Rapport de ZHPDiag v2013.4.10.58 par Nicolas Coolman, Update du 10/04/2013 Run by Danoulh at 11/04/2013 18:08:14 State : Version à jour. High Elevated Privileges : OK UAC : Activate by user ---\\ Web Browser MSIE: Internet Explorer v10.0.9200.16521 MFIE: Mozilla Firefox v3.6.14 (fr) (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : HYRR2 ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Protection Malwarebytes Anti-Malware v1.75.0.1300 v1.75.0.1300 COMODO Internet Security v5.12.59641.2599 Spybot - Search & Destroy v2.0.12 SUPERAntiSpyware v5.0.1146 Ad-Aware Antivirus v10.5.1.4369 ---\\ Software Update Adobe Flash Player 11 Plugin Windows Defender W7 ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2046 MB (43% free) System Restore: Activé (Enable) System drive C: has 36 GB (47%) free of 75 GB ---\\ Logged in mode ~ Computer Name: DANOULH-PC ~ User Name: Danoulh ~ All Users Names: Danoulh, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Danoulh\AppData\Roaming\ ~ %Desktop% : C:\Users\Danoulh\Desktop\ ~ %Favorites% : C:\Users\Danoulh\Favorites\ ~ %LocalAppData% : C:\Users\Danoulh\AppData\Local\ ~ %StartMenu% : C:\Users\Danoulh\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 36 Go of 75 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 73 Go) E:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Free 0 Go of 1 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.BA15504FA59A8DC304F1CBAEBA6252A1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/03/2013 - 01:06:20.) -- C:\Windows\System32\wininet.dll [1766912] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes Favoris (My Favorites) : 1/26 ~ Mes Documents (My Documents) : 1/10 ~ Mon Bureau (My Desktop) : 1/24 ~ Menu demarrer (Programs) : 1/29 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.EEF94AAFE49902B376A96F1B33808F6D] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2255360] [PID.1760] [MD5.05E910909FCA8ED09C1A53EE122FEA03] - (.Crawler.com - Spyware Terminator 2012 Realtime Shield Ser.) -- C:\Program Files\Spyware Terminator\st_rsser.exe [587912] [PID.2288] [MD5.30A0B072E647757CEDDA9E306D410410] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [6756048] [PID.3184] [MD5.E842A2F57060D3AF52463131D40D0EB4] - (.Visagesoft - PDF Pro 10 Creator.) -- C:\Program Files\PDF Pro 10\vspdfprsrv.exe [6221312] [PID.3252] [MD5.BC338374DBFE6531F35B1BDA24232B43] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe [1219248] [PID.3296] [MD5.DAD85786EC08DBCA8E7FB482CECD26F4] - (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files\Fighters\Tray\FightersTray.exe [1425952] [PID.3364] [MD5.FD43150FD2F4E28D9D7A04D93282E0EA] - (.SPAMfighter - SPYWAREfighter Application.) -- C:\Program Files\Fighters\SPYWAREfighter\swproTray.exe [1216552] [PID.3392] [MD5.9948A6AA74198D120D2D12C6790A9CD0] - (.SPAMfighter - VIRUSfighter Application.) -- C:\Program Files\Fighters\VIRUSfighter\vfproTray.exe [1315880] [PID.3432] [MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176] [PID.3456] [MD5.751184DF487A1B3C95CB29B0D0069C28] - (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.exe [4763008] [PID.3756] [MD5.D88135FE55B356618FCCDF1CC5653174] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344] [PID.3260] [MD5.D719477489E4EF1B987E5525D608F2A5] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe [1855880] [PID.3988] [MD5.C3F266250A3211A69CC96C6183A016D0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6647808] [PID.4124] [MD5.A7F08A73F2668FCD2B51A66751FA7FF3] - (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe [3089856] [PID.824] [MD5.2A2D72271844C52F004901A60312B96A] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464] [PID.1064] [MD5.B19505648F033393E907E2E419FDE8B3] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [176128] [PID.1216] [MD5.378F5EB676C0BD7EAAAFA7AD5BA44B16] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [348160] [PID.1500] [MD5.01E81C84AD1D0ACC61CF3CFD06632210] - (.SUPERAntiSpyware.com - Core Service.) -- C:\Program Files\SUPERAntiSpyware\SASCORE.exe [116608] [PID.248] [MD5.D8B7FBD517D9B37C811C438CC78BF2E2] - (.Preventon Technologies Limited - Preventon AV Scanning Service.) -- C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe [2000152] [PID.368] [MD5.5AEF2270EE9265AE3624BC5419F20EA6] - (.Preventon Technologies Limited - Preventon AV Watch Service.) -- C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe [400544] [PID.424] [MD5.6D12BDA1715C38BE1746B195B1E4337E] - (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1436160] [PID.632] [MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.256] [MD5.716A5E6D090DEC102883581DD8427422] - (.SPAMfighter ApS - Fighter Suite Service.) -- C:\Program Files\Fighters\FighterSuiteService.exe [1270816] [PID.2348] [MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.2400] [MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.3344] [MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [PID.1732] ~ Processes Running: Scanned in 00mn 13s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Danoulh\AppData\Roaming\Mozilla\Firefox\Profiles\4h8dtaa3.default\prefs.js (.not file.) C:\Users\Danoulh\AppData\Roaming\Mozilla\Firefox\Profiles\rwxl6z38.default\prefs.js P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll ~ Firefox Browser: 11 Legitimates Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchou.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 7 Legitimates Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll ~ BHO: 1 Legitimates Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe O4 - HKLM\..\Run: [vspdfprsrv.exe] . (.Visagesoft - PDF Pro 10 Creator.) -- C:\Program Files\PDF Pro 10\vspdfprsrv.exe O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe O4 - HKLM\..\Run: [CommonToolkitTray] . (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files\Fighters\Tray\FightersTray.exe O4 - HKLM\..\Run: [SWPROguard] . (.SPAMfighter - SPYWAREfighter Application.) -- C:\Program Files\Fighters\SPYWAREfighter\swprotray.exe O4 - HKLM\..\Run: [VFPROguard] . (.SPAMfighter - VIRUSfighter Application.) -- C:\Program Files\Fighters\VIRUSfighter\vfprotray.exe O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-3798442329-475683606-1838957551-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-21-3798442329-475683606-1838957551-1000\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe O4 - HKUS\S-1-5-21-3798442329-475683606-1838957551-1000\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Emsisoft Anti-Malware.lnk . (.Emsisoft GmbH - Security Center.) -- C:\Program Files\Emsisoft Anti-Malware\a2start.exe O4 - GS\QuickLaunch: GOM Player.lnk . (...) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe O4 - GS\Desktop: Frozen Throne.lnk . (.Blizzard Entertainment - Frozen Throne.) -- C:\Program Files\Warcraft III\Frozen Throne.exe O4 - GS\Desktop: GomEncoder.lnk . (...) -- C:\Users\Danoulh\Documents\GomEncoder O4 - GS\Desktop: Maintenance.lnk . (...) -- D:\Maintenance O4 - GS\Desktop: Téléchargements.lnk . (...) -- C:\Users\Danoulh\Downloads O4 - GS\Desktop: Warcraft III.lnk . (.Blizzard Entertainment - Warcraft III.) -- C:\Program Files\Warcraft III\Warcraft III.exe ~ Global Startup: Scanned in 00mn 02s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) ~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll ~ Winsock: 6 Legitimates Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{92B3C2D2-3B2A-4E13-9ECD-FD38D46C7E6A}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CCS\Services\Tcpip\..\{EB961803-867F-4E64-9AB5-62A828B66242}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CCS\Services\Tcpip\..\{EB961803-867F-4E64-9AB5-62A828B66242}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{92B3C2D2-3B2A-4E13-9ECD-FD38D46C7E6A}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{EB961803-867F-4E64-9AB5-62A828B66242}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{EB961803-867F-4E64-9AB5-62A828B66242}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{92B3C2D2-3B2A-4E13-9ECD-FD38D46C7E6A}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CS2\Services\Tcpip\..\{EB961803-867F-4E64-9AB5-62A828B66242}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CS2\Services\Tcpip\..\{EB961803-867F-4E64-9AB5-62A828B66242}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) ~ SSODL: 1 Legitimates Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: AV Engine Scanning Service (AV Engine Scanning Service) . (.Preventon Technologies Limited - Preventon AV Scanning Service.) - C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe O23 - Service: AV Watch Service (AV Watch Service) . (.Preventon Technologies Limited - Preventon AV Watch Service.) - C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Suite Service (Suite Service) . (.SPAMfighter ApS - Fighter Suite Service.) - C:\Program Files\Fighters\FighterSuiteService.exe ~ Services: 12 Legitimates Scanned in 00mn 39s ---\\ Enumération Active Desktop & MHTML Editor (O24) ~ Desktop Component: 1 Legitimates Scanned in 00mn 00s ---\\ BootExecute (O34) ~ BEX: 2 Legitimates Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.452DB84283EB2F043827AC95D62CE19C] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [MD5.00000000000000000000000000000000] [APT] [Refresh immunization] (...) -- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Scan the system] (...) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe (.not file.) [0] ~ Scheduled Task: 6 Legitimates Scanned in 00mn 19s ---\\ Composants installés (ActiveSetup Installed Components) (O40) ~ Active Setup: 10 Legitimates Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (A2DDA) . (.Emsisoft GmbH - Emsisoft Direct Disk Access Support Driver.) - C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys O41 - Driver: (sp_rsdrv2) . (...) - C:\Windows\system32\drivers\sp_rsdrv2.sys ~ Drivers: 90 Legitimates Scanned in 00mn 02s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: SPYWAREfighter - (.SPAMFIGHTER ApS.) [HKLM] -- SPYWAREfighter O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 O42 - Logiciel: VIRUSfighter - (.SPAMFIGHTER ApS.) [HKLM] -- VIRUSfighter O42 - Logiciel: µTorrent - (...) [HKLM] -- uTorrent ~ Logic: 45 Legitimates Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\92dfd9e23cec48] [HKCU\Software\BitTorrent] [HKCU\Software\ExpressFiles] =>Adware.ExpressFiles [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\SUPERAntiSpyware.com] [HKLM\Software\92dfd9e23cec48] [HKLM\Software\AntimalwareSolution] [HKLM\Software\ExpressFiles] =>Adware.ExpressFiles [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\PCTools] [HKLM\Software\Preventon] [HKLM\Software\SUPERAntiSpyware.com] ~ Key Software: 107 Legitimates Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 10/04/2013 - 09:07:40 - [13,395] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 11/03/2013 - 18:19:28 - [6,550] ----D C:\Program Files\Spybot - S&D O43 - CFD: 11/04/2013 - 13:30:21 - [146,545] ----D C:\Program Files\Spybot - Search & Destroy 2 O43 - CFD: 11/04/2013 - 09:08:47 - [102,324] ----D C:\Program Files\SUPERAntiSpyware O43 - CFD: 28/03/2013 - 12:42:49 - [0,381] ----D C:\Program Files\uTorrent O43 - CFD: 10/04/2013 - 08:52:25 - [13,209] ----D C:\ProgramData\BrowserProtect =>Toolbar.Babylon O43 - CFD: 10/04/2013 - 13:54:00 - [0,003] ----D C:\ProgramData\clp O43 - CFD: 11/03/2013 - 21:16:32 - [15,891] ----D C:\ProgramData\Malwarebytes O43 - CFD: 11/04/2013 - 13:36:28 - [81,307] ----D C:\ProgramData\Preventon O43 - CFD: 11/04/2013 - 08:31:26 - [0,082] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 11/04/2013 - 08:44:43 - [309,566] ----D C:\ProgramData\SUPERAntiSpyware.com O43 - CFD: 11/03/2013 - 21:16:41 - [6,986] ----D C:\Users\Danoulh\AppData\Roaming\Malwarebytes O43 - CFD: 11/04/2013 - 08:45:38 - [0,839] ----D C:\Users\Danoulh\AppData\Roaming\SUPERAntiSpyware.com O43 - CFD: 09/04/2013 - 22:32:47 - [1,321] ----D C:\Users\Danoulh\AppData\Roaming\uTorrent ~ Program Folder: 131 Legitimates Scanned in 00mn 13s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.38D1F001DE564EB97C664E3249F98726] - 11/04/2013 - 12:42:17 ---A- . (...) -- C:\AdwCleaner[S11].txt [2667] O44 - LFC:[MD5.A9C25C9A8F9DA7F25C14D84C4CE845A3] - 10/04/2013 - 20:51:58 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\Windows\System32\sdnclean.exe [15224] O44 - LFC:[MD5.D1E75542EC8D1B4851765A57AC63618E] - 10/04/2013 - 18:58:18 ---A- . (...) -- C:\Windows\diagerr.xml [1908] O44 - LFC:[MD5.25917D15FB90D92EDBE3F0CCD75634CE] - 10/04/2013 - 18:58:18 ---A- . (...) -- C:\Windows\diagwrn.xml [2562] O44 - LFC:[MD5.839C93A756F120BDF0BF827D3261D674] - 10/04/2013 - 17:12:36 ---A- . (...) -- C:\AdwCleaner[S10].txt [2679] O44 - LFC:[MD5.623DA40F2BBEA3B53870B348243929A2] - 10/04/2013 - 17:11:53 ---A- . (...) -- C:\AdwCleaner[R10].txt [2603] O44 - LFC:[MD5.5A60083F9EF085D1569483D504A39410] - 10/04/2013 - 12:15:48 ---A- . (...) -- C:\AdwCleaner[S9].txt [2603] O44 - LFC:[MD5.2B3C712BD9E73A04969A1156C3705D39] - 10/04/2013 - 12:15:07 ---A- . (...) -- C:\AdwCleaner[R9].txt [2527] O44 - LFC:[MD5.B7BCB47772342F5116AEE5AFDD53E768] - 10/04/2013 - 08:40:24 ---A- . (...) -- C:\AdwCleaner[S8].txt [2436] O44 - LFC:[MD5.EAE8EF101079B6C08BA9562E03A0FEB1] - 10/04/2013 - 08:39:08 ---A- . (...) -- C:\AdwCleaner[R8].txt [2361] O44 - LFC:[MD5.0CC3DF84F49E4B8D39630DEBEF337D7B] - 10/04/2013 - 08:31:33 ---A- . (...) -- C:\AdwCleaner[S7].txt [2835] O44 - LFC:[MD5.5326BEB4488B520E1868BF108EFDA22D] - 10/04/2013 - 08:30:37 ---A- . (...) -- C:\AdwCleaner[R7].txt [2751] O44 - LFC:[MD5.7268A7B9B768909709E0B2FA59AB2CC0] - 09/04/2013 - 21:30:59 ---A- . (...) -- C:\AdwCleaner[S6].txt [1657] O44 - LFC:[MD5.0075D5F2046F779640BE480B81E0C76E] - 09/04/2013 - 21:30:38 ---A- . (...) -- C:\AdwCleaner[R6].txt [1587] O44 - LFC:[MD5.B939144CFC745B75A120AC0F141C6D0E] - 09/04/2013 - 21:24:15 ---A- . (...) -- C:\AdwCleaner[S5].txt [9834] O44 - LFC:[MD5.1B4C295A9D65BAE31707B3EC4248883F] - 09/04/2013 - 21:23:24 ---A- . (...) -- C:\AdwCleaner[R5].txt [9824] O44 - LFC:[MD5.45ADC884F83A5D7D2F19672825D72F9E] - 28/03/2013 - 11:54:24 ---A- . (...) -- C:\Windows\System32\InstallUtil.InstallLog [830] O44 - LFC:[MD5.1D6355A53122A4635AA1DD5ABCB897F0] - 23/03/2013 - 12:30:19 ---A- . (.Visagesoft - Visagesoft Printer Port Monitor.) -- C:\Windows\System32\vsmon1.dll [22016] O44 - LFC:[MD5.1FF56AC32B38A94C3C88497BD6E00C96] - 23/03/2013 - 01:06:03 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [25185] O44 - LFC:[MD5.C8CF6BA1CA301005394D6615B675C745] - 18/03/2013 - 14:49:35 ---A- . (...) -- C:\AdwCleaner[S4].txt [1454] O44 - LFC:[MD5.8B3883B8169BBD52BBB546FBD911D7F9] - 18/03/2013 - 14:48:59 ---A- . (...) -- C:\AdwCleaner[R4].txt [1391] O44 - LFC:[MD5.EDF70F4C6C1B7EE9C9B0771D087D354B] - 15/03/2013 - 11:48:24 ---A- . (...) -- C:\lxbt.log [770] ~ Files: 118 Legitimates Scanned in 00mn 57s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe ~ Keys Export: 4 Legitimates Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) ~ LSA: 8 Legitimates Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) ~ CBS: 13 Legitimates Scanned in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{e62235c1-8b37-11e2-a808-806e6f6e6963}\AutoRun\command. (...) -- H:\autoplay.exe O51 - MPSK:{f052514e-8a4f-11e2-89bc-806e6f6e6963}\AutoRun\command. (...) -- E:\setup.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) ~ TDSD: 3 Legitimates Scanned in 00mn 01s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\SBRegRebootCleaner [Key] . (.GFI Software - Registry Cleaner.) -- C:\Program Files\Ad-Aware Antivirus\SBRC.exe O53 - SMSR:HKLM\...\startupreg\SpywareTerminatorShield [Key] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe O53 - SMSR:HKLM\...\startupreg\SpywareTerminatorUpdater [Key] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe O53 - SMSR:HKLM\...\startupreg\TrojanScanner [Key] . (.Simply Super Software - Trojan Scanner.) -- C:\Program Files\Trojan Remover\Trjscan.exe ~ SMSR Keys: 8 Legitimates Scanned in 00mn 08s ---\\ Microsoft Control Security Providers (O54) ~ MSCP: 2 Legitimates Scanned in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Legitimates Scanned in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: Scanned in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 30/04/2012 - C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (a2acc) .(.Emsisoft GmbH - Emsisoft Anti-Malware File Guard.) - LEGACY_A2ACC O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (ATE_PROCMON) .(...) - LEGACY_ATE_PROCMON O64 - Services: CurCS - 30/05/2012 - Pas de propriétaire (AVFSFilter) .(...) - LEGACY_AVFSFILTER O64 - Services: CurCS - 07/11/2012 - C:\Windows\System32\DRIVERS\cmderd.sys (cmderd) .(.COMODO - COMODO Internet Security Eradication Driver.) - LEGACY_CMDERD O64 - Services: CurCS - 07/11/2012 - C:\Windows\System32\DRIVERS\cmdguard.sys (cmdGuard) .(.COMODO - COMODO Internet Security Sandbox Driver.) - LEGACY_CMDGUARD O64 - Services: CurCS - 07/11/2012 - C:\Windows\System32\DRIVERS\cmdhlp.sys (cmdHlp) .(.COMODO - COMODO Internet Security Helper Driver.) - LEGACY_CMDHLP O64 - Services: CurCS - 07/11/2012 - C:\Windows\System32\DRIVERS\inspect.sys (inspect) .(.COMODO - COMODO Internet Security Firewall Driver.) - LEGACY_INSPECT O64 - Services: CurCS - 22/07/2011 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys (SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV O64 - Services: CurCS - 12/07/2011 - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL ~ Legacy: 81 Legitimates Scanned in 00mn 02s ---\\ File Associations Shell Spawning (O67) ~ FASS Keys: 19 Legitimates Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Internet Feature Controls (O81) O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) ~ Services: 29 Legitimates Scanned in 00mn 02s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.3C061123B9086C248CB32AD84AE40689] [SPRF][20/05/2003] (.Blizzard Entertainment - Frozen Throne Installer.) -- C:\Users\Danoulh\AppData\Local\Temp\war3_install.exe [307200] [MD5.01FF12E79A462BF76A8BAAAA31E53934] [SPRF][11/04/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Danoulh\Desktop\ZHPDiag2.exe [5547609] ~ Files: Scanned in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : v2.11504 - (10/04/2013) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 0 [HKCU\Software\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard C:\Users\Danoulh\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch ~ Additionnel: Scanned in 00mn 51s ---\\ Product Upgrade Codes (O90) O90 - PUC: "9D4C0BF0BB37A1D44838D5B05DF3CA0C" . (.Ad-Aware Antivirus.) -- C:\Windows\Installer\{0FB0C4D9-73BB-4D1A-8483-5D0BD53FACC0}\ARPPRODUCTICON.exe O90 - PUC: "B67D5C1801A830A468614D95E85A2799" . (.Fighters.) -- C:\Windows\Installer\{81C5D76B-8A10-4A03-8616-D4598EA57299}\ARPPRODUCTICON.exe ~ Update Products: 24 Legitimates Scanned in 00mn 00s ---\\ Random Export Key (O91) [HKCU\Software\92dfd9e23cec48] =>Toolbar.Babylon^ [HKCU\Software\92dfd9e23cec48]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKCU\Software\92dfd9e23cec48]:version="2.6.1125.80" [HKLM\Software\92dfd9e23cec48] =>Toolbar.Babylon^ [HKLM\Software\92dfd9e23cec48]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKLM\Software\92dfd9e23cec48]:version="2.6.1125.80" ~ Export Key Software: Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 11/04/2013 116608 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE.exe SR - | Auto 28/03/2013 3089856 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe SS - | Disabled 21/02/2013 1236336 | (Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe SS - | Demand 10/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 18/08/2009 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 09/04/2013 2000152 | (AV Engine Scanning Service) . (.Preventon Technologies Limited.) - C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe SR - | Auto 09/04/2013 400544 | (AV Watch Service) . (.Preventon Technologies Limited.) - C:\Program Files\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe SR - | Auto 07/11/2012 1990464 | (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe SR - | Auto 14/12/2012 1436160 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe SS - | Disabled 0 | (HOSTS Anti-PUPs) . (...) - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe SS - | Disabled 20/09/2012 3677000 | (SBAMSvc) . (.GFI Software.) - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe SS - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe SS - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe SR - | Auto 12/02/2013 587912 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files\Spyware Terminator\st_rsser.exe SR - | Auto 12/03/2013 1270816 | (Suite Service) . (.SPAMfighter ApS.) - C:\Program Files\Fighters\FighterSuiteService.exe ~ Services: Scanned in 00mn 10s ~ 704 Legitimates filtered by white list End of the scan (568 lines in 04mn 22s)(0)