ptitpom31
-
Compteur de contenus
3 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par ptitpom31
-
Besoin d'aide pour analyser un rapport HijackThis
ptitpom31 a répondu à un(e) sujet de ptitpom31 dans Analyses et éradication malwares
voici le rapport de zhpfix : Rapport de ZHPFix 1.2.07 par Nicolas Coolman, Update du 20/07/2012 Fichier d'export Registre : Run by Sara at 21/07/2012 13:47:05 Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Clé(s) du Registre ========== SUPPRIME Key: CLSID Extra Buttons: {7815BE26-237D-41A8-A98F-F7BD75F71086} SUPPRIME Key*: HKCU\Software\AppDataLow\Software\Smartbar ========== Valeur(s) du Registre ========== SUPPRIME RunValue: Wireless Console 3 SUPPRIME {36F49702-E7F4-46BF-B47C-F952D6807139} SUPPRIME {E46FF98D-BB97-48E0-8602-9FD2198D7905} SUPPRIME {E8E235E5-9ACA-477B-9CAC-A27893086648} SUPPRIME {2A9177EA-2550-4A7D-B9D1-FA516CF13E3A} ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : SUPPRIME FirewallRaz (Private) : TCP Query User{07EC3123-DC52-42FA-9F23-20F2866ACD83}E:\francais\edimax\installer\firsttimeinstaller.exe SUPPRIME FirewallRaz (Private) : UDP Query User{C53838D4-E7A1-49FB-879B-5C4F3E49FB8F}E:\francais\edimax\installer\firsttimeinstaller.exe ProxyFix : Configuration proxy supprimée avec succès SUPPRIME ProxyServer Value SUPPRIME ProxyEnable Value SUPPRIME EnableHttp1_1 Value SUPPRIME ProxyHttp1.1 Value SUPPRIME ProxyOverride Value ========== Dossier(s) ========== SUPPRIME Folder: C:\ProgramData\Trymedia SUPPRIME Folder: C:\ProgramData\Partner SUPPRIME Folder: C:\Users\Sara\AppData\Local\{044F991E-F1AA-4A08-9AB3-CF1AAB846BA4} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{052B6BE3-23F7-4AB8-8821-3C5D279FD5E1} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{055E6F19-CD4F-4772-8503-AF319FA8D94C} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{0675A43A-5B6E-4957-8F11-1EA930689160} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{07C2DCDE-5D17-4B2B-B33C-E6F50B2C1776} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{07D52C7C-2A00-4454-B73C-7C5F16F252DC} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{0B41A3DC-EFE8-4440-B24F-AC170D04815A} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{0D7C7DE1-4040-4A74-A327-13BFAD4FB61E} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{126DC760-D6D1-480E-BD79-35ED80F1C786} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{129E7983-2B7D-4260-AB74-B5A9EB1B17C5} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{12C11EFF-DAAC-4C62-9921-1BB31EFAD297} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{168EF483-F151-4CFF-99DB-4B8A327C7CC1} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{1BFE334C-F75C-4474-9092-B42F2404EBA4} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{23AF9AA0-ED81-41A1-845F-3CC77DC86844} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{23B16405-7FCF-457F-BE19-1AB0ED9D1726} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{277DA33A-717D-4CF7-9423-410B41D3C996} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{296358E3-0347-4020-88BC-9083E2E2014D} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{29CB3AD8-190A-46CE-B1FE-99DF7F69183C} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{2B8FF0D0-495B-4293-97AC-4F56BBD33998} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{3152DF58-510A-4DC0-9C01-83FFE871A6B8} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{31552149-DBB7-4407-A125-48AE0D9C5226} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{3279F8D2-90DB-48C3-8A95-9AB07CF299D4} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{391DDE00-4FA6-4ACF-9F85-9D24FCCE76F0} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{3C33DE88-1243-447E-95E5-3807ADBEF729} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{3FA9E025-2614-405D-841C-69C639176639} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{418200D4-5888-4D8E-8A16-7F1CECCE87D0} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{447BCA55-82D9-496D-9704-4249919AB443} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{44A19992-F4E6-4184-AF26-6F512C3AFD23} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{48F6A6EC-580C-4CE7-9725-210E0EC2CC00} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{4EB233A1-7FB9-4291-9E86-109B125BC425} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{5537C35E-8B80-428C-8B94-A16F6F55D56A} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{55EFFF76-607D-47A2-BD8D-9E3C8D90F4EE} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{5BC99CC3-4863-4990-99EC-86AF31CAFC24} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{5CB1DD6E-CADF-4D6E-9A9C-24D89C51D01F} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{5D75D045-3874-43BA-A997-3B13F0E8C7B4} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{5D8112C1-10F8-43C9-B7EE-BDEBFD18ADBF} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{64F0CA9F-C301-4C71-BCDF-D3211B099116} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{669E3351-8BE1-4CF2-8334-0D44E237312E} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{6D278309-8D6D-4FFA-8866-E818A9BB87BC} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{6D599DC8-9299-4922-A90E-7EF0540C592A} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{6DDED69E-A605-4749-889F-CD71AEBB4A83} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{70149A4C-D638-4B7A-8586-6829E5821E78} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{74362ECB-CD92-447E-B5F3-D2F8BBDC25B8} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{77494D19-21FF-4039-88A9-BCB47A73D830} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{775BF88A-E76D-4AA7-9391-7A11CE1B7218} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{77697D21-DD92-433F-BD84-70ADC22F5BA9} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{782105A3-81E8-4D39-B96E-2E3C15AC0BE0} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{7C5D8F9A-9C9F-4938-8033-4D3C0F1F58CA} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{7F8A210F-32E8-4354-9873-12D6CA6FEB03} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{84EA5FCD-7830-4EC6-872B-9B55CC75AC47} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{87E5800B-846A-44D7-BE50-7282F83EED15} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{89956125-388D-4620-A478-E7B07F3098AB} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{A36D5C26-4AF5-4FC5-99B2-A41F237F285B} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{AA3014E9-34AF-4D07-95CD-ECB54C7981E0} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{AB38D4B6-D8E3-4207-9D21-26C4FF331B74} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{ACF57F6C-BAD4-48A6-89E5-F022E6D00F4D} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{AF354D1A-6C5E-49EC-8E02-2A4694D19577} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{AFB00A6F-D9C7-438D-8FAB-1AF12B6261B6} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{B065494B-D3E1-43F0-A50E-6D94C8D1AB89} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{B1DB07E6-F9EC-43F3-AE12-DCBE3953A40C} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{B5384E51-6925-430E-8262-579472B4E336} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{BE12FD73-F9C1-433D-A187-603A217A6B43} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{BE908271-3064-4FBC-9CF5-E0B9BBFF5C8F} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{C01FADB2-C9F7-435E-A3B6-94F2CDB53885} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{C69F8302-83CD-4CA8-A02C-32007D1AE825} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{C97ACE17-ED58-40CA-AB2D-0333B3F77498} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{CF6BD265-257F-483E-A646-DF5A229D463E} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{D85F2B3E-332E-48E0-ADF6-34611B83BDDC} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{D988B34F-EDB9-4D5D-A603-5E77F52F2DCD} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{DB92CFE7-A521-436D-BDF8-1CD5F79D8E4B} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{DEB4B774-C4E0-4DDD-B82C-3C8322229DD2} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{DF74771F-A66E-4B7A-9543-A279B8EAA21D} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{E4927DB4-44EF-4B5E-92E6-3D89E12274FE} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{E62444A3-93B7-4C29-8C5F-CE3FC321F5CC} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{E6249D19-DCC5-4E1D-96A6-ADADC2DBC3DF} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{E92DF3C6-0B1C-4FF3-A495-545398D24DBC} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{E9D9374B-DF2F-454F-BA0E-546AAE71CE51} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{EAA235D8-6AED-43DA-A69A-01B645AAF213} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{EFA52B53-A942-43A7-A0C0-BC1329885E86} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{F21D08DC-3C67-465C-B947-489FEA3AA9AE} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{F2D802BF-FEA5-4D8B-98D4-90CDBC0352A1} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{F650DCE6-E456-4E5B-A5A9-C40060D60CB9} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{F75AF86B-AF92-48D8-92DF-B06D75EDFA24} SUPPRIME Folder: C:\Users\Sara\AppData\Local\{F94E1A88-D4B1-4161-B0CF-25FC0169B920} SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Fichier(s) ========== ABSENT Folder/File: c:\programdata\trymedia SUPPRIME File: c:\users\updatususer\desktop\family restaurant.lnk ABSENT File: c:\program files (x86)\family restaurant\family restaurant.exe SUPPRIME Reboot c:\program files (x86)\asus\wireless console 3\wcourier.exe SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Tache planifiée ========== SUPPRIME Task: {F279875A-1D07-464D-BFF1-DA148F029E1C} ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 2 : Clé(s) du Registre 15 : Valeur(s) du Registre 88 : Dossier(s) 6 : Fichier(s) 1 : Tache planifiée 1 : Restauration Système End of clean in 01mn 16s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 21/07/2012 13:47:05 [9468] -
Besoin d'aide pour analyser un rapport HijackThis
ptitpom31 a répondu à un(e) sujet de ptitpom31 dans Analyses et éradication malwares
ok merci. Voici le rapport zhpdiag : Lien CJoint.com BGvnEoPp4xU -
Besoin d'aide pour analyser un rapport HijackThis
ptitpom31 a posté un sujet dans Analyses et éradication malwares
Bonjour, Depuis quelques jours mon pc me fait des choses assez étranges qui me laissent penser qu'il y a un intrus quelque part, bien planqué. Etant une novice du hijack je ne voudrais pas faire une mauvaise manip. Je vais donc poster un log ci-dessous. Attention ça fait peur ! Merci d'avance. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:16:04, on 21/07/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\syncables\syncables desktop\syncables.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\MFP Server\App\Common\MFPAgent.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\hijack\HijackThis.exe C:\Windows\SysWOW64\NOTEPAD.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [GDI Manager] "C:\Program Files (x86)\MFP Server\App\Common\MFPAgent.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE /FU "C:\Windows\TEMP\E_SD026.tmp" /EF "HKCU" O4 - HKCU\..\Run: [EPSON Stylus SX400 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE /FU "C:\Windows\TEMP\E_S1724.tmp" /EF "HKCU" O4 - HKCU\..\Run: [syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1813321424-2001923142-1644712101-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1813321424-2001923142-1644712101-1000\..\Run: [EPSON Stylus SX400 Series (Copie 1)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE /FU "C:\Windows\TEMP\E_S1724.tmp" /EF "HKCU" (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1813321424-2001923142-1644712101-1000\..\Run: [syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1813321424-2001923142-1644712101-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Système') O4 - HKUS\.DEFAULT\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user') O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: Service de la passerelle de la couche Application (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Programme d’installation ActiveX (AxInstSV) (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de chiffrement de lecteur BitLocker (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Propagation du certificat (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de stratégie de diagnostic (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Service de réception Windows Media Center (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: Service de planification Windows Media Center (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Hôte du fournisseur de découverte de fonctions (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Publication des ressources de découverte de fonctions (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Accès du périphérique d'interface utilisateur (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestion des clés et des certificats d’intégrité (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Énumérateur de bus IP PnP-X (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Mappage de découverte de topologie de la couche de liaison (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Assistance NetBIOS sur TCP/IP (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Service Initiateur iSCSI de Microsoft (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: Agent de protection d’accès réseau (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Netlogon - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Gestionnaire d’identité réseau homologue (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Groupement de mise en réseau de pairs (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’Assistant Compatibilité des programmes (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de publication des noms d’ordinateurs PNRP (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Protocole PNRP (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Expérience audio-vidéo haute qualité Windows (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Registre à distance (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Localisateur d’appels de procédure distante (RPC) (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Stratégie de retrait de la carte à puce (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Partage de connexion Internet (ICS) (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Interruption SNMP (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Panneau de saisie Tablet PC (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Services de base de module de plateforme sécurisée (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: Détection de services interactifs (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Gestionnaire d’informations d’identification (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: Service de biométrie Windows (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Windows Connect Now - Registre de configuration (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Système de couleurs Windows (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service hôte WDIServiceHost (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Hôte système de diagnostics (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: WebClient - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de rapport d’erreurs Windows (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Gestion à distance de Windows (Gestion WSM) (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Service Énumérateur d’appareil mobile (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service de configuration automatique WWAN (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 23648 bytes