Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2013.12.14.22 - Nicolas Coolman (14/12/2013)
~ Lancé par TOMAGANGIE (11/05/2016 15:52:18)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.18124
MFIE: Mozilla Firefox 46.0.1 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : KQCQW
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.2.1.1043
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v5.14 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 21 NPAPI
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 15345 MB (82% free)
System Restore: Activé (Enable)
System drive C: has 14 GB (17%) free of 80 GB
---\\ Mode de connexion au système
~ Computer Name: TOMAGANGIE-PC
~ User Name: TOMAGANGIE
~ All Users Names: TOMAGANGIE, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\TOMAGANGIE\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\TOMAGANGIE\AppData\Roaming\
~ %Desktop% : C:\Users\TOMAGANGIE\Desktop\
~ %Favorites% : C:\Users\TOMAGANGIE\Favorites\
~ %LocalAppData% : C:\Users\TOMAGANGIE\AppData\Local\
~ %StartMenu% : C:\Users\TOMAGANGIE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 14 Go of 80 Go)
D: Hard drive, Flash drive, Thumb drive (Free 103 Go of 386 Go)
E: Hard drive, Flash drive, Thumb drive (Free 125 Go of 466 Go)
G: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: Modified
~ Security Center: 48 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E2C385B0D816AD37616BD4C4204D0633] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/11/2015 - 21:53:08.) -- C:\Windows\System32\wininet.dll [2487808]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/10/2015 - 17:41:05.) -- C:\Windows\system32\Drivers\AFD.sys [497664]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.73ADDCC406B86E7DA4416691E8E74BDA] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.20/10/2015 - 00:41:20.) -- C:\Windows\system32\Drivers\MRxSmb.sys [159232]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.AA77EB517D2F07A947294F260E3ACA83] - (.Microsoft Corporation - TDI Translation Driver.) (.13/10/2015 - 17:40:33.) -- C:\Windows\system32\Drivers\tdx.sys [118272]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
Mes images (My Pictures) : 2/2 (Modified)
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 1/2122
~ Mon Bureau (My Desktop) : 1/54
~ Menu demarrer (Programs) : 1/71
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés
[MD5.1148691A4ED11337450DFC819A3E43FF] - (.MSI - S-Bar.) -- C:\Program Files (x86)\S-Bar\S-Bar.exe [5427616] [PID.3456]
[MD5.7743D65164A2417320366063530CC050] - (.Micro-Star International Co., Ltd. - MSI Keyboard LED Manager.) -- C:\Program Files (x86)\MSI\KLM\KLM.exe [1522376] [PID.1272]
[MD5.41D1214B86A06FD29423A797EBDA17E4] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.3964]
[MD5.4E777B97DBEC1C08C2D5B815066C1F07] - (.Micro-Star International Co., Ltd. - Keyboard Indicator.) -- C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe [1699016] [PID.4104]
[MD5.DB414E4AEA9BAACE6F9670A420A59F52] - (.MSI - NVIDIA Overclock Tool.) -- C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe [84480] [PID.4148]
[MD5.8007AF9F2434F390AA51F0A516B9756F] - (.Tweaking.com - Tweaking.com - Windows Repair Tray Icon.) -- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [66816] [PID.2848]
[MD5.7DF8845A1CF92C227E81DBBC6F6434DF] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [392136] [PID.4384]
[MD5.2330B5A4A3824F042DC96D524893A6B5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8295936] [PID.3136]
[MD5.55B0C8441DE7D91A819A39D0351154A2] - (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [923984] [PID.396]
[MD5.CB143DCD8864442CFCF37629002766E3] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944] [PID.2024]
[MD5.71C6748EE8DE938532057EF10B4B7E44] - (.Micro-Star International Co., Ltd. - MSI SCM Service.) -- C:\Program Files (x86)\S-Bar\MSIService.exe [160768] [PID.2156]
[MD5.8BF4B9956E13871A88A3810074E2E110] - (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [1001808] [PID.2732]
[MD5.7E262330DF0C4BE4ECE853B59B9CBE4C] - (.Intel Corporation - Bluetooth Media Service.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1321296] [PID.3516]
[MD5.983FC69644DDF0486C8DFEA262948D1A] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.672]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\TOMAGANGIE\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 1 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 24
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: MSI NVIDIA Overclock.lnk . (...) -- C:\Windows\Installer\{3BE9F272-9AB6-43E1-83F9-02F41C7B408A}\_712A67C1473BB0A17CD6F8.exe
O4 - GS\QuickLaunch [TOMAGANGIE]: Guitar Pro 6.lnk . (...) -- C:\Program Files (x86)\Guitar Pro 6\GuitarPro.exe
O4 - GS\QuickLaunch [TOMAGANGIE]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [TOMAGANGIE]: Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [TOMAGANGIE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [TOMAGANGIE]: Telemetry Reader.lnk . (...) -- C:\Users\TOMAGANGIE\AppData\Roaming\Microsoft\Installer\{CD5A0B32-7EB6-4CF6-8ABF-88655AEF31A0}\_9B66DC0D9C75320BA02B73.exe
O4 - GS\SystemTools [TOMAGANGIE]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [TOMAGANGIE]: AF.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [TOMAGANGIE]: AVS.lnk . (...) -- C:\Program Files (x86)\AVS4YOU\AVS
O4 - GS\Desktop [TOMAGANGIE]: Jeux.lnk . (...) -- D:\Games\Jeux
O4 - GS\Desktop [TOMAGANGIE]: Options d’alimentation - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [TOMAGANGIE]: Telemetry Reader.lnk . (...) -- C:\Users\TOMAGANGIE\AppData\Roaming\Microsoft\Installer\{CD5A0B32-7EB6-4CF6-8ABF-88655AEF31A0}\_2904D18492534C3EE6E07E.exe
O4 - GS\Desktop [TOMAGANGIE]: ThumbGen - Raccourci.lnk . (.ThumbGen - ThumbGen.) -- C:\Program Files (x86)\Thumbgen\ThumbGen.exe
~ Global Startup: 56 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [TOMAGANGIE]: S-Bar - Raccourci.lnk . (.MSI - S-Bar.) -- C:\Program Files (x86)\S-Bar\S-Bar.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [IntelPAN] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [LogiScrollApp] . (.Logitech, Inc. - Logitech ScrollApp (UNICODE).) -- C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
O4 - HKLM\..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (.not file.)
O4 - HKLM\..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (.not file.)
O4 - HKLM\..\Run: [Start WingMan Profiler] . (.Logicool Co. Ltd. - Logicool WingMan Event Monitor.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe
O4 - HKLM\..\Wow6432Node\Run: [KLM] . (.Micro-Star International Co., Ltd. - MSI Keyboard LED Manager.) -- C:\Program Files (x86)\MSI\KLM\KLM.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [LockIndicator] . (.Micro-Star International Co., Ltd. - Keyboard Indicator.) -- C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe
O4 - HKLM\..\Wow6432Node\Run: [NVIDIAOCAP] . (.MSI - NVIDIA Overclock Tool.) -- C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.line6.net
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFF496B2-717B-4203-8765-041A2B48C9CD}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{FFF496B2-717B-4203-8765-041A2B48C9CD}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{FFF496B2-717B-4203-8765-041A2B48C9CD}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.8007AF9F2434F390AA51F0A516B9756F] [APT] [Tweaking.com - Windows Repair Tray Icon] (.Tweaking.com.) -- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [66816]
~ Scheduled Task: 14 Legitimates Filtered in 00mn 01s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (npyvzzky) . (. - .) - C:\Windows\system32\drivers\npyvzzky.sys (.not file.)
~ Drivers: 75 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Assetto Corsa v1.5 - (...) [HKLM][64Bits] -- YXNzZXR0b2NvcnNh_is1
O42 - Logiciel: Assetto Corsa ver. 1.3.7 - (.Kunos Simulazioni.) [HKLM][64Bits] -- {DD50FBA5-5C51-4F10-832A-92AC75A9C827}_is1
O42 - Logiciel: Broomstick Bass 1.0.0 - (...) [HKLM][64Bits] -- broomstickbass-1.0.0
O42 - Logiciel: FreePIE - (.FreePIE.) [HKLM][64Bits] -- {ACB0850C-FF36-4BB8-872C-58E9CFFB4AA1}
O42 - Logiciel: Telemetry Reader - (.Sebastian Barz.) [HKLM][64Bits] -- {CD5A0B32-7EB6-4CF6-8ABF-88655AEF31A0}
O42 - Logiciel: Vir2 Mojo Horn Section - (.Vir2.) [HKLM][64Bits] -- Vir2 Mojo Horn Section
~ Logic: 45 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ ]
[HKCU\Software\FreePIE]
[HKCU\Software\HB Studios Multimedia Ltd.]
[HKCU\Software\Modartt]
[HKCU\Software\SOG]
[HKCU\Software\Sebastian Barz]
[HKCU\Software\cks]
[HKLM\Software\Wow6432Node\ ]
[HKLM\Software\Wow6432Node\Bornemark]
[HKLM\Software\Wow6432Node\MC2]
[HKLM\Software\Wow6432Node\MeadCo]
[HKLM\Software\Wow6432Node\tiptoi®]
~ Key Software: 597 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/03/2016 - 10:21:25 - [18,202] ----D C:\Program Files (x86)\FreePIE
O43 - CFD: 25/04/2016 - 20:31:49 - [0,841] ----D C:\Program Files (x86)\Sebastian Barz
O43 - CFD: 20/03/2016 - 23:38:49 - [0,007] ----D C:\Users\TOMAGANGIE\AppData\Roaming\FreePIE
O43 - CFD: 11/11/2015 - 12:59:45 - [7,807] ----D C:\Users\TOMAGANGIE\AppData\Local\CEF
O43 - CFD: 01/02/2016 - 22:55:06 - [0,003] ----D C:\Users\TOMAGANGIE\AppData\Local\Disc_Soft_Ltd
O43 - CFD: 10/12/2015 - 21:36:36 - [0] -SH-D C:\Users\TOMAGANGIE\AppData\Local\EmieBrowserModeList
O43 - CFD: 10/12/2015 - 21:36:36 - [0] -SH-D C:\Users\TOMAGANGIE\AppData\Local\EmieSiteList
O43 - CFD: 10/12/2015 - 21:36:36 - [0] -SH-D C:\Users\TOMAGANGIE\AppData\Local\EmieUserList
O43 - CFD: 10/12/2015 - 18:13:30 - [0] ----D C:\Users\TOMAGANGIE\AppData\Local\GWX
O43 - CFD: 05/10/2015 - 06:34:18 - [8,626] ----D C:\Users\TOMAGANGIE\AppData\Local\Sniper3
O43 - CFD: 25/04/2016 - 20:55:31 - [0,001] ----D C:\Users\TOMAGANGIE\AppData\Local\TelemetryReader
O43 - CFD: 10/09/2013 - 19:44:09 - [0,002] ----D C:\Users\TOMAGANGIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
~ Program Folder: 300 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4F6F6E598C4041B6C5D1B8C8EDFF3A38] - 02/05/2016 - 12:49:49 ---A- . (...) -- C:\Windows\ntbtlog.txt [309596]
O44 - LFC:[MD5.5973CD73A8AFE6BE4DC07480519320D8] - 04/05/2016 - 06:00:07 ---A- . (...) -- C:\Windows\Tweaking.com - Windows Repair Setup Log.txt [187171]
O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 04/05/2016 - 06:20:56 ---A- . (...) -- C:\Windows\tweaking.com-regbackup-TOMAGANGIE-PC-Windows-7-Home-Premium-(64-bit).dat [207]
O44 - LFC:[MD5.2B62CFCBA518607E869B4F7E182B57CB] - 04/05/2016 - 06:38:32 ---A- . (...) -- C:\Windows\win.ini [433]
~ Files: 15 Legitimates Filtered in 00mn 07s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{211e2b75-9db3-11e5-a093-6c626d3481ef}\AutoRun\command. (...) -- F:\Setup.exe (.not file.)
O51 - MPSK:{89617dc0-c16d-11e2-9984-806e6f6e6963}\AutoRun\command. (...) -- I:\setup.exe (.not file.)
O51 - MPSK:{b57c4331-f8fa-11e5-9ddc-6c626d3481ef}\AutoRun\command. (...) -- H:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\D3DOverrider [Key] . (...) -- C:\Users\TOMAGANGIE\Desktop\D3DOverrider\D3DOverriderWrapper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\fspuip [Key] . (...) -- C:\Program Files\FSP\fspuip.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Monitor [Key] . (...) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ShadowPlay [Key] . (...) -- C:\Windows\system32\nvspcap64.dll (.not file.)
~ SMSR Keys: 31 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
O55 - MWPS:[HKCU\...\Policies\System] - "NoDispCPL"=0
~ MWPS: 24 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartMenuMyGames"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 32 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.7D9E301AB3247765702D0B65E2E47E50] - 08/08/2011 - 07:32:08 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [299008]
O58 - SDL:[MD5.4FC6E2C2FC50445450651F42E90CC0BD] - 08/10/2012 - 18:52:52 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys [31968]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.99B7A340AA7FDE9C55C3E9087468A868] - 18/09/2015 - 22:42:08 ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\hssdrv6.sys [44648]
O58 - SDL:[MD5.861C5F9A93C03DF0120ED892FC1E4D01] - 02/04/2016 - 19:04:03 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [394296]
O58 - SDL:[MD5.73BDD44A6088916964945886F9025409] - 22/01/2014 - 08:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [108800]
O58 - SDL:[MD5.5252D7BC56E5E0ED715AEA8FE173A455] - 22/01/2014 - 08:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.48B1504D5D3219C192EA080C10BF48B7] - 18/09/2015 - 22:43:56 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42088]
O58 - SDL:[MD5.680A7846370000D20D7E74917D5B7936] - 27/04/2010 - 16:57:12 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Virtual Bus Enumerator Driver.) -- C:\Windows\System32\Drivers\WmBEnum.sys [26440]
O58 - SDL:[MD5.14C35BA8189C6F65D839163AA285E954] - 27/04/2010 - 14:02:42 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Hid Filter Driver.) -- C:\Windows\System32\Drivers\WmFilter.sys [43976]
O58 - SDL:[MD5.AC4331AF118A720F13C9C5CABBFE27BD] - 27/04/2010 - 16:57:14 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Hid Lower Filter Driver.) -- C:\Windows\System32\Drivers\WmHidLo.sys [36936]
O58 - SDL:[MD5.8488DD91A3EE54A8E29F02AD7BB8201E] - 27/04/2010 - 16:57:20 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Virtual Hid Device Driver.) -- C:\Windows\System32\Drivers\WmVirHid.sys [16200]
O58 - SDL:[MD5.14802B3A30AA849C97CB968CCC813BF3] - 27/04/2010 - 14:03:12 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Translation Driver.) -- C:\Windows\System32\Drivers\WmXlCore.sys [77512]
~ Drivers: 24 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.F45D778122E5EB2258D9C6E9869FB77E] [SPRF][01/04/2016] (...) -- C:\Users\TOMAGANGIE\Desktop\cc_20160401_160354.reg [80230]
[MD5.2F7513EF92949420681BC4442E623C10] [SPRF][17/08/2014] (...) -- C:\Users\TOMAGANGIE\Desktop\chopecrew_v3_33.exe [4287067]
[MD5.A1754A8F6F6A6BF4577970B7F1720F5E] [SPRF][03/05/2016] (...) -- C:\Users\TOMAGANGIE\Desktop\CKScanner.exe [468480]
~ Files: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{23CF99F4-0482-4301-9EF6-27BEF054607D}D:\games\assetto corsa\acs.exe" | In - Public - P6 - TRUE | .(...) -- D:\games\assetto corsa\acs.exe
O87 - FAEL: "UDP Query User{65828C82-2E77-48FD-B943-0BF3C88303EC}D:\games\assetto corsa\acs.exe" | In - Public - P17 - TRUE | .(...) -- D:\games\assetto corsa\acs.exe
O87 - FAEL: "TCP Query User{8C250376-50E2-4352-9783-48AA4B0B6933}D:\games\assetto corsa\acs_x86.exe" | In - Public - P6 - TRUE | .(...) -- D:\games\assetto corsa\acs_x86.exe
O87 - FAEL: "UDP Query User{40615CD8-67CA-463E-9111-79F5B151989F}D:\games\assetto corsa\acs_x86.exe" | In - Public - P17 - TRUE | .(...) -- D:\games\assetto corsa\acs_x86.exe
O87 - FAEL: "TCP Query User{B4436795-03C0-4F75-A1D2-0C38813CC4D4}C:\program files (x86)\sebastian barz\telemetry reader\telemetryreader.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - TelemetryReaderWpf.) -- C:\program files (x86)\sebastian barz\telemetry reader\telemetryreader.exe
O87 - FAEL: "UDP Query User{6299D249-A038-42B8-8DF6-CB2C79E88857}C:\program files (x86)\sebastian barz\telemetry reader\telemetryreader.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - TelemetryReaderWpf.) -- C:\program files (x86)\sebastian barz\telemetry reader\telemetryreader.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
~ Firewall: 189 Legitimates Filtered in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "4EA42A62D9304AC4784BF2381208190F" . (.Java 8 Update 91.) -- C:\Program Files (x86)\Java\jre1.8.0_91\\bin\javaws.exe
O90 - PUC: "58B5AED465C63F54EA00EF7D650B3D4B" . (.KLM.) -- C:\Windows\Installer\{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}\ARPPRODUCTICON.exe
O90 - PUC: "9019F70F141D88E4FB5F20606D91495F" . (.SOHLib for PlayMemories Home.) -- C:\Windows\Installer\{F07F9109-D141-4E88-BFF5-0206D61994F5}\ARPPRODUCTICON.exe
O90 - PUC: "C0580BCA63FF8BB478C2859EFCBFA41A" . (.FreePIE.) -- C:\Windows\Installer\{ACB0850C-FF36-4BB8-872C-58E9CFFB4AA1}\icon.ico
~ Update Products: 126 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D4652CD1360C74AF77A1EF6C71277628] [WIS][21/03/2014] (.Native Instruments - Controller Editor Setup.) -- C:\Windows\Installer\197b16.msi [393216]
[MD5.DF6ABED0E53B472238ADCB81B3E20115] [WIS][10/07/2013] (.Native Instruments - Guitar Rig 5 Setup.) -- C:\Windows\Installer\1d61e4.msi [1154048]
[MD5.D0B641734A71C296EF85DC5CE080B538] [WIS][29/03/2016] (.FreePIE - FreePIE.) -- C:\Windows\Installer\247e98.msi [7704576]
[MD5.4F900B3A7217398FA55912E49E86BD37] [WIS][24/01/2014] (.Vir2 - Mojo Horn Section Setup.) -- C:\Windows\Installer\7130f8.msi [276992]
[MD5.6BA227548098C0481F7DB8126D6227B7] [WIS][01/04/2016] (.Buildbot - Hotspot Shield 5.20.20 Embedded.) -- C:\Windows\Installer\824a6.msi [712704]
~ WIS: 130 Legitimates Filtered in 00mn 14s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 13/12/2015 82128 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Disabled 20/04/2016 269504 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 01/07/2015 3755976 | (DevoloNetworkService) . (.devolo AG.) - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
SS - | Disabled 01/03/2016 1444544 | (Disc Soft Lite Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe =>.DT Soft Ltd
SS - | Disabled 04/09/2015 144200 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 04/09/2015 144200 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (hshld) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
SS - | Demand 27/09/2011 359192 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SS - | Disabled 11/05/2016 146888 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 27/07/2011 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Disabled 23/01/2014 11936560 | (NIHardwareService) . (.Native Instruments GmbH.) - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
SS - | Disabled 22/09/2014 485400 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SS - | Disabled 10/07/1658 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SS - | Disabled 09/07/2015 327296 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 16/01/2014 495248 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Disabled 03/12/2013 79000 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Disabled 01/12/2011 289952 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SS - | Disabled 04/06/2015 837312 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Disabled 08/03/2016 424384 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SS - | Disabled 11/09/2015 5702416 | (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
SS - | Demand 08/10/2010 150016 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SR - | Auto 31/08/2011 1166848 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 30/03/2011 923984 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Demand 30/03/2011 1321296 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
SR - | Auto 30/03/2011 1001808 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 03/06/2011 134928 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 06/09/2011 974944 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
SR - | Auto 27/07/2011 1517328 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 12/01/2011 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 09/11/2012 160768 | (Micro Star SCM) . (.Micro-Star International Co., Ltd..) - C:\Program Files (x86)\S-Bar\MSIService.exe
SR - | Auto 08/03/2016 1264064 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 27/07/2011 844560 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 15s
---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:[MD5.861C5F9A93C03DF0120ED892FC1E4D01] - 02/04/2016 - 19:04:03 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [394296]
~ Emulateurs: Scanned in 00mn 15s
---\\ Scan Additionnel (O88)
Database Version : 13013 - (14/12/2013)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 455076 Items scanned in 00mn 20s
~ 1511 Legitimates filtered by white list
End of the scan (497 lines in 01mn 09s)(0)
~ Lancé par TOMAGANGIE (11/05/2016 15:52:18)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.18124
MFIE: Mozilla Firefox 46.0.1 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : KQCQW
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.2.1.1043
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v5.14 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 21 NPAPI
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 15345 MB (82% free)
System Restore: Activé (Enable)
System drive C: has 14 GB (17%) free of 80 GB
---\\ Mode de connexion au système
~ Computer Name: TOMAGANGIE-PC
~ User Name: TOMAGANGIE
~ All Users Names: TOMAGANGIE, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\TOMAGANGIE\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\TOMAGANGIE\AppData\Roaming\
~ %Desktop% : C:\Users\TOMAGANGIE\Desktop\
~ %Favorites% : C:\Users\TOMAGANGIE\Favorites\
~ %LocalAppData% : C:\Users\TOMAGANGIE\AppData\Local\
~ %StartMenu% : C:\Users\TOMAGANGIE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 14 Go of 80 Go)
D: Hard drive, Flash drive, Thumb drive (Free 103 Go of 386 Go)
E: Hard drive, Flash drive, Thumb drive (Free 125 Go of 466 Go)
G: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: Modified
~ Security Center: 48 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E2C385B0D816AD37616BD4C4204D0633] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/11/2015 - 21:53:08.) -- C:\Windows\System32\wininet.dll [2487808]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/10/2015 - 17:41:05.) -- C:\Windows\system32\Drivers\AFD.sys [497664]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.73ADDCC406B86E7DA4416691E8E74BDA] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.20/10/2015 - 00:41:20.) -- C:\Windows\system32\Drivers\MRxSmb.sys [159232]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.AA77EB517D2F07A947294F260E3ACA83] - (.Microsoft Corporation - TDI Translation Driver.) (.13/10/2015 - 17:40:33.) -- C:\Windows\system32\Drivers\tdx.sys [118272]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
Mes images (My Pictures) : 2/2 (Modified)
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 1/2122
~ Mon Bureau (My Desktop) : 1/54
~ Menu demarrer (Programs) : 1/71
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés
[MD5.1148691A4ED11337450DFC819A3E43FF] - (.MSI - S-Bar.) -- C:\Program Files (x86)\S-Bar\S-Bar.exe [5427616] [PID.3456]
[MD5.7743D65164A2417320366063530CC050] - (.Micro-Star International Co., Ltd. - MSI Keyboard LED Manager.) -- C:\Program Files (x86)\MSI\KLM\KLM.exe [1522376] [PID.1272]
[MD5.41D1214B86A06FD29423A797EBDA17E4] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.3964]
[MD5.4E777B97DBEC1C08C2D5B815066C1F07] - (.Micro-Star International Co., Ltd. - Keyboard Indicator.) -- C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe [1699016] [PID.4104]
[MD5.DB414E4AEA9BAACE6F9670A420A59F52] - (.MSI - NVIDIA Overclock Tool.) -- C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe [84480] [PID.4148]
[MD5.8007AF9F2434F390AA51F0A516B9756F] - (.Tweaking.com - Tweaking.com - Windows Repair Tray Icon.) -- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [66816] [PID.2848]
[MD5.7DF8845A1CF92C227E81DBBC6F6434DF] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [392136] [PID.4384]
[MD5.2330B5A4A3824F042DC96D524893A6B5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8295936] [PID.3136]
[MD5.55B0C8441DE7D91A819A39D0351154A2] - (.Intel Corporation - Bluetooth Device Monitor.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [923984] [PID.396]
[MD5.CB143DCD8864442CFCF37629002766E3] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [974944] [PID.2024]
[MD5.71C6748EE8DE938532057EF10B4B7E44] - (.Micro-Star International Co., Ltd. - MSI SCM Service.) -- C:\Program Files (x86)\S-Bar\MSIService.exe [160768] [PID.2156]
[MD5.8BF4B9956E13871A88A3810074E2E110] - (.Intel Corporation - Bluetooth OBEX Service.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [1001808] [PID.2732]
[MD5.7E262330DF0C4BE4ECE853B59B9CBE4C] - (.Intel Corporation - Bluetooth Media Service.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1321296] [PID.3516]
[MD5.983FC69644DDF0486C8DFEA262948D1A] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.672]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\TOMAGANGIE\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 1 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 24
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: MSI NVIDIA Overclock.lnk . (...) -- C:\Windows\Installer\{3BE9F272-9AB6-43E1-83F9-02F41C7B408A}\_712A67C1473BB0A17CD6F8.exe
O4 - GS\QuickLaunch [TOMAGANGIE]: Guitar Pro 6.lnk . (...) -- C:\Program Files (x86)\Guitar Pro 6\GuitarPro.exe
O4 - GS\QuickLaunch [TOMAGANGIE]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [TOMAGANGIE]: Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [TOMAGANGIE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [TOMAGANGIE]: Telemetry Reader.lnk . (...) -- C:\Users\TOMAGANGIE\AppData\Roaming\Microsoft\Installer\{CD5A0B32-7EB6-4CF6-8ABF-88655AEF31A0}\_9B66DC0D9C75320BA02B73.exe
O4 - GS\SystemTools [TOMAGANGIE]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [TOMAGANGIE]: AF.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [TOMAGANGIE]: AVS.lnk . (...) -- C:\Program Files (x86)\AVS4YOU\AVS
O4 - GS\Desktop [TOMAGANGIE]: Jeux.lnk . (...) -- D:\Games\Jeux
O4 - GS\Desktop [TOMAGANGIE]: Options d’alimentation - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [TOMAGANGIE]: Telemetry Reader.lnk . (...) -- C:\Users\TOMAGANGIE\AppData\Roaming\Microsoft\Installer\{CD5A0B32-7EB6-4CF6-8ABF-88655AEF31A0}\_2904D18492534C3EE6E07E.exe
O4 - GS\Desktop [TOMAGANGIE]: ThumbGen - Raccourci.lnk . (.ThumbGen - ThumbGen.) -- C:\Program Files (x86)\Thumbgen\ThumbGen.exe
~ Global Startup: 56 Legitimates Filtered in 00mn 00s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [TOMAGANGIE]: S-Bar - Raccourci.lnk . (.MSI - S-Bar.) -- C:\Program Files (x86)\S-Bar\S-Bar.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [IntelPAN] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [LogiScrollApp] . (.Logitech, Inc. - Logitech ScrollApp (UNICODE).) -- C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
O4 - HKLM\..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (.not file.)
O4 - HKLM\..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (.not file.)
O4 - HKLM\..\Run: [Start WingMan Profiler] . (.Logicool Co. Ltd. - Logicool WingMan Event Monitor.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe
O4 - HKLM\..\Wow6432Node\Run: [KLM] . (.Micro-Star International Co., Ltd. - MSI Keyboard LED Manager.) -- C:\Program Files (x86)\MSI\KLM\KLM.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [LockIndicator] . (.Micro-Star International Co., Ltd. - Keyboard Indicator.) -- C:\Program Files (x86)\MSI\LockIndicator\LockIndicator.exe
O4 - HKLM\..\Wow6432Node\Run: [NVIDIAOCAP] . (.MSI - NVIDIA Overclock Tool.) -- C:\Program Files (x86)\MSI\NVIDIA Overclock Tool\NVIDIAOCAP.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.line6.net
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFF496B2-717B-4203-8765-041A2B48C9CD}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{FFF496B2-717B-4203-8765-041A2B48C9CD}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{FFF496B2-717B-4203-8765-041A2B48C9CD}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.8007AF9F2434F390AA51F0A516B9756F] [APT] [Tweaking.com - Windows Repair Tray Icon] (.Tweaking.com.) -- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [66816]
~ Scheduled Task: 14 Legitimates Filtered in 00mn 01s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (npyvzzky) . (. - .) - C:\Windows\system32\drivers\npyvzzky.sys (.not file.)
~ Drivers: 75 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: Assetto Corsa v1.5 - (...) [HKLM][64Bits] -- YXNzZXR0b2NvcnNh_is1
O42 - Logiciel: Assetto Corsa ver. 1.3.7 - (.Kunos Simulazioni.) [HKLM][64Bits] -- {DD50FBA5-5C51-4F10-832A-92AC75A9C827}_is1
O42 - Logiciel: Broomstick Bass 1.0.0 - (...) [HKLM][64Bits] -- broomstickbass-1.0.0
O42 - Logiciel: FreePIE - (.FreePIE.) [HKLM][64Bits] -- {ACB0850C-FF36-4BB8-872C-58E9CFFB4AA1}
O42 - Logiciel: Telemetry Reader - (.Sebastian Barz.) [HKLM][64Bits] -- {CD5A0B32-7EB6-4CF6-8ABF-88655AEF31A0}
O42 - Logiciel: Vir2 Mojo Horn Section - (.Vir2.) [HKLM][64Bits] -- Vir2 Mojo Horn Section
~ Logic: 45 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ ]
[HKCU\Software\FreePIE]
[HKCU\Software\HB Studios Multimedia Ltd.]
[HKCU\Software\Modartt]
[HKCU\Software\SOG]
[HKCU\Software\Sebastian Barz]
[HKCU\Software\cks]
[HKLM\Software\Wow6432Node\ ]
[HKLM\Software\Wow6432Node\Bornemark]
[HKLM\Software\Wow6432Node\MC2]
[HKLM\Software\Wow6432Node\MeadCo]
[HKLM\Software\Wow6432Node\tiptoi®]
~ Key Software: 597 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/03/2016 - 10:21:25 - [18,202] ----D C:\Program Files (x86)\FreePIE
O43 - CFD: 25/04/2016 - 20:31:49 - [0,841] ----D C:\Program Files (x86)\Sebastian Barz
O43 - CFD: 20/03/2016 - 23:38:49 - [0,007] ----D C:\Users\TOMAGANGIE\AppData\Roaming\FreePIE
O43 - CFD: 11/11/2015 - 12:59:45 - [7,807] ----D C:\Users\TOMAGANGIE\AppData\Local\CEF
O43 - CFD: 01/02/2016 - 22:55:06 - [0,003] ----D C:\Users\TOMAGANGIE\AppData\Local\Disc_Soft_Ltd
O43 - CFD: 10/12/2015 - 21:36:36 - [0] -SH-D C:\Users\TOMAGANGIE\AppData\Local\EmieBrowserModeList
O43 - CFD: 10/12/2015 - 21:36:36 - [0] -SH-D C:\Users\TOMAGANGIE\AppData\Local\EmieSiteList
O43 - CFD: 10/12/2015 - 21:36:36 - [0] -SH-D C:\Users\TOMAGANGIE\AppData\Local\EmieUserList
O43 - CFD: 10/12/2015 - 18:13:30 - [0] ----D C:\Users\TOMAGANGIE\AppData\Local\GWX
O43 - CFD: 05/10/2015 - 06:34:18 - [8,626] ----D C:\Users\TOMAGANGIE\AppData\Local\Sniper3
O43 - CFD: 25/04/2016 - 20:55:31 - [0,001] ----D C:\Users\TOMAGANGIE\AppData\Local\TelemetryReader
O43 - CFD: 10/09/2013 - 19:44:09 - [0,002] ----D C:\Users\TOMAGANGIE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
~ Program Folder: 300 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.4F6F6E598C4041B6C5D1B8C8EDFF3A38] - 02/05/2016 - 12:49:49 ---A- . (...) -- C:\Windows\ntbtlog.txt [309596]
O44 - LFC:[MD5.5973CD73A8AFE6BE4DC07480519320D8] - 04/05/2016 - 06:00:07 ---A- . (...) -- C:\Windows\Tweaking.com - Windows Repair Setup Log.txt [187171]
O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 04/05/2016 - 06:20:56 ---A- . (...) -- C:\Windows\tweaking.com-regbackup-TOMAGANGIE-PC-Windows-7-Home-Premium-(64-bit).dat [207]
O44 - LFC:[MD5.2B62CFCBA518607E869B4F7E182B57CB] - 04/05/2016 - 06:38:32 ---A- . (...) -- C:\Windows\win.ini [433]
~ Files: 15 Legitimates Filtered in 00mn 07s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{211e2b75-9db3-11e5-a093-6c626d3481ef}\AutoRun\command. (...) -- F:\Setup.exe (.not file.)
O51 - MPSK:{89617dc0-c16d-11e2-9984-806e6f6e6963}\AutoRun\command. (...) -- I:\setup.exe (.not file.)
O51 - MPSK:{b57c4331-f8fa-11e5-9ddc-6c626d3481ef}\AutoRun\command. (...) -- H:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\D3DOverrider [Key] . (...) -- C:\Users\TOMAGANGIE\Desktop\D3DOverrider\D3DOverriderWrapper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\fspuip [Key] . (...) -- C:\Program Files\FSP\fspuip.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Monitor [Key] . (...) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ShadowPlay [Key] . (...) -- C:\Windows\system32\nvspcap64.dll (.not file.)
~ SMSR Keys: 31 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
O55 - MWPS:[HKCU\...\Policies\System] - "NoDispCPL"=0
~ MWPS: 24 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartMenuMyGames"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 32 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.7D9E301AB3247765702D0B65E2E47E50] - 08/08/2011 - 07:32:08 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [299008]
O58 - SDL:[MD5.4FC6E2C2FC50445450651F42E90CC0BD] - 08/10/2012 - 18:52:52 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys [31968]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.99B7A340AA7FDE9C55C3E9087468A868] - 18/09/2015 - 22:42:08 ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\hssdrv6.sys [44648]
O58 - SDL:[MD5.861C5F9A93C03DF0120ED892FC1E4D01] - 02/04/2016 - 19:04:03 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [394296]
O58 - SDL:[MD5.73BDD44A6088916964945886F9025409] - 22/01/2014 - 08:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [108800]
O58 - SDL:[MD5.5252D7BC56E5E0ED715AEA8FE173A455] - 22/01/2014 - 08:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.48B1504D5D3219C192EA080C10BF48B7] - 18/09/2015 - 22:43:56 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42088]
O58 - SDL:[MD5.680A7846370000D20D7E74917D5B7936] - 27/04/2010 - 16:57:12 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Virtual Bus Enumerator Driver.) -- C:\Windows\System32\Drivers\WmBEnum.sys [26440]
O58 - SDL:[MD5.14C35BA8189C6F65D839163AA285E954] - 27/04/2010 - 14:02:42 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Hid Filter Driver.) -- C:\Windows\System32\Drivers\WmFilter.sys [43976]
O58 - SDL:[MD5.AC4331AF118A720F13C9C5CABBFE27BD] - 27/04/2010 - 16:57:14 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Hid Lower Filter Driver.) -- C:\Windows\System32\Drivers\WmHidLo.sys [36936]
O58 - SDL:[MD5.8488DD91A3EE54A8E29F02AD7BB8201E] - 27/04/2010 - 16:57:20 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Virtual Hid Device Driver.) -- C:\Windows\System32\Drivers\WmVirHid.sys [16200]
O58 - SDL:[MD5.14802B3A30AA849C97CB968CCC813BF3] - 27/04/2010 - 14:03:12 ---A- . (.Logicool Co. Ltd. - Logicool WingMan Translation Driver.) -- C:\Windows\System32\Drivers\WmXlCore.sys [77512]
~ Drivers: 24 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.F45D778122E5EB2258D9C6E9869FB77E] [SPRF][01/04/2016] (...) -- C:\Users\TOMAGANGIE\Desktop\cc_20160401_160354.reg [80230]
[MD5.2F7513EF92949420681BC4442E623C10] [SPRF][17/08/2014] (...) -- C:\Users\TOMAGANGIE\Desktop\chopecrew_v3_33.exe [4287067]
[MD5.A1754A8F6F6A6BF4577970B7F1720F5E] [SPRF][03/05/2016] (...) -- C:\Users\TOMAGANGIE\Desktop\CKScanner.exe [468480]
~ Files: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{23CF99F4-0482-4301-9EF6-27BEF054607D}D:\games\assetto corsa\acs.exe" | In - Public - P6 - TRUE | .(...) -- D:\games\assetto corsa\acs.exe
O87 - FAEL: "UDP Query User{65828C82-2E77-48FD-B943-0BF3C88303EC}D:\games\assetto corsa\acs.exe" | In - Public - P17 - TRUE | .(...) -- D:\games\assetto corsa\acs.exe
O87 - FAEL: "TCP Query User{8C250376-50E2-4352-9783-48AA4B0B6933}D:\games\assetto corsa\acs_x86.exe" | In - Public - P6 - TRUE | .(...) -- D:\games\assetto corsa\acs_x86.exe
O87 - FAEL: "UDP Query User{40615CD8-67CA-463E-9111-79F5B151989F}D:\games\assetto corsa\acs_x86.exe" | In - Public - P17 - TRUE | .(...) -- D:\games\assetto corsa\acs_x86.exe
O87 - FAEL: "TCP Query User{B4436795-03C0-4F75-A1D2-0C38813CC4D4}C:\program files (x86)\sebastian barz\telemetry reader\telemetryreader.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - TelemetryReaderWpf.) -- C:\program files (x86)\sebastian barz\telemetry reader\telemetryreader.exe
O87 - FAEL: "UDP Query User{6299D249-A038-42B8-8DF6-CB2C79E88857}C:\program files (x86)\sebastian barz\telemetry reader\telemetryreader.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - TelemetryReaderWpf.) -- C:\program files (x86)\sebastian barz\telemetry reader\telemetryreader.exe
O87 - FAEL: "WMPNSS-WMP-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" |Out - None - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
O87 - FAEL: "WMP-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe (.not file.) =>.Microsoft Corporation
~ Firewall: 189 Legitimates Filtered in 00mn 00s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "4EA42A62D9304AC4784BF2381208190F" . (.Java 8 Update 91.) -- C:\Program Files (x86)\Java\jre1.8.0_91\\bin\javaws.exe
O90 - PUC: "58B5AED465C63F54EA00EF7D650B3D4B" . (.KLM.) -- C:\Windows\Installer\{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}\ARPPRODUCTICON.exe
O90 - PUC: "9019F70F141D88E4FB5F20606D91495F" . (.SOHLib for PlayMemories Home.) -- C:\Windows\Installer\{F07F9109-D141-4E88-BFF5-0206D61994F5}\ARPPRODUCTICON.exe
O90 - PUC: "C0580BCA63FF8BB478C2859EFCBFA41A" . (.FreePIE.) -- C:\Windows\Installer\{ACB0850C-FF36-4BB8-872C-58E9CFFB4AA1}\icon.ico
~ Update Products: 126 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D4652CD1360C74AF77A1EF6C71277628] [WIS][21/03/2014] (.Native Instruments - Controller Editor Setup.) -- C:\Windows\Installer\197b16.msi [393216]
[MD5.DF6ABED0E53B472238ADCB81B3E20115] [WIS][10/07/2013] (.Native Instruments - Guitar Rig 5 Setup.) -- C:\Windows\Installer\1d61e4.msi [1154048]
[MD5.D0B641734A71C296EF85DC5CE080B538] [WIS][29/03/2016] (.FreePIE - FreePIE.) -- C:\Windows\Installer\247e98.msi [7704576]
[MD5.4F900B3A7217398FA55912E49E86BD37] [WIS][24/01/2014] (.Vir2 - Mojo Horn Section Setup.) -- C:\Windows\Installer\7130f8.msi [276992]
[MD5.6BA227548098C0481F7DB8126D6227B7] [WIS][01/04/2016] (.Buildbot - Hotspot Shield 5.20.20 Embedded.) -- C:\Windows\Installer\824a6.msi [712704]
~ WIS: 130 Legitimates Filtered in 00mn 14s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 13/12/2015 82128 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Disabled 20/04/2016 269504 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 01/07/2015 3755976 | (DevoloNetworkService) . (.devolo AG.) - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
SS - | Disabled 01/03/2016 1444544 | (Disc Soft Lite Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe =>.DT Soft Ltd
SS - | Disabled 04/09/2015 144200 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 04/09/2015 144200 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 10/07/1658 0 | (hshld) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
SS - | Demand 27/09/2011 359192 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SS - | Disabled 11/05/2016 146888 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 27/07/2011 340240 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Disabled 23/01/2014 11936560 | (NIHardwareService) . (.Native Instruments GmbH.) - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
SS - | Disabled 22/09/2014 485400 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SS - | Disabled 10/07/1658 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SS - | Disabled 09/07/2015 327296 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 16/01/2014 495248 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Disabled 03/12/2013 79000 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Disabled 01/12/2011 289952 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SS - | Disabled 04/06/2015 837312 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Disabled 08/03/2016 424384 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SS - | Disabled 11/09/2015 5702416 | (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
SS - | Demand 08/10/2010 150016 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SR - | Auto 31/08/2011 1166848 | (AMPPALR3) . (.Intel Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
SR - | Auto 30/03/2011 923984 | (Bluetooth Device Monitor) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Demand 30/03/2011 1321296 | (Bluetooth Media Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
SR - | Auto 30/03/2011 1001808 | (Bluetooth OBEX Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 03/06/2011 134928 | (BTHSSecurityMgr) . (.Intel(R) Corporation.) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
SR - | Auto 06/09/2011 974944 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
SR - | Auto 27/07/2011 1517328 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 12/01/2011 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 09/11/2012 160768 | (Micro Star SCM) . (.Micro-Star International Co., Ltd..) - C:\Program Files (x86)\S-Bar\MSIService.exe
SR - | Auto 08/03/2016 1264064 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 27/07/2011 844560 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 15s
---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:[MD5.861C5F9A93C03DF0120ED892FC1E4D01] - 02/04/2016 - 19:04:03 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [394296]
~ Emulateurs: Scanned in 00mn 15s
---\\ Scan Additionnel (O88)
Database Version : 13013 - (14/12/2013)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 455076 Items scanned in 00mn 20s
~ 1511 Legitimates filtered by white list
End of the scan (497 lines in 01mn 09s)(0)