cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.6.4.54 - Nicolas Coolman (31/05/2015)
~ Lancé par ADMIN (07/06/2015 17:26:11)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7600.16385
GCIE: Google Chrome v43.0.2357.81 (Defaut)
OBIE: Wacom WebTabletPlugin for Internet Explorer and Netscape v2.1.0.7

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : PMJBM
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Ultimate, 64-bit (Build 7600)

---\\ Logiciels de protection du système
McAfee VirusScan Enterprise v8.8.00000
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 PPAPI
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8190 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 404 GB (47%) free of 852 GB

---\\ Mode de connexion au système
~ Computer Name: ADMIN-PC
~ User Name: ADMIN
~ All Users Names: HomeGroupUser$, Administrateur, ADMIN,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\ADMIN\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\ADMIN\AppData\Roaming\
~ %Desktop% : C:\Users\ADMIN\Desktop\
~ %Favorites% : C:\Users\ADMIN\Favorites\
~ %LocalAppData% : C:\Users\ADMIN\AppData\Local\
~ %StartMenu% : C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 404 Go of 852 Go)
D: Hard drive, Flash drive, Thumb drive (Free 277 Go of 699 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
H: Hard drive, Flash drive, Thumb drive (Free 201 Go of 932 Go)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)
M: Floppy drive, Flash card reader, USB Key (Not Inserted)
N: Floppy drive, Flash card reader, USB Key (Not Inserted)
O: Hard drive, Flash drive, Thumb drive (Free 34 Go of 74 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2009 - 02:39:10.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/07/2009 - 02:41:56.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/07/2009 - 00:21:42.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/07/2009 - 00:23:44.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2009 - 00:24:00.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 02:48:27.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 01:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/07/2009 - 02:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/162
~ Mes musiques (My Musics) : 1/22
~ Mes Videos (My Videos) : 1/33
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 1/6869
~ Mon Bureau (My Desktop) : 0/2
~ Menu demarrer (Programs) : 1/49
~ Hidden Files: Scanned in 00mn 10s



---\\ Processus lancés
[MD5.52955E4957FFE8FD7269BC507B347051] - (.McAfee, Inc. - Common User Interface.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe [161088] [PID.4376]
[MD5.C0DDDAFB06D87D2227CDD3BB7B2B09C9] - (.McAfee, Inc. - McTray Application.) -- C:\Program Files (x86)\McAfee\Common Framework\McTray.exe [75072] [PID.4912]
[MD5.45E1121E6BA2D9677B3A61C2E0466B5A] - (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.exe [215360] [PID.644]
[MD5.065B9F528580B2C8A54E9A14C6890685] - (...) -- D:\Logiciels\Utilitaires\adwcleaner_3.302.exe [1361309] [PID.7504]
[MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.3868]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.7716]
[MD5.6213F20854FB987119503F9F91C70B9F] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410768] [PID.1340]
[MD5.E8FE4FCE23D2809BD88BCC1D0F8408CE] - (...) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832] [PID.2196]
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.2440]
[MD5.986A134B1A1770599B7AF9354CBB066F] - (.Acronis - File Level CDP Manager Service.) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2326920] [PID.2552]
[MD5.19E0B5B6202CE85796EA6C0EBB7334DF] - (.Wacom Technology - Wacom Load Agent.) -- C:\Program Files\Tablet\Wacom\WacomHost.exe [39808] [PID.2844]
[MD5.FECA9F830A5C6BAB9978E6781A26AE2B] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816] [PID.2892]
[MD5.5B33709F7FE59BB625F113EED86AFC5C] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672] [PID.3068]
[MD5.062D80F13D762F7BC2F38430D60F5048] - (.McAfee, Inc. - Framework Service.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [120128] [PID.1624]
[MD5.113C20EB4982C5670F49718441BEE76D] - (.McAfee, Inc. - Task Manager.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760] [PID.2740]
[MD5.54BAAF892AB8F092BD22CACCB5D98495] - (.McAfee, Inc. - VSCore Announcer.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe [33648] [PID.2112]
[MD5.0AF89452A8CE3928168F4E5B2208C68B] - (...) -- C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016] [PID.2332]
[MD5.EC4F787905DC5753C46A4C05CEBADF45] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312] [PID.3120]
[MD5.39F313773AD1ED4C4E345A90E5666086] - (.McAfee, Inc. - NAI Product Manager.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe [185664] [PID.3208]
[MD5.8715A0D10CFFC8DEE923957F07DAA042] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe [244040] [PID.3340]
[MD5.369E4401CCDFDE3E81BB91898FDEF7C5] - (.LULU Software - Soda PDF 5 Helper Service.) -- C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1069408] [PID.3500]
[MD5.AAE0A4F03EC12E02B0830AD93BAD9F58] - (.LULU Software - Soda PDF 5 Conversion Service.) -- C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [794464] [PID.3532]
[MD5.E9FA6D1240CAE3FEB3EE333195863C2B] - (.Flexera Software LLC - Flexera Software LLC.) -- C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe [1452408] [PID.1208]
[MD5.0C277B2CC6E2F9AFD57F351513506FAA] - (.ESRI - ARCGIS daemon.) -- C:\Program Files (x86)\ArcGIS\License10.2\bin\ARCGIS.exe [1680248] [PID.3956]
[MD5.00EDB531DFB127197D625204B138269B] - (.Flexera Software LLC - Activation Licensing Service.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1074480] [PID.1548]
[MD5.05CDD7B8B6B8B16055652D8C6BC9B97E] - (.McAfee, Inc. - VirusScan AutoUpdate.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\MCUPDATE.exe [159040] [PID.6440]
[MD5.FC6261A812F2C487D7CAB5DF546BC959] - (.McAfee, Inc. - McAfee Agent Script Engine.) -- C:\Program Files (x86)\McAfee\Common Framework\McScript_InUse.exe [992576] [PID.5156]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 5 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (54)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Soda PDF 5 IE Helper [64Bits] - {C737F472-1193-4281-BF53-A00B67AB3E19} . (.LULU Software - Soda PDF Helper.) -- C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll
~ BHO: 11 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [ADMIN]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 09s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [Switcher] . (.Bao_Nguyen - Switcher.) -- C:\Program Files (x86)\Switcher\Switcher.exe
O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline
O4 - HKCU\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe
O4 - HKLM\..\Wow6432Node\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Wow6432Node\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
O4 - HKLM\..\Wow6432Node\Run: [TrueImageMonitor.exe] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
O4 - HKLM\..\Wow6432Node\Run: [McAfeeUpdaterUI] . (.McAfee, Inc. - Common User Interface.) -- C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe
O4 - HKLM\..\Wow6432Node\Run: [ShStatEXE] . (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.exe
O4 - HKLM\..\Wow6432Node\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Wow6432Node\Run: [SoundTray] . (.Sonic Focus, Inc. - SoundTray.exe.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
O4 - HKLM\..\Wow6432Node\Run: [Nikon Message Center 2] . (.Nikon Corporation - Nikon Message Center 2.) -- C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [BDRegion] . (.cyberlink - brs.) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Wow6432Node\Run: [LGODDFU] . (.Bitleader - Pas de description.) -- C:\Program Files (x86)\lg_fwupdate\lgfw.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX Media Server Launcher.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Photo Downloader] . (.Adobe Systems Incorporated - Adobe Photo Downloader 4.0 component.) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3854214174-968389038-2408335082-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-3854214174-968389038-2408335082-1001\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-3854214174-968389038-2408335082-1001\..\Run: [Switcher] . (.Bao_Nguyen - Switcher.) -- C:\Program Files (x86)\Switcher\Switcher.exe
O4 - HKUS\S-1-5-21-3854214174-968389038-2408335082-1001\..\Run: [AdobeBridge] Clé orpheline
O4 - HKUS\S-1-5-21-3854214174-968389038-2408335082-1001\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk 360.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
~ Application: Scanned in 00mn 07s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B0982F7-86D2-4F37-BA41-8E3E7BD49937}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{B918A2FA-FA33-4B11-88FF-23F8ECC94C21}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED6CE34D-54F7-4DEF-B20F-83D6EE9E8F3B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1B0982F7-86D2-4F37-BA41-8E3E7BD49937}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{B918A2FA-FA33-4B11-88FF-23F8ECC94C21}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ED6CE34D-54F7-4DEF-B20F-83D6EE9E8F3B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1B0982F7-86D2-4F37-BA41-8E3E7BD49937}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{B918A2FA-FA33-4B11-88FF-23F8ECC94C21}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{ED6CE34D-54F7-4DEF-B20F-83D6EE9E8F3B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Soda PDF 5 Helper Service (Soda PDF 5 Helper Service) . (.LULU Software - Soda PDF 5 Helper Service.) - C:\Program Files (x86)\Soda PDF 5\HelperService.exe
O23 - Service: Soda PDF 5 Service (Soda PDF 5 Service) . (.LULU Software - Soda PDF 5 Conversion Service.) - C:\Program Files (x86)\Soda PDF 5\ConversionService.exe
~ Services: 21 Legitimates Filtered in 00mn 07s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [At39] (...) -- C:\Windows\Fonts\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At4] (...) -- C:\Windows\Fonts\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At40] (...) -- C:\Windows\Fonts\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At41] (...) -- C:\Windows\Fonts\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At42] (...) -- C:\Windows\Fonts\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At43] (...) -- C:\Windows\Fonts\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At44] (...) -- C:\Windows\Fonts\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At45] (...) -- C:\Windows\Fonts\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At46] (...) -- C:\Windows\Fonts\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At47] (...) -- C:\Windows\Fonts\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At48] (...) -- C:\Windows\Fonts\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At49] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At5] (...) -- C:\Windows\Fonts\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At50] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At51] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At52] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At53] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At54] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At55] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At56] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At57] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At58] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At59] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At6] (...) -- C:\Windows\Fonts\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At60] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At61] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At62] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At63] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At64] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At65] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At66] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At67] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At68] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At69] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At7] (...) -- C:\Windows\Fonts\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At70] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At71] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At72] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At73] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At74] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At75] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At76] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At77] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At78] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At79] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At8] (...) -- C:\Windows\Fonts\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At80] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At81] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At82] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At83] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At84] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At85] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At86] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At87] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At88] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At89] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At9] (...) -- C:\Windows\Fonts\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At90] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At91] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At92] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At93] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At94] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At95] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [At96] (...) -- C:\Windows\system32\EQIqw3KV.com_ (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [btoinkjotv] (...) -- C:\Windows\Fonts\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [vgsslnaerc] (...) -- C:\Windows\system32\EQIqw3KV.com (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{011B7EDB-2F75-4463-8329-D214CA7B8D88}] (...) -- G:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{37D5A355-CF4F-4FE4-A16E-A98FCD440621}] (...) -- C:\Users\ADMIN\Downloads\StarCraft-II-Setup-frFR.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [892]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: At39 - (...) -- C:\Windows\Tasks\At39.job [342]
O39 - APT: At39 - (...) -- C:\Windows\System32\Tasks\At39 [342]
O39 - APT: At4 - (...) -- C:\Windows\Tasks\At4.job [344]
O39 - APT: At4 - (...) -- C:\Windows\System32\Tasks\At4 [344]
O39 - APT: At40 - (...) -- C:\Windows\Tasks\At40.job [344]
O39 - APT: At40 - (...) -- C:\Windows\System32\Tasks\At40 [344]
O39 - APT: At41 - (...) -- C:\Windows\Tasks\At41.job [342]
O39 - APT: At41 - (...) -- C:\Windows\System32\Tasks\At41 [342]
O39 - APT: At42 - (...) -- C:\Windows\Tasks\At42.job [344]
O39 - APT: At42 - (...) -- C:\Windows\System32\Tasks\At42 [344]
O39 - APT: At43 - (...) -- C:\Windows\Tasks\At43.job [342]
O39 - APT: At43 - (...) -- C:\Windows\System32\Tasks\At43 [342]
O39 - APT: At44 - (...) -- C:\Windows\Tasks\At44.job [344]
O39 - APT: At44 - (...) -- C:\Windows\System32\Tasks\At44 [344]
O39 - APT: At45 - (...) -- C:\Windows\Tasks\At45.job [342]
O39 - APT: At45 - (...) -- C:\Windows\System32\Tasks\At45 [342]
O39 - APT: At46 - (...) -- C:\Windows\Tasks\At46.job [344]
O39 - APT: At46 - (...) -- C:\Windows\System32\Tasks\At46 [344]
O39 - APT: At47 - (...) -- C:\Windows\Tasks\At47.job [342]
O39 - APT: At47 - (...) -- C:\Windows\System32\Tasks\At47 [342]
O39 - APT: At48 - (...) -- C:\Windows\Tasks\At48.job [344]
O39 - APT: At48 - (...) -- C:\Windows\System32\Tasks\At48 [344]
O39 - APT: At49 - (...) -- C:\Windows\Tasks\At49.job [348]
O39 - APT: At49 - (...) -- C:\Windows\System32\Tasks\At49 [348]
O39 - APT: At5 - (...) -- C:\Windows\Tasks\At5.job [342]
O39 - APT: At5 - (...) -- C:\Windows\System32\Tasks\At5 [342]
O39 - APT: At50 - (...) -- C:\Windows\Tasks\At50.job [350]
O39 - APT: At50 - (...) -- C:\Windows\System32\Tasks\At50 [350]
O39 - APT: At51 - (...) -- C:\Windows\Tasks\At51.job [348]
O39 - APT: At51 - (...) -- C:\Windows\System32\Tasks\At51 [348]
O39 - APT: At52 - (...) -- C:\Windows\Tasks\At52.job [350]
O39 - APT: At52 - (...) -- C:\Windows\System32\Tasks\At52 [350]
O39 - APT: At53 - (...) -- C:\Windows\Tasks\At53.job [348]
O39 - APT: At53 - (...) -- C:\Windows\System32\Tasks\At53 [348]
O39 - APT: At54 - (...) -- C:\Windows\Tasks\At54.job [350]
O39 - APT: At54 - (...) -- C:\Windows\System32\Tasks\At54 [350]
O39 - APT: At55 - (...) -- C:\Windows\Tasks\At55.job [348]
O39 - APT: At55 - (...) -- C:\Windows\System32\Tasks\At55 [348]
O39 - APT: At56 - (...) -- C:\Windows\Tasks\At56.job [350]
O39 - APT: At56 - (...) -- C:\Windows\System32\Tasks\At56 [350]
O39 - APT: At57 - (...) -- C:\Windows\Tasks\At57.job [348]
O39 - APT: At57 - (...) -- C:\Windows\System32\Tasks\At57 [348]
O39 - APT: At58 - (...) -- C:\Windows\Tasks\At58.job [350]
O39 - APT: At58 - (...) -- C:\Windows\System32\Tasks\At58 [350]
O39 - APT: At59 - (...) -- C:\Windows\Tasks\At59.job [348]
O39 - APT: At59 - (...) -- C:\Windows\System32\Tasks\At59 [348]
O39 - APT: At6 - (...) -- C:\Windows\Tasks\At6.job [344]
O39 - APT: At6 - (...) -- C:\Windows\System32\Tasks\At6 [344]
O39 - APT: At60 - (...) -- C:\Windows\Tasks\At60.job [350]
O39 - APT: At60 - (...) -- C:\Windows\System32\Tasks\At60 [350]
O39 - APT: At61 - (...) -- C:\Windows\Tasks\At61.job [348]
O39 - APT: At61 - (...) -- C:\Windows\System32\Tasks\At61 [348]
O39 - APT: At62 - (...) -- C:\Windows\Tasks\At62.job [350]
O39 - APT: At62 - (...) -- C:\Windows\System32\Tasks\At62 [350]
O39 - APT: At63 - (...) -- C:\Windows\Tasks\At63.job [348]
O39 - APT: At63 - (...) -- C:\Windows\System32\Tasks\At63 [348]
O39 - APT: At64 - (...) -- C:\Windows\Tasks\At64.job [350]
O39 - APT: At64 - (...) -- C:\Windows\System32\Tasks\At64 [350]
O39 - APT: At65 - (...) -- C:\Windows\Tasks\At65.job [348]
O39 - APT: At65 - (...) -- C:\Windows\System32\Tasks\At65 [348]
O39 - APT: At66 - (...) -- C:\Windows\Tasks\At66.job [350]
O39 - APT: At66 - (...) -- C:\Windows\System32\Tasks\At66 [350]
O39 - APT: At67 - (...) -- C:\Windows\Tasks\At67.job [348]
O39 - APT: At67 - (...) -- C:\Windows\System32\Tasks\At67 [348]
O39 - APT: At68 - (...) -- C:\Windows\Tasks\At68.job [350]
O39 - APT: At68 - (...) -- C:\Windows\System32\Tasks\At68 [350]
O39 - APT: At69 - (...) -- C:\Windows\Tasks\At69.job [348]
O39 - APT: At69 - (...) -- C:\Windows\System32\Tasks\At69 [348]
O39 - APT: At7 - (...) -- C:\Windows\Tasks\At7.job [342]
O39 - APT: At7 - (...) -- C:\Windows\System32\Tasks\At7 [342]
O39 - APT: At70 - (...) -- C:\Windows\Tasks\At70.job [350]
O39 - APT: At70 - (...) -- C:\Windows\System32\Tasks\At70 [350]
O39 - APT: At71 - (...) -- C:\Windows\Tasks\At71.job [348]
O39 - APT: At71 - (...) -- C:\Windows\System32\Tasks\At71 [348]
O39 - APT: At72 - (...) -- C:\Windows\Tasks\At72.job [350]
O39 - APT: At72 - (...) -- C:\Windows\System32\Tasks\At72 [350]
O39 - APT: At73 - (...) -- C:\Windows\Tasks\At73.job [348]
O39 - APT: At73 - (...) -- C:\Windows\System32\Tasks\At73 [348]
O39 - APT: At74 - (...) -- C:\Windows\Tasks\At74.job [350]
O39 - APT: At74 - (...) -- C:\Windows\System32\Tasks\At74 [350]
O39 - APT: At75 - (...) -- C:\Windows\Tasks\At75.job [348]
O39 - APT: At75 - (...) -- C:\Windows\System32\Tasks\At75 [348]
O39 - APT: At76 - (...) -- C:\Windows\Tasks\At76.job [350]
O39 - APT: At76 - (...) -- C:\Windows\System32\Tasks\At76 [350]
O39 - APT: At77 - (...) -- C:\Windows\Tasks\At77.job [348]
O39 - APT: At77 - (...) -- C:\Windows\System32\Tasks\At77 [348]
O39 - APT: At78 - (...) -- C:\Windows\Tasks\At78.job [350]
O39 - APT: At78 - (...) -- C:\Windows\System32\Tasks\At78 [350]
O39 - APT: At79 - (...) -- C:\Windows\Tasks\At79.job [348]
O39 - APT: At79 - (...) -- C:\Windows\System32\Tasks\At79 [348]
O39 - APT: At8 - (...) -- C:\Windows\Tasks\At8.job [344]
O39 - APT: At8 - (...) -- C:\Windows\System32\Tasks\At8 [344]
O39 - APT: At80 - (...) -- C:\Windows\Tasks\At80.job [350]
O39 - APT: At80 - (...) -- C:\Windows\System32\Tasks\At80 [350]
O39 - APT: At81 - (...) -- C:\Windows\Tasks\At81.job [348]
O39 - APT: At81 - (...) -- C:\Windows\System32\Tasks\At81 [348]
O39 - APT: At82 - (...) -- C:\Windows\Tasks\At82.job [350]
O39 - APT: At82 - (...) -- C:\Windows\System32\Tasks\At82 [350]
O39 - APT: At83 - (...) -- C:\Windows\Tasks\At83.job [348]
O39 - APT: At83 - (...) -- C:\Windows\System32\Tasks\At83 [348]
O39 - APT: At84 - (...) -- C:\Windows\Tasks\At84.job [350]
O39 - APT: At84 - (...) -- C:\Windows\System32\Tasks\At84 [350]
O39 - APT: At85 - (...) -- C:\Windows\Tasks\At85.job [348]
O39 - APT: At85 - (...) -- C:\Windows\System32\Tasks\At85 [348]
O39 - APT: At86 - (...) -- C:\Windows\Tasks\At86.job [350]
O39 - APT: At86 - (...) -- C:\Windows\System32\Tasks\At86 [350]
O39 - APT: At87 - (...) -- C:\Windows\Tasks\At87.job [348]
O39 - APT: At87 - (...) -- C:\Windows\System32\Tasks\At87 [348]
O39 - APT: At88 - (...) -- C:\Windows\Tasks\At88.job [350]
O39 - APT: At88 - (...) -- C:\Windows\System32\Tasks\At88 [350]
O39 - APT: At89 - (...) -- C:\Windows\Tasks\At89.job [348]
O39 - APT: At89 - (...) -- C:\Windows\System32\Tasks\At89 [348]
O39 - APT: At9 - (...) -- C:\Windows\Tasks\At9.job [342]
O39 - APT: At9 - (...) -- C:\Windows\System32\Tasks\At9 [342]
O39 - APT: At90 - (...) -- C:\Windows\Tasks\At90.job [350]
O39 - APT: At90 - (...) -- C:\Windows\System32\Tasks\At90 [350]
O39 - APT: At91 - (...) -- C:\Windows\Tasks\At91.job [348]
O39 - APT: At91 - (...) -- C:\Windows\System32\Tasks\At91 [348]
O39 - APT: At92 - (...) -- C:\Windows\Tasks\At92.job [350]
O39 - APT: At92 - (...) -- C:\Windows\System32\Tasks\At92 [350]
O39 - APT: At93 - (...) -- C:\Windows\Tasks\At93.job [348]
O39 - APT: At93 - (...) -- C:\Windows\System32\Tasks\At93 [348]
O39 - APT: At94 - (...) -- C:\Windows\Tasks\At94.job [350]
O39 - APT: At94 - (...) -- C:\Windows\System32\Tasks\At94 [350]
O39 - APT: At95 - (...) -- C:\Windows\Tasks\At95.job [348]
O39 - APT: At95 - (...) -- C:\Windows\System32\Tasks\At95 [348]
O39 - APT: At96 - (...) -- C:\Windows\Tasks\At96.job [350]
O39 - APT: At96 - (...) -- C:\Windows\System32\Tasks\At96 [350]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
~ Scheduled Task: 142 Legitimates Filtered in 00mn 05s



---\\ Logiciels installés (O42)
O42 - Logiciel: Autel PC Suit - (.Autel.) [HKLM][64Bits] -- InstallShield_{5A435634-46D9-47B5-8358-FFDC9D590775}
O42 - Logiciel: Autel PC Suit - (.Autel.) [HKLM][64Bits] -- {5A435634-46D9-47B5-8358-FFDC9D590775}
O42 - Logiciel: Child of Light - (...) [HKLM][64Bits] -- Q2hpbGRvZkxpZ2h0_is1
O42 - Logiciel: Dragonball Xenoverse - (...) [HKLM][64Bits] -- Dragonball Xenoverse_is1
O42 - Logiciel: Dying Light, âåðñèÿ 1.0.0.0 - (.RePack by SEYTER.) [HKLM][64Bits] -- Dying Light_is1
O42 - Logiciel: Search App by Ask - (.APN, LLC.) [HKLM][64Bits] -- {4F524A2D-5350-4500-76A7-A758B70C1C01} =>Toolbar.Ask
O42 - Logiciel: Switcher 2.0.0 - (.Bao Nguyen.) [HKLM][64Bits] -- {F7DB6677-661D-4835-AAD8-1B7F4C98D7CE}
O42 - Logiciel: Valkyria Chronicles - (...) [HKLM][64Bits] -- Valkyria Chronicles_is1
~ Logic: 30 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Filesystems]
[HKCU\Software\Flags]
[HKCU\Software\Flowers]
[HKLM\Software\Respawn]
[HKLM\Software\Tilda]
[HKLM\Software\Wow6432Node\685D6D1C-D73A-4F37-B7E5E53660311DDB]
[HKLM\Software\Wow6432Node\Fruit]
[HKLM\Software\Wow6432Node\Mixcraft6]
[HKLM\Software\Wow6432Node\Respawn]
[HKLM\Software\Wow6432Node\Zenimax_Online]
~ Key Software: 461 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/02/2015 - 13:19:32 - [] ----D C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 23/08/2014 - 14:01:48 - [] ----D C:\Program Files (x86)\Autel
O43 - CFD: 16/03/2015 - 15:57:24 - [] ----D C:\Program Files (x86)\Child of Light
O43 - CFD: 03/03/2015 - 23:42:13 - [] ----D C:\Program Files (x86)\Dragonball Xenoverse
O43 - CFD: 02/02/2015 - 21:45:12 - [] ----D C:\Program Files (x86)\Dying Light
O43 - CFD: 12/03/2015 - 21:38:37 - [] ----D C:\Program Files (x86)\Square-Enix
O43 - CFD: 24/12/2014 - 18:38:32 - [] ----D C:\Program Files (x86)\Valkyria Chronicles
O43 - CFD: 25/02/2015 - 13:19:20 - [] ----D C:\ProgramData\APN
O43 - CFD: 25/02/2015 - 13:19:32 - [] ----D C:\ProgramData\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 04/06/2014 - 19:55:17 - [] ----D C:\ProgramData\Elder Scrolls Online
O43 - CFD: 29/11/2014 - 08:36:45 - [] ----D C:\ProgramData\FNP
O43 - CFD: 14/07/2014 - 17:05:23 - [] ----D C:\ProgramData\Limiter
O43 - CFD: 14/07/2014 - 17:04:17 - [] ----D C:\ProgramData\MIDI Patch Names
O43 - CFD: 23/04/2015 - 22:05:54 - [] ----D C:\ProgramData\ScreenVCR
O43 - CFD: 23/08/2014 - 14:01:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autel
O43 - CFD: 03/03/2015 - 23:40:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonball Xenoverse
O43 - CFD: 02/02/2015 - 21:45:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light
O43 - CFD: 27/07/2014 - 13:54:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils LG
O43 - CFD: 12/03/2015 - 22:17:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square-Enix
O43 - CFD: 14/07/2009 - 17:35:02 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 13/07/2014 - 13:12:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall
O43 - CFD: 24/12/2014 - 14:25:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valkyria Chronicles
O43 - CFD: 12/05/2015 - 19:36:45 - [] ----D C:\Users\ADMIN\AppData\Roaming\AdvertismentImages
O43 - CFD: 03/06/2014 - 01:30:37 - [] ----D C:\Users\ADMIN\AppData\Roaming\Bao_Nguyen
O43 - CFD: 25/02/2015 - 13:19:36 - [] ----D C:\Users\ADMIN\AppData\Local\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 03/06/2014 - 01:30:37 - [] ----D C:\Users\ADMIN\AppData\Local\Bao_Nguyen
O43 - CFD: 16/07/2014 - 18:51:04 - [] --H-D C:\Users\ADMIN\AppData\Local\Io6Cyfh0L
O43 - CFD: 16/07/2014 - 18:51:04 - [] --H-D C:\Users\ADMIN\AppData\Local\L3sHlyGKX5L3kZ
O43 - CFD: 01/03/2015 - 21:44:03 - [] ----D C:\Users\ADMIN\AppData\Local\mslugx
~ Program Folder: 343 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0651C13AC7060A64E97A198AD576FE14] - 07/06/2015 - 16:19:52 ---A- . (...) -- C:\Windows\lgfwup.ini [344]
O44 - LFC:[MD5.682AE0FFA6A865A8D137C43139BB4BCD] - 25/05/2015 - 15:33:34 ---A- . (...) -- C:\Windows\diagerr.xml [1905]
O44 - LFC:[MD5.682AE0FFA6A865A8D137C43139BB4BCD] - 25/05/2015 - 15:33:34 ---A- . (...) -- C:\Windows\diagwrn.xml [1905]
~ Files: 13 Legitimates Filtered in 00mn 46s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{8ef17559-e2bb-11e4-98bd-001fc64eda28}\AutoRun\command. (...) -- I:\Startme.exe (.not file.)
O51 - MPSK:{9fa746f7-883d-11e4-b22e-001fc64eda28}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{9fa74700-883d-11e4-b22e-001fc64eda28}\AutoRun\command. (...) -- P:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 10 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:29/08/2007 - 09:44:38 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\ADIHdAud.sys [435200]
O58 - SDL:08/10/2012 - 18:52:52 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys [31968]
O58 - SDL:29/03/2005 - 00:30:38 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [8192]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:25/10/2014 - 21:52:20 ---A- . (.Windows (R) Win 7 DDK provider - Filter Driver for HID-KMDF Interface.) -- C:\Windows\System32\Drivers\hidkmdf.sys [14136]
O58 - SDL:29/04/2009 - 15:28:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [30208]
O58 - SDL:15/03/2009 - 11:32:56 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\System32\Drivers\scdemu.sys [85424]
O58 - SDL:03/01/2008 - 17:13:48 ---A- . (.PixArt Imaging Inc. - SPC230NC.) -- C:\Windows\System32\Drivers\SPC230NC.SYS [531968]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 77 Legitimates Filtered in 00mn 01s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {37714376-6DBB-4236-89E2-BA77E89685AC} - ((www.google.com) Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {953C64FE-04FB-494C-8C41-6905E31C1AB5} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{FE82A4E9-917F-47D1-89DC-5EA84B094498}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- D:\Logiciels\Utilitaires\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{81028BB3-4251-451F-B584-9292EA36808B}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- D:\Logiciels\Utilitaires\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{23587AE6-0EA6-4C24-878C-192FCE321E9D}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{F040E801-3B55-4C1D-9C99-90A9AE1D063A}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\ADMIN\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 09s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.95533552AFBF8719B6D3264F3A4E5D9B] [WIS][26/05/2015] (.APN, LLC - Search App by Ask.) -- C:\Windows\Installer\2123fb8.msi [528384] =>Toolbar.Ask
[MD5.8855552919EDB0C2E28D1AC589FD5162] [WIS][28/04/2015] (.APN, LLC - Search App by Ask.) -- C:\Windows\Installer\4a71fb.msi [516096] =>Toolbar.Ask
~ WIS: 2 Legitimates Filtered in 00mn 09s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 187 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 06/06/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 13/12/2012 12288 | (Autodesk Content Service) . (.Autodesk, Inc..) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SS - | Auto 02/09/2013 243464 | (CLKMSVC10_38F51D56) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
SS - | Demand 02/06/2014 1471352 | (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 02/06/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 02/06/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/04/2015 1931632 | (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe
SS - | Auto 11/12/2014 315496 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 08/02/2014 569024 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 09/02/2015 792016 | (TunngleService) . (.Tunngle.net GmbH.) - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
SR - | Auto 12/09/2009 891432 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
SR - | Auto 11/09/2007 124832 | (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/06/2007 89088 | (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.exe
SR - | Auto 03/06/2014 2326920 | (afcdpsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
SR - | Auto 13/11/2013 1452408 | (ArcGIS License Manager) . (.Flexera Software LLC.) - C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
SR - | Demand 29/11/2014 1074480 | (FlexNet Licensing Service) . (.Flexera Software LLC.) - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
SR - | Auto 16/01/2015 1148744 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SR - | Auto 12/01/2011 120128 | (McAfeeFramework) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
SR - | Auto 05/06/2014 190256 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
SR - | Auto 12/01/2011 209760 | (McTaskManager) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
SR - | Auto 05/06/2014 156248 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SR - | Auto 14/09/2011 86016 | (mi-raysat_3dsmax2013_64) . (...) - C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe
SR - | Auto 16/01/2015 1706312 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 16/01/2015 21833544 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 13/03/2015 935056 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 29/01/2013 1069408 | (Soda PDF 5 Helper Service) . (.LULU Software.) - C:\Program Files (x86)\Soda PDF 5\HelperService.exe
SR - | Auto 29/01/2013 794464 | (Soda PDF 5 Service) . (.LULU Software.) - C:\Program Files (x86)\Soda PDF 5\ConversionService.exe
SR - | Auto 13/03/2015 410768 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 22/12/2014 671512 | (WTabletServicePro) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 16s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/2015)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 3
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1C01}] =>Toolbar.Ask^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6}] =>Toolbar.Agent
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.AskBar^
C:\ProgramData\AskPartnerNetwork =>Toolbar.AskBar^
C:\Users\ADMIN\AppData\Local\AskPartnerNetwork =>Toolbar.AskBar^
C:\Windows\Installer\2123fb8.msi =>Toolbar.Ask^
C:\Windows\Installer\4a71fb.msi =>Toolbar.Ask^
~ Additionnel Scan: 814998 Items scanned in 02mn 37s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskBar
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
~ MSI: 3 link(s) detected in 00mn 00s



~ 1199 Legitimates filtered by white list
End of the scan (735 lines in 05mn 11s)(0.11)

Publicité


Signaler le contenu de ce document

Publicité