Publicité
Publicité
Format du document : text/plain
Prévisualisation
--------------- QuickScript | g3n-h@ckm@n | V3_01.06.17.1 ---------------
----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 05/06/2017 18:33:40
Updated 01/06/2017 | 06.50 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/
Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[Jean-Marie (Administrator)] - [LFSULTRA-WIDEN] (S-1-5-21-1766228302-1366166313-1596766668-1001)
System: Microsoft Windows 10 Famille - - (10.0.15063) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition3
Boot : Normal boot
PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB
Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics
8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009
CoreTemp : ? Celsius
----------| Script
Registry saved : C:\QuickDiag\Save\Registry [05.06.2017 @ 18_33_43]
828 | [Owner : UMFD-1 |Parent : 892(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.15063.138) = C:\Windows\System32\fontdrvhost.exe
788 | [Owner : UMFD-0 |Parent : 776(wininit.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.15063.138) = C:\Windows\System32\fontdrvhost.exe
4488 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation - Windows Security Health Service.) - (4.11.15063.0) = C:\Windows\System32\SecurityHealthService.exe
4564 | [Owner : Système |Parent : 928(services.exe)] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - (5.0.0.1) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
4808 | [Owner : Jean-Marie |Parent : 928(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
8048 | [Owner : Jean-Marie |Parent : 928(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
3080 | [Owner : SERVICE LOCAL |Parent : 6784(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.15063.0) = C:\Windows\System32\dasHost.exe
8160 | [Owner : Jean-Marie |Parent : 1808(svchost.exe)] - (.Microsoft Corporation - Notification d'emplacement.) - (10.0.15063.0) = C:\Windows\System32\LocationNotificationWindows.exe
7924 | [Owner : Jean-Marie |Parent : 928(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
3932 | [Owner : Système |Parent : 928(services.exe)] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - (2.4.40.217) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
2720 | [Owner : Système |Parent : 928(services.exe)] - (.Paramount Software UK Ltd - Macrium Reflect Utility Service.) - (6.3.1745.0) = C:\Program Files\Macrium\Common\MacriumService.exe
10036 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.8067.2115) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
10524 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.15063.0) = C:\Windows\System32\spoolsv.exe
10596 | [Owner : SERVICE LOCAL |Parent : 1448(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de lâinfrastructure de pilotes en mode utilisateur.) - (10.0.15063.0) = C:\Windows\System32\WUDFHost.exe
1860 | [Owner : SERVICE LOCAL |Parent : 1448(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de lâinfrastructure de pilotes en mode utilisateur.) - (10.0.15063.0) = C:\Windows\System32\WUDFHost.exe
5652 | [Owner : Système |Parent : 4564()] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
10380 | [Owner : Système |Parent : 928(services.exe)] - (.SUPERAntiSpyware.com - Core Service.) - (6.0.0.1082) = C:\Program Files\SUPERAntiSpyware\SASCore64.exe
3924 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.15063.0) = C:\Windows\System32\vds.exe
2608 | [Owner : Système |Parent : 928(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.913.2) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
9804 | [Owner : Système |Parent : 928(services.exe)] - (.Safer-Networking Ltd. - Windows Security Center integration..) - (2.3.39.2) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
2540 | [Owner : Système |Parent : 928(services.exe)] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.4.40.77) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
10804 | [Owner : Jean-Marie |Parent : 10740(Taskmgr.exe)] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (8.2.0.708) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
10464 | [Owner : Système |Parent : 928(services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service Pro.) - (8.2.0.708) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
5168 | [Owner : Jean-Marie |Parent : 4748()] - (.Microsoft Corporation - Bloc-notes.) - (10.0.15063.0) = C:\Windows\System32\notepad.exe
3868 | [Owner : Jean-Marie |Parent : 10740(Taskmgr.exe)] - (.OldTimer Tools - .) - (3.1.21.0) = M:\lfs hyper - evolutions of barrow, 100% sécurisé & co... variations\lfs ultra & 100% séc. fina. pt X Shock\cadeaux récompense lfsu100%sf\pack 5 - aide forums dualboot cubuntu & deux pc\OTM.exe
4340 | [Owner : Système |Parent : 3752(svchost.exe)] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) - (10.0.15063.0) = C:\Windows\System32\CompatTelRunner.exe
4672 | [Owner : Système |Parent : 4340(CompatTelRunner.exe)] - (.Microsoft Corporation - Console Window Host.) - (10.0.15063.0) = C:\Windows\System32\conhost.exe
10432 | [Owner : Jean-Marie |Parent : 632(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.15063.0) = C:\Windows\System32\rundll32.exe
1580 | [Owner : Jean-Marie |Parent : 632(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.15063.0) = C:\Windows\System32\rundll32.exe
-------------- | Listing : D:\
D:\\overlays
D:\\bcm2708-rpi-0-w.dtb
D:\\COPYING.linux
D:\\LICENCE.broadcom
D:\\issue.txt
D:\\bcm2708-rpi-b-plus.dtb
D:\\bcm2708-rpi-b.dtb
D:\\bcm2708-rpi-cm.dtb
D:\\bcm2709-rpi-2-b.dtb
D:\\bcm2710-rpi-3-b.dtb
D:\\bcm2710-rpi-cm3.dtb
D:\\bootcode.bin
D:\\cmdline.txt
D:\\config.txt
D:\\fixup.dat
D:\\fixup_cd.dat
D:\\fixup_db.dat
D:\\fixup_x.dat
D:\\kernel.img
D:\\kernel7.img
D:\\start.elf
D:\\start_cd.elf
D:\\start_db.elf
D:\\start_x.elf
D:\\LICENSE.oracle
D:\\System Volume Information
-------------- | Recurse Listing : D:\
D:\overlays
D:\bcm2708-rpi-0-w.dtb
D:\COPYING.linux
D:\LICENCE.broadcom
D:\issue.txt
D:\bcm2708-rpi-b-plus.dtb
D:\bcm2708-rpi-b.dtb
D:\bcm2708-rpi-cm.dtb
D:\bcm2709-rpi-2-b.dtb
D:\bcm2710-rpi-3-b.dtb
D:\bcm2710-rpi-cm3.dtb
D:\bootcode.bin
D:\cmdline.txt
D:\config.txt
D:\fixup.dat
D:\fixup_cd.dat
D:\fixup_db.dat
D:\fixup_x.dat
D:\kernel.img
D:\kernel7.img
D:\start.elf
D:\start_cd.elf
D:\start_db.elf
D:\start_x.elf
D:\LICENSE.oracle
D:\System Volume Information
D:\overlays\akkordion-iqdacplus.dtbo
D:\overlays\README
D:\overlays\adau1977-adc.dtbo
D:\overlays\ads1015.dtbo
D:\overlays\ads7846.dtbo
D:\overlays\bmp085_i2c-sensor.dtbo
D:\overlays\audremap.dtbo
D:\overlays\allo-piano-dac-pcm512x-audio.dtbo
D:\overlays\at86rf233.dtbo
D:\overlays\audioinjector-wm8731-audio.dtbo
D:\overlays\dionaudio-loco.dtbo
D:\overlays\dht11.dtbo
D:\overlays\hifiberry-dacplus.dtbo
D:\overlays\dpi18.dtbo
D:\overlays\dpi24.dtbo
D:\overlays\dwc-otg.dtbo
D:\overlays\dwc2.dtbo
D:\overlays\enc28j60-spi2.dtbo
D:\overlays\enc28j60.dtbo
D:\overlays\gpio-ir.dtbo
D:\overlays\gpio-poweroff.dtbo
D:\overlays\hifiberry-amp.dtbo
D:\overlays\hifiberry-dac.dtbo
D:\overlays\hifiberry-digi-pro.dtbo
D:\overlays\hifiberry-digi.dtbo
D:\overlays\hy28a.dtbo
D:\overlays\hy28b.dtbo
D:\overlays\i2c-gpio.dtbo
D:\overlays\i2c-mux.dtbo
D:\overlays\i2c-pwm-pca9685a.dtbo
D:\overlays\i2c-rtc.dtbo
D:\overlays\i2c-sensor.dtbo
D:\overlays\i2c0-bcm2708.dtbo
D:\overlays\i2c1-bcm2708.dtbo
D:\overlays\i2s-gpio28-31.dtbo
D:\overlays\i2s-mmap.dtbo
D:\overlays\iqaudio-dac.dtbo
D:\overlays\iqaudio-dacplus.dtbo
D:\overlays\iqaudio-digi-wm8804-audio.dtbo
D:\overlays\justboom-dac.dtbo
D:\overlays\justboom-digi.dtbo
D:\overlays\lirc-rpi.dtbo
D:\overlays\mcp23017.dtbo
D:\overlays\mcp23s17.dtbo
D:\overlays\mcp2515-can0.dtbo
D:\overlays\mcp2515-can1.dtbo
D:\overlays\mcp3008.dtbo
D:\overlays\mmc.dtbo
D:\overlays\mz61581.dtbo
D:\overlays\pi3-act-led.dtbo
D:\overlays\pi3-disable-bt.dtbo
D:\overlays\pi3-disable-wifi.dtbo
D:\overlays\pi3-miniuart-bt.dtbo
D:\overlays\piscreen.dtbo
D:\overlays\piscreen2r.dtbo
D:\overlays\pisound.dtbo
D:\overlays\pitft22.dtbo
D:\overlays\pitft28-capacitive.dtbo
D:\overlays\pitft28-resistive.dtbo
D:\overlays\pitft35-resistive.dtbo
D:\overlays\pps-gpio.dtbo
D:\overlays\pwm-2chan.dtbo
D:\overlays\pwm.dtbo
D:\overlays\qca7000.dtbo
D:\overlays\raspidac3.dtbo
D:\overlays\rpi-backlight.dtbo
D:\overlays\rpi-dac.dtbo
D:\overlays\rpi-display.dtbo
D:\overlays\rpi-ft5406.dtbo
D:\overlays\rpi-proto.dtbo
D:\overlays\rpi-sense.dtbo
D:\overlays\rra-digidac1-wm8741-audio.dtbo
D:\overlays\sc16is750-i2c.dtbo
D:\overlays\sc16is752-spi1.dtbo
D:\overlays\sdhost.dtbo
D:\overlays\sdio-1bit.dtbo
D:\overlays\sdio.dtbo
D:\overlays\sdtweak.dtbo
D:\overlays\smi-dev.dtbo
D:\overlays\smi-nand.dtbo
D:\overlays\smi.dtbo
D:\overlays\spi-gpio35-39.dtbo
D:\overlays\spi-rtc.dtbo
D:\overlays\spi0-cs.dtbo
D:\overlays\spi0-hw-cs.dtbo
D:\overlays\spi1-1cs.dtbo
D:\overlays\spi1-2cs.dtbo
D:\overlays\spi1-3cs.dtbo
D:\overlays\spi2-1cs.dtbo
D:\overlays\spi2-2cs.dtbo
D:\overlays\spi2-3cs.dtbo
D:\overlays\tinylcd35.dtbo
D:\overlays\uart1.dtbo
D:\overlays\vc4-fkms-v3d.dtbo
D:\overlays\vc4-kms-v3d.dtbo
D:\overlays\vga666.dtbo
D:\overlays\w1-gpio-pullup.dtbo
D:\overlays\w1-gpio.dtbo
D:\overlays\wittypi.dtbo
D:\System Volume Information\WPSettings.dat
C:\Program Files (x86)\Limewire Not Found !
C:\Program Files (x86)\Smart Privacy Cleaner Not Found !
C:\Program Files\RFA 11 Not Found !
C:\Program Files\Vuze Not Found !
C:\ProgramFiles\RFA 11 Not Found !
C:\ProgramFiles\Vuze Not Found !
C:\Programmes\RFA 11 Not Found !
C:\Programmes\Vuze Not Found !
C:\Users\Jean-Marie\Documents\Limewire Not Found !
C:\Users\Jean-Marie\Documents\Vuze Downloads Not Found !
-------------- | IP Trace All
Connexions actives
Proto Adresse locale Adresse distante tat
TCP 192.168.1.12:9591 fe-self005:https ESTABLISHED
[avgsvca.exe]
TCP 192.168.1.12:9630 db5sch101100835:https ESTABLISHED
WpnService
[svchost.exe]
TCP 192.168.1.12:11833 lon15:http ESTABLISHED
[avgsvc.exe]
TCP 192.168.1.12:11844 lon13:http ESTABLISHED
[avastsvc.exe]
TCP 192.168.1.12:11916 a305he:http CLOSE_WAIT
[avgsvca.exe]
TCP 192.168.1.12:12033 r-147-58-45-5:http CLOSE_WAIT
[avgsvc.exe]
TCP 192.168.1.12:12072 r-148-58-45-5:http CLOSE_WAIT
[avastsvc.exe]
TCP 192.168.1.12:12368 192.35.177.195:http TIME_WAIT
TCP 192.168.1.12:12369 a84-53-132-72:http TIME_WAIT
TCP 192.168.1.12:12383 2.18.175.142:http TIME_WAIT
TCP 192.168.1.12:12386 23.101.30.126:https ESTABLISHED
[OfficeClickToRun.exe]
-------------- | FileSearch : registry first aid
----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 05/06/2017 18:33:40
Updated 01/06/2017 | 06.50 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/
Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[Jean-Marie (Administrator)] - [LFSULTRA-WIDEN] (S-1-5-21-1766228302-1366166313-1596766668-1001)
System: Microsoft Windows 10 Famille - - (10.0.15063) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition3
Boot : Normal boot
PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB
Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics
8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009
CoreTemp : ? Celsius
----------| Script
Registry saved : C:\QuickDiag\Save\Registry [05.06.2017 @ 18_33_43]
828 | [Owner : UMFD-1 |Parent : 892(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.15063.138) = C:\Windows\System32\fontdrvhost.exe
788 | [Owner : UMFD-0 |Parent : 776(wininit.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.15063.138) = C:\Windows\System32\fontdrvhost.exe
4488 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation - Windows Security Health Service.) - (4.11.15063.0) = C:\Windows\System32\SecurityHealthService.exe
4564 | [Owner : Système |Parent : 928(services.exe)] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - (5.0.0.1) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
4808 | [Owner : Jean-Marie |Parent : 928(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
8048 | [Owner : Jean-Marie |Parent : 928(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
3080 | [Owner : SERVICE LOCAL |Parent : 6784(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.15063.0) = C:\Windows\System32\dasHost.exe
8160 | [Owner : Jean-Marie |Parent : 1808(svchost.exe)] - (.Microsoft Corporation - Notification d'emplacement.) - (10.0.15063.0) = C:\Windows\System32\LocationNotificationWindows.exe
7924 | [Owner : Jean-Marie |Parent : 928(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
3932 | [Owner : Système |Parent : 928(services.exe)] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - (2.4.40.217) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
2720 | [Owner : Système |Parent : 928(services.exe)] - (.Paramount Software UK Ltd - Macrium Reflect Utility Service.) - (6.3.1745.0) = C:\Program Files\Macrium\Common\MacriumService.exe
10036 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.8067.2115) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
10524 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.15063.0) = C:\Windows\System32\spoolsv.exe
10596 | [Owner : SERVICE LOCAL |Parent : 1448(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de lâinfrastructure de pilotes en mode utilisateur.) - (10.0.15063.0) = C:\Windows\System32\WUDFHost.exe
1860 | [Owner : SERVICE LOCAL |Parent : 1448(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de lâinfrastructure de pilotes en mode utilisateur.) - (10.0.15063.0) = C:\Windows\System32\WUDFHost.exe
5652 | [Owner : Système |Parent : 4564()] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
10380 | [Owner : Système |Parent : 928(services.exe)] - (.SUPERAntiSpyware.com - Core Service.) - (6.0.0.1082) = C:\Program Files\SUPERAntiSpyware\SASCore64.exe
3924 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.15063.0) = C:\Windows\System32\vds.exe
2608 | [Owner : Système |Parent : 928(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.913.2) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
9804 | [Owner : Système |Parent : 928(services.exe)] - (.Safer-Networking Ltd. - Windows Security Center integration..) - (2.3.39.2) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
2540 | [Owner : Système |Parent : 928(services.exe)] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.4.40.77) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
10804 | [Owner : Jean-Marie |Parent : 10740(Taskmgr.exe)] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (8.2.0.708) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
10464 | [Owner : Système |Parent : 928(services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service Pro.) - (8.2.0.708) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
5168 | [Owner : Jean-Marie |Parent : 4748()] - (.Microsoft Corporation - Bloc-notes.) - (10.0.15063.0) = C:\Windows\System32\notepad.exe
3868 | [Owner : Jean-Marie |Parent : 10740(Taskmgr.exe)] - (.OldTimer Tools - .) - (3.1.21.0) = M:\lfs hyper - evolutions of barrow, 100% sécurisé & co... variations\lfs ultra & 100% séc. fina. pt X Shock\cadeaux récompense lfsu100%sf\pack 5 - aide forums dualboot cubuntu & deux pc\OTM.exe
4340 | [Owner : Système |Parent : 3752(svchost.exe)] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) - (10.0.15063.0) = C:\Windows\System32\CompatTelRunner.exe
4672 | [Owner : Système |Parent : 4340(CompatTelRunner.exe)] - (.Microsoft Corporation - Console Window Host.) - (10.0.15063.0) = C:\Windows\System32\conhost.exe
10432 | [Owner : Jean-Marie |Parent : 632(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.15063.0) = C:\Windows\System32\rundll32.exe
1580 | [Owner : Jean-Marie |Parent : 632(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.15063.0) = C:\Windows\System32\rundll32.exe
-------------- | Listing : D:\
D:\\overlays
D:\\bcm2708-rpi-0-w.dtb
D:\\COPYING.linux
D:\\LICENCE.broadcom
D:\\issue.txt
D:\\bcm2708-rpi-b-plus.dtb
D:\\bcm2708-rpi-b.dtb
D:\\bcm2708-rpi-cm.dtb
D:\\bcm2709-rpi-2-b.dtb
D:\\bcm2710-rpi-3-b.dtb
D:\\bcm2710-rpi-cm3.dtb
D:\\bootcode.bin
D:\\cmdline.txt
D:\\config.txt
D:\\fixup.dat
D:\\fixup_cd.dat
D:\\fixup_db.dat
D:\\fixup_x.dat
D:\\kernel.img
D:\\kernel7.img
D:\\start.elf
D:\\start_cd.elf
D:\\start_db.elf
D:\\start_x.elf
D:\\LICENSE.oracle
D:\\System Volume Information
-------------- | Recurse Listing : D:\
D:\overlays
D:\bcm2708-rpi-0-w.dtb
D:\COPYING.linux
D:\LICENCE.broadcom
D:\issue.txt
D:\bcm2708-rpi-b-plus.dtb
D:\bcm2708-rpi-b.dtb
D:\bcm2708-rpi-cm.dtb
D:\bcm2709-rpi-2-b.dtb
D:\bcm2710-rpi-3-b.dtb
D:\bcm2710-rpi-cm3.dtb
D:\bootcode.bin
D:\cmdline.txt
D:\config.txt
D:\fixup.dat
D:\fixup_cd.dat
D:\fixup_db.dat
D:\fixup_x.dat
D:\kernel.img
D:\kernel7.img
D:\start.elf
D:\start_cd.elf
D:\start_db.elf
D:\start_x.elf
D:\LICENSE.oracle
D:\System Volume Information
D:\overlays\akkordion-iqdacplus.dtbo
D:\overlays\README
D:\overlays\adau1977-adc.dtbo
D:\overlays\ads1015.dtbo
D:\overlays\ads7846.dtbo
D:\overlays\bmp085_i2c-sensor.dtbo
D:\overlays\audremap.dtbo
D:\overlays\allo-piano-dac-pcm512x-audio.dtbo
D:\overlays\at86rf233.dtbo
D:\overlays\audioinjector-wm8731-audio.dtbo
D:\overlays\dionaudio-loco.dtbo
D:\overlays\dht11.dtbo
D:\overlays\hifiberry-dacplus.dtbo
D:\overlays\dpi18.dtbo
D:\overlays\dpi24.dtbo
D:\overlays\dwc-otg.dtbo
D:\overlays\dwc2.dtbo
D:\overlays\enc28j60-spi2.dtbo
D:\overlays\enc28j60.dtbo
D:\overlays\gpio-ir.dtbo
D:\overlays\gpio-poweroff.dtbo
D:\overlays\hifiberry-amp.dtbo
D:\overlays\hifiberry-dac.dtbo
D:\overlays\hifiberry-digi-pro.dtbo
D:\overlays\hifiberry-digi.dtbo
D:\overlays\hy28a.dtbo
D:\overlays\hy28b.dtbo
D:\overlays\i2c-gpio.dtbo
D:\overlays\i2c-mux.dtbo
D:\overlays\i2c-pwm-pca9685a.dtbo
D:\overlays\i2c-rtc.dtbo
D:\overlays\i2c-sensor.dtbo
D:\overlays\i2c0-bcm2708.dtbo
D:\overlays\i2c1-bcm2708.dtbo
D:\overlays\i2s-gpio28-31.dtbo
D:\overlays\i2s-mmap.dtbo
D:\overlays\iqaudio-dac.dtbo
D:\overlays\iqaudio-dacplus.dtbo
D:\overlays\iqaudio-digi-wm8804-audio.dtbo
D:\overlays\justboom-dac.dtbo
D:\overlays\justboom-digi.dtbo
D:\overlays\lirc-rpi.dtbo
D:\overlays\mcp23017.dtbo
D:\overlays\mcp23s17.dtbo
D:\overlays\mcp2515-can0.dtbo
D:\overlays\mcp2515-can1.dtbo
D:\overlays\mcp3008.dtbo
D:\overlays\mmc.dtbo
D:\overlays\mz61581.dtbo
D:\overlays\pi3-act-led.dtbo
D:\overlays\pi3-disable-bt.dtbo
D:\overlays\pi3-disable-wifi.dtbo
D:\overlays\pi3-miniuart-bt.dtbo
D:\overlays\piscreen.dtbo
D:\overlays\piscreen2r.dtbo
D:\overlays\pisound.dtbo
D:\overlays\pitft22.dtbo
D:\overlays\pitft28-capacitive.dtbo
D:\overlays\pitft28-resistive.dtbo
D:\overlays\pitft35-resistive.dtbo
D:\overlays\pps-gpio.dtbo
D:\overlays\pwm-2chan.dtbo
D:\overlays\pwm.dtbo
D:\overlays\qca7000.dtbo
D:\overlays\raspidac3.dtbo
D:\overlays\rpi-backlight.dtbo
D:\overlays\rpi-dac.dtbo
D:\overlays\rpi-display.dtbo
D:\overlays\rpi-ft5406.dtbo
D:\overlays\rpi-proto.dtbo
D:\overlays\rpi-sense.dtbo
D:\overlays\rra-digidac1-wm8741-audio.dtbo
D:\overlays\sc16is750-i2c.dtbo
D:\overlays\sc16is752-spi1.dtbo
D:\overlays\sdhost.dtbo
D:\overlays\sdio-1bit.dtbo
D:\overlays\sdio.dtbo
D:\overlays\sdtweak.dtbo
D:\overlays\smi-dev.dtbo
D:\overlays\smi-nand.dtbo
D:\overlays\smi.dtbo
D:\overlays\spi-gpio35-39.dtbo
D:\overlays\spi-rtc.dtbo
D:\overlays\spi0-cs.dtbo
D:\overlays\spi0-hw-cs.dtbo
D:\overlays\spi1-1cs.dtbo
D:\overlays\spi1-2cs.dtbo
D:\overlays\spi1-3cs.dtbo
D:\overlays\spi2-1cs.dtbo
D:\overlays\spi2-2cs.dtbo
D:\overlays\spi2-3cs.dtbo
D:\overlays\tinylcd35.dtbo
D:\overlays\uart1.dtbo
D:\overlays\vc4-fkms-v3d.dtbo
D:\overlays\vc4-kms-v3d.dtbo
D:\overlays\vga666.dtbo
D:\overlays\w1-gpio-pullup.dtbo
D:\overlays\w1-gpio.dtbo
D:\overlays\wittypi.dtbo
D:\System Volume Information\WPSettings.dat
C:\Program Files (x86)\Limewire Not Found !
C:\Program Files (x86)\Smart Privacy Cleaner Not Found !
C:\Program Files\RFA 11 Not Found !
C:\Program Files\Vuze Not Found !
C:\ProgramFiles\RFA 11 Not Found !
C:\ProgramFiles\Vuze Not Found !
C:\Programmes\RFA 11 Not Found !
C:\Programmes\Vuze Not Found !
C:\Users\Jean-Marie\Documents\Limewire Not Found !
C:\Users\Jean-Marie\Documents\Vuze Downloads Not Found !
-------------- | IP Trace All
Connexions actives
Proto Adresse locale Adresse distante tat
TCP 192.168.1.12:9591 fe-self005:https ESTABLISHED
[avgsvca.exe]
TCP 192.168.1.12:9630 db5sch101100835:https ESTABLISHED
WpnService
[svchost.exe]
TCP 192.168.1.12:11833 lon15:http ESTABLISHED
[avgsvc.exe]
TCP 192.168.1.12:11844 lon13:http ESTABLISHED
[avastsvc.exe]
TCP 192.168.1.12:11916 a305he:http CLOSE_WAIT
[avgsvca.exe]
TCP 192.168.1.12:12033 r-147-58-45-5:http CLOSE_WAIT
[avgsvc.exe]
TCP 192.168.1.12:12072 r-148-58-45-5:http CLOSE_WAIT
[avastsvc.exe]
TCP 192.168.1.12:12368 192.35.177.195:http TIME_WAIT
TCP 192.168.1.12:12369 a84-53-132-72:http TIME_WAIT
TCP 192.168.1.12:12383 2.18.175.142:http TIME_WAIT
TCP 192.168.1.12:12386 23.101.30.126:https ESTABLISHED
[OfficeClickToRun.exe]
-------------- | FileSearch : registry first aid