¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | V7_13.07.17.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 10:06:31 07/15/2017 Updated 13/07/2017 | 18.30 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Pre_scan Feedbacks : http://www.sosvirus.net/feedback-t74962.html [mola (Administrator)] - [PC-SALON] SID = S-1-5-21-2850896534-3775182964-4151817595-1000 Boot: Normal boot System : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1 ProcessorNameString : AMD Athlon(tm) II X2 250 Processor Identifier : AMD64 Family 16 Model 6 Stepping 2 CoreTemp : -1 Celsius - Max : Celsius Memory RAM = Total (MB) : 4194 | Free (MB) : 3124 Pagefile = Total (MB) : 8385 | Free (MB) : 7286 Virtual = Total (MB) : 4194 | Free (MB) : 4017 ¤¤¤¤¤¤¤¤¤¤ # Components of starting up ¤¤¤¤¤¤¤¤¤¤¤ # Drives G:\ -> [Fixed] | [Réservé au système] | Total : 0.1 Go | Free : 0.06 Go -> NTFS [ATA] E:\ -> [Fixed] | [Disque local] | Total : 221.61 Go | Free : 221.1 Go -> NTFS [ATA] D:\ -> [Fixed] | [] | Total : 244.14 Go | Free : 107.64 Go -> NTFS [ATA] C:\ -> [Fixed] | [] | Total : 465.66 Go | Free : 314.57 Go -> NTFS [ATA] ¤¤¤¤¤¤¤¤¤¤ # Windows updates Last detection : 2017-07-14 11:49:13 Downloaded last ones : 2017-07-14 11:50:22 Installed last ones : 2017-07-14 12:05:11 Next search : 2017-07-15 08:59:06 Windows Is Activated ¤¤¤¤¤¤¤¤¤¤ # Sessions C:\Windows\system32\config\systemprofile C:\Windows\ServiceProfiles\LocalService C:\Windows\ServiceProfiles\NetworkService C:\Users\mola C:\Users\UpdatusUser Registry saved , to restore : Shortcut on the desktop 'Pre_Scan_Restore' Restore the register (C:\Pre_Scan\Save\Registry [15.07.2017 @ 10_05_03]) To restore File or Folder : Shortcut on the desktop 'Pre_Scan_Restore' , select 'restore File - Folder' , select an Item and click on Restore ¤¤¤¤¤¤¤¤¤¤ # Browsers IE : 11.0.9600.18739 (© Microsoft Corporation. Tous droits réservés.) GC : 59.0.3071.115 (Copyright 2016 Google Inc. All rights reserved.) ¤¤¤¤¤¤¤¤¤¤ # FlashPlayer ActiveX : 26.0.0.137 ���������� # Security AV : Malwarebytes Disabled AS : Windows Defender Disabled FW : Bitdefender Pare-feu Disabled WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Manual(3)] = stopped FW: Windows FireWall Service [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ # Stopped processes 812 | [Owner : |Parent : 572] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe 976 | [Owner : |Parent : 812] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe 1364 | [Owner : |Parent : 572] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe 1528 | [Owner : Système |Parent : 572] - (.Apple Inc. - MobileDeviceService.) - (17.364.0.84) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1608 | [Owner : mola |Parent : 572] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe 1996 | [Owner : mola |Parent : 1952] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23537) = C:\Windows\explorer.exe 1900 | [Owner : Système |Parent : 572] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe 1888 | [Owner : Système |Parent : 572] - (.Dropbox, Inc. - Dropbox Service.) - (1.0.23.0) = C:\Windows\System32\DbxSvc.exe 2084 | [Owner : Système |Parent : 572] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2412 | [Owner : Système |Parent : 2084] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4311.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 2788 | [Owner : mola |Parent : 1996] - (.Apple Inc. - iTunesHelper.) - (12.4.1.6) = C:\Program Files\iTunes\iTunesHelper.exe 2880 | [Owner : Système |Parent : 572] - (.Apple Inc. - iPodService Module (64-bit).) - (12.4.1.6) = C:\Program Files\iPod\bin\iPodService.exe 2400 | [Owner : mola |Parent : 1996] - (.Spotify Ltd - SpotifyWebHelper.) - (1.0.20.94) = C:\Users\mola\AppData\Roaming\Spotify\SpotifyWebHelper.exe 3320 | [Owner : mola |Parent : 1996] - (.Apple Inc. - iCloud Services.) - (45.0.0.20) = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe 3444 | [Owner : Système |Parent : 572] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.23861) = C:\Windows\System32\SearchIndexer.exe 3500 | [Owner : mola |Parent : 3424] - (.Piriform Ltd - CCleaner.) - (5.32.0.6129) = C:\Program Files\CCleaner\CCleaner64.exe 3608 | [Owner : mola |Parent : 976] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.8205) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 3648 | [Owner : mola |Parent : 3608] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.0.12.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 3688 | [Owner : Système |Parent : 572] - (.Sony Corporation - Sony Digital Media Server.) - (3.3.4.1170) = C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe 3988 | [Owner : SERVICE RÉSEAU |Parent : 572] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 4236 | [Owner : Système |Parent : 572] - (.Sony Corporation - VAIO Entertainment Common Service.) - (1.3.0.9090) = C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe 4804 | [Owner : Système |Parent : 572] - (.Microsoft Corporation - .NET Runtime Optimization Service.) - (4.7.2053.0) = C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 4860 | [Owner : Système |Parent : 572] - (.Microsoft Corporation - .NET Runtime Optimization Service.) - (4.7.2053.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 5584 | [Owner : Système |Parent : 448] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe 2528 | [Owner : Système |Parent : 572] - (.Microsoft Corporation - Windows CardSpace.) - (3.0.4506.5464) = C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe ¤¤¤¤¤¤¤¤¤¤ # Winlogon user ¤¤¤¤¤¤¤¤¤¤ # Winlogon machine Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]~[userinit] : userinit.exe, -> C:\Windows\SYSWOW64\userinit.exe, ¤¤¤¤¤¤¤¤¤¤ # SafeBoot Safeboot Keys are O.K Alternate shell is OK ! � Safeboot Minimal Subkeys : O.K ! � Safeboot Network Subkeys : O.K ! ¤¤¤¤¤¤¤¤¤¤ # IFEO ¤¤¤¤¤¤¤¤¤¤ # Mountpoints2 ¤¤¤¤¤¤¤¤¤¤ # Windows [HKLM64\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM64\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]~[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon ¤¤¤¤¤¤¤¤¤¤ # Security center Repaired : [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}]~[Autostart] : -> C:\Windows\System32\ActionCenter.dll Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]~[EnableFirewall] : 0 -> 1 Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[EnableFirewall] : 0 -> 1 ¤¤¤¤¤¤¤¤¤¤ # Services Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Compbatt]~[Start] : 3 -> 0 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\srService]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Parvdm]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NVSvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NIHardwareService]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Iphlpsvc]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\IAStorDataMgrsvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\agp440]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\ERSvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Bits]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\EapHost]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Wlansvc]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\windefend]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\wudfsvc]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\WerSvc]~[Start] : 3 -> 2 ¤¤¤¤¤¤¤¤¤¤ # Internet Explorer Deleted : [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings]~[Proxyserver] : http=127.0.0.1:53151;https=127.0.0.1:53151 Repaired : [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings]~[ProxyEnable] : 1 -> 0 ¤¤¤¤¤¤¤¤¤¤ # reparsepoint