Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2015.10.10.148 By Nicolas Coolman (2015/10/10)
~ Run by lma (Administrator) (2015/10/13 17:49:47)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\lma\Desktop\ZHPDiag.txt
~ Report: C:\Users\lma\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 2008R2, 64-bit Service Pack 1 (Build 7601)
---\\ Internet Browsers (2) - 0s
MFIE: Mozilla Firefox (3.5.9) v3.5.9 (fr)
MSIE: Internet Explorer v8.0.7601.17514
---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (1) - 7s
McAfee VirusScan Enterprise v8.8.00000
---\\ System protection software (Superfluous) (1) - 7s
McAfee Security Scan Plus v3.8.150.1
---\\ System optimization software (1) - 7s
CCleaner
---\\ Surveillance software (2) - 7s
Adobe Flash Player 15 Plugin
Adobe Reader 8 - Français
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4183.544 MB (31% free)
~ System Restore: Activé (Enable)
~ System drive C: has 41 GB free of 100 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: SRV-PARTAGE
~ User Name: lma
~ Logged in as Administrator
---\\ Enumeration of the disk units (5) - 6s
~ Drive C: has 41 GB free of 100 GB (System)
~ Drive E: has 76 GB free of 422 GB
~ Drive F: has 51 GB free of 429 GB
~ Drive G: has 45 GB free of 953 GB
~ Drive H: has 144 GB free of 610 GB
---\\ State of the Windows Security Center (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (25) - 5s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2872320] ©
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568] ©
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [129024] ©
[MD5.5285BD77AD596B645150073F61EC8466] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [1188864] ©
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [390656] ©
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [232448] ©
[MD5.492D07D79E7024CA310867B526D9636D] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\Windows\System32\dnsapi.dll [357888] ©
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\Windows\Syswow64\dnsapi.dll [270336] ©
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [498688] ©
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128] ©
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160] ©
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456] ©
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400] ©
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368] ©
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472] ©
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224] ©
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208] ©
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632] ©
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1656680] ©
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [97280] ©
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] ©
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888] ©
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184] ©
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296] ©
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [295808] ©
---\\ Process running (84) - 6s
[MD5.58BF7714A312698108A96D0DE2BB6825] - (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) -- C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584] [PID.1372] ©
[MD5.7EA8AC41A2E8426EC7079C44DBA1D254] - (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity - Service.) -- C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008] [PID.1508] ©
[MD5.20F77F14FE972AA028454047632B2AC8] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [226624] [PID.1604] ©
[MD5.EDEF631EF2E0C8D7A208C383816C055C] - (.McAfee, Inc. - Framework Service.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [127520] [PID.1672] ©
[MD5.113C20EB4982C5670F49718441BEE76D] - (.McAfee, Inc. - Task Manager.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760] [PID.1736] ©
[MD5.45F1580C7C9F49A68B72EF2CCEFEF3A3] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\Windows\system32\mfevtps.exe [156248] [PID.1768] ©
[MD5.54BAAF892AB8F092BD22CACCB5D98495] - (.McAfee, Inc. - VSCore Announcer.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe [33648] [PID.1888] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.1956] ©
[MD5.2FE9CCA70947F9E0F00FBD0189A3615C] - (.McAfee, Inc. - NAI Product Manager.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe [338976] [PID.2016] ©
[MD5.F1D29D9C5DB9C144769F5CD7212BE555] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\SysWOW64\vmnat.exe [435864] [PID.1480] ©
[MD5.3DFF152846E5B35CB1272BE5757BF275] - (.VMware, Inc. - VMware Converter Service.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479960] [PID.2080] ©
[MD5.BC144B11A82D7090D0E99499BDE5F71E] - (.VMware, Inc. - VMware Converter Service.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960] [PID.2216] ©
[MD5.BC144B11A82D7090D0E99499BDE5F71E] - (.VMware, Inc. - VMware Converter Service.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960] [PID.2240] ©
[MD5.00315DC847778D65728197B63803B523] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [190256] [PID.2396] ©
[MD5.7171B884DA8BFB1CE5C8BAE46D993CB1] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872] [PID.2528] ©
[MD5.03A7980C30E9F00F1EAC752612DC80CE] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\SysWOW64\vmnetdhcp.exe [357016] [PID.2696] ©
[MD5.C4C8A2EC68EDBED15EB7C723F81D591C] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [898640] [PID.2720] ©
[MD5.7B8CFD0EB3ADBF6717AA99B9DC07926F] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\Windows\system32\CNAB4RPD.EXE [63936] [PID.2972] ©
[MD5.BFD9121CD89E09AE53B132D98FA091B9] - (.McAfee, Inc. - McAfee Telemetry Service.) -- C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe [199536] [PID.2176] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4792]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.2152] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.4708] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.3436] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.4488] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4656]
[MD5.45E1121E6BA2D9677B3A61C2E0466B5A] - (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe [215360] [PID.5020] ©
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.3712] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.4960] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.3776] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.3196] ©
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.5304] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.4692] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.3008] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4968]
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.2392] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6172]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.5528] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.6180] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.6108] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.6304] ©
[MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.6068] ©
[MD5.74557BFD04530E512DBB9C151C4DA110] - (.McAfee, Inc. - McAfee.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\McUICnt.exe [499384] [PID.4756] ©
[MD5.74557BFD04530E512DBB9C151C4DA110] - (.McAfee, Inc. - McAfee.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\McUICnt.exe [499384] [PID.5192] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6120]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.4188] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.6684] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.6808] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.3068] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6948]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.6140] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.3116] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.5416] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.3928] ©
[MD5.E17E53F297560C31631C4AC549385AE3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\a.ait abdelmalek\AppData\Roaming\uTorrent\uTorrent.exe [1822048] [PID.7900]
[MD5.9AD0D1AAF2FDBE902FF6AC6F8C858C5F] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\a.ait abdelmalek\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe [336896] [PID.8056]
[MD5.9AD0D1AAF2FDBE902FF6AC6F8C858C5F] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\a.ait abdelmalek\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe [336896] [PID.7120]
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.7428] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.1588]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.7936] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.7908] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.6184] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.5088] ©
[MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.3864] ©
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.2168] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.6264] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.792] ©
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.6424] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.8016]
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.7984] ©
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.5200] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4720]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.8160] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.5592] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.7940] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.6688] ©
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.5180] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6532]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.5240] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.7680] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.5864] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.4144] ©
[MD5.6BDB90D0D8235A746F3C0F554B6F7181] - (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808] [PID.4732] ©
[MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.7948] ©
[MD5.1D45319619579DDA7DE8DE9BB1E3079E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\l.ouyahia\Desktop\ZHPDiag3.exe [1943040] [PID.4788] ©
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 0s
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - EXT: (.IE Tab Team - IE Tab.) -- C:\Users\lma\AppData\Roaming\Mozilla\Firefox\Profiles\61vthw6e.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} ©
---\\ Internet Explorer Extensions, Start, Search (19) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/hardadmin.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (23)
---\\ Browser Helper Object (BHO) (1) - 0s
O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20141210162447.dll ©
---\\ Auto loading programs from Registry and folders (10) - 0s
O4 - HKLM\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE ©
O4 - HKCU\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE ©
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKLM\..\Wow6432Node\Run: [ShStatEXE] . (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe ©
O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe ©
O4 - HKLM\..\Wow6432Node\Run: [tvncontrol] . (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe ©
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE ©
O4 - HKLM\..\Wow6432Node\Run: [vmware-tray.exe] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Cobian Backup 11 interface] . (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe ©
O4 - HKLM\..\Wow6432Node\Run: [McAfeeUpdaterUI] . (.McAfee, Inc. - Common User Interface.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe ©
---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 192.168.90.1,192.168.90.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 192.168.90.1,192.168.90.2
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 192.168.90.1,192.168.90.2
---\\ Extra protocols (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dssrequest [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: gopher [64Bits] - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: sacore [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
---\\ Non Microsoft non disabled Windows Services (18) - 1s
O23 - Service: Apache2.2 (Apache2.2) . (.Apache Software Foundation - Apache HTTP Server.) - C:\xampp\apache\bin\httpd.exe ©
O23 - Service: Cobian Backup 11 Service « Volume Shadow Copy » (cbVSCService11) . (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe ©
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) . (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity - Service.) - C:\Program Files (x86)\Cobian Backup 11\cbService.exe ©
O23 - Service: McAfee SiteAdvisor Enterprise Service (McAfee SiteAdvisor Enterprise Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe ©
O23 - Service: McAfee Framework Service (McAfeeFramework) . (.McAfee, Inc. - Framework Service.) - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe ©
O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ©
O23 - Service: McAfee Task Manager (McTaskManager) . (.McAfee, Inc. - Task Manager.) - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe ©
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Windows\system32\mfevtps.exe ©
O23 - Service: MySQL (MySQL) . (...) - C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini MySQL (.not file.)
O23 - Service: McAfee Product Improvement Program (Telemetryserver) . (.McAfee, Inc. - McAfee Telemetry Service.) - C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe ©
O23 - Service: TightVNC Server (tvnserver) . (.GlavSoft LLC. - TightVNC Server for Windows.) - C:\Program Files (x86)\TightVNC\tvnserver.exe ©
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe ©
O23 - Service: VMware DHCP Service (VMnetDHCP) . (...) - C:\Windows\System32\vmnetdhcp.exe (.not file.)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe ©
O23 - Service: VMware NAT Service (VMware NAT Service) . (...) - C:\Windows\System32\vmnat.exe (.not file.)
O23 - Service: VMware vCenter Converter Standalone Agent (vmware-converter-agent) . (.VMware, Inc. - VMware Converter Service.) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe ©
O23 - Service: VMware vCenter Converter Standalone Server (vmware-converter-server) . (.VMware, Inc. - VMware Converter Service.) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe ©
O23 - Service: VMware vCenter Converter Standalone Worker (vmware-converter-worker) . (.VMware, Inc. - VMware Converter Service.) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe ©
---\\ Task Planned Automatically (2) - 3s
[MD5.00000000000000000000000000000000] [APT] [copieMessagerie] (...) -- C:\Users\lma\Desktop\winscp514\backup.exe (.not file.) [0]
O39 - APT: copieMessagerie - (...) -- C:\Windows\System32\Tasks\copieMessagerie [3234]
---\\ Software installed (64) - 7s
O42 - Logiciel: Canon LBP2900 - (...) [HKLM][64Bits] -- Canon LBP2900
O42 - Logiciel: Canon LBP6020 - (...) [HKLM][64Bits] -- Canon LBP6020
O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM][64Bits] -- {0D94F75A-0EA6-4951-B3AF-B145FA9E05C6} ©
O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin ©
O42 - Logiciel: Areca - (...) [HKLM][64Bits] -- Areca
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: Cobian Backup 11 Gravity - (...) [HKLM][64Bits] -- CobBackup11
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan ©
O42 - Logiciel: Microsoft Report Viewer Redistributable 2008 SP1 - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Report Viewer Redistributable 2008 (KB971119) ©
O42 - Logiciel: Mozilla Firefox (3.5.9) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.5.9) ©
O42 - Logiciel: Mozilla Firefox 12.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 12.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 19.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 19.0.2 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 23.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 23.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 24.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 24.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 25.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 25.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 26.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 26.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 27.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 27.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 28.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 28.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 29.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 29.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 30.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 30.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 31.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 31.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 32.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 32.0.2 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 33.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 33.0.2 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 33.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 33.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 34.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 34.0.5 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 35.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 35.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 35.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 36.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 36.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 37.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 37.0.2 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 38.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 39.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 39.0.3 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0.3 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 fr) ©
O42 - Logiciel: Mozilla Thunderbird 38.3.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 38.3.0 (x86 fr) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: OCS Inventory NG Agent 2.1.1.1 - (.OCS Inventory NG Team.) [HKLM][64Bits] -- OCS Inventory NG Agent
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO ©
O42 - Logiciel: TightVNC 2.0.4 - (.GlavSoft LLC..) [HKLM][64Bits] -- TightVNC ©
O42 - Logiciel: Undelete 360 - (.File Recovery Ltd..) [HKLM][64Bits] -- Undelete 360_is1 ©
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive ©
O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM][64Bits] -- VMware_Workstation ©
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst ©
O42 - Logiciel: Archiveur WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Wireshark 1.10.1 (32-bit) - (.The Wireshark developer community, http://www.wireshark.org.) [HKLM][64Bits] -- Wireshark ©
O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM][64Bits] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249} ©
O42 - Logiciel: McAfee SiteAdvisor Enterprise Plus - (.McAfee, Inc..) [HKLM][64Bits] -- {00FC3F65-86EB-475E-881F-A5B1CF731320} ©
O42 - Logiciel: VMware vSphere Client 5.1 - (.VMware, Inc..) [HKLM][64Bits] -- {09DC364B-A77A-49A0-972B-E43F0DACC5E3} ©
O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM][64Bits] -- {197597A7-AD33-4898-9D8E-73066818B464} ©
O42 - Logiciel: VMware vCenter Converter Standalone - (.VMware, Inc..) [HKLM][64Bits] -- {2BCC4907-4205-4338-BDA5-94F183144C35} ©
O42 - Logiciel: VMware vSphere Client 5.5 - (.VMware, Inc..) [HKLM][64Bits] -- {4CFB0494-2E96-4631-8364-538E2AA91324} ©
O42 - Logiciel: McAfee Virtual Technician - (.McAfee, Inc..) [HKLM][64Bits] -- {755C429E-DAB8-4DA4-83E5-FFC4629AFBA7} ©
O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM][64Bits] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4} ©
O42 - Logiciel: Adobe Reader 8 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A80000000002} ©
O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM][64Bits] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D} ©
O42 - Logiciel: McAfee VirusScan Enterprise - (.McAfee, Inc..) [HKLM][64Bits] -- {CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF} ©
O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM][64Bits] -- {D102611A-6466-4101-A51D-51069303AC65} ©
O42 - Logiciel: McAfee Product Improvement Program - (.McAfee, Inc..) [HKLM][64Bits] -- {D45EAF28-A176-41B3-98B7-20375F0A1ADF} ©
O42 - Logiciel: McAfee Agent - (.McAfee, Inc..) [HKLM][64Bits] -- {EBF3D65F-011E-44D2-8F4F-C74B52682EDD} ©
O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM][64Bits] -- {FFD9383C-01D5-4897-A954-43AF599AED30} ©
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
---\\ HKCU & HKLM Software Keys (64) - 7s
HKLM\SOFTWARE\Wow6432Node\7-Zip
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Areca
HKLM\SOFTWARE\Wow6432Node\CCleaner
HKLM\SOFTWARE\Wow6432Node\CobianSoft
HKLM\SOFTWARE\Wow6432Node\Data Fellows
HKLM\SOFTWARE\Wow6432Node\Elaborate Bytes
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Greatis
HKLM\SOFTWARE\Wow6432Node\hMailServer
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial)
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Network Associates
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\SpeedyPC Software =>PUP.Optional.SpeedyPC
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\ThinPrint
HKLM\SOFTWARE\Wow6432Node\TightVNC
HKLM\SOFTWARE\Wow6432Node\VMware, Inc.
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WinPcap
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\--((Mutex))--
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\AppID
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\ClearApps
HKCU\SOFTWARE\Elaborate Bytes
HKCU\SOFTWARE\Greatis
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Malwarebytes' Anti-Malware
HKCU\SOFTWARE\McAfee
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ORL
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\Regrun
HKCU\SOFTWARE\SpeedyPC Software =>PUP.Optional.SpeedyPC
HKCU\SOFTWARE\Symantec
HKCU\SOFTWARE\undelete360
HKCU\SOFTWARE\VMware
HKCU\SOFTWARE\VMware, Inc.
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\Wireshark
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\xtremeRAT
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint
---\\ Contents of the Common Files folders (136) - 10s
O43 - CFD: 2014/10/14 15:26:35 - [] D -- C:\Program Files (x86)\7-Zip
O43 - CFD: 2014/10/28 14:39:38 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2013/01/28 12:00:57 - [] D -- C:\Program Files (x86)\Advanced Fix 2012
O43 - CFD: 2015/02/10 16:06:04 - [] D -- C:\Program Files (x86)\Areca
O43 - CFD: 2013/08/11 09:50:39 - [0] D -- C:\Program Files (x86)\BackupAssist v7
O43 - CFD: 2013/01/28 09:53:37 - [] D -- C:\Program Files (x86)\CCleaner
O43 - CFD: 2012/01/17 12:50:23 - [] D -- C:\Program Files (x86)\ClearApps
O43 - CFD: 2013/09/23 16:28:13 - [] D -- C:\Program Files (x86)\Cobian Backup 11
O43 - CFD: 2014/10/28 14:39:38 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2013/02/19 09:14:26 - [] D -- C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 2012/12/08 14:33:59 - [] D -- C:\Program Files (x86)\F-Secure
O43 - CFD: 2015/08/09 11:54:30 - [] D -- C:\Program Files (x86)\File Recovery
O43 - CFD: 2013/08/10 12:37:06 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2012/12/03 13:32:42 - [] D -- C:\Program Files (x86)\Ipswitch
O43 - CFD: 2015/02/10 16:26:09 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2015/03/22 12:04:14 - [] D -- C:\Program Files (x86)\McAfee
O43 - CFD: 2014/06/27 22:32:33 - [] D -- C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 2013/08/11 10:55:59 - [] D -- C:\Program Files (x86)\Microsoft SDKs
O43 - CFD: 2013/08/11 11:55:03 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2013/08/11 10:56:06 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
O43 - CFD: 2013/08/11 11:55:26 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/09/27 07:35:07 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/10/13 10:13:48 - [0] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2015/10/13 10:13:47 - [] D -- C:\Program Files (x86)\Mozilla Thunderbird
O43 - CFD: 2012/11/04 10:15:00 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2012/10/31 14:17:51 - [] D -- C:\Program Files (x86)\MySQL
O43 - CFD: 2012/12/18 09:23:25 - [] D -- C:\Program Files (x86)\OCS Inventory Agent
O43 - CFD: 2014/06/09 11:36:57 - [] D -- C:\Program Files (x86)\PowerISO
O43 - CFD: 2012/11/04 10:15:00 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2013/08/11 09:58:46 - [] D -- C:\Program Files (x86)\SQL Server Backup
O43 - CFD: 2013/01/28 09:55:59 - [0] D -- C:\Program Files (x86)\stinger
O43 - CFD: 2015/04/24 19:48:09 - [] D -- C:\Program Files (x86)\TightVNC
O43 - CFD: 2012/12/02 11:00:30 - [] D -- C:\Program Files (x86)\UnHackMe
O43 - CFD: 2009/07/14 06:06:53 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/03/07 11:09:27 - [] D -- C:\Program Files (x86)\VMware
O43 - CFD: 2010/11/21 04:33:07 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2009/07/14 06:37:10 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2012/11/25 08:58:07 - [0] D -- C:\Program Files (x86)\WinMerge
O43 - CFD: 2013/08/25 10:47:27 - [] D -- C:\Program Files (x86)\WinPcap
O43 - CFD: 2012/12/10 15:38:27 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2013/08/25 10:47:35 - [] D -- C:\Program Files (x86)\Wireshark
O43 - CFD: 2014/10/14 15:26:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 2009/07/14 05:58:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/02/25 14:11:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/02/10 16:06:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Areca
O43 - CFD: 2014/04/28 09:10:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bacula
O43 - CFD: 2015/01/15 14:09:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller
O43 - CFD: 2013/09/23 16:28:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
O43 - CFD: 2013/02/19 09:14:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/03/22 12:04:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
O43 - CFD: 2014/06/27 22:32:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 2013/01/23 09:38:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
O43 - CFD: 2013/08/11 11:58:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Inventory Advisor
O43 - CFD: 2012/10/30 09:32:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHP 5
O43 - CFD: 2014/06/09 11:36:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2011/10/30 17:42:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programme de désinstal. imprimante Canon
O43 - CFD: 2014/10/28 14:40:03 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/12/25 10:33:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TightVNC
O43 - CFD: 2014/12/16 11:46:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulteo
O43 - CFD: 2015/08/09 11:54:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360
O43 - CFD: 2015/08/03 10:50:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
O43 - CFD: 2013/08/25 10:47:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 2012/12/10 15:38:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/10/28 14:40:09 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/02/04 10:50:40 - [] D -- C:\ProgramData\APN =>Toolbar.Ask
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2013/08/11 09:20:10 - [] D -- C:\ProgramData\BackupAssist v7
O43 - CFD: 2012/12/08 15:37:12 - [] HD -- C:\ProgramData\CanonBJ
O43 - CFD: 2013/08/11 08:46:23 - [] D -- C:\ProgramData\DataBK
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2011/09/13 11:02:19 - [] D -- C:\ProgramData\GroupPolicy
O43 - CFD: 2013/01/28 12:14:18 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2012/12/03 12:50:02 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/05/06 22:05:22 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2014/06/27 22:32:36 - [] D -- C:\ProgramData\McAfee Security Scan
O43 - CFD: 2013/08/11 11:00:37 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2013/08/11 11:51:37 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2012/10/31 14:17:51 - [] D -- C:\ProgramData\MySQL
O43 - CFD: 2012/12/18 09:22:40 - [] D -- C:\ProgramData\OCS Inventory NG
O43 - CFD: 2015/02/10 16:17:24 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2012/12/02 10:58:22 - [] D -- C:\ProgramData\RegRun
O43 - CFD: 2012/12/02 11:10:38 - [] D -- C:\ProgramData\SpeedyPC Software =>PUP.Optional.SpeedyPC
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/02/23 14:25:57 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2012/11/04 10:10:39 - [] D -- C:\ProgramData\Symantec
O43 - CFD: 2014/06/26 14:42:39 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/12/16 11:46:09 - [] D -- C:\ProgramData\ulteo
O43 - CFD: 2015/09/27 07:35:56 - [] D -- C:\ProgramData\VMware
O43 - CFD: 2014/10/28 14:39:55 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/05/06 22:05:21 - [] D -- C:\Program Files (x86)\Common Files\McAfee
O43 - CFD: 2013/08/11 11:53:48 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2013/05/27 22:27:15 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/08/04 08:50:50 - [] D -- C:\Program Files (x86)\Common Files\VMware
O43 - CFD: 2012/12/27 16:08:28 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2014/10/28 14:40:34 - [] D -- C:\Users\lma\AppData\Roaming\Adobe
O43 - CFD: 2012/12/02 11:05:43 - [] D -- C:\Users\lma\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic
O43 - CFD: 2014/03/06 15:59:26 - [] D -- C:\Users\lma\AppData\Roaming\GretagMacbeth
O43 - CFD: 2012/12/11 17:40:48 - [] D -- C:\Users\lma\AppData\Roaming\Malwarebytes
O43 - CFD: 2012/01/22 08:55:44 - [] D -- C:\Users\lma\AppData\Roaming\McAfee
O43 - CFD: 2015/06/03 12:53:49 - [] SD -- C:\Users\lma\AppData\Roaming\Microsoft
O43 - CFD: 2013/01/23 09:40:44 - [] D -- C:\Users\lma\AppData\Roaming\Mozilla
O43 - CFD: 2012/12/02 11:05:43 - [] D -- C:\Users\lma\AppData\Roaming\SpeedyPC Software =>PUP.Optional.SpeedyPC
O43 - CFD: 2015/10/13 10:14:02 - [] D -- C:\Users\lma\AppData\Roaming\Thunderbird
O43 - CFD: 2014/12/22 09:19:59 - [] D -- C:\Users\lma\AppData\Roaming\TightVNC
O43 - CFD: 2015/10/13 17:14:21 - [] D -- C:\Users\lma\AppData\Roaming\uTorrent
O43 - CFD: 2015/07/30 14:22:05 - [] D -- C:\Users\lma\AppData\Roaming\VMware
O43 - CFD: 2012/12/24 12:15:57 - [0] D -- C:\Users\lma\AppData\Roaming\WinRAR
O43 - CFD: 2015/10/13 17:50:19 - [] D -- C:\Users\lma\AppData\Roaming\ZHP
O43 - CFD: 2012/01/31 16:55:16 - [] D -- C:\Users\lma\AppData\Roaming\ZqWare
O43 - CFD: 2015/08/26 22:03:04 - [] D -- C:\Users\lma\AppData\Local\Adobe
O43 - CFD: 2011/09/06 08:55:27 - [0] SHD -- C:\Users\lma\AppData\Local\Application Data
O43 - CFD: 2013/08/11 10:49:43 - [] D -- C:\Users\lma\AppData\Local\Diagnostics
O43 - CFD: 2013/08/11 09:18:04 - [] D -- C:\Users\lma\AppData\Local\Downloaded Installations
O43 - CFD: 2011/09/06 08:55:27 - [0] SHD -- C:\Users\lma\AppData\Local\History
O43 - CFD: 2013/08/11 11:00:38 - [] D -- C:\Users\lma\AppData\Local\Microsoft
O43 - CFD: 2013/08/11 11:06:11 - [] D -- C:\Users\lma\AppData\Local\Microsoft Help
O43 - CFD: 2013/08/11 11:05:09 - [] D -- C:\Users\lma\AppData\Local\Microsoft_Corporation
O43 - CFD: 2013/01/23 09:40:36 - [] D -- C:\Users\lma\AppData\Local\Mozilla
O43 - CFD: 2013/08/11 08:46:09 - [] D -- C:\Users\lma\AppData\Local\Programs
O43 - CFD: 2013/09/23 15:27:04 - [0] D -- C:\Users\lma\AppData\Local\Safe mirror
O43 - CFD: 2015/10/13 17:49:35 - [] D -- C:\Users\lma\AppData\Local\Temp
O43 - CFD: 2011/09/06 08:55:27 - [0] SHD -- C:\Users\lma\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/10/13 10:14:06 - [] D -- C:\Users\lma\AppData\Local\Thunderbird
O43 - CFD: 2013/08/11 08:46:40 - [] D -- C:\Users\lma\AppData\Local\VirtualStore
O43 - CFD: 2015/08/03 10:36:51 - [] D -- C:\Users\lma\AppData\Local\VMware
O43 - CFD: 2009/07/14 05:58:02 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/08/10 12:39:51 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2009/07/14 05:53:47 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/06/26 15:48:13 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2012/12/24 12:16:07 - [] D -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll ©
---\\ System Drivers List (61) - 7s
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] ©
O58 - SDL:2010/11/21 04:24:00 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] ©
O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] ©
O58 - SDL:2010/11/21 04:24:00 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] ©
O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] ©
O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] ©
O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] ©
O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] ©
O58 - SDL:2010/12/16 23:58:14 A . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys [40816] ©
O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] ©
O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] ©
O58 - SDL:2013/08/05 17:10:48 A . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\drivers\hcmon.sys [52816] ©
O58 - SDL:2010/11/21 04:24:00 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] ©
O58 - SDL:2010/11/21 04:24:00 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] ©
O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] ©
O58 - SDL:2009/06/10 21:34:18 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\Windows\System32\drivers\L1C62x64.sys [57344] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\System32\drivers\mfeapfk.sys [153952] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\System32\drivers\mfeavfk.sys [217696] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\System32\drivers\mfeclnk.sys [9984] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\drivers\mfehidk.sys [607152] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\System32\drivers\mferkdet.sys [97960] ©
O58 - SDL:2013/01/23 09:27:41 A . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\System32\drivers\mfewfpk.sys [281544] ©
O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] ©
O58 - SDL:2013/03/01 02:49:12 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600] ©
O58 - SDL:2010/11/21 04:24:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] ©
O58 - SDL:2010/11/21 04:24:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] ©
O58 - SDL:2009/06/10 21:35:30 A . (.Intel Corporation - Intel(R) 5000 Series Chipsets Integrated De.) -- C:\Windows\System32\drivers\qd260x64.sys [35328] ©
O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] ©
O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] ©
O58 - SDL:2012/02/09 07:06:36 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [125376] ©
O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] ©
O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] ©
O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] ©
O58 - SDL:2011/01/15 17:21:04 A . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\Windows\System32\drivers\VClone.sys [36352] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] ©
O58 - SDL:2012/07/06 12:29:52 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\drivers\vmci.sys [85104] ©
O58 - SDL:2012/08/15 15:16:50 A . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\Windows\System32\drivers\vmnet.sys [24216] ©
O58 - SDL:2012/08/15 15:16:50 A . (.VMware, Inc. - VMware virtual network adapter driver (64-b.) -- C:\Windows\System32\drivers\vmnetadapter.sys [20120] ©
O58 - SDL:2012/08/15 15:16:52 A . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\Windows\System32\drivers\vmnetbridge.sys [45720] ©
O58 - SDL:2012/08/15 15:18:08 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\Windows\System32\drivers\vmnetuserif.sys [30360] ©
O58 - SDL:2012/08/15 15:18:00 A . (.VMware, Inc. - VMware parallel port driver.) -- C:\Windows\System32\drivers\VMparport.sys [31384] ©
O58 - SDL:2012/08/15 15:18:16 A . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\drivers\vmx86.sys [67224] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] ©
O58 - SDL:2012/07/06 12:29:52 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\Windows\System32\drivers\vsock.sys [70256] ©
---\\ Last modified or created user files (3) - 5s
O61 - LFC: 2015/10/13 16:18:34 A . (.BitTorrent Inc..) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe [1822048]
O61 - LFC: 2015/10/13 15:57:26 A . (.BitTorrent Inc..) -- C:\Users\lma\AppData\Roaming\uTorrent\updates\3.4.5_41202.exe [1822048]
O61 - LFC: 2015/10/13 16:18:39 A . (.BitTorrent Inc..) -- C:\Users\lma\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe [336896]
---\\ File Associations Shell Spawning (11) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ©
---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
---\\ Search Browser Infection (1) - 10s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [853504] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [679424] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] ©
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2428952] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569856] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] ©
O83 - Search Svchost Services: sacsvr (sacsvr) . (.Microsoft Corporation - Microsoft EMS SAC Service.) -- C:\Windows\system32\sacsvr.dll [14848] ©
---\\ Firewall Active Exception List (23) - 4s
O87 - FAEL: "{F2663557-4ED2-4D86-A311-C142AFEFAFDC}" [In-None-P6-TRUE] .(...) -- C:\Program Files\UrBackupServer\urbackup_srv.exe (.not file.)
O87 - FAEL: "{B4350734-1AED-461E-A357-AE65BD3CC0E7}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.)
O87 - FAEL: "{55B9D3EC-4DBC-419C-8AB3-46ED64366719}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.)
O87 - FAEL: "{813E98E3-40C8-413C-B064-ABC4C9F0D0A6}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.)
O87 - FAEL: "{9AC7940E-BA60-4CB3-AD66-065A84CE2ABD}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.)
O87 - FAEL: "{F3319443-B85C-4B26-A273-156EEEDBBE21}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.)
O87 - FAEL: "{DEB98E7D-06D7-478D-805D-7289FBD81A23}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.)
O87 - FAEL: "{A93549A8-FA57-45C5-A466-C17782927F95}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.)
O87 - FAEL: "{4E1BD04D-6B1F-462C-A964-03152ACB637D}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.)
O87 - FAEL: "{6935D6D3-4E75-43E5-BB5F-B4B92725739B}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.)
O87 - FAEL: "{C51BDCF4-F1C5-48A3-91A6-3CBAED59E879}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.)
O87 - FAEL: "{ECD2C1A2-10BE-4DC8-983A-F0FEEF40F5D9}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.)
O87 - FAEL: "{9F9602AF-E7EC-40F8-9345-8B56E129F894}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.)
O87 - FAEL: "{84C83B07-7C1D-4711-8AA0-335C1B44E0DD}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.)
O87 - FAEL: "{9B5105A5-7A4A-4EA8-BC36-63F2D76B1834}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.)
O87 - FAEL: "{CEBCCA6F-7589-48A5-AE6D-C68B7570C738}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.)
O87 - FAEL: "{193113DC-0388-4D0C-918E-CDF4E0C2C9D3}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.)
O87 - FAEL: "{85217454-9AE5-45AE-BA22-985600B50DEB}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O87 - FAEL: "{BB2447DA-92AC-46AC-88CF-5F3E69714431}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O87 - FAEL: "{90940932-AAC0-41EA-9145-66E9C5839175}" [In-None-P6-TRUE] .(.TightVNC Group - vncviewer.) -- C:\Program Files (x86)\TightVNC\vncviewer.exe
O87 - FAEL: "{E09F0684-0A6D-4748-A788-AA113D574C3B}" [In-None-P17-TRUE] .(.TightVNC Group - vncviewer.) -- C:\Program Files (x86)\TightVNC\vncviewer.exe
O87 - FAEL: "{63061250-530A-4AFB-8033-9E97A3FCDEC7}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{FD98D73E-F063-443C-A14D-EA0886771845}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe
---\\ Services not Microsoft (SR=Run, SS=Stop) (20) - 15s
SS - Demand [2014/09/09 23:14:51] [ 267440] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ©
SS - Auto [2011/09/10 12:43:18] [ 18432] Apache2.2 (Apache2.2) . (.Apache Software Foundation.) - C:\xampp\apache\bin\httpd.exe ©
SR - Auto [2013/03/07 23:07:36] [ 67584] Cobian Backup 11 Service « Volume Shadow Copy » (cbVSCService11) . (.CobianSoft, Luis Cobian.) - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe ©
SR - Auto [2013/03/07 23:27:02] [ 1131008] Cobian Backup 11 Gravity (CobianBackup11) . (.Luis Cobian, CobianSoft.) - C:\Program Files (x86)\Cobian Backup 11\cbService.exe ©
SR - Auto [2010/03/25 14:20:06] [ 226624] McAfee SiteAdvisor Enterprise Service (McAfee SiteAdvisor Enterprise Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe ©
SR - Auto [2013/12/04 16:08:00] [ 127520] McAfee Framework Service (McAfeeFramework) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe ©
SS - Demand [2014/04/09 14:12:50] [ 235696] McAfee Security Scan Component Host Service (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\3.8.150\McCHSvc.exe ©
SR - Auto [2013/01/23 09:27:40] [ 190256] McAfee McShield (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ©
SR - Auto [2011/01/12 20:46:36] [ 209760] McAfee Task Manager (McTaskManager) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe ©
SR - Auto [2013/01/23 09:27:40] [ 156248] McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe ©
SS - Demand [2013/03/01 02:48:58] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe ©
SR - Auto [2015/05/08 18:05:44] [ 199536] McAfee Product Improvement Program (Telemetryserver) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe ©
SR - Auto [2011/08/03 14:23:54] [ 828944] TightVNC Server (tvnserver) . (.GlavSoft LLC..) - C:\Program Files (x86)\TightVNC\tvnserver.exe ©
SR - Auto [2012/08/15 13:19:58] [ 79872] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe ©
SR - Auto [2013/08/05 17:10:56] [ 898640] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe ©
SR - Auto [2014/03/19 05:23:24] [ 479960] VMware vCenter Converter Standalone Agent (vmware-converter-agent) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe ©
SR - Auto [2014/03/19 05:25:16] [ 479960] VMware vCenter Converter Standalone Server (vmware-converter-server) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe ©
SR - Auto [2014/03/19 05:25:16] [ 479960] VMware vCenter Converter Standalone Worker (vmware-converter-worker) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe ©
SS - Demand [2012/08/15 14:36:34] [15680000] VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
---\\ Search Tracing Registry Key (4) - 3s
HKLM\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASAPI32 =>.Superfluous.SpyHunter
HKLM\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASMANCS =>.Superfluous.SpyHunter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASAPI32 =>PUP.Optional.SpeedyPC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASMANCS =>PUP.Optional.SpeedyPC
---\\ Additional Scan (O88) (10) - 0s
HKLM\SOFTWARE\Wow6432Node\SpeedyPC Software =>PUP.Optional.SpeedyPC
HKCU\SOFTWARE\SpeedyPC Software =>PUP.Optional.SpeedyPC
C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\SpeedyPC Software =>PUP.Optional.SpeedyPC
C:\Users\lma\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic
C:\Users\lma\AppData\Roaming\SpeedyPC Software =>PUP.Optional.SpeedyPC
HKLM64\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASAPI32 =>.Superfluous.SpyHunter
HKLM64\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASMANCS =>.Superfluous.SpyHunter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASAPI32 =>PUP.Optional.SpeedyPC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASMANCS =>PUP.Optional.SpeedyPC
---\\ Summary of the elements found (4) - 0s
http://www.nicolascoolman.fr/28224126-pup-speedypc/ =>PUP.Optional.SpeedyPC
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/blog =>PUP.Optional.Paretologic
http://www.nicolascoolman.fr/blog =>.Superfluous.SpyHunter
~ End of the scan, 20783 items in 108 seconds (710)(0)()
~ Run by lma (Administrator) (2015/10/13 17:49:47)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\lma\Desktop\ZHPDiag.txt
~ Report: C:\Users\lma\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 2008R2, 64-bit Service Pack 1 (Build 7601)
---\\ Internet Browsers (2) - 0s
MFIE: Mozilla Firefox (3.5.9) v3.5.9 (fr)
MSIE: Internet Explorer v8.0.7601.17514
---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (1) - 7s
McAfee VirusScan Enterprise v8.8.00000
---\\ System protection software (Superfluous) (1) - 7s
McAfee Security Scan Plus v3.8.150.1
---\\ System optimization software (1) - 7s
CCleaner
---\\ Surveillance software (2) - 7s
Adobe Flash Player 15 Plugin
Adobe Reader 8 - Français
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4183.544 MB (31% free)
~ System Restore: Activé (Enable)
~ System drive C: has 41 GB free of 100 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: SRV-PARTAGE
~ User Name: lma
~ Logged in as Administrator
---\\ Enumeration of the disk units (5) - 6s
~ Drive C: has 41 GB free of 100 GB (System)
~ Drive E: has 76 GB free of 422 GB
~ Drive F: has 51 GB free of 429 GB
~ Drive G: has 45 GB free of 953 GB
~ Drive H: has 144 GB free of 610 GB
---\\ State of the Windows Security Center (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (25) - 5s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2872320] ©
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568] ©
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [129024] ©
[MD5.5285BD77AD596B645150073F61EC8466] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [1188864] ©
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [390656] ©
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [232448] ©
[MD5.492D07D79E7024CA310867B526D9636D] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\Windows\System32\dnsapi.dll [357888] ©
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\Windows\Syswow64\dnsapi.dll [270336] ©
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [498688] ©
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128] ©
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160] ©
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456] ©
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400] ©
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368] ©
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472] ©
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224] ©
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208] ©
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632] ©
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1656680] ©
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [97280] ©
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] ©
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888] ©
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184] ©
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296] ©
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [295808] ©
---\\ Process running (84) - 6s
[MD5.58BF7714A312698108A96D0DE2BB6825] - (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) -- C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584] [PID.1372] ©
[MD5.7EA8AC41A2E8426EC7079C44DBA1D254] - (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity - Service.) -- C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008] [PID.1508] ©
[MD5.20F77F14FE972AA028454047632B2AC8] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [226624] [PID.1604] ©
[MD5.EDEF631EF2E0C8D7A208C383816C055C] - (.McAfee, Inc. - Framework Service.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [127520] [PID.1672] ©
[MD5.113C20EB4982C5670F49718441BEE76D] - (.McAfee, Inc. - Task Manager.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760] [PID.1736] ©
[MD5.45F1580C7C9F49A68B72EF2CCEFEF3A3] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\Windows\system32\mfevtps.exe [156248] [PID.1768] ©
[MD5.54BAAF892AB8F092BD22CACCB5D98495] - (.McAfee, Inc. - VSCore Announcer.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe [33648] [PID.1888] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.1956] ©
[MD5.2FE9CCA70947F9E0F00FBD0189A3615C] - (.McAfee, Inc. - NAI Product Manager.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe [338976] [PID.2016] ©
[MD5.F1D29D9C5DB9C144769F5CD7212BE555] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\SysWOW64\vmnat.exe [435864] [PID.1480] ©
[MD5.3DFF152846E5B35CB1272BE5757BF275] - (.VMware, Inc. - VMware Converter Service.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [479960] [PID.2080] ©
[MD5.BC144B11A82D7090D0E99499BDE5F71E] - (.VMware, Inc. - VMware Converter Service.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960] [PID.2216] ©
[MD5.BC144B11A82D7090D0E99499BDE5F71E] - (.VMware, Inc. - VMware Converter Service.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [479960] [PID.2240] ©
[MD5.00315DC847778D65728197B63803B523] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [190256] [PID.2396] ©
[MD5.7171B884DA8BFB1CE5C8BAE46D993CB1] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872] [PID.2528] ©
[MD5.03A7980C30E9F00F1EAC752612DC80CE] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\SysWOW64\vmnetdhcp.exe [357016] [PID.2696] ©
[MD5.C4C8A2EC68EDBED15EB7C723F81D591C] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [898640] [PID.2720] ©
[MD5.7B8CFD0EB3ADBF6717AA99B9DC07926F] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\Windows\system32\CNAB4RPD.EXE [63936] [PID.2972] ©
[MD5.BFD9121CD89E09AE53B132D98FA091B9] - (.McAfee, Inc. - McAfee Telemetry Service.) -- C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe [199536] [PID.2176] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4792]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.2152] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.4708] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.3436] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.4488] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4656]
[MD5.45E1121E6BA2D9677B3A61C2E0466B5A] - (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe [215360] [PID.5020] ©
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.3712] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.4960] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.3776] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.3196] ©
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.5304] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.4692] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.3008] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4968]
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.2392] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6172]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.5528] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.6180] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.6108] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.6304] ©
[MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.6068] ©
[MD5.74557BFD04530E512DBB9C151C4DA110] - (.McAfee, Inc. - McAfee.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\McUICnt.exe [499384] [PID.4756] ©
[MD5.74557BFD04530E512DBB9C151C4DA110] - (.McAfee, Inc. - McAfee.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\McUICnt.exe [499384] [PID.5192] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6120]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.4188] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.6684] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.6808] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.3068] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6948]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.6140] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.3116] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.5416] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.3928] ©
[MD5.E17E53F297560C31631C4AC549385AE3] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\a.ait abdelmalek\AppData\Roaming\uTorrent\uTorrent.exe [1822048] [PID.7900]
[MD5.9AD0D1AAF2FDBE902FF6AC6F8C858C5F] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\a.ait abdelmalek\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe [336896] [PID.8056]
[MD5.9AD0D1AAF2FDBE902FF6AC6F8C858C5F] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\a.ait abdelmalek\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe [336896] [PID.7120]
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.7428] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.1588]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.7936] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.7908] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.6184] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.5088] ©
[MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.3864] ©
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.2168] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.6264] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.792] ©
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.6424] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.8016]
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.7984] ©
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.5200] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.4720]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.8160] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.5592] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.7940] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.6688] ©
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.5180] ©
[MD5.AAEFE949189D87494B69A585A9FBC20E] - (.OCS Inventory NG - OCS Inventory NG Systray applet.) -- C:\Program Files (x86)\OCS Inventory Agent\OcsSystray.exe [76800] [PID.6532]
[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.5240] ©
[MD5.AAF458CC200326BEF602B5339400BF86] - (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe [828944] [PID.7680] ©
[MD5.0BF81A48DC987D27359C6B7C404E7356] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376] [PID.5864] ©
[MD5.2583F9A2B7309D586F8E8AD81C3F7C51] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104088] [PID.4144] ©
[MD5.6BDB90D0D8235A746F3C0F554B6F7181] - (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808] [PID.4732] ©
[MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.7948] ©
[MD5.1D45319619579DDA7DE8DE9BB1E3079E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\l.ouyahia\Desktop\ZHPDiag3.exe [1943040] [PID.4788] ©
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 0s
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - EXT: (.IE Tab Team - IE Tab.) -- C:\Users\lma\AppData\Roaming\Mozilla\Firefox\Profiles\61vthw6e.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} ©
---\\ Internet Explorer Extensions, Start, Search (19) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/hardadmin.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (23)
---\\ Browser Helper Object (BHO) (1) - 0s
O2 - BHO: scriptproxy [64Bits] - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20141210162447.dll ©
---\\ Auto loading programs from Registry and folders (10) - 0s
O4 - HKLM\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE ©
O4 - HKCU\..\Run: [CNAP2 Launcher] . (.CANON INC. - Canon Advanced Printing Technology Printer.) -- C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE ©
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKLM\..\Wow6432Node\Run: [ShStatEXE] . (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe ©
O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe ©
O4 - HKLM\..\Wow6432Node\Run: [tvncontrol] . (.GlavSoft LLC. - TightVNC Server for Windows.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe ©
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE ©
O4 - HKLM\..\Wow6432Node\Run: [vmware-tray.exe] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Cobian Backup 11 interface] . (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe ©
O4 - HKLM\..\Wow6432Node\Run: [McAfeeUpdaterUI] . (.McAfee, Inc. - Common User Interface.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe ©
---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 192.168.90.1,192.168.90.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 192.168.90.1,192.168.90.2
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 192.168.90.1,192.168.90.2
---\\ Extra protocols (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dssrequest [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: gopher [64Bits] - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: sacore [64Bits] - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
---\\ Non Microsoft non disabled Windows Services (18) - 1s
O23 - Service: Apache2.2 (Apache2.2) . (.Apache Software Foundation - Apache HTTP Server.) - C:\xampp\apache\bin\httpd.exe ©
O23 - Service: Cobian Backup 11 Service « Volume Shadow Copy » (cbVSCService11) . (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe ©
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) . (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity - Service.) - C:\Program Files (x86)\Cobian Backup 11\cbService.exe ©
O23 - Service: McAfee SiteAdvisor Enterprise Service (McAfee SiteAdvisor Enterprise Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe ©
O23 - Service: McAfee Framework Service (McAfeeFramework) . (.McAfee, Inc. - Framework Service.) - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe ©
O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ©
O23 - Service: McAfee Task Manager (McTaskManager) . (.McAfee, Inc. - Task Manager.) - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe ©
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Windows\system32\mfevtps.exe ©
O23 - Service: MySQL (MySQL) . (...) - C:\Program Files (x86)\MySQL\MySQL Server 5.1\bin\mysqld --defaults-file=C:\Program Files (x86)\MySQL\MySQL Server 5.1\my.ini MySQL (.not file.)
O23 - Service: McAfee Product Improvement Program (Telemetryserver) . (.McAfee, Inc. - McAfee Telemetry Service.) - C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe ©
O23 - Service: TightVNC Server (tvnserver) . (.GlavSoft LLC. - TightVNC Server for Windows.) - C:\Program Files (x86)\TightVNC\tvnserver.exe ©
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe ©
O23 - Service: VMware DHCP Service (VMnetDHCP) . (...) - C:\Windows\System32\vmnetdhcp.exe (.not file.)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe ©
O23 - Service: VMware NAT Service (VMware NAT Service) . (...) - C:\Windows\System32\vmnat.exe (.not file.)
O23 - Service: VMware vCenter Converter Standalone Agent (vmware-converter-agent) . (.VMware, Inc. - VMware Converter Service.) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe ©
O23 - Service: VMware vCenter Converter Standalone Server (vmware-converter-server) . (.VMware, Inc. - VMware Converter Service.) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe ©
O23 - Service: VMware vCenter Converter Standalone Worker (vmware-converter-worker) . (.VMware, Inc. - VMware Converter Service.) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe ©
---\\ Task Planned Automatically (2) - 3s
[MD5.00000000000000000000000000000000] [APT] [copieMessagerie] (...) -- C:\Users\lma\Desktop\winscp514\backup.exe (.not file.) [0]
O39 - APT: copieMessagerie - (...) -- C:\Windows\System32\Tasks\copieMessagerie [3234]
---\\ Software installed (64) - 7s
O42 - Logiciel: Canon LBP2900 - (...) [HKLM][64Bits] -- Canon LBP2900
O42 - Logiciel: Canon LBP6020 - (...) [HKLM][64Bits] -- Canon LBP6020
O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM][64Bits] -- {0D94F75A-0EA6-4951-B3AF-B145FA9E05C6} ©
O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin ©
O42 - Logiciel: Areca - (...) [HKLM][64Bits] -- Areca
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: Cobian Backup 11 Gravity - (...) [HKLM][64Bits] -- CobBackup11
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan ©
O42 - Logiciel: Microsoft Report Viewer Redistributable 2008 SP1 - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Report Viewer Redistributable 2008 (KB971119) ©
O42 - Logiciel: Mozilla Firefox (3.5.9) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox (3.5.9) ©
O42 - Logiciel: Mozilla Firefox 12.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 12.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 19.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 19.0.2 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 23.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 23.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 23.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 24.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 24.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 25.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 25.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 26.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 26.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 27.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 27.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 28.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 28.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 29.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 29.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 29.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 30.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 30.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 31.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 31.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 32.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 32.0.2 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 33.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 33.0.2 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 33.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 33.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 34.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 34.0.5 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 35.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 35.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 35.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 36.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 36.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 37.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 37.0.2 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 38.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.1 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 39.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 39.0.3 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0.3 (x86 fr) ©
O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 fr) ©
O42 - Logiciel: Mozilla Thunderbird 38.3.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 38.3.0 (x86 fr) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: OCS Inventory NG Agent 2.1.1.1 - (.OCS Inventory NG Team.) [HKLM][64Bits] -- OCS Inventory NG Agent
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO ©
O42 - Logiciel: TightVNC 2.0.4 - (.GlavSoft LLC..) [HKLM][64Bits] -- TightVNC ©
O42 - Logiciel: Undelete 360 - (.File Recovery Ltd..) [HKLM][64Bits] -- Undelete 360_is1 ©
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive ©
O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM][64Bits] -- VMware_Workstation ©
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst ©
O42 - Logiciel: Archiveur WinRAR - (...) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Wireshark 1.10.1 (32-bit) - (.The Wireshark developer community, http://www.wireshark.org.) [HKLM][64Bits] -- Wireshark ©
O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM][64Bits] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249} ©
O42 - Logiciel: McAfee SiteAdvisor Enterprise Plus - (.McAfee, Inc..) [HKLM][64Bits] -- {00FC3F65-86EB-475E-881F-A5B1CF731320} ©
O42 - Logiciel: VMware vSphere Client 5.1 - (.VMware, Inc..) [HKLM][64Bits] -- {09DC364B-A77A-49A0-972B-E43F0DACC5E3} ©
O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM][64Bits] -- {197597A7-AD33-4898-9D8E-73066818B464} ©
O42 - Logiciel: VMware vCenter Converter Standalone - (.VMware, Inc..) [HKLM][64Bits] -- {2BCC4907-4205-4338-BDA5-94F183144C35} ©
O42 - Logiciel: VMware vSphere Client 5.5 - (.VMware, Inc..) [HKLM][64Bits] -- {4CFB0494-2E96-4631-8364-538E2AA91324} ©
O42 - Logiciel: McAfee Virtual Technician - (.McAfee, Inc..) [HKLM][64Bits] -- {755C429E-DAB8-4DA4-83E5-FFC4629AFBA7} ©
O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM][64Bits] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4} ©
O42 - Logiciel: Adobe Reader 8 - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-A80000000002} ©
O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM][64Bits] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D} ©
O42 - Logiciel: McAfee VirusScan Enterprise - (.McAfee, Inc..) [HKLM][64Bits] -- {CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF} ©
O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM][64Bits] -- {D102611A-6466-4101-A51D-51069303AC65} ©
O42 - Logiciel: McAfee Product Improvement Program - (.McAfee, Inc..) [HKLM][64Bits] -- {D45EAF28-A176-41B3-98B7-20375F0A1ADF} ©
O42 - Logiciel: McAfee Agent - (.McAfee, Inc..) [HKLM][64Bits] -- {EBF3D65F-011E-44D2-8F4F-C74B52682EDD} ©
O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM][64Bits] -- {FFD9383C-01D5-4897-A954-43AF599AED30} ©
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
---\\ HKCU & HKLM Software Keys (64) - 7s
HKLM\SOFTWARE\Wow6432Node\7-Zip
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Areca
HKLM\SOFTWARE\Wow6432Node\CCleaner
HKLM\SOFTWARE\Wow6432Node\CobianSoft
HKLM\SOFTWARE\Wow6432Node\Data Fellows
HKLM\SOFTWARE\Wow6432Node\Elaborate Bytes
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Greatis
HKLM\SOFTWARE\Wow6432Node\hMailServer
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial)
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Network Associates
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\SpeedyPC Software =>PUP.Optional.SpeedyPC
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\ThinPrint
HKLM\SOFTWARE\Wow6432Node\TightVNC
HKLM\SOFTWARE\Wow6432Node\VMware, Inc.
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WinPcap
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\--((Mutex))--
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\AppID
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\ClearApps
HKCU\SOFTWARE\Elaborate Bytes
HKCU\SOFTWARE\Greatis
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Malwarebytes' Anti-Malware
HKCU\SOFTWARE\McAfee
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ORL
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\Regrun
HKCU\SOFTWARE\SpeedyPC Software =>PUP.Optional.SpeedyPC
HKCU\SOFTWARE\Symantec
HKCU\SOFTWARE\undelete360
HKCU\SOFTWARE\VMware
HKCU\SOFTWARE\VMware, Inc.
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\Wireshark
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\xtremeRAT
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint
---\\ Contents of the Common Files folders (136) - 10s
O43 - CFD: 2014/10/14 15:26:35 - [] D -- C:\Program Files (x86)\7-Zip
O43 - CFD: 2014/10/28 14:39:38 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2013/01/28 12:00:57 - [] D -- C:\Program Files (x86)\Advanced Fix 2012
O43 - CFD: 2015/02/10 16:06:04 - [] D -- C:\Program Files (x86)\Areca
O43 - CFD: 2013/08/11 09:50:39 - [0] D -- C:\Program Files (x86)\BackupAssist v7
O43 - CFD: 2013/01/28 09:53:37 - [] D -- C:\Program Files (x86)\CCleaner
O43 - CFD: 2012/01/17 12:50:23 - [] D -- C:\Program Files (x86)\ClearApps
O43 - CFD: 2013/09/23 16:28:13 - [] D -- C:\Program Files (x86)\Cobian Backup 11
O43 - CFD: 2014/10/28 14:39:38 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2013/02/19 09:14:26 - [] D -- C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 2012/12/08 14:33:59 - [] D -- C:\Program Files (x86)\F-Secure
O43 - CFD: 2015/08/09 11:54:30 - [] D -- C:\Program Files (x86)\File Recovery
O43 - CFD: 2013/08/10 12:37:06 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2012/12/03 13:32:42 - [] D -- C:\Program Files (x86)\Ipswitch
O43 - CFD: 2015/02/10 16:26:09 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2015/03/22 12:04:14 - [] D -- C:\Program Files (x86)\McAfee
O43 - CFD: 2014/06/27 22:32:33 - [] D -- C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 2013/08/11 10:55:59 - [] D -- C:\Program Files (x86)\Microsoft SDKs
O43 - CFD: 2013/08/11 11:55:03 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2013/08/11 10:56:06 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
O43 - CFD: 2013/08/11 11:55:26 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/09/27 07:35:07 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/10/13 10:13:48 - [0] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2015/10/13 10:13:47 - [] D -- C:\Program Files (x86)\Mozilla Thunderbird
O43 - CFD: 2012/11/04 10:15:00 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2012/10/31 14:17:51 - [] D -- C:\Program Files (x86)\MySQL
O43 - CFD: 2012/12/18 09:23:25 - [] D -- C:\Program Files (x86)\OCS Inventory Agent
O43 - CFD: 2014/06/09 11:36:57 - [] D -- C:\Program Files (x86)\PowerISO
O43 - CFD: 2012/11/04 10:15:00 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2013/08/11 09:58:46 - [] D -- C:\Program Files (x86)\SQL Server Backup
O43 - CFD: 2013/01/28 09:55:59 - [0] D -- C:\Program Files (x86)\stinger
O43 - CFD: 2015/04/24 19:48:09 - [] D -- C:\Program Files (x86)\TightVNC
O43 - CFD: 2012/12/02 11:00:30 - [] D -- C:\Program Files (x86)\UnHackMe
O43 - CFD: 2009/07/14 06:06:53 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/03/07 11:09:27 - [] D -- C:\Program Files (x86)\VMware
O43 - CFD: 2010/11/21 04:33:07 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2009/07/14 06:37:10 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2012/11/25 08:58:07 - [0] D -- C:\Program Files (x86)\WinMerge
O43 - CFD: 2013/08/25 10:47:27 - [] D -- C:\Program Files (x86)\WinPcap
O43 - CFD: 2012/12/10 15:38:27 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2013/08/25 10:47:35 - [] D -- C:\Program Files (x86)\Wireshark
O43 - CFD: 2014/10/14 15:26:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 2009/07/14 05:58:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/02/25 14:11:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/02/10 16:06:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Areca
O43 - CFD: 2014/04/28 09:10:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bacula
O43 - CFD: 2015/01/15 14:09:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller
O43 - CFD: 2013/09/23 16:28:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
O43 - CFD: 2013/02/19 09:14:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/03/22 12:04:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
O43 - CFD: 2014/06/27 22:32:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 2013/01/23 09:38:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
O43 - CFD: 2013/08/11 11:58:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Inventory Advisor
O43 - CFD: 2012/10/30 09:32:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHP 5
O43 - CFD: 2014/06/09 11:36:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2011/10/30 17:42:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programme de désinstal. imprimante Canon
O43 - CFD: 2014/10/28 14:40:03 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/12/25 10:33:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TightVNC
O43 - CFD: 2014/12/16 11:46:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulteo
O43 - CFD: 2015/08/09 11:54:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360
O43 - CFD: 2015/08/03 10:50:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
O43 - CFD: 2013/08/25 10:47:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 2012/12/10 15:38:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/10/28 14:40:09 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/02/04 10:50:40 - [] D -- C:\ProgramData\APN =>Toolbar.Ask
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2013/08/11 09:20:10 - [] D -- C:\ProgramData\BackupAssist v7
O43 - CFD: 2012/12/08 15:37:12 - [] HD -- C:\ProgramData\CanonBJ
O43 - CFD: 2013/08/11 08:46:23 - [] D -- C:\ProgramData\DataBK
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2011/09/13 11:02:19 - [] D -- C:\ProgramData\GroupPolicy
O43 - CFD: 2013/01/28 12:14:18 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2012/12/03 12:50:02 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/05/06 22:05:22 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2014/06/27 22:32:36 - [] D -- C:\ProgramData\McAfee Security Scan
O43 - CFD: 2013/08/11 11:00:37 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2013/08/11 11:51:37 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2012/10/31 14:17:51 - [] D -- C:\ProgramData\MySQL
O43 - CFD: 2012/12/18 09:22:40 - [] D -- C:\ProgramData\OCS Inventory NG
O43 - CFD: 2015/02/10 16:17:24 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2012/12/02 10:58:22 - [] D -- C:\ProgramData\RegRun
O43 - CFD: 2012/12/02 11:10:38 - [] D -- C:\ProgramData\SpeedyPC Software =>PUP.Optional.SpeedyPC
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/02/23 14:25:57 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2012/11/04 10:10:39 - [] D -- C:\ProgramData\Symantec
O43 - CFD: 2014/06/26 14:42:39 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 2009/07/14 06:06:44 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/12/16 11:46:09 - [] D -- C:\ProgramData\ulteo
O43 - CFD: 2015/09/27 07:35:56 - [] D -- C:\ProgramData\VMware
O43 - CFD: 2014/10/28 14:39:55 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/05/06 22:05:21 - [] D -- C:\Program Files (x86)\Common Files\McAfee
O43 - CFD: 2013/08/11 11:53:48 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2013/05/27 22:27:15 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/08/04 08:50:50 - [] D -- C:\Program Files (x86)\Common Files\VMware
O43 - CFD: 2012/12/27 16:08:28 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2014/10/28 14:40:34 - [] D -- C:\Users\lma\AppData\Roaming\Adobe
O43 - CFD: 2012/12/02 11:05:43 - [] D -- C:\Users\lma\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic
O43 - CFD: 2014/03/06 15:59:26 - [] D -- C:\Users\lma\AppData\Roaming\GretagMacbeth
O43 - CFD: 2012/12/11 17:40:48 - [] D -- C:\Users\lma\AppData\Roaming\Malwarebytes
O43 - CFD: 2012/01/22 08:55:44 - [] D -- C:\Users\lma\AppData\Roaming\McAfee
O43 - CFD: 2015/06/03 12:53:49 - [] SD -- C:\Users\lma\AppData\Roaming\Microsoft
O43 - CFD: 2013/01/23 09:40:44 - [] D -- C:\Users\lma\AppData\Roaming\Mozilla
O43 - CFD: 2012/12/02 11:05:43 - [] D -- C:\Users\lma\AppData\Roaming\SpeedyPC Software =>PUP.Optional.SpeedyPC
O43 - CFD: 2015/10/13 10:14:02 - [] D -- C:\Users\lma\AppData\Roaming\Thunderbird
O43 - CFD: 2014/12/22 09:19:59 - [] D -- C:\Users\lma\AppData\Roaming\TightVNC
O43 - CFD: 2015/10/13 17:14:21 - [] D -- C:\Users\lma\AppData\Roaming\uTorrent
O43 - CFD: 2015/07/30 14:22:05 - [] D -- C:\Users\lma\AppData\Roaming\VMware
O43 - CFD: 2012/12/24 12:15:57 - [0] D -- C:\Users\lma\AppData\Roaming\WinRAR
O43 - CFD: 2015/10/13 17:50:19 - [] D -- C:\Users\lma\AppData\Roaming\ZHP
O43 - CFD: 2012/01/31 16:55:16 - [] D -- C:\Users\lma\AppData\Roaming\ZqWare
O43 - CFD: 2015/08/26 22:03:04 - [] D -- C:\Users\lma\AppData\Local\Adobe
O43 - CFD: 2011/09/06 08:55:27 - [0] SHD -- C:\Users\lma\AppData\Local\Application Data
O43 - CFD: 2013/08/11 10:49:43 - [] D -- C:\Users\lma\AppData\Local\Diagnostics
O43 - CFD: 2013/08/11 09:18:04 - [] D -- C:\Users\lma\AppData\Local\Downloaded Installations
O43 - CFD: 2011/09/06 08:55:27 - [0] SHD -- C:\Users\lma\AppData\Local\History
O43 - CFD: 2013/08/11 11:00:38 - [] D -- C:\Users\lma\AppData\Local\Microsoft
O43 - CFD: 2013/08/11 11:06:11 - [] D -- C:\Users\lma\AppData\Local\Microsoft Help
O43 - CFD: 2013/08/11 11:05:09 - [] D -- C:\Users\lma\AppData\Local\Microsoft_Corporation
O43 - CFD: 2013/01/23 09:40:36 - [] D -- C:\Users\lma\AppData\Local\Mozilla
O43 - CFD: 2013/08/11 08:46:09 - [] D -- C:\Users\lma\AppData\Local\Programs
O43 - CFD: 2013/09/23 15:27:04 - [0] D -- C:\Users\lma\AppData\Local\Safe mirror
O43 - CFD: 2015/10/13 17:49:35 - [] D -- C:\Users\lma\AppData\Local\Temp
O43 - CFD: 2011/09/06 08:55:27 - [0] SHD -- C:\Users\lma\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/10/13 10:14:06 - [] D -- C:\Users\lma\AppData\Local\Thunderbird
O43 - CFD: 2013/08/11 08:46:40 - [] D -- C:\Users\lma\AppData\Local\VirtualStore
O43 - CFD: 2015/08/03 10:36:51 - [] D -- C:\Users\lma\AppData\Local\VMware
O43 - CFD: 2009/07/14 05:58:02 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/08/10 12:39:51 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2009/07/14 05:53:47 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/06/26 15:48:13 - [] RD -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2012/12/24 12:16:07 - [] D -- C:\Users\lma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll ©
---\\ System Drivers List (61) - 7s
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] ©
O58 - SDL:2010/11/21 04:24:00 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] ©
O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] ©
O58 - SDL:2010/11/21 04:24:00 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] ©
O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] ©
O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] ©
O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] ©
O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] ©
O58 - SDL:2010/12/16 23:58:14 A . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys [40816] ©
O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] ©
O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] ©
O58 - SDL:2013/08/05 17:10:48 A . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\drivers\hcmon.sys [52816] ©
O58 - SDL:2010/11/21 04:24:00 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] ©
O58 - SDL:2010/11/21 04:24:00 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] ©
O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] ©
O58 - SDL:2009/06/10 21:34:18 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\Windows\System32\drivers\L1C62x64.sys [57344] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\Windows\System32\drivers\mfeapfk.sys [153952] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\Windows\System32\drivers\mfeavfk.sys [217696] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\Windows\System32\drivers\mfeclnk.sys [9984] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - McAfee Link Driver.) -- C:\Windows\System32\drivers\mfehidk.sys [607152] ©
O58 - SDL:2013/01/23 09:27:40 A . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\Windows\System32\drivers\mferkdet.sys [97960] ©
O58 - SDL:2013/01/23 09:27:41 A . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\Windows\System32\drivers\mfewfpk.sys [281544] ©
O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] ©
O58 - SDL:2013/03/01 02:49:12 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600] ©
O58 - SDL:2010/11/21 04:24:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] ©
O58 - SDL:2010/11/21 04:24:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] ©
O58 - SDL:2009/06/10 21:35:30 A . (.Intel Corporation - Intel(R) 5000 Series Chipsets Integrated De.) -- C:\Windows\System32\drivers\qd260x64.sys [35328] ©
O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] ©
O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] ©
O58 - SDL:2012/02/09 07:06:36 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [125376] ©
O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] ©
O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] ©
O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] ©
O58 - SDL:2011/01/15 17:21:04 A . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\Windows\System32\drivers\VClone.sys [36352] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] ©
O58 - SDL:2012/07/06 12:29:52 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\drivers\vmci.sys [85104] ©
O58 - SDL:2012/08/15 15:16:50 A . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\Windows\System32\drivers\vmnet.sys [24216] ©
O58 - SDL:2012/08/15 15:16:50 A . (.VMware, Inc. - VMware virtual network adapter driver (64-b.) -- C:\Windows\System32\drivers\vmnetadapter.sys [20120] ©
O58 - SDL:2012/08/15 15:16:52 A . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\Windows\System32\drivers\vmnetbridge.sys [45720] ©
O58 - SDL:2012/08/15 15:18:08 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\Windows\System32\drivers\vmnetuserif.sys [30360] ©
O58 - SDL:2012/08/15 15:18:00 A . (.VMware, Inc. - VMware parallel port driver.) -- C:\Windows\System32\drivers\VMparport.sys [31384] ©
O58 - SDL:2012/08/15 15:18:16 A . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\drivers\vmx86.sys [67224] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] ©
O58 - SDL:2012/07/06 12:29:52 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\Windows\System32\drivers\vsock.sys [70256] ©
---\\ Last modified or created user files (3) - 5s
O61 - LFC: 2015/10/13 16:18:34 A . (.BitTorrent Inc..) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe [1822048]
O61 - LFC: 2015/10/13 15:57:26 A . (.BitTorrent Inc..) -- C:\Users\lma\AppData\Roaming\uTorrent\updates\3.4.5_41202.exe [1822048]
O61 - LFC: 2015/10/13 16:18:39 A . (.BitTorrent Inc..) -- C:\Users\lma\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe [336896]
---\\ File Associations Shell Spawning (11) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (1) - 10s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [853504] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [679424] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] ©
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2428952] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569856] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] ©
O83 - Search Svchost Services: sacsvr (sacsvr) . (.Microsoft Corporation - Microsoft EMS SAC Service.) -- C:\Windows\system32\sacsvr.dll [14848] ©
---\\ Firewall Active Exception List (23) - 4s
O87 - FAEL: "{F2663557-4ED2-4D86-A311-C142AFEFAFDC}" [In-None-P6-TRUE] .(...) -- C:\Program Files\UrBackupServer\urbackup_srv.exe (.not file.)
O87 - FAEL: "{B4350734-1AED-461E-A357-AE65BD3CC0E7}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.)
O87 - FAEL: "{55B9D3EC-4DBC-419C-8AB3-46ED64366719}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.)
O87 - FAEL: "{813E98E3-40C8-413C-B064-ABC4C9F0D0A6}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.)
O87 - FAEL: "{9AC7940E-BA60-4CB3-AD66-065A84CE2ABD}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\5\driver.exe (.not file.)
O87 - FAEL: "{F3319443-B85C-4B26-A273-156EEEDBBE21}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.)
O87 - FAEL: "{DEB98E7D-06D7-478D-805D-7289FBD81A23}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.)
O87 - FAEL: "{A93549A8-FA57-45C5-A466-C17782927F95}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.)
O87 - FAEL: "{4E1BD04D-6B1F-462C-A964-03152ACB637D}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\3\driver.exe (.not file.)
O87 - FAEL: "{6935D6D3-4E75-43E5-BB5F-B4B92725739B}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.)
O87 - FAEL: "{C51BDCF4-F1C5-48A3-91A6-3CBAED59E879}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.)
O87 - FAEL: "{ECD2C1A2-10BE-4DC8-983A-F0FEEF40F5D9}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.)
O87 - FAEL: "{9F9602AF-E7EC-40F8-9345-8B56E129F894}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\1\driver.exe (.not file.)
O87 - FAEL: "{84C83B07-7C1D-4711-8AA0-335C1B44E0DD}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.)
O87 - FAEL: "{9B5105A5-7A4A-4EA8-BC36-63F2D76B1834}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.)
O87 - FAEL: "{CEBCCA6F-7589-48A5-AE6D-C68B7570C738}" [In-None-P6-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.)
O87 - FAEL: "{193113DC-0388-4D0C-918E-CDF4E0C2C9D3}" [In-None-P17-TRUE] .(...) -- C:\Users\administrateur\AppData\Local\Temp\2\driver.exe (.not file.)
O87 - FAEL: "{85217454-9AE5-45AE-BA22-985600B50DEB}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O87 - FAEL: "{BB2447DA-92AC-46AC-88CF-5F3E69714431}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
O87 - FAEL: "{90940932-AAC0-41EA-9145-66E9C5839175}" [In-None-P6-TRUE] .(.TightVNC Group - vncviewer.) -- C:\Program Files (x86)\TightVNC\vncviewer.exe
O87 - FAEL: "{E09F0684-0A6D-4748-A788-AA113D574C3B}" [In-None-P17-TRUE] .(.TightVNC Group - vncviewer.) -- C:\Program Files (x86)\TightVNC\vncviewer.exe
O87 - FAEL: "{63061250-530A-4AFB-8033-9E97A3FCDEC7}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{FD98D73E-F063-443C-A14D-EA0886771845}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lma\AppData\Roaming\uTorrent\uTorrent.exe
---\\ Services not Microsoft (SR=Run, SS=Stop) (20) - 15s
SS - Demand [2014/09/09 23:14:51] [ 267440] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ©
SS - Auto [2011/09/10 12:43:18] [ 18432] Apache2.2 (Apache2.2) . (.Apache Software Foundation.) - C:\xampp\apache\bin\httpd.exe ©
SR - Auto [2013/03/07 23:07:36] [ 67584] Cobian Backup 11 Service « Volume Shadow Copy » (cbVSCService11) . (.CobianSoft, Luis Cobian.) - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe ©
SR - Auto [2013/03/07 23:27:02] [ 1131008] Cobian Backup 11 Gravity (CobianBackup11) . (.Luis Cobian, CobianSoft.) - C:\Program Files (x86)\Cobian Backup 11\cbService.exe ©
SR - Auto [2010/03/25 14:20:06] [ 226624] McAfee SiteAdvisor Enterprise Service (McAfee SiteAdvisor Enterprise Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe ©
SR - Auto [2013/12/04 16:08:00] [ 127520] McAfee Framework Service (McAfeeFramework) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe ©
SS - Demand [2014/04/09 14:12:50] [ 235696] McAfee Security Scan Component Host Service (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\3.8.150\McCHSvc.exe ©
SR - Auto [2013/01/23 09:27:40] [ 190256] McAfee McShield (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ©
SR - Auto [2011/01/12 20:46:36] [ 209760] McAfee Task Manager (McTaskManager) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe ©
SR - Auto [2013/01/23 09:27:40] [ 156248] McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe ©
SS - Demand [2013/03/01 02:48:58] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe ©
SR - Auto [2015/05/08 18:05:44] [ 199536] McAfee Product Improvement Program (Telemetryserver) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\Telemetry\mctelsvc.exe ©
SR - Auto [2011/08/03 14:23:54] [ 828944] TightVNC Server (tvnserver) . (.GlavSoft LLC..) - C:\Program Files (x86)\TightVNC\tvnserver.exe ©
SR - Auto [2012/08/15 13:19:58] [ 79872] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe ©
SR - Auto [2013/08/05 17:10:56] [ 898640] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe ©
SR - Auto [2014/03/19 05:23:24] [ 479960] VMware vCenter Converter Standalone Agent (vmware-converter-agent) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe ©
SR - Auto [2014/03/19 05:25:16] [ 479960] VMware vCenter Converter Standalone Server (vmware-converter-server) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe ©
SR - Auto [2014/03/19 05:25:16] [ 479960] VMware vCenter Converter Standalone Worker (vmware-converter-worker) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe ©
SS - Demand [2012/08/15 14:36:34] [15680000] VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
---\\ Search Tracing Registry Key (4) - 3s
HKLM\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASAPI32 =>.Superfluous.SpyHunter
HKLM\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASMANCS =>.Superfluous.SpyHunter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASAPI32 =>PUP.Optional.SpeedyPC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASMANCS =>PUP.Optional.SpeedyPC
---\\ Additional Scan (O88) (10) - 0s
HKLM\SOFTWARE\Wow6432Node\SpeedyPC Software =>PUP.Optional.SpeedyPC
HKCU\SOFTWARE\SpeedyPC Software =>PUP.Optional.SpeedyPC
C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\SpeedyPC Software =>PUP.Optional.SpeedyPC
C:\Users\lma\AppData\Roaming\DriverCure =>PUP.Optional.Paretologic
C:\Users\lma\AppData\Roaming\SpeedyPC Software =>PUP.Optional.SpeedyPC
HKLM64\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASAPI32 =>.Superfluous.SpyHunter
HKLM64\SOFTWARE\Microsoft\Tracing\SpyHunter4_RASMANCS =>.Superfluous.SpyHunter
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASAPI32 =>PUP.Optional.SpeedyPC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedyPC_RASMANCS =>PUP.Optional.SpeedyPC
---\\ Summary of the elements found (4) - 0s
http://www.nicolascoolman.fr/28224126-pup-speedypc/ =>PUP.Optional.SpeedyPC
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/blog =>PUP.Optional.Paretologic
http://www.nicolascoolman.fr/blog =>.Superfluous.SpyHunter
~ End of the scan, 20783 items in 108 seconds (710)(0)()