Rapport de ZHPDiag v2013.6.4.7 par Nicolas Coolman, Update du 04/06/2013 Run by Anthony at 05/06/2013 5:57:38 WebSite: http://nicolascoolman.webs.com State : Problème connexion internet WhiteList : Enable High Elevated Privileges : OK UAC : Deactivate by user ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) MFIE: Mozilla Firefox 21.0 OPIE: Opera v12.15 ---\\ Windows Product Information ~ Langage: Français Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : VKM6G Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Protection Avira Free Antivirus v13.0.0.3640 COMODO Internet Security v6.0.64131.2674 Malwarebytes Anti-Malware version 1.75.0.1300 Secunia PSI Windows Defender W7 ---\\ System Optimizer CCleaner v4.00 =>Piriform Ltd ---\\ Peer To Peer (P2P) eMule µTorrent v3.3.0.29625 =>P2P.µTorrent ---\\ Software Update Adobe Flash Player 11 Plugin Adobe Reader XI Java 7 Update 21 Java 7 Update 21 ---\\ System Information ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4000 MB (44% free) System Restore: Activé (Enable) System drive D: has 44 GB (37%) free of 119 GB ---\\ Logged in mode ~ Computer Name: ANTHONY-PC ~ User Name: Anthony ~ All Users Names: Guest, fbwuser, Anthony, Administrator, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : D:\ ~ %AppData% : D:\Users\Anthony\AppData\Roaming\ ~ %Desktop% : D:\Users\Anthony\Desktop\ ~ %Favorites% : D:\Users\Anthony\Favorites\ ~ %LocalAppData% : D:\Users\Anthony\AppData\Local\ ~ %StartMenu% : D:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : D:\Windows\ ~ %System% : D:\Windows\System32\ ---\\ DOS/Devices C:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 15 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 119 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 154 Go) F:\ CD-ROM drive (Not Inserted) H:\ Hard drive, Flash drive, Thumb drive (Free 23 Go of 25 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified ~ Security Center: 34 Legitimates Filtered in 0:mn 0 s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/09/2012 - 1:02:11 .) -- D:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 2:39:52 .) -- D:\Windows\System32\Wininit.exe [129024] [MD5.563C71A913CAC0C3DE5FFCD36EDB43A0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/04/2013 - 2:00:30 .) -- D:\Windows\System32\wininet.dll [1392128] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 4:24:29 .) -- D:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 4:24:16 .) -- D:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2012 - 1:19:22 .) -- D:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 2:52:21 .) -- D:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 12:19:47 .) -- D:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 4:23:47 .) -- D:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 4:24:32 .) -- D:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 4:23:47 .) -- D:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 12:19:57 .) -- D:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 1:10:03 .) -- D:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/09/2012 - 1:05:33 .) -- D:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 4:23:51 .) -- D:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 3:45:08 .) -- D:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 1:00:41 .) -- D:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 4:24:33 .) -- D:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 4:25:07 .) -- D:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 1:09:09 .) -- D:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 4:24:32 .) -- D:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 4:23:47 .) -- D:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 0:mn 2 s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/133 ~ Mes musiques (My Musics) : 1/3 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/5 ~ Mes Documents (My Documents) : 1/21498 ~ Mon Bureau (My Desktop) : 1/456 ~ Menu demarrer (Programs) : 1/62 ~ Hidden Files: Scanned in 2:mn 4 s ---\\ Processus lancés [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.1308] [MD5.BA48CCEC781FD10B6C869F7C45CAA23E] - (.ASUSTek Computer Inc. - ATKOSD2.) -- D:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208] [PID.4092] [MD5.35F97E7C110FC49D4FFB290D5FD8A0DE] - (.Druide informatique inc. - AgentAntidote.) -- H:\Programmes32\AgentAntidote.exe [1130280] [PID.3604] [MD5.EF58B39CB67D7F2D2A404A7D2EA7BFFA] - (.Tonec Inc. - Internet Download Manager (IDM).) -- H:\Internet Download Manager\IDMan.exe [3573624] [PID.4716] [MD5.783F7F39A134AA5A9FE78A137980190B] - (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- D:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2009 - Études DVD\EDICT.exe [351000] [PID.4828] [MD5.795A332E62D8113FDD7EFBC1DBF2FD48] - (...) -- H:\FastStone Capture\FSCapture.exe [1115136] [PID.0] [MD5.FD579C25D253A47DF82A76B7EE96ADB5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.5100] [MD5.5041D28614C0278A089BEF977C501439] - (.ASUSTek Computer Inc. - ATK Media.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752] [PID.980] [MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.4228] [MD5.C1DB9BDF885C2F1ADC15264FBEA2788F] - (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- D:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961] [PID.4748] [MD5.FAA729BC3B4EC2900D14E1F0F4D30ED0] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- H:\Internet Download Manager\IEMonitor.exe [268248] [PID.4688] [MD5.B4CD0AEF1378282D236C61B3EAA054E7] - (.AnchorFree Inc. - Hotspot Shield 2.93.) -- D:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe [1280808] [PID.5056] [MD5.581D8AD206E0DE14DB6B76884E144AF5] - (.Intel Corporation - IAStorIcon.) -- D:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704] [PID.4396] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- D:\Users\Anthony\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.4656] [MD5.9F777E35DE4788DD939E94D905EDCCFE] - (.Nicolas Coolman - ZHPDiag.) -- D:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7457792] [PID.5448] [MD5.E8459E07AE7C0C7C88D7064DF0B596E5] - (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe [804352] [PID.5488] [MD5.09E411E1DC92D813F49DFEEB4039CBCA] - (.Google - Google Talk Plugin.) -- D:\Users\Anthony\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe [79384] [PID.5724] [MD5.24F550155BE440C899DA926CD499E6CD] - (.Microsoft Corporation - Microsoft Office Excel.) -- D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.exe [18367336] [PID.7272] [MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512] [PID.1440] [MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- D:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1496] [MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752] [PID.1632] [MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- D:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.1876] [MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1916] [MD5.8B4D1FDD3F31F2DD39B3C658A22208EE] - (.AnchorFree Inc. - Hotspot Shield 2.93.) -- D:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [570664] [PID.1956] [MD5.FDA5E88BE1333B69BED57AADAA16991F] - (.AnchorFree Inc. - Hotspot Shield 2.93.) -- D:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [463656] [PID.1172] [MD5.EDFE7B17B537397DF184E8D7AD55378B] - (...) -- D:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [390440] [PID.1472] [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1280] [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1784] [MD5.2504725939338177E1F627DA0EDA2FEF] - (.ASUSTek Computer Inc. - HControl.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [178848] [PID.1712] [MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.3412] [MD5.4F870EF9292559AB9DE6F31527A1DCBF] - (.ASUSTek Computer Inc. - KBFiltr.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113312] [PID.3672] [MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.3920] [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1020] [MD5.306F9390976E41063D21AB9AB6D48122] - (.Secunia - Secunia PSI Agent.) -- D:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312] [PID.3932] [MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- D:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.3008] [MD5.851C5080261DFC1FCDC21DF0E5EA3BCB] - (.TeamViewer GmbH - TeamViewer 8.) -- H:\Version8\TeamViewer_Service.exe [3463080] [PID.3324] [MD5.7281AED93FB30FDD1CBAF07591FA453A] - (.Intel Corporation - IAStorDataSvc.) -- D:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344] [PID.3636] [MD5.BF5D3A2624177C413680DEF19A465AF8] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.3880] [MD5.3EA307C51069BC72DD74A4964F2A30A9] - (.Intel Corporation - Intel(R) Local Management Service.) -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [366552] [PID.3776] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.4656] ~ Processes Running: Scanned in 0:mn 3 s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) D:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [User Data\Default] http://iron-start.com G2 - GCE: Preference [User Data\Default] [agljkoinmcdnopnlbhhjibjiablccgoh] Radio v.1.0.56 (Désactivé) G2 - GCE: Preference [User Data\Default] [ahmiiblnmmnijkhboligioinfchkeagi] Minimalist for Facebook (DEPRECATED!) v.0.5.21 (Activé) G2 - GCE: Preference [User Data\Default] [apeeedokdcajckokidhdkbkflkpfpgko] GreaseGoogle v.1.61 (Activé) G2 - GCE: Preference [User Data\Default] [baampgkagbmhnlhleemfbpecfjpakffj] Météo Europe v.4.2 (Activé) G2 - GCE: Preference [User Data\Default] [bdglbbcbmgnimogcmcdenggkpdmihlga] Bookmark Sentry v.1.7.13 (Activé) G2 - GCE: Preference [User Data\Default] [ckdcpbflcbeillmamogkpmdhnbeggfja] Do Not Track v.0.1.1 (Activé) G2 - GCE: Preference [User Data\Default] [dpkiidbpeijnaaacjlfnijncdlkicejg] MaskMe v.1.17.235, (Désactivé) G2 - GCE: Preference [User Data\Default] [epanfjkfahimkgomnigadpkobaefekcd] DoNotTrackMe v.2.2.9.520, (Activé) G2 - GCE: Preference [User Data\Default] [fapbbpdnlcmiolkdfjnnjhabmcndadad] Météo v.0.9.0.6 (Désactivé) G2 - GCE: Preference [User Data\Default] [gegkoiakifeoejnjkbnnojkkdoegeofp] Chuck Anderson v.3 (Activé) G2 - GCE: Preference [User Data\Default] [jefnaahehlimdapgicdacbgklnedgoje] World Weather v.2.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [jpcokheimfkcoofnbgalbeogbgpjlajo] SFR / NEUF Hotspot AutoFill v.4.5 (Désactivé) G2 - GCE: Preference [User Data\Default] [kneloppijbcidgidihgdjnooihjcdbij] HootSuite v.5.244 (Activé) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Iron v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mlaimhahlbmcocjhajnommcialflcpik] Crazy Simon v.1.0 (Désactivé) G2 - GCE: Preference [User Data\Default] [nffchahhjecejoiigmnhhicpoabngedk] SkyDrive v.1.0.3 (Activé) G2 - GCE: Preference [User Data\Default] [nolijncfnkgaikbjbdaogikpmpbdcdef] Personal Blocklist (by Google) v.2.4.1 (Activé) G2 - GCE: Preference [User Data\Default] [npgonnihpamikjkfckpolamefpniicak] Iconized Bookmarks Popup v.1.8.3 (Activé) G2 - GCE: Preference [User Data\Default] [oagbmpiphimaihffccikjjbdembceaff] FREE Hotspot AutoFill v.1.0 (Désactivé) G2 - GCE: Preference [User Data\Default] [odklcfojpedohplkimfdpcamkjnhanaj] Picky Wallpapers v.1.0.0 (Activé) G2 - GCE: Preference [User Data\Default] [pjejbgheonogbpfkkjigbmahaljipoej] Weather Underground v.1.6 (Activé) ~ Google Browser: 54 Legitimates Filtered in 0:mn 6 s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) D:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\m24tl2u5.default\prefs.js M3 - MFPP: Plugins - [Anthony] -- D:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\m24tl2u5.default\searchplugins\yahoo-answers.xml M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\antidote7_win_firefox_103@druide.com] [] Module d'Antidote v8.16.14 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\firefox@ghostery.com] [] Ghostery v2.9.5 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\foxyproxy@eric.h.jung] [] FoxyProxy Basic v3.1.4 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\ich@maltegoetz.de] [] ProxTube - Gesperrte YouTube Videos entsperren v1.4.8 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\webrank-toolbar@probcomp.com] [] WebRank Toolbar v4.4 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}] [] Forecastfox v2.2.2 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{3d7eb24f-2740-49df-8937-200b1cc08f8a}] [] Flashblock v1.5.17 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{7c6cdf7c-8ea8-4be7-ae5a-0b3effe14d66}] [] Facebook Photo Zoom v0.4 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{ada4b710-8346-4b82-8199-5de2b400a6ae}] [] ReminderFox v2.1 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}] [] Flash and Video Download v1.32 (..) M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}] [] Memory Fox v7.4 (..) ~ Firefox Browser: 30 Legitimates Filtered in 0:mn 2 s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 0:mn 0 s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=D:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=D:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=D:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 0:mn 0 s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 0:mn 0 s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) [64Bits] - {F156768E-81EF-470C-9057-481BA8380DBA} Clé orpheline ~ BHO: 5 Legitimates Filtered in 0:mn 0 s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Clé orpheline ~ Toolbar: Scanned in 0:mn 0 s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- D:\Program Files\Realtek\Audio\HDA\RAVBg64.exe O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- D:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [AgentAntidote32] . (.Druide informatique inc. - AgentAntidote.) -- H:\Programmes32\AgentAntidote.exe O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- D:\Program Files\COMODO\COMODO Internet Security\cistray.exe O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- H:\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- D:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.exe O4 - HKCU\..\Run: [L09FXLRD_11854827] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- D:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2009 - Études DVD\EDICT.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- D:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUSTek Computer Inc. - ATK Media.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Wow6432Node\Run: [AntiLogger] . (.Zemana Ltd. - Zemana AntiLogger User Interface.) -- D:\Program Files (x86)\AntiLogger\AntiLogger.exe O4 - HKLM\..\Wow6432Node\Run: [HOSTS Anti-Adware_PUPs] . (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- D:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe O4 - HKUS\S-1-5-21-1417946021-2629690742-3359177087-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- H:\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-1417946021-2629690742-3359177087-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- D:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.exe O4 - HKUS\S-1-5-21-1417946021-2629690742-3359177087-1000\..\Run: [L09FXLRD_11854827] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- D:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2009 - Études DVD\EDICT.exe ~ Application: Scanned in 0:mn 0 s ---\\ Autres liens utilisateurs (O4) O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- D:\Windows\system32\eudcedit.exe O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- D:\Windows\system32\WFS.exe O4 - GS\Desktop: AD-R.lnk . (...) -- D:\Program Files (x86)\Ad-Remover\main.exe O4 - GS\Desktop: SopCast.lnk . (...) -- H:\SopCast\SopCast.exe (.not file.) O4 - GS\Desktop: Xenu.lnk . (...) -- D:\Program Files (x86)\Xenu\Xenu.exe (.not file.) O4 - GS\TaskBar: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- D:\Program Files (x86)\Opera\opera.exe O4 - GS\TaskBar: SRWare Iron.lnk . (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe O4 - GS\Programs: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- H:\FileHippo.com\UpdateChecker.exe O4 - GS\Programs: Windows 7 Logon Background Changer.lnk . (...) -- D:\Users\Anthony\AppData\Roaming\Microsoft\Installer\{2E6044C5-3495-485F-91BC-46D1B6430E51}\_38CF379FC0A8080C8E407C.exe O4 - GS\QuickLaunch: ALZip.lnk . (.ESTsoft Corp. - ALZip.) -- H:\ALZip\ALZip.exe O4 - GS\SendTo: Dropbox.lnk . (...) -- D:\Users\Anthony\Dropbox O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- D:\Program Files (x86)\Skype\Phone\Skype.exe O4 - GS\SendTo: VirusTotal.lnk . (...) -- D:\Program Files (x86)\VirusTotalUploader\VirusTotalUpload.exe O4 - GS\Desktop: Ace Utilities.lnk . (.Acelogix Software - Ace Utilities.) -- D:\Program Files\aulaunch.exe O4 - GS\Desktop: AlertInfo.lnk . (...) -- H:\AlertInfo\alertinfo.exe O4 - GS\Desktop: Anthony.lnk . (...) -- E:\Users\Anthony O4 - GS\Desktop: an_ang.lnk . (...) -- D:\Users\Anthony\Documents\an_angella.docx O4 - GS\Desktop: ASUS Live Update.Lnk . (.ASUSTeK Computer Inc. - ASUS Live Update.) -- D:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe O4 - GS\Desktop: Auslogics Reg.lnk . (.Auslogics - Registry Cleaner.) -- D:\Program Files (x86)\Auslogics\Auslogics Registry Cleaner\RegCleaner.exe O4 - GS\Desktop: chromium.lnk . (.The Chromium Authors - Chromium.) -- D:\Users\Anthony\AppData\Local\Chromium\Application\chrome.exe O4 - GS\Desktop: CltJah.lnk . (...) -- E:\Users\Anthony\Documents\CltJah.xlsm O4 - GS\Desktop: CMH.lnk . (...) -- D:\Users\Anthony\Desktop\divers\Blogger.docx O4 - GS\Desktop: culte pur.lnk . (.Watch Tower Bible and Tract Society of Penn - Watchtower Library 2011 - Édition française.) -- H:\Watchtower Library 2011\F\WTLibrary.exe O4 - GS\Desktop: Docs.lnk . (...) -- E:\Users\Anthony\Documents O4 - GS\Desktop: GestDplc.lnk . (...) -- E:\Users\Anthony\Documents\GestDplc.xlsm O4 - GS\Desktop: HJ-Sidou.lnk . (...) -- D:\Users\Anthony\Desktop\divers\HJ-Sidou66.doc O4 - GS\Desktop: Magn..lnk . (.Microsoft Corporation - Magnétophone Windows.) -- D:\Windows\system32\SoundRecorder.exe O4 - GS\Desktop: Mes images.lnk . (...) -- E:\Users\Anthony\Pictures O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Desktop: musc.lnk . (...) -- E:\Users\Anthony\Pictures\cpt ecrans\exercices-de-musculation-avec-halteres.pdf O4 - GS\Desktop: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- D:\Program Files (x86)\Opera\opera.exe O4 - GS\Desktop: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) -- H:\PeerBlock\peerblock.exe O4 - GS\Desktop: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- H:\Revo Uninstaller\Revouninstaller.exe O4 - GS\Desktop: SS.lnk . (...) -- E:\Users\Anthony\Documents\SS.xlsm O4 - GS\Desktop: Tel.lnk . (...) -- E:\Users\Anthony\Downloads O4 - GS\Desktop: TG.lnk . (...) -- E:\Users\Anthony\Documents\culturel educatif\Religions\TJ\Tour de Garde O4 - GS\Desktop: Télécharg.lnk . (...) -- D:\Users\Anthony\Downloads O4 - GS\Desktop: VII.lnk . (...) -- D:\Users\Anthony\Desktop\divers\ma vie-autobiographie_psycha.docx O4 - GS\Desktop: Win Update.lnk . (.Microsoft Corporation - Windows Update Application Launcher.) -- D:\Windows\system32\wuapp.exe O4 - GS\Desktop: Word.lnk . (...) -- D:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe O4 - GS\Desktop: wrc.lnk . (.WiseCleaner.com - Wise Registry Cleaner.) -- H:\Wise Registry Cleaner\WiseRegCleaner.exe O4 - GS\Desktop: x.xlsm.lnk . (...) -- D:\Users\Anthony\Documents\x.xlsm O4 - GS\Desktop: Y.lnk . (...) -- E:\Users\Anthony\Documents\Y.xlsm O4 - GS\Desktop: Zuma.lnk . (...) -- D:\Users\Anthony\Documents\Zuma Deluxe\Zuma.exe O4 - GS\Desktop: µ.lnk . (...) -- C:\µ.xlsm O4 - GS\TaskBar: Google Chrome.lnk . (...) -- D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.) O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- D:\Windows\explorer.exe O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- D:\Program Files (x86)\Windows Media Player\wmplayer.exe O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Google Chrome.lnk . (...) -- D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.) O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Desktop: Google Chrome.lnk . (...) -- D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.) ~ Global Startup: Scanned in 0:mn 4 s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Barre de recherche Encarta [64Bits] - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} -- Clé orpheline ~ IE Extra Buttons: Scanned in 0:mn 0 s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpNameServer = 172.17.2.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpDomain = accesslog.loc O17 - HKLM\System\CS1\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpNameServer = 172.17.2.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpDomain = accesslog.loc O17 - HKLM\System\CS2\Services\Tcpip\..\{867881EE-5D44-459E-9423-C971F053CEC0}: DhcpNameServer = 8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpNameServer = 172.17.2.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpDomain = accesslog.loc O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.17.2.1 ~ Domain: Scanned in 0:mn 0 s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- D:\Windows\System32\mshtml.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 0:mn 0 s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- D:\Windows\System32\igfxdev.dll O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll ~ Winlogon: Scanned in 0:mn 0 s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.COMODO - COMODO Internet Security.) - D:\Windows\SysWOW64\guard32.dll ~ AppInit DLL: Scanned in 0:mn 0 s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) [64Bits] - {E31004D1-A431-41B8-826F-E902F9D95C81} - (.not file.) ~ STS/SSO: Scanned in 0:mn 0 s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Unsigned Themes (UnsignedThemes) . (.The Within Network, LLC - Unsigned Themes Service.) - D:\Windows\UnsignedThemesSvc.exe ~ Services: 20 Legitimates Filtered in 0:mn 4 s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - D:\Windows\Tasks\{AFD02BBB-832B-4A0C-B797-D4C26E9C7869}.job [348] [MD5.5728482236CFF47D901D18D7FD3E7649] [APT] [AceUtilsSkipUAC] (.Acelogix Software.) -- D:\Program Files\au.exe [4203688] [MD5.E8459E07AE7C0C7C88D7064DF0B596E5] [APT] [{5A5F76E5-33B2-48A2-A877-EB561AA0170C}] (.SRWare.) -- h:\srware iron\iron.exe [804352] ~ Scheduled Task: 22 Legitimates Filtered in 0:mn 6 s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AntiLog32) . (.Zemana Ltd. - Zemana AntiLogger Driver.) - D:\Windows\system32\drivers\AntiLog64.sys O41 - Driver: (pwipf6) . (.Privacyware/PWI, Inc. - pwipf6.) - D:\Windows\System32\DRIVERS\pwipf6.sys ~ Drivers: 99 Legitimates Filtered in 0:mn 5 s ---\\ Logiciels installés (O42) O42 - Logiciel: Ace Utilities - (.Acelogix Software.) [HKLM][64Bits] -- Ace Utilities_is1 O42 - Logiciel: AlertInfo - (.i-Systems Inc..) [HKLM][64Bits] -- AlertInfo_is1 O42 - Logiciel: Efficient WMA MP3 Converter version 0.99.9.3 - (...) [HKLM][64Bits] -- Efficient WMA MP3 Converter_is1 O42 - Logiciel: FixAuto 1.1.7 - (.Trinh Duc Thang.) [HKLM][64Bits] -- {84C9CD33-1525-4500-BC16-139522A71B98}_is1 O42 - Logiciel: La carte du ciel - (...) [HKLM][64Bits] -- La carte du ciel O42 - Logiciel: Les cantons suisses - (...) [HKLM][64Bits] -- Les cantons suisses O42 - Logiciel: Les pays d'Afrique - (...) [HKLM][64Bits] -- Les pays d'Afrique O42 - Logiciel: Les pays d'Europe - (...) [HKLM][64Bits] -- Les pays d'Europe O42 - Logiciel: Les pays d'Océanie - (...) [HKLM][64Bits] -- Les pays d'Océanie O42 - Logiciel: Les états d'Amérique du Nord - (...) [HKLM][64Bits] -- Les états d'Amérique du Nord O42 - Logiciel: SummerProperties 1.2 - (.Johny Mattsson.) [HKLM][64Bits] -- 97149975-b4b1-4d2b-b9fe-7ba413d0efeb_is1 O42 - Logiciel: Watchtower Library 2011 - Français - (.Watchtower Bible and Tract Society of Pennsylvania, Inc..) [HKLM][64Bits] -- {84AE3F05-F600-4C40-BFC8-0B53E45B9B12} O42 - Logiciel: cbgeo - (...) [HKLM][64Bits] -- cbgeo ~ Logic: 145 Legitimates Filtered in 0:mn 1 s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Acelogix] [HKCU\Software\FixAuto] [HKCU\Software\Google Hacks] [HKCU\Software\HDSoft] [HKCU\Software\Peer2Me] [HKCU\Software\Watchtower] [HKLM\Software\Wow6432Node\FixAuto] [HKLM\Software\Wow6432Node\WATCHTOWER] ~ Key Software: 288 Legitimates Filtered in 0:mn 1 s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 03/06/2013 - 6:23:43 - [2,044] ----D D:\Program Files (x86)\FixAuto O43 - CFD: 15/12/2012 - 11:25:36 - [0,104] ----D D:\Program Files (x86)\VirusTotalUploader O43 - CFD: 21/05/2013 - 12:26:34 - [0,483] ----D D:\ProgramData\Privacyware O43 - CFD: 02/06/2013 - 8:53:07 - [0] --H-D D:\ProgramData\{3D3D405B-A26F-46DE-8E42-8BCC08AC2C4B} O43 - CFD: 02/05/2013 - 10:35:17 - [196,591] ----D D:\Users\Anthony\AppData\Roaming\AlertInfo O43 - CFD: 11/01/2013 - 9:59:30 - [0] ----D D:\Users\Anthony\AppData\Roaming\K-Meleon O43 - CFD: 17/12/2012 - 9:54:00 - [0] ----D D:\Users\Anthony\AppData\Roaming\Watchtower O43 - CFD: 31/05/2013 - 11:13:14 - [0,001] ----D D:\Users\Anthony\AppData\Local\Akamai O43 - CFD: 11/01/2013 - 9:59:30 - [0] ----D D:\Users\Anthony\AppData\Local\K-Meleon O43 - CFD: 28/05/2013 - 10:24:05 - [0] ----D D:\Users\Anthony\AppData\Local\Privatefirewall O43 - CFD: 03/02/2013 - 12:10:35 - [0] ----D D:\Users\Anthony\AppData\Local\WmaMp3-Converter.com O43 - CFD: 01/06/2013 - 9:18:04 - [0,020] ----D D:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Utilities O43 - CFD: 21/12/2012 - 7:55:13 - [0,001] ----D D:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Hacks ~ Program Folder: 249 Legitimates Filtered in 1:mn 0 s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.052D9A64A826C56DB1EB3A73A2BDDBC9] - 01/06/2013 - 8:45:29 ---A- . (...) -- D:\Windows\DirectX.log [10085] O44 - LFC:[MD5.6DC0EAB69F7A0AEA6604026F722F8CB6] - 01/06/2013 - 9:45:36 ---A- . (...) -- D:\Windows\SysNative\ServiceFilter.ini [2040] O44 - LFC:[MD5.6DC0EAB69F7A0AEA6604026F722F8CB6] - 01/06/2013 - 9:45:36 RSHAD . (...) -- D:\Windows\System32\ServiceFilter.ini [2040] O44 - LFC:[MD5.898ADED880961EB034461303C647F449] - 01/06/2013 - 9:59:46 RSHAD . (.Zemana Ltd. - Zemana AntiLogger Driver.) -- D:\Windows\System32\Drivers\AntiLog64.sys [49240] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 03/06/2013 - 5:25:17 R-HA- . (...) -- D:\Windows\WindowsShell.Manifest [749] O44 - LFC:[MD5.E13F489F0B1E52319A86BDD996263F4B] - 04/06/2013 - 8:37:17 ---A- . (...) -- D:\Windows\win.ini [478] O44 - LFC:[MD5.0B70AF14069E93B164B87E2FE1D66B56] - 04/06/2013 - 8:42:18 ---A- . (...) -- D:\Windows\SysNative\AutoRunFilter.ini [2263] O44 - LFC:[MD5.0B70AF14069E93B164B87E2FE1D66B56] - 04/06/2013 - 8:42:18 RSHAD . (...) -- D:\Windows\System32\AutoRunFilter.ini [2263] O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 --HA- . (...) -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26352] O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 --HA- . (...) -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26352] O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 RSHAD . (...) -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26352] O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 RSHAD . (...) -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26352] O44 - LFC:[MD5.F61AAE2E133C3DCE8BA1705E301D4224] - 28/05/2013 - 9:17:48 RSHAD . (.Privacyware/PWI, Inc. - pwipf6.) -- D:\Windows\System32\Drivers\pwipf6.sys [130744] O44 - LFC:[MD5.3D6C79A2099B7E8CEE90EF3031BF3DCD] - 29/05/2013 - 7:51:22 ---A- . (...) -- D:\Windows\ODBC.INI [28] O44 - LFC:[MD5.97688E64F62D1BCCF8011AF307C5570C] - 04/06/2013 - 11:44:53 RSHAD . (...) -- D:\Windows\System32\Drivers\fvstore.dat [8544] O44 - LFC:[MD5.1EA008D809C2B3BFB66ECD51E3788FED] - 04/06/2013 - 11:27:04 ---A- . (...) -- D:\Ad-Report-CLEAN[1].txt [5714] O44 - LFC:[MD5.C491449348C2E70988ECB14B9E721522] - 04/06/2013 - 11:17:41 ---A- . (...) -- D:\Ad-Report-SCAN[1].txt [5486] O44 - LFC:[MD5.6123C8DEB15EB37453C4D609723C15D9] - 04/06/2013 - 10:51:47 ---A- . (...) -- D:\Windows\SysNative\dopdf6.ctm [7481] O44 - LFC:[MD5.6BDFD4C6E53260C59484814963E6AC2E] - 04/06/2013 - 10:51:47 ---A- . (.Softland - doPDF Port Monitor User Interface.) -- D:\Windows\SysNative\dopdfmi6.dll [18072] O44 - LFC:[MD5.E2868E18CEA740A63C4736C99AB2965F] - 04/06/2013 - 10:51:47 ---A- . (.Softland - doPDF Port Monitor.) -- D:\Windows\SysNative\dopdfmn6.dll [21656] O44 - LFC:[MD5.6123C8DEB15EB37453C4D609723C15D9] - 04/06/2013 - 10:51:47 RSHAD . (...) -- D:\Windows\System32\dopdf6.ctm [7481] O44 - LFC:[MD5.6BDFD4C6E53260C59484814963E6AC2E] - 04/06/2013 - 10:51:47 RSHAD . (.Softland - doPDF Port Monitor User Interface.) -- D:\Windows\System32\dopdfmi6.dll [18072] O44 - LFC:[MD5.E2868E18CEA740A63C4736C99AB2965F] - 04/06/2013 - 10:51:47 RSHAD . (.Softland - doPDF Port Monitor.) -- D:\Windows\System32\dopdfmn6.dll [21656] ~ Files: 224 Legitimates Filtered in 2:mn 9 s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{30ce1649-46df-11e2-b379-806e6f6e6963}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.) ~ Keys: Scanned in 0:mn 0 s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\HDSoft [Key] . (.HDSoft - iFree Skype Recorder.) -- H:\iFree Skype Recorder\irecorder.exe O53 - SMSR:HKLM\...\startupreg\TrojanScanner [Key] . (.Simply Super Software - Trojan Scanner.) -- H:\Trojan Remover\Trjscan.exe O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- H:\uTorrent.exe =>P2P.µTorrent ~ SMSR Keys: 12 Legitimates Filtered in 0:mn 0 s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 ~ MWPS: 8 Legitimates Filtered in 0:mn 0 s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 2:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- D:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:[MD5.6C572A50FB2BF1F70281FEB67188A486] - 22/11/2012 - 8:51:26 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- D:\Windows\System32\athrx.sys [3831808] ~ Drivers: Scanned in 0:mn 0 s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.) ~ ADS: Scanned in 0:mn 0 s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 25/12/2012 - D:\Windows\System32\DRIVERS\pwipf6.sys (pwipf6) .(.Privacyware/PWI, Inc. - pwipf6.) - LEGACY_PWIPF6 ~ Legacy: 93 Legitimates Filtered in 0:mn 1 s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe ~ FASS Keys: 19 Legitimates Filtered in 0:mn 0 s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- D:\Program Files (x86)\Opera\Opera.exe ~ Keys: Scanned in 0:mn 0 s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [Anthony - m24tl2u5.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search"); O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} - (Yahoo! Search) - http://fr.search.yahoo.com ~ Keys: Scanned in 0:mn 0 s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.0A90C8A3F94564E7EAF541981EAFA52A] [SPRF][04/06/2013] (...) -- D:\Users\Anthony\Desktop\AdwCleaner-2.301.exe [632031] [MD5.1F2FF002A6A48EE32ACEBB299A39A837] [SPRF][07/12/2011] (.NirSoft - BlueScreenView.) -- D:\Users\Anthony\Desktop\BlueScreenView.exe [54272] [MD5.2725723B77882B9118320FCA9FB271B4] [SPRF][14/07/2005] (.Pas de propriétaire - Safe XP.) -- D:\Users\Anthony\Desktop\SafeXP.exe [345600] ~ Files: Scanned in 0:mn 0 s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{B0B56D05-7532-4BCB-818C-20722928FCC7}" | In - Public - P6 - TRUE | .(.ZGuideTV Team - ZGuideTV.NET.) -- H:\ZGuideTVDotNet\ZGuideTVDotNet.exe O87 - FAEL: "{C24542DD-DF45-465A-AB66-E7AE4BBF7CA5}" | In - Public - P17 - TRUE | .(.ZGuideTV Team - ZGuideTV.NET.) -- H:\ZGuideTVDotNet\ZGuideTVDotNet.exe ~ Firewall: 200 Legitimates Filtered in 0:mn 2 s ---\\ Scan Additionnel (O88) Database Version : v2.12397 - (04/06/2013) Clés trouvées (Keys found) : 2 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] =>Toolbar.Agent [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent ~ Additionnel Scan: 221937 Items scanned in 0:mn 7 s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 14/05/2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - D:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe SR - | Demand 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 31/05/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 03/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - D:\Windows\system32\FBAgent.exe SR - | Auto 04/04/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 04/04/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 21/11/2011 80512 | (ASLDRService) . (.ASUS.) - D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - D:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe SR - | Auto 25/04/2013 5784472 | (cmdAgent) . (.COMODO.) - D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe SS - | Demand 15/04/2013 158928 | (cmdvirth) . (.COMODO.) - D:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe SS - | Demand 22/03/2013 279024 | (cphs) . (.Intel Corporation.) - D:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Demand 16/12/2012 116648 | (gupdate) . (.Google Inc..) - D:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Auto 16/12/2012 116648 | (gupdate1ce4b1dce282616) . (.Google Inc..) - D:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 16/12/2012 116648 | (gupdatem) . (.Google Inc..) - D:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - D:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 26/04/2013 570664 | (hshld) . (.AnchorFree Inc..) - D:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe SR - | Auto 26/04/2013 463656 | (HssSrv) . (.AnchorFree Inc..) - D:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe SS - | Demand 78512 | (HssTrayService) . (...) - D:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe SR - | Auto 390440 | (HssWd) . (...) - D:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe SR - | Auto 30/04/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - D:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - D:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe SR - | Auto 07/09/2012 2464400 | (IconMan_R) . (.Realsil Microelectronics Inc..) - D:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - D:\Program Files\Intel\iCLS Client\HeciServer.exe SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - D:\Program Files\Intel\iCLS Client\SocketHeciServer.exe SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe SS - | Demand 08/02/2013 359664 | (LBTServ) . (.Logitech, Inc..) - D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 15/05/2013 1144144 | (MaConfigAgent) . (.CybelSoft.) - D:\Program Files\ma-config.com\MaConfigAgent.exe SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - H:\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - H:\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Demand 11/05/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 05/09/2008 68760 | (SandraAgentSrv) . (.SiSoftware.) - H:\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe SR - | Demand 26/11/2012 1225312 | (Secunia PSI Agent) . (.Secunia.) - D:\Program Files (x86)\Secunia\PSI\PSIA.exe SS - | Demand 11/06/2012 724376 | (ServiceLayer) . (.Nokia.) - D:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe SS - | Demand 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - D:\Program Files (x86)\Skype\Updater\Updater.exe SR - | Demand 29/11/2012 3463080 | (TeamViewer8) . (.TeamViewer GmbH.) - H:\Version8\TeamViewer_Service.exe SR - | Auto 13/07/2009 24168 | (UnsignedThemes) . (.The Within Network, LLC.) - D:\Windows\UnsignedThemesSvc.exe SS - | Demand 14/07/2009 27136 | D:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - D:\Windows\System32\svchost.exe SS - | Disabled 0 | (WMPNetworkSvc) . (...) - D:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SR - | Auto 14/07/2009 27136 | D:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - D:\Windows\System32\svchost.exe ~ Services: Scanned in 0:mn 4 s ~ 1487 Legitimates filtered by white list End of the scan (622 lines in 2:mn 2 s)(0)