAN\3.8.141\MCCHSVC.exe
SS - | Demand 26/05/2010 6144 | (MEMSWEEP2) . (.Sophos Plc.) - C:\Windows\system32\212F.tmp
SS - | Demand 29/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 21/01/2014 699912 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Demand 25/02/2014 568512 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Auto 10/07/1658 0 | (Switch Off) . (...) - C:\Program Files (x86)\Switch Off\swoff.exe
SS - | Auto 03/12/2013 43024 | (ToolManagerService) . (...) - C:\Program Files (x86)\ToolManager\ToolManager.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 02/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 08/02/2011 956192 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 04/11/2013 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Auto 07/10/2009 191000 | (LVPrcS64) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
SR - | Auto 23/09/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 24/03/2010 151144 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 10/07/1658 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 10/01/2012 1148632 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
SR - | Auto 11/02/2010 172328 | (TeamViewer5) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/06/2008 167936 | (WlanWpsSvc) . (...) - C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 08s



---\\ Scan Additionnel (O88)
Database Version : 13045 - (04/05/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1

[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
C:\Users\francois\Desktop\uTorrent.exe =>P2P.BitTorrent^
~ Additionnel Scan: 485803 Items scanned in 02mn 13s



---\\ Récapitulatif des détections trouvées sur votre station
~ MSI: 0 link(s) detected in 00mn 00s



~ 1301 Legitimates filtered by white list
End of the scan (548 lines in 06mn 32s)(0)

Publicité


Signaler le contenu de ce document

Publicité