~ ZHPDiag v2015.10.10.148 By Nicolas Coolman (2015/10/10) ~ Run by lma (Administrator) (2015/10/13 17:49:47) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\lma\Desktop\ZHPDiag.txt ~ Report: C:\Users\lma\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 2008R2, 64-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (2) - 0s MFIE: Mozilla Firefox (3.5.9) v3.5.9 (fr) MSIE: Internet Explorer v8.0.7601.17514 ---\\ Windows Product Information (3) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (1) - 7s McAfee VirusScan Enterprise v8.8.00000 ---\\ System protection software (Superfluous) (1) - 7s McAfee Security Scan Plus v3.8.150.1 ---\\ System optimization software (1) - 7s CCleaner ---\\ Surveillance software (2) - 7s Adobe Flash Player 15 Plugin Adobe Reader 8 - Français ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 15 Stepping 11, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 4183.544 MB (31% free) ~ System Restore: Activé (Enable) ~ System drive C: has 41 GB free of 100 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: SRV-PARTAGE ~ User Name: lma ~ Logged in as Administrator ---\\ Enumeration of the disk units (5) - 6s ~ Drive C: has 41 GB free of 100 GB (System) ~ Drive E: has 76 GB free of 422 GB ~ Drive F: has 51 GB free of 429 GB ~ Drive G: has 45 GB free of 953 GB ~ Drive H: has 144 GB free of 610 GB ---\\ State of the Windows Security Center (8) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (25) - 5s [MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2872320] © [MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568] © [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [129024] © [MD5.5285BD77AD596B645150073F61EC8466] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [1188864] © [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [390656] © [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [232448] © [MD5.492D07D79E7024CA310867B526D9636D] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\Windows\System32\dnsapi.dll [357888] © [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\Windows\Syswow64\dnsapi.dll [270336] © [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [498688] © [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128] © [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160] © [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456] © [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400] © [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368] © [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472] © [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224] © [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208] © [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632] © [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1656680] © [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [97280] © [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] © [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888] © [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184] © [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296] © [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [295808] © ---\\ Process running (84) - 6s [MD5.58BF7714A312698108A96D0DE2BB6825] - (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) -- C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584] [PID.1372] © [MD5.7EA8AC41A2E8426EC7079C44DBA1D254] - (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity - Service.) -- C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008] [PID.1508] © [MD5.20F77F14FE972AA028454047632B2AC8] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [226624] [PID.1604] © [MD5.EDEF631EF2E0C8D7A208C383816C055C] - (.McAfee, Inc. - Framework Service.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [127520] [PID.1672] © [MD5.113C20EB4982C5670F49718441BEE76D] - (.McAfee, Inc. - Task Manager.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760] [PID.1736] © [MD5.45F1580C7C9F49A68B72EF2CCEFEF3A3] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\Windows\system32\mfevtps.exe [156248] [PID.1768] © [MD5.54BAAF892AB8F092BD22CACCB5D98495] - (.McAfee, Inc. - VSCore Announcer.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe [33648] [PID.1888] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.1956] © [MD5.2FE9CCA70947F9E0F00FBD0189A3615C] - (.McAfee, Inc. - NAI Product Manager.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe [338976] [PID.2016] © [MD5.F1D29D9C5DB9C144769F5CD7212BE555] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\SysWOW64\vmnat.exe [435864] [PID.1480] © [MD5.3DFF152846E5B35CB1272BE5757BF275] - (.VMware, Inc. - VMware Converter Service.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479960] [PID.2080] © [MD5.BC144B11A82D7090D0E99499BDE5F71E] - (.VMware, Inc. - VMware Converter Service.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960] [PID.2216] © [MD5.BC144B11A82D7090D0E99499BDE5F71E] - (.VMware, Inc. - VMware Converter Service.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960] [PID.2240] © [MD5.00315DC847778D65728197B63803B523] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [190256] [PID.2396] © [MD5.7171B884DA8BFB1CE5C8BAE46D993CB1] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872] [PID.2528] © [MD5.03A7980C30E9F00F1EAC752612DC80CE] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\SysWOW64\vmnetdhcp.exe [357016] [PID.2696] © [MD5.C4C8A2EC68EDBED15EB7C723F81D591C] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [898640] [PID.2720] © [MD5.7B8CFD0EB3ADBF6717AA99B9DC07926F] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\Windows\system32\CNAB4RPD.EXE [63936] [PID.2972] © [MD5.BFD9121CD89E09AE53B132D98FA091B9] - (.McAfee, Inc. - McAfee Telemetry Service.) -- C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe [199536] [PID.2176] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4792] [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.2152] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.4708] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.3436] © [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.4488] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4656] [MD5.45E1121E6BA2D9677B3A61C2E0466B5A] - (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe [215360] [PID.5020] © [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.3712] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.4960] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.3776] © [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.3196] © [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.5304] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.4692] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.3008] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4968] [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.2392] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6172] [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.5528] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.6180] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.6108] © [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.6304] © [MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.6068] © [MD5.74557BFD04530E512DBB9C151C4DA110] - (.McAfee, Inc. - McAfee.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\McUICnt.exe [499384] [PID.4756] © [MD5.74557BFD04530E512DBB9C151C4DA110] - (.McAfee, Inc. - McAfee.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\McUICnt.exe [499384] [PID.5192] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6120] [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.4188] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.6684] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.6808] © [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.3068] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6948] [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.6140] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.3116] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.5416] © [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.3928] © [MD5.E17E53F297560C31631C4AC549385AE3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\a.ait abdelmalek\AppData\Roaming\uTorrent\uTorrent.exe [1822048] [PID.7900] [MD5.9AD0D1AAF2FDBE902FF6AC6F8C858C5F] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\a.ait abdelmalek\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe [336896] [PID.8056] [MD5.9AD0D1AAF2FDBE902FF6AC6F8C858C5F] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\a.ait abdelmalek\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe [336896] [PID.7120] [MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.7428] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.1588] [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.7936] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.7908] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.6184] © [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.5088] © [MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.3864] © [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.2168] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.6264] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.792] © [MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.6424] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.8016] [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.7984] © [MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.5200] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4720] [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.8160] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.5592] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.7940] © [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.6688] © [MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.5180] © [MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6532] [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.5240] © [MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.7680] © [MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.5864] © [MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.4144] © [MD5.6BDB90D0D8235A746F3C0F554B6F7181] - (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808] [PID.4732] © [MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.7948] © [MD5.1D45319619579DDA7DE8DE9BB1E3079E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\l.ouyahia\Desktop\ZHPDiag3.exe [1943040] [PID.4788] © ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 0s P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} © P2 - EXT: (.IE Tab Team - IE Tab.) -- C:\Users\lma\AppData\Roaming\Mozilla\Firefox\Profiles\61vthw6e.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} © ---\\ Internet Explorer Extensions, Start, Search (19) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/hardadmin.htm R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) © F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) © F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) © ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (23) ---\\ Browser Helper Object (BHO) (1) - 0s O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20141210162447.dll © ---\\ Auto loading programs from Registry and folders (10) - 0s O4 - HKLM\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE © O4 - HKCU\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE © O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe O4 - HKLM\..\Wow6432Node\Run: [ShStatEXE] . (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe © O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe © O4 - HKLM\..\Wow6432Node\Run: [tvncontrol] . (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe © O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE © O4 - HKLM\..\Wow6432Node\Run: [vmware-tray.exe] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe © O4 - HKLM\..\Wow6432Node\Run: [Cobian Backup 11 interface] . (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe © O4 - HKLM\..\Wow6432Node\Run: [McAfeeUpdaterUI] . (.McAfee, Inc. - Common User Interface.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe © ---\\ Lop.com/Domain Hijackers (3) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 192.168.90.1,192.168.90.2 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 192.168.90.1,192.168.90.2 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 192.168.90.1,192.168.90.2 ---\\ Extra protocols (24) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: dssrequest [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll © O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: gopher [64Bits] - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll © O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll © O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: sacore [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll © O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © ---\\ Non Microsoft non disabled Windows Services (18) - 1s O23 - Service: Apache2.2 (Apache2.2) . (.Apache Software Foundation - Apache HTTP Server.) - C:\xampp\apache\bin\httpd.exe © O23 - Service: Cobian Backup 11 Service « Volume Shadow Copy » (cbVSCService11) . (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe © O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) . (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity - Service.) - C:\Program Files (x86)\Cobian Backup 11\cbService.exe © O23 - Service: McAfee SiteAdvisor Enterprise Service (McAfee SiteAdvisor Enterprise Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe © O23 - Service: McAfee Framework Service (McAfeeFramework) . (.McAfee, Inc. - Framework Service.) - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe © O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe © O23 - Service: McAfee Task Manager (McTaskManager) . (.McAfee, Inc. - Task Manager.) - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe © O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Windows\system32\mfevtps.exe © O23 - Service: MySQL (MySQL) . (...) - C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini MySQL (.not file.) O23 - Service: McAfee Product Improvement Program (Telemetryserver) . (.McAfee, Inc. - McAfee Telemetry Service.) - C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe © O23 - Service: TightVNC Server (tvnserver) . (.GlavSoft LLC. - TightVNC Server for Windows.) - C:\Program Files (x86)\TightVNC\tvnserver.exe © O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe © O23 - Service: VMware DHCP Service (VMnetDHCP) . (...) - C:\Windows\System32\vmnetdhcp.exe (.not file.) O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe © O23 - Service: VMware NAT Service (VMware NAT Service) . (...) - C:\Windows\System32\vmnat.exe (.not file.) O23 - Service: VMware vCenter Converter Standalone Agent (vmware-converter-agent) . (.VMware, Inc. - VMware Converter Service.) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe © O23 - Service: VMware vCenter Converter Standalone Server (vmware-converter-server) . (.VMware, Inc. - VMware Converter Service.) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe © O23 - Service: VMware vCenter Converter Standalone Worker (vmware-converter-worker) . (.VMware, Inc. - VMware Converter Service.) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe © ---\\ Task Planned Automatically (2) - 3s [MD5.00000000000000000000000000000000] [APT] [copieMessagerie] (...) -- C:\Users\lma\Desktop\winscp514\backup.exe (.not file.) [0] O39 - APT: copieMessagerie - (...) -- C:\Windows\System32\Tasks\copieMessagerie [3234] ---\\ Software installed (64) - 7s O42 - Logiciel: Canon LBP2900 - (...) [HKLM][64Bits] -- Canon LBP2900 O42 - Logiciel: Canon LBP6020 - (...) [HKLM][64Bits] -- Canon LBP6020 O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM][64Bits] -- {0D94F75A-0EA6-4951-B3AF-B145FA9E05C6} © O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM][64Bits] -- 7-Zip O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin © O42 - Logiciel: Areca - (...) [HKLM][64Bits] -- Areca O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner © O42 - Logiciel: Cobian Backup 11 Gravity - (...) [HKLM][64Bits] -- CobBackup11 O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan © O42 - Logiciel: Microsoft Report Viewer Redistributable 2008 SP1 - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Report Viewer Redistributable 2008 (KB971119) © O42 - Logiciel: Mozilla Firefox (3.5.9) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.5.9) © O42 - Logiciel: Mozilla Firefox 12.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 12.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 19.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 19.0.2 (x86 fr) © O42 - Logiciel: Mozilla Firefox 23.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 23.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0.1 (x86 fr) © O42 - Logiciel: Mozilla Firefox 24.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 24.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 25.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 25.0.1 (x86 fr) © O42 - Logiciel: Mozilla Firefox 26.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 26.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 27.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 27.0.1 (x86 fr) © O42 - Logiciel: Mozilla Firefox 28.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 28.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 29.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 29.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0.1 (x86 fr) © O42 - Logiciel: Mozilla Firefox 30.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 30.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 31.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 31.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 32.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 32.0.2 (x86 fr) © O42 - Logiciel: Mozilla Firefox 33.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 33.0.2 (x86 fr) © O42 - Logiciel: Mozilla Firefox 33.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 33.1 (x86 fr) © O42 - Logiciel: Mozilla Firefox 34.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 34.0.5 (x86 fr) © O42 - Logiciel: Mozilla Firefox 35.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 35.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 35.0.1 (x86 fr) © O42 - Logiciel: Mozilla Firefox 36.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 36.0.1 (x86 fr) © O42 - Logiciel: Mozilla Firefox 37.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 37.0.2 (x86 fr) © O42 - Logiciel: Mozilla Firefox 38.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.1 (x86 fr) © O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 fr) © O42 - Logiciel: Mozilla Firefox 39.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 fr) © O42 - Logiciel: Mozilla Firefox 39.0.3 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0.3 (x86 fr) © O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 fr) © O42 - Logiciel: Mozilla Thunderbird 38.3.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 38.3.0 (x86 fr) © O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService © O42 - Logiciel: OCS Inventory NG Agent 2.1.1.1 - (.OCS Inventory NG Team.) [HKLM][64Bits] -- OCS Inventory NG Agent O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO © O42 - Logiciel: TightVNC 2.0.4 - (.GlavSoft LLC..) [HKLM][64Bits] -- TightVNC © O42 - Logiciel: Undelete 360 - (.File Recovery Ltd..) [HKLM][64Bits] -- Undelete 360_is1 © O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive © O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM][64Bits] -- VMware_Workstation © O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst © O42 - Logiciel: Archiveur WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Wireshark 1.10.1 (32-bit) - (.The Wireshark developer community, http://www.wireshark.org.) [HKLM][64Bits] -- Wireshark © O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM][64Bits] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249} © O42 - Logiciel: McAfee SiteAdvisor Enterprise Plus - (.McAfee, Inc..) [HKLM][64Bits] -- {00FC3F65-86EB-475E-881F-A5B1CF731320} © O42 - Logiciel: VMware vSphere Client 5.1 - (.VMware, Inc..) [HKLM][64Bits] -- {09DC364B-A77A-49A0-972B-E43F0DACC5E3} © O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM][64Bits] -- {197597A7-AD33-4898-9D8E-73066818B464} © O42 - Logiciel: VMware vCenter Converter Standalone - (.VMware, Inc..) [HKLM][64Bits] -- {2BCC4907-4205-4338-BDA5-94F183144C35} © O42 - Logiciel: VMware vSphere Client 5.5 - (.VMware, Inc..) [HKLM][64Bits] -- {4CFB0494-2E96-4631-8364-538E2AA91324} © O42 - Logiciel: McAfee Virtual Technician - (.McAfee, Inc..) [HKLM][64Bits] -- {755C429E-DAB8-4DA4-83E5-FFC4629AFBA7} © O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM][64Bits] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4} © O42 - Logiciel: Adobe Reader 8 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A80000000002} © O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM][64Bits] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D} © O42 - Logiciel: McAfee VirusScan Enterprise - (.McAfee, Inc..) [HKLM][64Bits] -- {CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF} © O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM][64Bits] -- {D102611A-6466-4101-A51D-51069303AC65} © O42 - Logiciel: McAfee Product Improvement Program - (.McAfee, Inc..) [HKLM][64Bits] -- {D45EAF28-A176-41B3-98B7-20375F0A1ADF} © O42 - Logiciel: McAfee Agent - (.McAfee, Inc..) [HKLM][64Bits] -- {EBF3D65F-011E-44D2-8F4F-C74B52682EDD} © O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM][64Bits] -- {FFD9383C-01D5-4897-A954-43AF599AED30} © O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent ---\\ HKCU & HKLM Software Keys (64) - 7s HKLM\SOFTWARE\Wow6432Node\7-Zip HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\Areca HKLM\SOFTWARE\Wow6432Node\CCleaner HKLM\SOFTWARE\Wow6432Node\CobianSoft HKLM\SOFTWARE\Wow6432Node\Data Fellows HKLM\SOFTWARE\Wow6432Node\Elaborate Bytes HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\Greatis HKLM\SOFTWARE\Wow6432Node\hMailServer HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial) HKLM\SOFTWARE\Wow6432Node\McAfee HKLM\SOFTWARE\Wow6432Node\McAfee.com HKLM\SOFTWARE\Wow6432Node\mcafeeupdater HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Network Associates HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\PowerISO HKLM\SOFTWARE\Wow6432Node\SpeedyPC Software =>PUP.Optional.SpeedyPC HKLM\SOFTWARE\Wow6432Node\Symantec HKLM\SOFTWARE\Wow6432Node\ThinPrint HKLM\SOFTWARE\Wow6432Node\TightVNC HKLM\SOFTWARE\Wow6432Node\VMware, Inc. HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\WinPcap HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\--((Mutex))-- HKCU\SOFTWARE\7-Zip HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\AppID HKCU\SOFTWARE\ASProtect HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Canon HKCU\SOFTWARE\ClearApps HKCU\SOFTWARE\Elaborate Bytes HKCU\SOFTWARE\Greatis HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Malwarebytes' Anti-Malware HKCU\SOFTWARE\McAfee HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ORL HKCU\SOFTWARE\PowerISO HKCU\SOFTWARE\Regrun HKCU\SOFTWARE\SpeedyPC Software =>PUP.Optional.SpeedyPC HKCU\SOFTWARE\Symantec HKCU\SOFTWARE\undelete360 HKCU\SOFTWARE\VMware HKCU\SOFTWARE\VMware, Inc. HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\Wireshark HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\xtremeRAT HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\ThinPrint ---\\ Contents of the Common Files folders (136) - 10s O43 - CFD: 2014/10/14 15:26:35 - [] D -- C:\Program Files (x86)\7-Zip O43 - CFD: 2014/10/28 14:39:38 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 2013/01/28 12:00:57 - [] D -- C:\Program Files (x86)\Advanced Fix 2012 O43 - CFD: 2015/02/10 16:06:04 - [] D -- C:\Program Files (x86)\Areca O43 - CFD: 2013/08/11 09:50:39 - [0] D -- C:\Program Files (x86)\BackupAssist v7 O43 - CFD: 2013/01/28 09:53:37 - [] D -- C:\Program Files (x86)\CCleaner O43 - CFD: 2012/01/17 12:50:23 - [] D -- C:\Program Files (x86)\ClearApps O43 - CFD: 2013/09/23 16:28:13 - [] D -- C:\Program Files (x86)\Cobian Backup 11 O43 - CFD: 2014/10/28 14:39:38 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 2013/02/19 09:14:26 - [] D -- C:\Program Files (x86)\Elaborate Bytes O43 - CFD: 2012/12/08 14:33:59 - [] D -- C:\Program Files (x86)\F-Secure O43 - CFD: 2015/08/09 11:54:30 - [] D -- C:\Program Files (x86)\File Recovery O43 - CFD: 2013/08/10 12:37:06 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2012/12/03 13:32:42 - [] D -- C:\Program Files (x86)\Ipswitch O43 - CFD: 2015/02/10 16:26:09 - [] D -- C:\Program Files (x86)\Java O43 - CFD: 2015/03/22 12:04:14 - [] D -- C:\Program Files (x86)\McAfee O43 - CFD: 2014/06/27 22:32:33 - [] D -- C:\Program Files (x86)\McAfee Security Scan O43 - CFD: 2013/08/11 10:55:59 - [] D -- C:\Program Files (x86)\Microsoft SDKs O43 - CFD: 2013/08/11 11:55:03 - [] D -- C:\Program Files (x86)\Microsoft SQL Server O43 - CFD: 2013/08/11 10:56:06 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 9.0 O43 - CFD: 2013/08/11 11:55:26 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2015/09/27 07:35:07 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2015/10/13 10:13:48 - [0] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 2015/10/13 10:13:47 - [] D -- C:\Program Files (x86)\Mozilla Thunderbird O43 - CFD: 2012/11/04 10:15:00 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 2012/10/31 14:17:51 - [] D -- C:\Program Files (x86)\MySQL O43 - CFD: 2012/12/18 09:23:25 - [] D -- C:\Program Files (x86)\OCS Inventory Agent O43 - CFD: 2014/06/09 11:36:57 - [] D -- C:\Program Files (x86)\PowerISO O43 - CFD: 2012/11/04 10:15:00 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2013/08/11 09:58:46 - [] D -- C:\Program Files (x86)\SQL Server Backup O43 - CFD: 2013/01/28 09:55:59 - [0] D -- C:\Program Files (x86)\stinger O43 - CFD: 2015/04/24 19:48:09 - [] D -- C:\Program Files (x86)\TightVNC O43 - CFD: 2012/12/02 11:00:30 - [] D -- C:\Program Files (x86)\UnHackMe O43 - CFD: 2009/07/14 06:06:53 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 2015/03/07 11:09:27 - [] D -- C:\Program Files (x86)\VMware O43 - CFD: 2010/11/21 04:33:07 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 2009/07/14 06:37:10 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 2012/11/25 08:58:07 - [0] D -- C:\Program Files (x86)\WinMerge O43 - CFD: 2013/08/25 10:47:27 - [] D -- C:\Program Files (x86)\WinPcap O43 - CFD: 2012/12/10 15:38:27 - [] D -- C:\Program Files (x86)\WinRAR O43 - CFD: 2013/08/25 10:47:35 - [] D -- C:\Program Files (x86)\Wireshark O43 - CFD: 2014/10/14 15:26:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip O43 - CFD: 2009/07/14 05:58:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2013/02/25 14:11:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/02/10 16:06:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Areca O43 - CFD: 2014/04/28 09:10:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bacula O43 - CFD: 2015/01/15 14:09:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller O43 - CFD: 2013/09/23 16:28:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11 O43 - CFD: 2013/02/19 09:14:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/03/22 12:04:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee O43 - CFD: 2014/06/27 22:32:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus O43 - CFD: 2013/01/23 09:38:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox O43 - CFD: 2013/08/11 11:58:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Inventory Advisor O43 - CFD: 2012/10/30 09:32:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHP 5 O43 - CFD: 2014/06/09 11:36:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO O43 - CFD: 2011/10/30 17:42:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programme de désinstal. imprimante Canon O43 - CFD: 2014/10/28 14:40:03 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2014/12/25 10:33:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TightVNC O43 - CFD: 2014/12/16 11:46:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulteo O43 - CFD: 2015/08/09 11:54:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360 O43 - CFD: 2015/08/03 10:50:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware O43 - CFD: 2013/08/25 10:47:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap O43 - CFD: 2012/12/10 15:38:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2014/10/28 14:40:09 - [] D -- C:\ProgramData\Adobe O43 - CFD: 2015/02/04 10:50:40 - [] D -- C:\ProgramData\APN =>Toolbar.Ask O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2013/08/11 09:20:10 - [] D -- C:\ProgramData\BackupAssist v7 O43 - CFD: 2012/12/08 15:37:12 - [] HD -- C:\ProgramData\CanonBJ O43 - CFD: 2013/08/11 08:46:23 - [] D -- C:\ProgramData\DataBK O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 2011/09/13 11:02:19 - [] D -- C:\ProgramData\GroupPolicy O43 - CFD: 2013/01/28 12:14:18 - [] D -- C:\ProgramData\Kaspersky Lab O43 - CFD: 2012/12/03 12:50:02 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 2015/05/06 22:05:22 - [] D -- C:\ProgramData\McAfee O43 - CFD: 2014/06/27 22:32:36 - [] D -- C:\ProgramData\McAfee Security Scan O43 - CFD: 2013/08/11 11:00:37 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2013/08/11 11:51:37 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2012/10/31 14:17:51 - [] D -- C:\ProgramData\MySQL O43 - CFD: 2012/12/18 09:22:40 - [] D -- C:\ProgramData\OCS Inventory NG O43 - CFD: 2015/02/10 16:17:24 - [] D -- C:\ProgramData\Oracle O43 - CFD: 2012/12/02 10:58:22 - [] D -- C:\ProgramData\RegRun O43 - CFD: 2012/12/02 11:10:38 - [] D -- C:\ProgramData\SpeedyPC Software =>PUP.Optional.SpeedyPC O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2013/02/23 14:25:57 - [] D -- C:\ProgramData\Sun O43 - CFD: 2012/11/04 10:10:39 - [] D -- C:\ProgramData\Symantec O43 - CFD: 2014/06/26 14:42:39 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2014/12/16 11:46:09 - [] D -- C:\ProgramData\ulteo O43 - CFD: 2015/09/27 07:35:56 - [] D -- C:\ProgramData\VMware O43 - CFD: 2014/10/28 14:39:55 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2015/05/06 22:05:21 - [] D -- C:\Program Files (x86)\Common Files\McAfee O43 - CFD: 2013/08/11 11:53:48 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 2013/05/27 22:27:15 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 2015/08/04 08:50:50 - [] D -- C:\Program Files (x86)\Common Files\VMware O43 - CFD: 2012/12/27 16:08:28 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 2014/10/28 14:40:34 - [] D -- C:\Users\lma\AppData\Roaming\Adobe O43 - CFD: 2012/12/02 11:05:43 - [] D -- C:\Users\lma\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic O43 - CFD: 2014/03/06 15:59:26 - [] D -- C:\Users\lma\AppData\Roaming\GretagMacbeth O43 - CFD: 2012/12/11 17:40:48 - [] D -- C:\Users\lma\AppData\Roaming\Malwarebytes O43 - CFD: 2012/01/22 08:55:44 - [] D -- C:\Users\lma\AppData\Roaming\McAfee O43 - CFD: 2015/06/03 12:53:49 - [] SD -- C:\Users\lma\AppData\Roaming\Microsoft O43 - CFD: 2013/01/23 09:40:44 - [] D -- C:\Users\lma\AppData\Roaming\Mozilla O43 - CFD: 2012/12/02 11:05:43 - [] D -- C:\Users\lma\AppData\Roaming\SpeedyPC Software =>PUP.Optional.SpeedyPC O43 - CFD: 2015/10/13 10:14:02 - [] D -- C:\Users\lma\AppData\Roaming\Thunderbird O43 - CFD: 2014/12/22 09:19:59 - [] D -- C:\Users\lma\AppData\Roaming\TightVNC O43 - CFD: 2015/10/13 17:14:21 - [] D -- C:\Users\lma\AppData\Roaming\uTorrent O43 - CFD: 2015/07/30 14:22:05 - [] D -- C:\Users\lma\AppData\Roaming\VMware O43 - CFD: 2012/12/24 12:15:57 - [0] D -- C:\Users\lma\AppData\Roaming\WinRAR O43 - CFD: 2015/10/13 17:50:19 - [] D -- C:\Users\lma\AppData\Roaming\ZHP O43 - CFD: 2012/01/31 16:55:16 - [] D -- C:\Users\lma\AppData\Roaming\ZqWare O43 - CFD: 2015/08/26 22:03:04 - [] D -- C:\Users\lma\AppData\Local\Adobe O43 - CFD: 2011/09/06 08:55:27 - [0] SHD -- C:\Users\lma\AppData\Local\Application Data O43 - CFD: 2013/08/11 10:49:43 - [] D -- C:\Users\lma\AppData\Local\Diagnostics O43 - CFD: 2013/08/11 09:18:04 - [] D -- C:\Users\lma\AppData\Local\Downloaded Installations O43 - CFD: 2011/09/06 08:55:27 - [0] SHD -- C:\Users\lma\AppData\Local\History O43 - CFD: 2013/08/11 11:00:38 - [] D -- C:\Users\lma\AppData\Local\Microsoft O43 - CFD: 2013/08/11 11:06:11 - [] D -- C:\Users\lma\AppData\Local\Microsoft Help O43 - CFD: 2013/08/11 11:05:09 - [] D -- C:\Users\lma\AppData\Local\Microsoft_Corporation O43 - CFD: 2013/01/23 09:40:36 - [] D -- C:\Users\lma\AppData\Local\Mozilla O43 - CFD: 2013/08/11 08:46:09 - [] D -- C:\Users\lma\AppData\Local\Programs O43 - CFD: 2013/09/23 15:27:04 - [0] D -- C:\Users\lma\AppData\Local\Safe mirror O43 - CFD: 2015/10/13 17:49:35 - [] D -- C:\Users\lma\AppData\Local\Temp O43 - CFD: 2011/09/06 08:55:27 - [0] SHD -- C:\Users\lma\AppData\Local\Temporary Internet Files O43 - CFD: 2015/10/13 10:14:06 - [] D -- C:\Users\lma\AppData\Local\Thunderbird O43 - CFD: 2013/08/11 08:46:40 - [] D -- C:\Users\lma\AppData\Local\VirtualStore O43 - CFD: 2015/08/03 10:36:51 - [] D -- C:\Users\lma\AppData\Local\VMware O43 - CFD: 2009/07/14 05:58:02 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2013/08/10 12:39:51 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2009/07/14 05:53:47 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2014/06/26 15:48:13 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2012/12/24 12:16:07 - [] D -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll © O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll © ---\\ System Drivers List (61) - 7s O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] © O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] © O58 - SDL:2010/11/21 04:24:00 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] © O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] © O58 - SDL:2010/11/21 04:24:00 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] © O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] © O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] © O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] © O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] © O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] © O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] © O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] © O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] © O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] © O58 - SDL:2010/12/16 23:58:14 A . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys [40816] © O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] © O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] © O58 - SDL:2013/08/05 17:10:48 A . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\drivers\hcmon.sys [52816] © O58 - SDL:2010/11/21 04:24:00 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] © O58 - SDL:2010/11/21 04:24:00 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] © O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] © O58 - SDL:2009/06/10 21:34:18 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\Windows\System32\drivers\L1C62x64.sys [57344] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] © O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\System32\drivers\mfeapfk.sys [153952] © O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\System32\drivers\mfeavfk.sys [217696] © O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\System32\drivers\mfeclnk.sys [9984] © O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\drivers\mfehidk.sys [607152] © O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\System32\drivers\mferkdet.sys [97960] © O58 - SDL:2013/01/23 09:27:41 A . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\System32\drivers\mfewfpk.sys [281544] © O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] © O58 - SDL:2013/03/01 02:49:12 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600] © O58 - SDL:2010/11/21 04:24:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] © O58 - SDL:2010/11/21 04:24:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] © O58 - SDL:2009/06/10 21:35:30 A . (.Intel Corporation - Intel(R) 5000 Series Chipsets Integrated De.) -- C:\Windows\System32\drivers\qd260x64.sys [35328] © O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] © O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] © O58 - SDL:2012/02/09 07:06:36 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [125376] © O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] © O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] © O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] © O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] © O58 - SDL:2011/01/15 17:21:04 A . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\Windows\System32\drivers\VClone.sys [36352] © O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] © O58 - SDL:2012/07/06 12:29:52 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\drivers\vmci.sys [85104] © O58 - SDL:2012/08/15 15:16:50 A . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\Windows\System32\drivers\vmnet.sys [24216] © O58 - SDL:2012/08/15 15:16:50 A . (.VMware, Inc. - VMware virtual network adapter driver (64-b.) -- C:\Windows\System32\drivers\vmnetadapter.sys [20120] © O58 - SDL:2012/08/15 15:16:52 A . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\Windows\System32\drivers\vmnetbridge.sys [45720] © O58 - SDL:2012/08/15 15:18:08 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\Windows\System32\drivers\vmnetuserif.sys [30360] © O58 - SDL:2012/08/15 15:18:00 A . (.VMware, Inc. - VMware parallel port driver.) -- C:\Windows\System32\drivers\VMparport.sys [31384] © O58 - SDL:2012/08/15 15:18:16 A . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\drivers\vmx86.sys [67224] © O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] © O58 - SDL:2012/07/06 12:29:52 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\Windows\System32\drivers\vsock.sys [70256] © ---\\ Last modified or created user files (3) - 5s O61 - LFC: 2015/10/13 16:18:34 A . (.BitTorrent Inc..) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe [1822048] O61 - LFC: 2015/10/13 15:57:26 A . (.BitTorrent Inc..) -- C:\Users\lma\AppData\Roaming\uTorrent\updates\3.4.5_41202.exe [1822048] O61 - LFC: 2015/10/13 16:18:39 A . (.BitTorrent Inc..) -- C:\Users\lma\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe [336896] ---\\ File Associations Shell Spawning (11) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe © O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe © O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe © ---\\ Start Menu Internet (8) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © ---\\ Search Browser Infection (1) - 10s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ ---\\ Search Svchost Services (32) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] © O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] © O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] © O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] © O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] © O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [853504] © O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [679424] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] © O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2428952] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] © O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569856] © O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] © O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] © O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] © O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] © O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] © O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] © O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] © O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] © O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] © O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] © O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] © O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] © O83 - Search Svchost Services: sacsvr (sacsvr) . (.Microsoft Corporation - Microsoft EMS SAC Service.) -- C:\Windows\system32\sacsvr.dll [14848] © ---\\ Firewall Active Exception List (23) - 4s O87 - FAEL: "{F2663557-4ED2-4D86-A311-C142AFEFAFDC}" [In-None-P6-TRUE] .(...) -- C:\Program Files\UrBackupServer\urbackup_srv.exe (.not file.) O87 - FAEL: "{B4350734-1AED-461E-A357-AE65BD3CC0E7}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.) O87 - FAEL: "{55B9D3EC-4DBC-419C-8AB3-46ED64366719}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.) O87 - FAEL: "{813E98E3-40C8-413C-B064-ABC4C9F0D0A6}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.) O87 - FAEL: "{9AC7940E-BA60-4CB3-AD66-065A84CE2ABD}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.) O87 - FAEL: "{F3319443-B85C-4B26-A273-156EEEDBBE21}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.) O87 - FAEL: "{DEB98E7D-06D7-478D-805D-7289FBD81A23}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.) O87 - FAEL: "{A93549A8-FA57-45C5-A466-C17782927F95}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.) O87 - FAEL: "{4E1BD04D-6B1F-462C-A964-03152ACB637D}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.) O87 - FAEL: "{6935D6D3-4E75-43E5-BB5F-B4B92725739B}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.) O87 - FAEL: "{C51BDCF4-F1C5-48A3-91A6-3CBAED59E879}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.) O87 - FAEL: "{ECD2C1A2-10BE-4DC8-983A-F0FEEF40F5D9}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.) O87 - FAEL: "{9F9602AF-E7EC-40F8-9345-8B56E129F894}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.) O87 - FAEL: "{84C83B07-7C1D-4711-8AA0-335C1B44E0DD}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.) O87 - FAEL: "{9B5105A5-7A4A-4EA8-BC36-63F2D76B1834}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.) O87 - FAEL: "{CEBCCA6F-7589-48A5-AE6D-C68B7570C738}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.) O87 - FAEL: "{193113DC-0388-4D0C-918E-CDF4E0C2C9D3}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.) O87 - FAEL: "{85217454-9AE5-45AE-BA22-985600B50DEB}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe O87 - FAEL: "{BB2447DA-92AC-46AC-88CF-5F3E69714431}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe O87 - FAEL: "{90940932-AAC0-41EA-9145-66E9C5839175}" [In-None-P6-TRUE] .(.TightVNC Group - vncviewer.) -- C:\Program Files (x86)\TightVNC\vncviewer.exe O87 - FAEL: "{E09F0684-0A6D-4748-A788-AA113D574C3B}" [In-None-P17-TRUE] .(.TightVNC Group - vncviewer.) -- C:\Program Files (x86)\TightVNC\vncviewer.exe O87 - FAEL: "{63061250-530A-4AFB-8033-9E97A3FCDEC7}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{FD98D73E-F063-443C-A14D-EA0886771845}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe ---\\ Services not Microsoft (SR=Run, SS=Stop) (20) - 15s SS - Demand [2014/09/09 23:14:51] [ 267440] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe © SS - Auto [2011/09/10 12:43:18] [ 18432] Apache2.2 (Apache2.2) . (.Apache Software Foundation.) - C:\xampp\apache\bin\httpd.exe © SR - Auto [2013/03/07 23:07:36] [ 67584] Cobian Backup 11 Service « Volume Shadow Copy » (cbVSCService11) . (.CobianSoft, Luis Cobian.) - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe © SR - Auto [2013/03/07 23:27:02] [ 1131008] Cobian Backup 11 Gravity (CobianBackup11) . (.Luis Cobian, CobianSoft.) - C:\Program Files (x86)\Cobian Backup 11\cbService.exe © SR - Auto [2010/03/25 14:20:06] [ 226624] McAfee SiteAdvisor Enterprise Service (McAfee SiteAdvisor Enterprise Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe © SR - Auto [2013/12/04 16:08:00] [ 127520] McAfee Framework Service (McAfeeFramework) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe © SS - Demand [2014/04/09 14:12:50] [ 235696] McAfee Security Scan Component Host Service (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\3.8.150\McCHSvc.exe © SR - Auto [2013/01/23 09:27:40] [ 190256] McAfee McShield (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe © SR - Auto [2011/01/12 20:46:36] [ 209760] McAfee Task Manager (McTaskManager) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe © SR - Auto [2013/01/23 09:27:40] [ 156248] McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe © SS - Demand [2013/03/01 02:48:58] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe © SR - Auto [2015/05/08 18:05:44] [ 199536] McAfee Product Improvement Program (Telemetryserver) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe © SR - Auto [2011/08/03 14:23:54] [ 828944] TightVNC Server (tvnserver) . (.GlavSoft LLC..) - C:\Program Files (x86)\TightVNC\tvnserver.exe © SR - Auto [2012/08/15 13:19:58] [ 79872] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe © SR - Auto [2013/08/05 17:10:56] [ 898640] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe © SR - Auto [2014/03/19 05:23:24] [ 479960] VMware vCenter Converter Standalone Agent (vmware-converter-agent) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe © SR - Auto [2014/03/19 05:25:16] [ 479960] VMware vCenter Converter Standalone Server (vmware-converter-server) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe © SR - Auto [2014/03/19 05:25:16] [ 479960] VMware vCenter Converter Standalone Worker (vmware-converter-worker) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe © SS - Demand [2012/08/15 14:36:34] [15680000] VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe ---\\ Search Tracing Registry Key (4) - 3s HKLM\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASAPI32 =>.Superfluous.SpyHunter HKLM\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASMANCS =>.Superfluous.SpyHunter HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASAPI32 =>PUP.Optional.SpeedyPC HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASMANCS =>PUP.Optional.SpeedyPC ---\\ Additional Scan (O88) (10) - 0s HKLM\SOFTWARE\Wow6432Node\SpeedyPC Software =>PUP.Optional.SpeedyPC HKCU\SOFTWARE\SpeedyPC Software =>PUP.Optional.SpeedyPC C:\ProgramData\APN =>Toolbar.Ask C:\ProgramData\SpeedyPC Software =>PUP.Optional.SpeedyPC C:\Users\lma\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic C:\Users\lma\AppData\Roaming\SpeedyPC Software =>PUP.Optional.SpeedyPC HKLM64\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASAPI32 =>.Superfluous.SpyHunter HKLM64\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASMANCS =>.Superfluous.SpyHunter HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASAPI32 =>PUP.Optional.SpeedyPC HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASMANCS =>PUP.Optional.SpeedyPC ---\\ Summary of the elements found (4) - 0s http://www.nicolascoolman.fr/28224126-pup-speedypc/ =>PUP.Optional.SpeedyPC http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask http://www.nicolascoolman.fr/blog =>PUP.Optional.Paretologic http://www.nicolascoolman.fr/blog =>.Superfluous.SpyHunter ~ End of the scan, 20783 items in 108 seconds (710)(0)()