cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.3.29.33 - Nicolas Coolman (29-03-15)
~ Lancé par Suzanne (31-03-15 21:40:15)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17691 (Defaut)
GCIE: Google Chrome v41.0.2272.101

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : CBWPV
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.1.4.1018
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
Windows Defender W7 (Deactivate)

---\\ Logiciels d'optimisation du système
CCleaner v5.03

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 16 NPAPI
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8086 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 342 GB (75%) free of 451 GB

---\\ Mode de connexion au système
~ Computer Name: SOUS
~ User Name: Suzanne
~ All Users Names: Suzanne, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Suzanne\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Suzanne\AppData\Roaming\
~ %Desktop% : C:\Users\Suzanne\Desktop\
~ %Favorites% : C:\Users\Suzanne\Favorites\
~ %LocalAppData% : C:\Users\Suzanne\AppData\Local\
~ %StartMenu% : C:\Users\Suzanne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 342 Go of 451 Go)
D: Hard drive, Flash drive, Thumb drive (Free 304 Go of 466 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25-02-11 - 02:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.13-07-09 - 21:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.36F99BD8A0F09BDBB7850A138845A014] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19-02-15 - 21:28:25.) -- C:\Windows\System32\wininet.dll [2358784]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.16-07-14 - 22:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20-11-10 - 23:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30-05-14 - 02:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13-07-09 - 21:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13-07-09 - 19:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20-11-10 - 23:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20-11-10 - 23:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20-11-10 - 23:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.13-07-09 - 19:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13-07-09 - 20:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26-04-11 - 22:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20-11-10 - 23:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.23-01-14 - 22:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.13-07-09 - 20:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20-11-10 - 23:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13-07-09 - 20:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.10-11-14 - 21:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20-11-10 - 23:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/230
~ Mes musiques (My Musics) : 1/69
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/373
~ Mes Documents (My Documents) : 3/2029
~ Mon Bureau (My Desktop) : 1/3481
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 04s



---\\ Processus lancés
[MD5.A0012C1D9B8648C20C00202418B9D02F] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712] [PID.2772]
[MD5.EBDD3032297EF6832A1D6D3AA6DC3537] - (.SoftThinks - Dell - Dell DataSafe Local Backup.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.exe [4259648] [PID.3948]
[MD5.CD4F7B90CB09831BCDEDE0A206CCDB35] - (.Pas de propriétaire - ST Service Scheduling.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.exe [2751808] [PID.4004]
[MD5.09890A2F032B138A74B5DF2C1233FB1D] - (.SoftThinks - Dell - DataSafe Update Launcher.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe [460096] [PID.3200]
[MD5.D0A518D233620D59A3D2D79511FBB736] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6212408] [PID.7664]
[MD5.F217EF2EA31D8F73504B1CD2F9787D9D] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288] [PID.2132]
[MD5.06CC578BC150D9AAAE20672130A36CB9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8190976] [PID.2564]
[MD5.A9D26626BEADF5A0641BF6B5095EF309] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [414496] [PID.976]
[MD5.AEBE8F338432F9DE5AE0CAE4D4BAED76] - (.Logitech Inc. - Logitech User mode UMVPF service.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848] [PID.1108]
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.2000]
[MD5.C7F8C8080B055B3DE9A8141DFD8E308A] - (.Schneider Electric - Battery Backup Management Service.) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912] [PID.1616]
[MD5.BC8A3EC1BAE3D18256C09DDE1082D0F3] - (.Samsung - AllShareFrameworkDMS.) -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe [755080] [PID.680]
[MD5.093B1B419EF25B15D3A1CA6953F41AFB] - (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088] [PID.2268]
[MD5.858C79554199D038000E2929E4B8B026] - (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [516952] [PID.2728]
[MD5.16959F84844DC9B2CEF0D5B1A412370F] - (.HP - HP LaserJet Service.) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [142336] [PID.2860]
[MD5.009F4F1EC78A294A55C154430BA63C6F] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\nlssrv32.exe [71280] [PID.3268]
[MD5.903A40C958D471F9D30D29FA6D2800A4] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304] [PID.3288]
[MD5.55D9506A7EDEB8ED034971D45A534F88] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960] [PID.3428]
[MD5.F115AF58ABE5605D7D709CBFBD83F418] - (.Pas de propriétaire - nTitles PSIService.) -- C:\Windows\SysWOW64\PSIService.exe [177704] [PID.3484]
[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [189728] [PID.3532]
[MD5.74EC60E20516AAA573BE74F31175270F] - (.SoftThinks SAS - SoftThinks Agent Service.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe [1692480] [PID.3684]
[MD5.107AB19CC1D40B9D04537F6EEAAC34C9] - (.Schneider Electric - PowerChute Data Service.) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880] [PID.4392]
[MD5.A2EBF384ED105FED7D05C5465500EF2E] - (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104] [PID.4628]
[MD5.3C1865D8E8C2DD9ADB29B1A21A8B1972] - (.Sony Corporation - Sony Digital Media Server.) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [495248] [PID.5616]
[MD5.7F32D4C47A50E7223491E8FB9359907D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.1092]
[MD5.2C16648A12999AE69A9EBF41974B0BA2] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.6388]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Suzanne\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 1 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\wd2vudgh.default\prefs.js
M2 - MFEP: Extension [Suzanne - wd2vudgh.default] {64161300-e22b-11db-8314-0800200c9a66}.xpi
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.30 for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet
~ Firefox Browser: 27 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (1)
~ Hosts File: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Suzanne]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Suzanne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Desktop [Suzanne]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Suzanne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelTBRunOnce] \b \nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs (.not file.)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [DellSystemDetect] . (.Dell - Dell System Detect.) -- C:\Users\Suzanne\AppData\Local\Apps\2.0\QA9Z0XH0.0ZW\XHLX919Z.MPM\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Suzanne\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Suzanne\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2511035298-3318542375-4150175318-1002\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2511035298-3318542375-4150175318-1002\..\Run: [DellSystemDetect] . (.Dell - Dell System Detect.) -- C:\Users\Suzanne\AppData\Local\Apps\2.0\QA9Z0XH0.0ZW\XHLX919Z.MPM\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe
O4 - HKUS\S-1-5-21-2511035298-3318542375-4150175318-1002\..\RunOnce: [Uninstall C:\Users\Suzanne\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2511035298-3318542375-4150175318-1002\..\RunOnce: [Uninstall C:\Users\Suzanne\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 06s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~4\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~4\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.dell.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE065D11-E9A8-46DE-9699-F1547B006E0E}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8A3E67F-2A33-444C-ADE7-B9A25D19F660}: DhcpNameServer = 192.168.2.1 142.166.166.166
O17 - HKLM\System\CS1\Services\Tcpip\..\{DE065D11-E9A8-46DE-9699-F1547B006E0E}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{F8A3E67F-2A33-444C-ADE7-B9A25D19F660}: DhcpNameServer = 192.168.2.1 142.166.166.166
O17 - HKLM\System\CS2\Services\Tcpip\..\{DE065D11-E9A8-46DE-9699-F1547B006E0E}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS2\Services\Tcpip\..\{F8A3E67F-2A33-444C-ADE7-B9A25D19F660}: DhcpNameServer = 192.168.2.1 142.166.166.166
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 142.166.166.166
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist Corporate.) -- C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: APC Data Service (APC Data Service) . (.Schneider Electric - PowerChute Data Service.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
O23 - Service: APC UPS Service (APC UPS Service) . (.Schneider Electric - Battery Backup Management Service.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
~ Services: 38 Legitimates Filtered in 00mn 05s



---\\ Tâches planifiées en automatique (O39)
[MD5.31B746C6779FE43DF346860BFC90F8CE] [APT] [GarminUpdaterTask] (...) -- C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [24920]
[MD5.00000000000000000000000000000000] [APT] [{730A037B-CF05-497B-AD0B-D6137A8A11AF}] (...) -- C:\Users\Suzanne\Downloads\ZHPDiag2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A9C1B997-B69A-4093-AAD1-FD368AB8691E}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E1C1968B-CA7F-4BAD-A13C-E6C9CB978CFE}] (...) -- E:\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E6AD507B-F33F-41D6-8387-39F3682974DE}] (...) -- C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\Tasks\JHAPLC.job [1346]
O39 - APT: - (..) -- C:\Windows\Tasks\YIX.job [1340]
~ Scheduled Task: 26 Legitimates Filtered in 00mn 02s



---\\ Logiciels installés (O42)
O42 - Logiciel: Documents To Go - (.DataViz Inc..) [HKLM][64Bits] -- {F2D45137-7631-4824-B285-52742329DE4B}
~ Logic: 40 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Alerts]
[HKCU\Software\Analog Pad]
[HKCU\Software\BitComet] =>P2P.BitComet
[HKCU\Software\Classical]
[HKCU\Software\Creabit]
[HKCU\Software\Labeljoy5]
[HKCU\Software\Markus Enzweiler]
[HKLM\Software\Wow6432Node\Conditionals]
[HKLM\Software\Wow6432Node\Labeljoy5]
~ Key Software: 560 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17-08-12 - 07:12:17 - [] ----D C:\Program Files (x86)\Documents To Go
O43 - CFD: 02-12-12 - 02:29:07 - [] ----D C:\Program Files (x86)\EuroThink
O43 - CFD: 17-08-12 - 07:13:39 - [] ----D C:\Program Files (x86)\mstrgen
O43 - CFD: 09-09-13 - 17:02:32 - [] ----D C:\Program Files (x86)\PasswordBox
O43 - CFD: 09-09-13 - 16:57:29 - [] ----D C:\Program Files (x86)\picture-shark
O43 - CFD: 26-11-14 - 22:25:41 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 22-03-15 - 13:01:36 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 11-01-15 - 20:24:49 - [] ----D C:\ProgramData\SAvinggtOyOU
O43 - CFD: 19-03-15 - 14:36:14 - [] ----D C:\ProgramData\SupportAssistAgent
O43 - CFD: 19-10-13 - 16:23:30 - [] --H-D C:\ProgramData\{0377BAED-6812-4408-9735-D65D68E7CA12}
O43 - CFD: 19-10-13 - 16:23:30 - [] --H-D C:\ProgramData\{16996CC6-7043-45AD-9C8D-A784409115E4}
O43 - CFD: 19-10-13 - 16:23:30 - [] --H-D C:\ProgramData\{4D790C15-A3FF-476F-9F6C-FA6FF12EFFC3}
O43 - CFD: 19-10-13 - 16:23:30 - [] --H-D C:\ProgramData\{529BBEB3-0369-420C-BD9C-37553D289203}
O43 - CFD: 12-04-13 - 09:52:27 - [] --H-D C:\ProgramData\{55D70BD3-EEAF-476B-BF61-59E112F65915}
O43 - CFD: 19-10-13 - 16:23:30 - [] --H-D C:\ProgramData\{5D3662FF-B114-4392-9128-140D59A29E19}
O43 - CFD: 19-10-13 - 16:23:30 - [] --H-D C:\ProgramData\{63B3AF69-722B-4FA9-965F-94DEB1E78796}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{682FE305-7958-4875-9B95-34673E7151AD}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{6C47B826-5902-49BB-BF6B-68F5716FD827}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{8265C354-3D13-4FE5-95C7-65F277FF3041}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{83F263BF-0076-4C4C-93DC-A3EA0CEB7184}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{9C69499E-D8CC-4C66-B856-7076DB8C275E}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{9DE75BC9-6CF5-4972-8A4E-86BAAD477DC6}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{B2DCFF49-8E43-4A91-B043-7CCB41EA24CE}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{CF554067-3C6D-4531-98EB-D64E2616E71D}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{E25B3CC7-9347-4C9D-9339-1E15F9DA7A07}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{E6AF2639-F710-4F5B-8830-95A396FB523F}
O43 - CFD: 19-10-13 - 16:23:31 - [] --H-D C:\ProgramData\{E700EA29-049A-42E5-B85D-D2A74571B520}
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~1
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~10
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~11
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~12
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~13
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~14
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~15
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~2
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~3
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~4
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~5
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~6
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~7
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~8
O43 - CFD: 19-10-13 - 16:23:25 - [] ----D C:\ProgramData\~9
O43 - CFD: 17-08-12 - 07:16:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Documents To Go
O43 - CFD: 28-12-14 - 16:04:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 12-04-11 - 06:27:52 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 17-08-12 - 07:30:22 - [] ----D C:\Users\Suzanne\AppData\Roaming\BitComet =>P2P.BitComet
O43 - CFD: 17-08-12 - 07:30:32 - [] ----D C:\Users\Suzanne\AppData\Roaming\Movie Torrent
O43 - CFD: 01-09-13 - 17:07:44 - [] ----D C:\Users\Suzanne\AppData\Roaming\Multiscreen
O43 - CFD: 15-09-14 - 23:56:31 - [] ----D C:\Users\Suzanne\AppData\Roaming\sparta111
O43 - CFD: 16-11-14 - 00:47:09 - [] -SH-D C:\Users\Suzanne\AppData\Local\EmieBrowserModeList
O43 - CFD: 15-09-14 - 23:57:45 - [0] ----D C:\Users\Suzanne\AppData\Local\Sparta
~ Program Folder: 466 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D5CC1F2BF2ABAD5EFB606B029F4291E6] - 18-03-15 - 22:10:07 ---A- . (...) -- C:\Windows\DPINST.LOG [9582]
O44 - LFC:[MD5.F8BD3D5B9606D1ED1CBB692289D852DB] - 18-03-15 - 22:26:36 ---A- . (...) -- C:\Windows\System32\Drivers\RTWAVES30.dat [74452]
O44 - LFC:[MD5.28DFD04373B2B88B59451D3B0165635C] - 18-03-15 - 22:47:05 ---A- . (...) -- C:\WirelessDiagLog.csv [5128]
O44 - LFC:[MD5.9BAD332FC29DEC15DFA4B96C66E68542] - 23-03-15 - 22:48:33 ---A- . (...) -- C:\Windows\LkmdfCoInst.log [548]
O44 - LFC:[MD5.7E598D0E03EC6D3836B3FFF8499880A0] - 23-03-15 - 22:48:37 ---A- . (...) -- C:\Windows\LDPINST.LOG [11896]
O44 - LFC:[MD5.A80D983F9DF0B1B217FE503DDCC358F1] - 24-03-15 - 12:17:01 ---A- . (...) -- C:\Windows\System32\lvcoinst.log [49582]
O44 - LFC:[MD5.7BE7B49B80A3FE25D9A281993F567299] - 27-03-15 - 17:29:01 ---A- . (...) -- C:\Windows\RPSETUP.EXE.LOG [25920]
~ Files: 58 Legitimates Filtered in 00mn 02s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\ares [Key] . (...) -- C:\Program Files (x86)\Ares\Ares.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\B2C_AGENT [Key] . (...) -- C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\BitComet [Key] . (...) -- C:\Program Files (x86)\BitComet\BitComet.exe (.not file.) =>P2P.BitComet
O53 - SMSR:HKLM\...\startupreg\DellSystemDetect [Key] . (...) -- C:\Users\Suzanne\AppData\Local\Apps\2.0\QA9Z0XH0.0ZW\XHLX919Z.MPM\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Display [Key] . (.Schneider Electric - Startup Notification Module.) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe
O53 - SMSR:HKLM\...\startupreg\FreeFallProtection [Key] . (.Pas de propriétaire - FF_Protection MFC Application.) -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
O53 - SMSR:HKLM\...\startupreg\LG LinkAir [Key] . (...) -- C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MagicTuneEngine [Key] . (...) -- C:\Program Files\MagicTune Premium\MagicTuneLauncher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MagicTuneLauncher [Key] . (...) -- C:\Program Files (x86)\MagicTune Premium\MagicTuneLauncher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MultiScreen [Key] . (...) -- C:\Program Files\MultiScreen\MultiScreen.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\OtShot [Key] . (...) -- C:\Program Files (x86)\OtShot\otshot.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Stage Remote [Key] . (.Pas de propriétaire - Stage Remote Manager.) -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
~ SMSR Keys: 57 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13-12-10 - 13:34:14 ---A- . (.ST Microelectronics - Accelerometer Port I/O.) -- C:\Windows\System32\Drivers\Accelern.sys [27760]
O58 - SDL:15-03-12 - 06:02:46 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapt.) -- C:\Windows\System32\Drivers\AmpPal.sys [198144]
O58 - SDL:13-07-09 - 21:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10-06-09 - 16:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:31-01-11 - 11:24:46 ---A- . (...) -- C:\Windows\System32\Drivers\nvstusb.sys [121960]
O58 - SDL:12-07-10 - 22:38:06 ---A- . (.Quanta Computer - Win7 QicFilterDriver-64Bits.) -- C:\Windows\System32\Drivers\qicflt.sys [29288]
O58 - SDL:20-08-10 - 10:05:12 ---A- . (.ST Microelectronics - Disk Class Filter Driver for Accelerometer.) -- C:\Windows\System32\Drivers\stdcfltn.sys [21616]
O58 - SDL:13-07-09 - 21:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:28-07-14 - 13:52:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:27-11-11 - 23:05:05 RSHA- . (...) -- C:\Windows\SysWOW64\779EC5D3C9.sys [88]
O58 - SDL:27-11-11 - 23:05:06 -SHA- . (...) -- C:\Windows\SysWOW64\KGyGaAvL.sys [3140]
O58 - SDL:17-03-10 - 21:03:42 ---A- . (...) -- C:\Windows\SysWOW64\StarOpen.sys [5632]
~ Drivers: 98 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {23814463-BD18-4656-A4A2-18EF2F92506A} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.E55D0D5D5A3A585BFF48B990708007A5] [SPRF][30-03-15] (.Pas de propriétaire - Aut2Exe.) -- C:\Users\Suzanne\Desktop\adwcleaner_4.200.exe [2208768]
[MD5.0FF28E91F00CA285FB51C72388A8EDEE] [SPRF][18-03-15] (.Pas de propriétaire - Setup.) -- C:\Users\Suzanne\Desktop\DellSystemDetect.exe [417064]
[MD5.0D93DF10CBF90D22EDB9827E142DCC5C] [SPRF][31-03-15] (.Pas de propriétaire - ZHPCleaner.) -- C:\Users\Suzanne\Desktop\ZHPCleaner.exe [1703936]
~ Files: 6 Legitimates Filtered in 00mn 04s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{1B5551C3-52B4-4D4D-AF02-9B563C5B7194}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Suzanne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{DB499623-40F1-41C6-A5E6-F27D36F60237}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Suzanne\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 04-02-15 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 03-11-10 1298496 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
SS - | Auto 29-10-10 236016 | (CLKMSVC10_9EC60124) . (.CyberLink.) - c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
SS - | Demand 03-10-11 13160 | (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
SS - | Auto 10-09-13 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10-09-13 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03-04-05 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 24-03-14 357144 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SS - | Auto 17-03-15 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 17-03-15 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 25-06-12 272688 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 25-11-10 1116656 | (RoxMediaDB12OEM) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
SS - | Auto 25-11-10 219632 | (RoxWatch12) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
SS - | Auto 02-01-15 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 03-12-13 79000 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 08-11-10 74392 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
SS - | Auto 04-03-15 19288 | (SupportAssistAgent) . (.Dell Inc..) - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
SS - | Demand 19-02-10 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 29-11-10 149504 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SS - | Demand 13-07-09 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19-12-14 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 17-11-09 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
SR - | Auto 21-12-13 404360 | (AllShare Framework DMS) . (.Samsung.) - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
SR - | Auto 15-03-12 659976 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 24-01-12 21880 | (APC Data Service) . (.Schneider Electric.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
SR - | Auto 24-01-12 705912 | (APC UPS Service) . (.Schneider Electric.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
SR - | Auto 19-01-15 77128 | (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 03-11-10 897088 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 03-11-10 983104 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 30-08-11 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 23-04-12 135952 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 26-02-15 2557136 | (DellDataVault) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
SR - | Auto 26-02-15 201936 | (DellDataVaultWiz) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
SR - | Auto 25-06-12 628016 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 05-01-15 516952 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SR - | Auto 12-04-10 142336 | (HP LaserJet Service) . (.HP.) - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
SR - | Demand 13-02-15 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 20-12-10 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 30-01-15 23784 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 13-07-09 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 30-05-13 71280 | (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\nlssrv32.exe
SR - | Auto 09-12-13 1494304 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 09-12-13 15129376 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 23-10-13 922912 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 05-02-15 487960 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 13-07-09 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 05-06-07 177704 | (ProtexisLicensing) . (...) - C:\Windows\SysWOW64\PSIService.exe
SR - | Auto 10-03-10 189728 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 25-06-12 149296 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 23-02-15 609792 | (Samsung Link Service) . (.Copyright 2013 SAMSUNG.) - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
SR - | Auto 18-08-11 1692480 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
SR - | Auto 16-01-14 495248 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SR - | Demand 01-12-11 289952 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 23-10-13 414496 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 15-12-11 450848 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
SR - | Auto 20-12-10 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 22-07-58 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13-07-09 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 25-06-12 3325232 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 00mn 08s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (29-03-15)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BitComet] =>P2P.BitComet^
C:\Users\Suzanne\AppData\Roaming\BitComet =>P2P.BitComet^
[HKCU\Software\BitComet] =>P2P.BitComet^
~ Additionnel Scan: 464937 Items scanned in 00mn 52s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s



~ 1402 Legitimates filtered by white list
End of the scan (538 lines in 01mn 47s)(0.10)

Publicité


Signaler le contenu de ce document

Publicité