Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.3.31.116 par Nicolas Coolman, Update du 31/03/2013
Run by Mad at 01/04/2013 23:28:05
State : Version � jour.
High Elevated Privileges : OK
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 19.0.2 v19.0.2
GCIE: Google Chrome v26.0.1410.43 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : 62396
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3000 MB (47% free)
System Restore: Activ� (Enable)
System drive C: has 195 GB (42%) free of 456 GB
---\\ Logged in mode
~ Computer Name: ACER4200
~ User Name: Mad
~ All Users Names: utilisateur, Mad, HomeGroupUser$, Administrateur, Admin,
~ Unselected Option: O45,O61
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Mad\AppData\Roaming\
~ %Desktop% : C:\Users\Mad\Desktop\
~ %Favorites% : C:\Users\Mad\Favorites\
~ %LocalAppData% : C:\Users\Mad\AppData\Local\
~ %StartMenu% : C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 195 Go of 456 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.03728C624D05C2F157BBD46F6B7F6EA0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 04:30:21.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes musiques (My Musics) : 1/32
~ Mes Videos (My Videos) : 1/7
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 1/16
~ Mon Bureau (My Desktop) : 1/4
~ Menu demarrer (Programs) : 1/251
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.C7A9C4FDCEA704A34A5997FE0A8A0A38] - (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe [1194504] [PID.3880]
[MD5.E3F058D8721EA53BEAB9079A8FB53FD7] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672] [PID.3924]
[MD5.FA75594EED65C420D75F01D54788F9E4] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [135168] [PID.4004]
[MD5.D282AF9E91C1F1E66FC3858DCCE33303] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [167424] [PID.2352]
[MD5.09A1F74F093349AFF6327447AADC0FC5] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [246272] [PID.2480]
[MD5.401274DE05B52704B006F913D43BE1DD] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [144384] [PID.2324]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.2768]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.3032]
[MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.3020]
[MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176] [PID.888]
[MD5.8DFC3AB968EA5A7E56D36C4B4CBE188A] - (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files\Cobian Backup 11\cbInterface.exe [4407808] [PID.3440]
[MD5.7F2691FD961C9A704DA221745CCE6295] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512] [PID.3460]
[MD5.43D083268A0919F3527A2837390BAF63] - (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032] [PID.2424]
[MD5.6492A4F1E63C01B9E1BAD8734A65FA92] - (.DVDVideoSoft Ltd. - Free Screen Video Recorder.) -- C:\Program Files\DVDVideoSoft\Free Screen Video Recorder\FreeScreenVideoRecorder.exe [1725112] [PID.2660]
[MD5.47E5F236BD34B9D5BA9939A9A2302051] - (.Sebastien.warin.fr - Stream What You Hear.) -- C:\Program Files\Stream What You Hear\SWYH.exe [368128] [PID.2760]
[MD5.B0BF698030DB6561393AE753C6D3F936] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1312720] [PID.2992]
[MD5.FFBB294D0FE5EDD5A8A5AF29FD4018B5] - (.Zhorn Software - Stickies 7.0b.) -- C:\Program Files\stickies\stickies.exe [1101824] [PID.3412]
[MD5.2A8DB5FA2032E5E9E40778AD47860CE5] - (.KO Software - KO Approach.) -- C:\Program Files\KO Approach\Approach.exe [408576] [PID.3388]
[MD5.E84DA43E726D043CA2DEE71F01DB261A] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe [228448] [PID.3732]
[MD5.3FA19C41179F9F3786135C794CEA85BE] - (.Steamcore.se - Screamer Radio.) -- C:\Users\Mad\AppData\Local\Screamer Radio\screamer.exe [1894912] [PID.1120]
[MD5.E98D0D64BD25EDCFD3AE0B90514099BA] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [233048] [PID.5744]
[MD5.CC5CFE5A9C826B934DC3BE176617E182] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6306816] [PID.976]
~ Processes Running: Scanned in 00mn 16s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Mad\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://start.iminent.com
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Mad\AppData\Roaming\Mozilla\Firefox\Profiles\4h2ptrp1.default\prefs.js
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Mad - 4h2ptrp1.default] www.google.fr
M2 - MFEP: prefs.js [Mad - 4h2ptrp1.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.14 (.Michel Gutierrez.)
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] - (.Foxit Corporation - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=16.0.1.18] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprndlchromebrowserrecordext;version=1.3.1] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
P2 - FPN: [HKLM] [@real.com/nprndlhtml5videoshim;version=1.3.1] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprndlpepperflashvideoshim;version=1.3.1] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=16.0.1.18] - (.RealPlayer - RealPlayer Download Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
P2 - FPN: [HKLM] [@realnetworks.com/npdlplugin;version=1] - (.RealDownloader - RealDownloader Plugin.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
~ Firefox Browser: Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.0.2.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} . (.pdfforge GbR - PDF Architect Helper.) -- C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
O2 - BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} . (.AVAST Software - avast! Ad Blocker Module.) -- C:\Program Files\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
~ BHO: 9 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PDF Architect Toolbar - [HKLM]{25A3A431-30BB-47C8-AD6A-E1063801134F} . (.pdfforge GbR - PDF Architect Toolbar.) -- C:\Program Files\PDF Architect\PDFIEPlugin.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [KeePass 2 PreLoad] . (.Dominik Reichl - KeePass.) -- C:\Program Files\KeePass Password Safe 2\KeePass.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] . (.Microsoft Corporation - Microsoft Money Startup.) -- C:\Program Files\Microsoft Money\System\Activation.exe
O4 - HKLM\..\Run: [Cobian Backup 11 interface] . (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files\Cobian Backup 11\cbInterface.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
O4 - HKCU\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [FreeScreenVideoRecorder] . (.DVDVideoSoft Ltd. - Free Screen Video Recorder.) -- C:\Program Files\DVDVideoSoft\Free Screen Video Recorder\FreeScreenVideoRecorder.exe
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKCU\..\Run: [MoneyAgent] . (.Microsoft Corporation - Microsoft Money Express.) -- C:\Program Files\Microsoft Money\System\Money Express.exe
O4 - HKCU\..\Run: [StreamWhatYouHear] . (.Sebastien.warin.fr - Stream What You Hear.) -- C:\Program Files\Stream What You Hear\SWYH.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_21706D80BE32747B20EB2CAC122540A2] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [FreeScreenVideoRecorder] . (.DVDVideoSoft Ltd. - Free Screen Video Recorder.) -- C:\Program Files\DVDVideoSoft\Free Screen Video Recorder\FreeScreenVideoRecorder.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [MoneyAgent] . (.Microsoft Corporation - Microsoft Money Express.) -- C:\Program Files\Microsoft Money\System\Money Express.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [StreamWhatYouHear] . (.Sebastien.warin.fr - Stream What You Hear.) -- C:\Program Files\Stream What You Hear\SWYH.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [GoogleChromeAutoLaunch_21706D80BE32747B20EB2CAC122540A2] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: Handbrake.lnk . (.HandBrake - HandBrake.) -- C:\Program Files\Handbrake\Handbrake.exe
O4 - GS\Desktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop: PhotoFiltre 7.lnk . (.PhotoFiltre - PhotoFiltre 7.) -- C:\Program Files\PhotoFiltre 7\PhotoFiltre7.exe
O4 - GS\Desktop: Radio Fr Solo.lnk . (...) -- C:\Program Files\Radio Fr Solo\Radio_Fr_Solo.exe
O4 - GS\Desktop: Windows Update Troubleshooting Info.lnk - Cl� orpheline
O4 - GS\TaskBar: Q-Dir.lnk . (.Nenad Hrg (SoftwareOK.com) - Q-Dir 5.50.) -- C:\Program Files\Q-Dir\Q-Dir.exe
O4 - GS\TaskBar: ShutDown.lnk . (.Microsoft Corporation - Outil d�arr�t et d�annotation Windows.) -- C:\Windows\System32\shutdown.exe
O4 - GS\TaskBar: Startpage Web Recherche.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://startpage.com
O4 - GS\Programs: (37 non lus) - m.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://fr-mg42.mail.yahoo.com
O4 - GS\QuickLaunch: Bullzip PDF Printer.lnk . (.Bullzip - Bullzip PDF Printer.) -- C:\Program Files\Bullzip\PDF Printer\gui.exe
O4 - GS\QuickLaunch: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - GS\QuickLaunch: Microsoft Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.exe
O4 - GS\SendTo: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Startpage Web Recherche.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://startpage.com
O4 - GS\Desktop: VPNC Front End.lnk . (...) -- C:\Program Files\VPNC Front End\vpnc-fe.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBttnIE.dll
O9 - Extra button: Notes &li�es OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBTTN~1.dll
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Cl� orpheline
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 6 Legitimates Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2379E76B-AF1D-4903-85E3-CCFD2937A8D8}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{2379E76B-AF1D-4903-85E3-CCFD2937A8D8}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{2379E76B-AF1D-4903-85E3-CCFD2937A8D8}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) . (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity - Service.) - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 13 Legitimates Scanned in 00mn 07s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
---\\ BootExecute (O34)
~ BEX: 2 Legitimates Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-89730552-3888946514-1729103065-1005.job [274]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-89730552-3888946514-1729103065-1005.job [282]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files\AD-AWA~1\AdAwareLauncher.exe (.not file.) [0]
[MD5.E98D0D64BD25EDCFD3AE0B90514099BA] [APT] [{50813A0A-0CA9-42A0-A8D1-246BD13A178C}] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [233048]
[MD5.E98D0D64BD25EDCFD3AE0B90514099BA] [APT] [{56EFA1CD-3D5E-4320-8271-486DB6F585F8}] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [233048]
[MD5.00000000000000000000000000000000] [APT] [{6254868E-AA9A-4058-8067-353BC7D6641F}] (...) -- C:\Users\Mad\Documents\ExtractOffice\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9C25E530-AE32-40FD-9AC2-762AC8AAD3B6}] (...) -- C:\Users\Mad\0_DOSSIERMad\KarmaFX_Plugin_Pack.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9E906914-601E-4AA0-9A99-511E23CEBE34}] (...) -- C:\Users\Mad\0_DOSSIERMad\KarmaFX_Plugin_Pack.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A45E007A-8963-4FD2-94ED-D15DD5328643}] (...) -- C:\Users\Mad\0_DOSSIERMad\mtr90_SOFTAD0003_Mars2013_PcPortableAc\05_AudioVideo\Mp3Gain-win-1_2_5.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A97A8291-0E43-4E88-A603-C38E7EBD71BD}] (...) -- C:\Users\Mad\0_DOSSIERMad\KarmaFX_Plugin_Pack.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BB8934A9-FFE4-490A-A0AD-0CB3CAAB71D3}] (...) -- E:\autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F1576602-A20D-420E-806F-2B7DAD930D32}] (...) -- C:\Users\Mad\Documents\ExtractOffice\setup.exe (.not file.) [0]
[MD5.452DB84283EB2F043827AC95D62CE19C] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [3487240]
[MD5.36A82C214B46787385F3B0CD02ECAA88] [APT] [Refresh immunization] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [3653656]
[MD5.E4A0900CF535888DDD85B10040CA3E34] [APT] [Scan the system] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [3906584]
~ Scheduled Task: 30 Legitimates Scanned in 00mn 03s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 12 Legitimates Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
~ Drivers: 63 Legitimates Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Bullzip PDF Printer 7.2.0.1338 - (.Bullzip.) [HKLM] -- Bullzip PDF Printer_is1
O42 - Logiciel: Free Screen Video Recorder version 2.5.22.508 - (.DVDVideoSoft Ltd..) [HKLM] -- Free Screen Video Recorder_is1
O42 - Logiciel: KO Approach - (...) [HKLM] -- KO Approach
O42 - Logiciel: MusicIP Mixer 1.8.1 - (.MusicIP.) [HKLM] -- MusicIP Mixer_is1
O42 - Logiciel: PI Free PC (D�sintallation seule) - (...) [HKLM] -- PiFreePC
O42 - Logiciel: Pamus MP3 Recorder 1.05 - (.papiermusique.fr.) [HKLM] -- {3917F510-D2F1-46CA-8DB7-BBDA20720180}_is1
O42 - Logiciel: Q-Dir - (...) [HKLM] -- Q-Dir
O42 - Logiciel: RadioSure - (...) [HKCU] -- RadioSure
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: Stickies 7.0b - (.Zhorn Software.) [HKLM] -- ZhornStickies
O42 - Logiciel: Stream What You Hear (SWYH) version 1.3 - (.Sebastien.warin.fr.) [HKLM] -- {5FBEA9D3-668E-4B88-BF6C-E1BCF441ECFD}_is1
O42 - Logiciel: Suppress plus 1.8 - (.Perrysoft.) [HKLM] -- Suppress plus_is1
O42 - Logiciel: VPNC Front End - (...) [HKLM] -- VPNCFE
O42 - Logiciel: avast! Ad Blocker v1.0.0.0 - (.AVAST Software.) [HKLM] -- {021C6667-63D3-4416-B537-865E77F4DF4F}
O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: rtmpGUI_Attilla version 0.9 - (.Neo-Net, Forum..) [HKLM] -- {6FCDAB6B-8EDC-4AAD-9123-E0320525F25B}_is1
~ Logic: 99 Legitimates Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\Infonautics]
[HKCU\Software\KO Software]
[HKCU\Software\KarmaFX]
[HKCU\Software\Perrysoft]
[HKCU\Software\Screamer Radio]
[HKCU\Software\SoftwareOK.de]
[HKLM\Software\ArchRival Software]
[HKLM\Software\Bullzip]
[HKLM\Software\KO Software]
[HKLM\Software\MusicIP]
[HKLM\Software\Perrysoft]
~ Key Software: 181 Legitimates Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/03/2013 - 13:46:23 - [166,453] ----D C:\Program Files\Ad-Aware Antivirus
O43 - CFD: 10/03/2013 - 20:09:29 - [7,594] ----D C:\Program Files\Advanced Tokens Manager
O43 - CFD: 21/03/2013 - 13:17:19 - [21,375] ----D C:\Program Files\Bullzip
O43 - CFD: 30/03/2013 - 20:07:15 - [248,167] ----D C:\Program Files\CapTvTy
O43 - CFD: 10/03/2013 - 20:19:01 - [8,803] ----D C:\Program Files\Directory List
O43 - CFD: 10/03/2013 - 20:29:52 - [5,131] ----D C:\Program Files\Double Driver
O43 - CFD: 11/03/2013 - 00:37:12 - [11,936] ----D C:\Program Files\Fre_ac
O43 - CFD: 01/04/2013 - 21:48:43 - [0] ----D C:\Program Files\KarmaFx
O43 - CFD: 22/03/2013 - 02:02:02 - [1,262] ----D C:\Program Files\KO Approach
O43 - CFD: 15/03/2013 - 14:37:07 - [11,519] ----D C:\Program Files\MusicIP
O43 - CFD: 15/03/2013 - 02:20:25 - [0,898] ----D C:\Program Files\NfReader_FluxRss
O43 - CFD: 30/03/2013 - 11:55:04 - [2,235] ----D C:\Program Files\Pamus MP3 Recorder
O43 - CFD: 10/03/2013 - 18:13:30 - [0,704] ----D C:\Program Files\Q-Dir
O43 - CFD: 01/04/2013 - 15:14:19 - [0] ----D C:\Program Files\Quickfilter Technologies
O43 - CFD: 16/03/2013 - 21:42:00 - [94,523] ----D C:\Program Files\rtmpGUI_Attilla
O43 - CFD: 26/03/2013 - 09:38:47 - [0,001] ----D C:\Program Files\SecurityKISS Tunnel
O43 - CFD: 10/03/2013 - 20:55:29 - [0,607] ----D C:\Program Files\SleepTimer
O43 - CFD: 22/03/2013 - 10:49:56 - [4,154] ----D C:\Program Files\splus
O43 - CFD: 22/03/2013 - 12:20:43 - [152,201] ----D C:\Program Files\Spybot - Search & Destroy 2
O43 - CFD: 22/03/2013 - 01:30:44 - [1,840] ----D C:\Program Files\stickies
O43 - CFD: 31/03/2013 - 02:53:21 - [2,903] ----D C:\Program Files\Stream What You Hear
O43 - CFD: 10/03/2013 - 19:33:48 - [0,507] ----D C:\Program Files\ToYcon
O43 - CFD: 17/03/2013 - 02:36:01 - [5,744] ----D C:\Program Files\VPNC Front End
O43 - CFD: 21/03/2013 - 13:17:27 - [0,059] ----D C:\Program Files\Common Files\Bullzip
O43 - CFD: 22/03/2013 - 02:29:59 - [0,015] ----D C:\ProgramData\Ad-Aware Antivirus
O43 - CFD: 27/03/2013 - 01:31:26 - [0,138] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 22/03/2013 - 03:23:28 - [0,018] ----D C:\Users\Mad\AppData\Roaming\Ad-Aware Antivirus
O43 - CFD: 10/03/2013 - 20:20:42 - [0,004] ----D C:\Users\Mad\AppData\Roaming\DirectoryListPrintPro
O43 - CFD: 15/03/2013 - 14:38:23 - [0] ----D C:\Users\Mad\AppData\Roaming\MusicIP
O43 - CFD: 10/03/2013 - 18:13:31 - [0] ----D C:\Users\Mad\AppData\Roaming\Q-Dir
O43 - CFD: 01/04/2013 - 22:21:53 - [0,120] ----D C:\Users\Mad\AppData\Roaming\stickies
O43 - CFD: 17/03/2013 - 17:44:18 - [9,974] ----D C:\Users\Mad\AppData\Local\RadioSure
O43 - CFD: 17/03/2013 - 19:06:29 - [5,591] ----D C:\Users\Mad\AppData\Local\Screamer Radio
O43 - CFD: 31/03/2013 - 03:49:05 - [0,001] ----D C:\Users\Mad\AppData\Local\Sebastien.warin.fr
O43 - CFD: 15/03/2013 - 03:21:08 - [0,002] ----D C:\Users\Mad\AppData\Local\Steppschuh
O43 - CFD: 09/03/2013 - 15:21:21 - [0,003] R---D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\01_Bureautique
O43 - CFD: 15/03/2013 - 03:15:40 - [0,005] R---D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\02_Web
O43 - CFD: 08/03/2013 - 14:25:36 - [0,002] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\03_Dial
O43 - CFD: 15/03/2013 - 03:13:47 - [0,003] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\04_Peripherique
O43 - CFD: 01/04/2013 - 11:32:48 - [0,042] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\05_AudioVideo
O43 - CFD: 14/03/2013 - 14:12:21 - [0,901] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\06_Pic&Design
O43 - CFD: 14/03/2013 - 14:12:21 - [0,010] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\07_UtilitairesNoSyst
O43 - CFD: 22/03/2013 - 23:40:16 - [0,015] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\08_Secur&BkUp
O43 - CFD: 22/03/2013 - 02:35:18 - [0,032] R---D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\09_UtilitaireSyst
O43 - CFD: 26/03/2013 - 23:14:09 - [0,001] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\10_Pro
O43 - CFD: 01/04/2013 - 18:07:09 - [0] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KarmaFX
~ Program Folder: 213 Legitimates Scanned in 00mn 03s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.D9D73C3B42A49FF4A1E44B8F9C5D4374] - 01/04/2013 - 22:09:18 ---A- . (...) -- C:\AdwCleaner[S1].txt [1769]
O44 - LFC:[MD5.0D0A0848AEE40488B2DF1815BC57C83F] - 30/03/2013 - 10:10:42 ---A- . (.Open Source Software community project - POSIX Threads for Windows32 Library.) -- C:\Windows\System32\pthreadGC2.dll [86683]
O44 - LFC:[MD5.CDBFE4D4490803B2083372A52EAAE917] - 26/03/2013 - 08:38:07 ---A- . (...) -- C:\Windows\System32\ipconfig_results.txt [3152]
O44 - LFC:[MD5.A9C25C9A8F9DA7F25C14D84C4CE845A3] - 22/03/2013 - 11:20:29 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\Windows\System32\sdnclean.exe [15224]
O44 - LFC:[MD5.B4DF0B041525828BADE1AC84B1CE146C] - 21/03/2013 - 12:17:26 ---A- . (.Bullzip - Bullzip Dictionary Component.) -- C:\Windows\System32\bzDCT.dll [103424]
O44 - LFC:[MD5.0DAD3B8A1238F5C8E404A420601B4F06] - 21/03/2013 - 12:17:26 ---A- . (.Bullzip - Bullzip File Reader functions.) -- C:\Windows\System32\bzFlRdr.dll [227840]
O44 - LFC:[MD5.443BFA08420112DFAFA9D8FBC2615044] - 21/03/2013 - 12:17:26 ---A- . (.Bullzip - Pas de description.) -- C:\Windows\System32\bzpdfc.dll [135168]
O44 - LFC:[MD5.23AE05CAA571CF89FCF1CD9EFD0F84C6] - 21/03/2013 - 12:17:23 ---A- . (.Bullzip - Bullzip PDF Writer.) -- C:\Windows\System32\bzpdf.dll [196608]
O44 - LFC:[MD5.D032A3D8D81B6C164EE2DF07954E2ABF] - 19/03/2013 - 11:01:35 ---A- . (...) -- C:\Windows\uninstallstickies.bat [589]
O44 - LFC:[MD5.19BC3077C98654C4F685624D8383BC2E] - 17/03/2013 - 16:25:51 ---A- . (...) -- C:\Windows\Radio_Fr.ini [1208]
O44 - LFC:[MD5.3B7EA9C7488C214736E8942D67AB9007] - 15/03/2013 - 11:10:27 ---A- . (.Nokia Corporation and/or its subsidiary(-ie - C++ application development framework..) -- C:\Windows\System32\QtCore4.dll [2557952]
O44 - LFC:[MD5.DA32E0D240146EB2481B7D4C3C358C3E] - 15/03/2013 - 01:57:34 ---A- . (.pdfforge GbR - pdfcmon.) -- C:\Windows\System32\pdfcmon.dll [88576]
O44 - LFC:[MD5.E8922B113747A410C11D6AF7042F4A0B] - 10/03/2013 - 17:27:47 ---A- . (...) -- C:\Windows\Q-Dir.ini [12953]
O44 - LFC:[MD5.60FEE6F524865950EF0A40D49F969320] - 09/06/2012 - 19:21:56 ---A- . (...) -- C:\Windows\System32\unrar.dll [178688]
O44 - LFC:[MD5.995AE326D98358B7822542538FE4E851] - 17/10/2005 - 18:13:34 ---A- . (...) -- C:\Windows\System32\splus.cpl [447488]
~ Files: 73 Legitimates Scanned in 00mn 02s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Keys Export: 4 Legitimates Scanned in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 8 Legitimates Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 3 Legitimates Scanned in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=1
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Scanned in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 05/12/2012 - C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BstHdDrv) .(.BlueStack Systems - BlueStacks Hypervisor for x86.) - LEGACY_BSTHDDRV
~ Legacy: 74 Legitimates Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ Keys: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 32 Legitimates Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.EAFF5F43AA51848E7F7A087B9B4F4BB4] [SPRF][26/03/2013] (.Ellora Assets Corporation - Freemake Video Converter Setup.) -- C:\Users\Mad\AppData\Local\Temp\FreemakeVideoConverter_4.0.0.1.exe [26413600]
[MD5.FEA8181EB5D54DD6EC2F8C712BA85640] [SPRF][30/03/2013] (...) -- C:\Users\Mad\AppData\Local\Temp\ICReinstall_mp3tagv250setup.exe [667016]
[MD5.7EC6C8E88BECD3C40AE35AAD1DF6EB0A] [SPRF][13/02/2013] (.RealNetworks, Inc. - RealDownloader Application.) -- C:\Users\Mad\AppData\Local\Temp\stubhelper.dll [90624]
[MD5.AAACA015ECED630E7F7C0DD996412B98] [SPRF][30/03/2013] (...) -- C:\Users\Mad\AppData\Local\Temp\temp_presets.dat [2664]
[MD5.887173F53072CD2D238014F4199B35CF] [SPRF][02/11/2012] (...) -- C:\Users\Mad\AppData\Local\Temp\xmlUpdater.exe [118784]
[MD5.4EAD115CF40445118BA41F070296669F] [SPRF][30/03/2013] (...) -- C:\Users\Mad\AppData\Local\Temp\~glaryutilities-version.dat [514]
[MD5.49F3EF3560FFE11FC756518BB092FB58] [SPRF][30/03/2013] (...) -- C:\Users\Mad\AppData\Local\Temp\~gu-ver.dat [112]
[MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616]
[MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648]
[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272]
~ Files: Scanned in 00mn 01s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{07C3EECA-9C0B-4435-BB3D-48E6E168B70E}C:\users\mad\appdata\local\radiosure\radiosure.exe" | In - Private - P6 - TRUE | .(.TheBestWare Studio - RadioSure.) -- C:\users\mad\appdata\local\radiosure\radiosure.exe
O87 - FAEL: "UDP Query User{CE2ADDAC-4E51-4156-AA74-25D900C78BF6}C:\users\mad\appdata\local\radiosure\radiosure.exe" | In - Private - P17 - TRUE | .(.TheBestWare Studio - RadioSure.) -- C:\users\mad\appdata\local\radiosure\radiosure.exe
O87 - FAEL: "TCP Query User{A93D434E-19B5-4D6D-8C8F-EB2B23E88B65}C:\program files\stream what you hear\swyh.exe" | In - Private - P6 - TRUE | .(.Sebastien.warin.fr - Stream What You Hear.) -- C:\program files\stream what you hear\swyh.exe
O87 - FAEL: "UDP Query User{B29E5384-B176-4C97-B40B-3194DF178C23}C:\program files\stream what you hear\swyh.exe" | In - Private - P17 - TRUE | .(.Sebastien.warin.fr - Stream What You Hear.) -- C:\program files\stream what you hear\swyh.exe
O87 - FAEL: "TCP Query User{D08AD1DB-607C-4382-9994-89DCC1562E12}C:\program files\pifreepc\pifreepc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files\pifreepc\pifreepc.exe
O87 - FAEL: "UDP Query User{A89B0DE5-2873-401B-89E2-653EC4CB6C46}C:\program files\pifreepc\pifreepc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files\pifreepc\pifreepc.exe
O87 - FAEL: "TCP Query User{FA61D44E-AE48-4E35-8196-5B2E7FA7CF6F}C:\program files\stream what you hear\swyh.exe" | In - Public - P6 - TRUE | .(.Sebastien.warin.fr - Stream What You Hear.) -- C:\program files\stream what you hear\swyh.exe
O87 - FAEL: "UDP Query User{5180289D-8255-4FF7-9B54-4E181A7D6CF2}C:\program files\stream what you hear\swyh.exe" | In - Public - P17 - TRUE | .(.Sebastien.warin.fr - Stream What You Hear.) -- C:\program files\stream what you hear\swyh.exe
~ Firewall: 211 Legitimates Scanned in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : v2.11349 - (31/03/2013)
Cl�s trouv�es (Keys found) : 5
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
~ Additionnel: Scanned in 00mn 47s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "44870A0846AC4ED4BA163DD7BD8E70F4" . (.PDF Architect.) -- C:\Windows\Installer\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}\main_icon
O90 - PUC: "7672DADFAC1183D4C94C8477C03ECCB7" . (.Notification Center.) -- C:\Windows\Installer\{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}\BlueStacksIcon
~ Update Products: 36 Legitimates Scanned in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 07/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto 05/12/2012 393080 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-Service.exe
SR - | Auto 05/12/2012 384888 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
SR - | Auto 05/12/2012 67584 | (cbVSCService11) . (.CobianSoft, Luis Cobian.) - C:\Program Files\Cobian Backup 11\cbVSCService11.exe
SR - | Auto 05/12/2012 1131008 | (CobianBackup11) . (.Luis Cobian, CobianSoft.) - C:\Program Files\Cobian Backup 11\cbService.exe
SS - | Demand 06/03/2013 30192 | (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 05/03/2013 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/03/2013 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/03/2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 07/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 09/01/2013 1324104 | (PDF Architect Helper Service) . (.pdfforge GbR.) - C:\Program Files\PDF Architect\HelperService.exe
SR - | Auto 09/01/2013 795208 | (PDF Architect Service) . (.pdfforge GbR.) - C:\Program Files\PDF Architect\ConversionService.exe
SR - | Auto 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
SS - | Auto 07/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Scanned in 00mn 02s
End of the scan (705 lines in 04mn 06s)(0)
Run by Mad at 01/04/2013 23:28:05
State : Version � jour.
High Elevated Privileges : OK
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 19.0.2 v19.0.2
GCIE: Google Chrome v26.0.1410.43 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : 62396
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3000 MB (47% free)
System Restore: Activ� (Enable)
System drive C: has 195 GB (42%) free of 456 GB
---\\ Logged in mode
~ Computer Name: ACER4200
~ User Name: Mad
~ All Users Names: utilisateur, Mad, HomeGroupUser$, Administrateur, Admin,
~ Unselected Option: O45,O61
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Mad\AppData\Roaming\
~ %Desktop% : C:\Users\Mad\Desktop\
~ %Favorites% : C:\Users\Mad\Favorites\
~ %LocalAppData% : C:\Users\Mad\AppData\Local\
~ %StartMenu% : C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 195 Go of 456 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.03728C624D05C2F157BBD46F6B7F6EA0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 04:30:21.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes musiques (My Musics) : 1/32
~ Mes Videos (My Videos) : 1/7
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 1/16
~ Mon Bureau (My Desktop) : 1/4
~ Menu demarrer (Programs) : 1/251
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.C7A9C4FDCEA704A34A5997FE0A8A0A38] - (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe [1194504] [PID.3880]
[MD5.E3F058D8721EA53BEAB9079A8FB53FD7] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672] [PID.3924]
[MD5.FA75594EED65C420D75F01D54788F9E4] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [135168] [PID.4004]
[MD5.D282AF9E91C1F1E66FC3858DCCE33303] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [167424] [PID.2352]
[MD5.09A1F74F093349AFF6327447AADC0FC5] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [246272] [PID.2480]
[MD5.401274DE05B52704B006F913D43BE1DD] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [144384] [PID.2324]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192] [PID.2768]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.3032]
[MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.3020]
[MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176] [PID.888]
[MD5.8DFC3AB968EA5A7E56D36C4B4CBE188A] - (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files\Cobian Backup 11\cbInterface.exe [4407808] [PID.3440]
[MD5.7F2691FD961C9A704DA221745CCE6295] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512] [PID.3460]
[MD5.43D083268A0919F3527A2837390BAF63] - (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032] [PID.2424]
[MD5.6492A4F1E63C01B9E1BAD8734A65FA92] - (.DVDVideoSoft Ltd. - Free Screen Video Recorder.) -- C:\Program Files\DVDVideoSoft\Free Screen Video Recorder\FreeScreenVideoRecorder.exe [1725112] [PID.2660]
[MD5.47E5F236BD34B9D5BA9939A9A2302051] - (.Sebastien.warin.fr - Stream What You Hear.) -- C:\Program Files\Stream What You Hear\SWYH.exe [368128] [PID.2760]
[MD5.B0BF698030DB6561393AE753C6D3F936] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1312720] [PID.2992]
[MD5.FFBB294D0FE5EDD5A8A5AF29FD4018B5] - (.Zhorn Software - Stickies 7.0b.) -- C:\Program Files\stickies\stickies.exe [1101824] [PID.3412]
[MD5.2A8DB5FA2032E5E9E40778AD47860CE5] - (.KO Software - KO Approach.) -- C:\Program Files\KO Approach\Approach.exe [408576] [PID.3388]
[MD5.E84DA43E726D043CA2DEE71F01DB261A] - (.Microsoft Corporation - Microsoft OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.exe [228448] [PID.3732]
[MD5.3FA19C41179F9F3786135C794CEA85BE] - (.Steamcore.se - Screamer Radio.) -- C:\Users\Mad\AppData\Local\Screamer Radio\screamer.exe [1894912] [PID.1120]
[MD5.E98D0D64BD25EDCFD3AE0B90514099BA] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [233048] [PID.5744]
[MD5.CC5CFE5A9C826B934DC3BE176617E182] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6306816] [PID.976]
~ Processes Running: Scanned in 00mn 16s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Mad\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://start.iminent.com
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Mad\AppData\Roaming\Mozilla\Firefox\Profiles\4h2ptrp1.default\prefs.js
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Mad] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Mad - 4h2ptrp1.default] www.google.fr
M2 - MFEP: prefs.js [Mad - 4h2ptrp1.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.14 (.Michel Gutierrez.)
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] - (.Foxit Corporation - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=16.0.1.18] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprndlchromebrowserrecordext;version=1.3.1] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
P2 - FPN: [HKLM] [@real.com/nprndlhtml5videoshim;version=1.3.1] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprndlpepperflashvideoshim;version=1.3.1] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=16.0.1.18] - (.RealPlayer - RealPlayer Download Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
P2 - FPN: [HKLM] [@realnetworks.com/npdlplugin;version=1] - (.RealDownloader - RealDownloader Plugin.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
~ Firefox Browser: Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.VideoLAN - VLC media player Web Plugin 2.0.2.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} . (.pdfforge GbR - PDF Architect Helper.) -- C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
O2 - BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} . (.AVAST Software - avast! Ad Blocker Module.) -- C:\Program Files\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
~ BHO: 9 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PDF Architect Toolbar - [HKLM]{25A3A431-30BB-47C8-AD6A-E1063801134F} . (.pdfforge GbR - PDF Architect Toolbar.) -- C:\Program Files\PDF Architect\PDFIEPlugin.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O4 - HKLM\..\Run: [KeePass 2 PreLoad] . (.Dominik Reichl - KeePass.) -- C:\Program Files\KeePass Password Safe 2\KeePass.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O4 - HKLM\..\Run: [MoneyStartUp10.0] . (.Microsoft Corporation - Microsoft Money Startup.) -- C:\Program Files\Microsoft Money\System\Activation.exe
O4 - HKLM\..\Run: [Cobian Backup 11 interface] . (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) -- C:\Program Files\Cobian Backup 11\cbInterface.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
O4 - HKCU\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [FreeScreenVideoRecorder] . (.DVDVideoSoft Ltd. - Free Screen Video Recorder.) -- C:\Program Files\DVDVideoSoft\Free Screen Video Recorder\FreeScreenVideoRecorder.exe
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKCU\..\Run: [MoneyAgent] . (.Microsoft Corporation - Microsoft Money Express.) -- C:\Program Files\Microsoft Money\System\Money Express.exe
O4 - HKCU\..\Run: [StreamWhatYouHear] . (.Sebastien.warin.fr - Stream What You Hear.) -- C:\Program Files\Stream What You Hear\SWYH.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_21706D80BE32747B20EB2CAC122540A2] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [FreeScreenVideoRecorder] . (.DVDVideoSoft Ltd. - Free Screen Video Recorder.) -- C:\Program Files\DVDVideoSoft\Free Screen Video Recorder\FreeScreenVideoRecorder.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [MoneyAgent] . (.Microsoft Corporation - Microsoft Money Express.) -- C:\Program Files\Microsoft Money\System\Money Express.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [StreamWhatYouHear] . (.Sebastien.warin.fr - Stream What You Hear.) -- C:\Program Files\Stream What You Hear\SWYH.exe
O4 - HKUS\S-1-5-21-89730552-3888946514-1729103065-1005\..\Run: [GoogleChromeAutoLaunch_21706D80BE32747B20EB2CAC122540A2] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: Handbrake.lnk . (.HandBrake - HandBrake.) -- C:\Program Files\Handbrake\Handbrake.exe
O4 - GS\Desktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop: PhotoFiltre 7.lnk . (.PhotoFiltre - PhotoFiltre 7.) -- C:\Program Files\PhotoFiltre 7\PhotoFiltre7.exe
O4 - GS\Desktop: Radio Fr Solo.lnk . (...) -- C:\Program Files\Radio Fr Solo\Radio_Fr_Solo.exe
O4 - GS\Desktop: Windows Update Troubleshooting Info.lnk - Cl� orpheline
O4 - GS\TaskBar: Q-Dir.lnk . (.Nenad Hrg (SoftwareOK.com) - Q-Dir 5.50.) -- C:\Program Files\Q-Dir\Q-Dir.exe
O4 - GS\TaskBar: ShutDown.lnk . (.Microsoft Corporation - Outil d�arr�t et d�annotation Windows.) -- C:\Windows\System32\shutdown.exe
O4 - GS\TaskBar: Startpage Web Recherche.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://startpage.com
O4 - GS\Programs: (37 non lus) - m.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://fr-mg42.mail.yahoo.com
O4 - GS\QuickLaunch: Bullzip PDF Printer.lnk . (.Bullzip - Bullzip PDF Printer.) -- C:\Program Files\Bullzip\PDF Printer\gui.exe
O4 - GS\QuickLaunch: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - GS\QuickLaunch: Microsoft Outlook.lnk . (.Microsoft Corporation - Microsoft Outlook.) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.exe
O4 - GS\SendTo: CDBurnerXP.lnk . (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Startpage Web Recherche.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://startpage.com
O4 - GS\Desktop: VPNC Front End.lnk . (...) -- C:\Program Files\VPNC Front End\vpnc-fe.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBttnIE.dll
O9 - Extra button: Notes &li�es OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office14\ONBTTN~1.dll
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Cl� orpheline
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} . (.Microsoft Corporation - MoneySide Controls.) -- C:\Program Files\Microsoft Money\System\mnyviewer.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 6 Legitimates Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2379E76B-AF1D-4903-85E3-CCFD2937A8D8}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{2379E76B-AF1D-4903-85E3-CCFD2937A8D8}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{2379E76B-AF1D-4903-85E3-CCFD2937A8D8}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) . (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity - Service.) - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 13 Legitimates Scanned in 00mn 07s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
---\\ BootExecute (O34)
~ BEX: 2 Legitimates Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-89730552-3888946514-1729103065-1005.job [274]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-89730552-3888946514-1729103065-1005.job [282]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Antivirus Scheduled Scan] (...) -- C:\Program Files\AD-AWA~1\AdAwareLauncher.exe (.not file.) [0]
[MD5.E98D0D64BD25EDCFD3AE0B90514099BA] [APT] [{50813A0A-0CA9-42A0-A8D1-246BD13A178C}] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [233048]
[MD5.E98D0D64BD25EDCFD3AE0B90514099BA] [APT] [{56EFA1CD-3D5E-4320-8271-486DB6F585F8}] (.RealNetworks, Inc..) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [233048]
[MD5.00000000000000000000000000000000] [APT] [{6254868E-AA9A-4058-8067-353BC7D6641F}] (...) -- C:\Users\Mad\Documents\ExtractOffice\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9C25E530-AE32-40FD-9AC2-762AC8AAD3B6}] (...) -- C:\Users\Mad\0_DOSSIERMad\KarmaFX_Plugin_Pack.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9E906914-601E-4AA0-9A99-511E23CEBE34}] (...) -- C:\Users\Mad\0_DOSSIERMad\KarmaFX_Plugin_Pack.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A45E007A-8963-4FD2-94ED-D15DD5328643}] (...) -- C:\Users\Mad\0_DOSSIERMad\mtr90_SOFTAD0003_Mars2013_PcPortableAc\05_AudioVideo\Mp3Gain-win-1_2_5.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A97A8291-0E43-4E88-A603-C38E7EBD71BD}] (...) -- C:\Users\Mad\0_DOSSIERMad\KarmaFX_Plugin_Pack.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BB8934A9-FFE4-490A-A0AD-0CB3CAAB71D3}] (...) -- E:\autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F1576602-A20D-420E-806F-2B7DAD930D32}] (...) -- C:\Users\Mad\Documents\ExtractOffice\setup.exe (.not file.) [0]
[MD5.452DB84283EB2F043827AC95D62CE19C] [APT] [Check for updates] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [3487240]
[MD5.36A82C214B46787385F3B0CD02ECAA88] [APT] [Refresh immunization] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [3653656]
[MD5.E4A0900CF535888DDD85B10040CA3E34] [APT] [Scan the system] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [3906584]
~ Scheduled Task: 30 Legitimates Scanned in 00mn 03s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 12 Legitimates Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
~ Drivers: 63 Legitimates Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Bullzip PDF Printer 7.2.0.1338 - (.Bullzip.) [HKLM] -- Bullzip PDF Printer_is1
O42 - Logiciel: Free Screen Video Recorder version 2.5.22.508 - (.DVDVideoSoft Ltd..) [HKLM] -- Free Screen Video Recorder_is1
O42 - Logiciel: KO Approach - (...) [HKLM] -- KO Approach
O42 - Logiciel: MusicIP Mixer 1.8.1 - (.MusicIP.) [HKLM] -- MusicIP Mixer_is1
O42 - Logiciel: PI Free PC (D�sintallation seule) - (...) [HKLM] -- PiFreePC
O42 - Logiciel: Pamus MP3 Recorder 1.05 - (.papiermusique.fr.) [HKLM] -- {3917F510-D2F1-46CA-8DB7-BBDA20720180}_is1
O42 - Logiciel: Q-Dir - (...) [HKLM] -- Q-Dir
O42 - Logiciel: RadioSure - (...) [HKCU] -- RadioSure
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: Stickies 7.0b - (.Zhorn Software.) [HKLM] -- ZhornStickies
O42 - Logiciel: Stream What You Hear (SWYH) version 1.3 - (.Sebastien.warin.fr.) [HKLM] -- {5FBEA9D3-668E-4B88-BF6C-E1BCF441ECFD}_is1
O42 - Logiciel: Suppress plus 1.8 - (.Perrysoft.) [HKLM] -- Suppress plus_is1
O42 - Logiciel: VPNC Front End - (...) [HKLM] -- VPNCFE
O42 - Logiciel: avast! Ad Blocker v1.0.0.0 - (.AVAST Software.) [HKLM] -- {021C6667-63D3-4416-B537-865E77F4DF4F}
O42 - Logiciel: avast! Free Antivirus v8.0.1483.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: rtmpGUI_Attilla version 0.9 - (.Neo-Net, Forum..) [HKLM] -- {6FCDAB6B-8EDC-4AAD-9123-E0320525F25B}_is1
~ Logic: 99 Legitimates Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\Infonautics]
[HKCU\Software\KO Software]
[HKCU\Software\KarmaFX]
[HKCU\Software\Perrysoft]
[HKCU\Software\Screamer Radio]
[HKCU\Software\SoftwareOK.de]
[HKLM\Software\ArchRival Software]
[HKLM\Software\Bullzip]
[HKLM\Software\KO Software]
[HKLM\Software\MusicIP]
[HKLM\Software\Perrysoft]
~ Key Software: 181 Legitimates Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/03/2013 - 13:46:23 - [166,453] ----D C:\Program Files\Ad-Aware Antivirus
O43 - CFD: 10/03/2013 - 20:09:29 - [7,594] ----D C:\Program Files\Advanced Tokens Manager
O43 - CFD: 21/03/2013 - 13:17:19 - [21,375] ----D C:\Program Files\Bullzip
O43 - CFD: 30/03/2013 - 20:07:15 - [248,167] ----D C:\Program Files\CapTvTy
O43 - CFD: 10/03/2013 - 20:19:01 - [8,803] ----D C:\Program Files\Directory List
O43 - CFD: 10/03/2013 - 20:29:52 - [5,131] ----D C:\Program Files\Double Driver
O43 - CFD: 11/03/2013 - 00:37:12 - [11,936] ----D C:\Program Files\Fre_ac
O43 - CFD: 01/04/2013 - 21:48:43 - [0] ----D C:\Program Files\KarmaFx
O43 - CFD: 22/03/2013 - 02:02:02 - [1,262] ----D C:\Program Files\KO Approach
O43 - CFD: 15/03/2013 - 14:37:07 - [11,519] ----D C:\Program Files\MusicIP
O43 - CFD: 15/03/2013 - 02:20:25 - [0,898] ----D C:\Program Files\NfReader_FluxRss
O43 - CFD: 30/03/2013 - 11:55:04 - [2,235] ----D C:\Program Files\Pamus MP3 Recorder
O43 - CFD: 10/03/2013 - 18:13:30 - [0,704] ----D C:\Program Files\Q-Dir
O43 - CFD: 01/04/2013 - 15:14:19 - [0] ----D C:\Program Files\Quickfilter Technologies
O43 - CFD: 16/03/2013 - 21:42:00 - [94,523] ----D C:\Program Files\rtmpGUI_Attilla
O43 - CFD: 26/03/2013 - 09:38:47 - [0,001] ----D C:\Program Files\SecurityKISS Tunnel
O43 - CFD: 10/03/2013 - 20:55:29 - [0,607] ----D C:\Program Files\SleepTimer
O43 - CFD: 22/03/2013 - 10:49:56 - [4,154] ----D C:\Program Files\splus
O43 - CFD: 22/03/2013 - 12:20:43 - [152,201] ----D C:\Program Files\Spybot - Search & Destroy 2
O43 - CFD: 22/03/2013 - 01:30:44 - [1,840] ----D C:\Program Files\stickies
O43 - CFD: 31/03/2013 - 02:53:21 - [2,903] ----D C:\Program Files\Stream What You Hear
O43 - CFD: 10/03/2013 - 19:33:48 - [0,507] ----D C:\Program Files\ToYcon
O43 - CFD: 17/03/2013 - 02:36:01 - [5,744] ----D C:\Program Files\VPNC Front End
O43 - CFD: 21/03/2013 - 13:17:27 - [0,059] ----D C:\Program Files\Common Files\Bullzip
O43 - CFD: 22/03/2013 - 02:29:59 - [0,015] ----D C:\ProgramData\Ad-Aware Antivirus
O43 - CFD: 27/03/2013 - 01:31:26 - [0,138] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 22/03/2013 - 03:23:28 - [0,018] ----D C:\Users\Mad\AppData\Roaming\Ad-Aware Antivirus
O43 - CFD: 10/03/2013 - 20:20:42 - [0,004] ----D C:\Users\Mad\AppData\Roaming\DirectoryListPrintPro
O43 - CFD: 15/03/2013 - 14:38:23 - [0] ----D C:\Users\Mad\AppData\Roaming\MusicIP
O43 - CFD: 10/03/2013 - 18:13:31 - [0] ----D C:\Users\Mad\AppData\Roaming\Q-Dir
O43 - CFD: 01/04/2013 - 22:21:53 - [0,120] ----D C:\Users\Mad\AppData\Roaming\stickies
O43 - CFD: 17/03/2013 - 17:44:18 - [9,974] ----D C:\Users\Mad\AppData\Local\RadioSure
O43 - CFD: 17/03/2013 - 19:06:29 - [5,591] ----D C:\Users\Mad\AppData\Local\Screamer Radio
O43 - CFD: 31/03/2013 - 03:49:05 - [0,001] ----D C:\Users\Mad\AppData\Local\Sebastien.warin.fr
O43 - CFD: 15/03/2013 - 03:21:08 - [0,002] ----D C:\Users\Mad\AppData\Local\Steppschuh
O43 - CFD: 09/03/2013 - 15:21:21 - [0,003] R---D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\01_Bureautique
O43 - CFD: 15/03/2013 - 03:15:40 - [0,005] R---D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\02_Web
O43 - CFD: 08/03/2013 - 14:25:36 - [0,002] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\03_Dial
O43 - CFD: 15/03/2013 - 03:13:47 - [0,003] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\04_Peripherique
O43 - CFD: 01/04/2013 - 11:32:48 - [0,042] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\05_AudioVideo
O43 - CFD: 14/03/2013 - 14:12:21 - [0,901] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\06_Pic&Design
O43 - CFD: 14/03/2013 - 14:12:21 - [0,010] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\07_UtilitairesNoSyst
O43 - CFD: 22/03/2013 - 23:40:16 - [0,015] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\08_Secur&BkUp
O43 - CFD: 22/03/2013 - 02:35:18 - [0,032] R---D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\09_UtilitaireSyst
O43 - CFD: 26/03/2013 - 23:14:09 - [0,001] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\10_Pro
O43 - CFD: 01/04/2013 - 18:07:09 - [0] ----D C:\Users\Mad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KarmaFX
~ Program Folder: 213 Legitimates Scanned in 00mn 03s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.D9D73C3B42A49FF4A1E44B8F9C5D4374] - 01/04/2013 - 22:09:18 ---A- . (...) -- C:\AdwCleaner[S1].txt [1769]
O44 - LFC:[MD5.0D0A0848AEE40488B2DF1815BC57C83F] - 30/03/2013 - 10:10:42 ---A- . (.Open Source Software community project - POSIX Threads for Windows32 Library.) -- C:\Windows\System32\pthreadGC2.dll [86683]
O44 - LFC:[MD5.CDBFE4D4490803B2083372A52EAAE917] - 26/03/2013 - 08:38:07 ---A- . (...) -- C:\Windows\System32\ipconfig_results.txt [3152]
O44 - LFC:[MD5.A9C25C9A8F9DA7F25C14D84C4CE845A3] - 22/03/2013 - 11:20:29 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\Windows\System32\sdnclean.exe [15224]
O44 - LFC:[MD5.B4DF0B041525828BADE1AC84B1CE146C] - 21/03/2013 - 12:17:26 ---A- . (.Bullzip - Bullzip Dictionary Component.) -- C:\Windows\System32\bzDCT.dll [103424]
O44 - LFC:[MD5.0DAD3B8A1238F5C8E404A420601B4F06] - 21/03/2013 - 12:17:26 ---A- . (.Bullzip - Bullzip File Reader functions.) -- C:\Windows\System32\bzFlRdr.dll [227840]
O44 - LFC:[MD5.443BFA08420112DFAFA9D8FBC2615044] - 21/03/2013 - 12:17:26 ---A- . (.Bullzip - Pas de description.) -- C:\Windows\System32\bzpdfc.dll [135168]
O44 - LFC:[MD5.23AE05CAA571CF89FCF1CD9EFD0F84C6] - 21/03/2013 - 12:17:23 ---A- . (.Bullzip - Bullzip PDF Writer.) -- C:\Windows\System32\bzpdf.dll [196608]
O44 - LFC:[MD5.D032A3D8D81B6C164EE2DF07954E2ABF] - 19/03/2013 - 11:01:35 ---A- . (...) -- C:\Windows\uninstallstickies.bat [589]
O44 - LFC:[MD5.19BC3077C98654C4F685624D8383BC2E] - 17/03/2013 - 16:25:51 ---A- . (...) -- C:\Windows\Radio_Fr.ini [1208]
O44 - LFC:[MD5.3B7EA9C7488C214736E8942D67AB9007] - 15/03/2013 - 11:10:27 ---A- . (.Nokia Corporation and/or its subsidiary(-ie - C++ application development framework..) -- C:\Windows\System32\QtCore4.dll [2557952]
O44 - LFC:[MD5.DA32E0D240146EB2481B7D4C3C358C3E] - 15/03/2013 - 01:57:34 ---A- . (.pdfforge GbR - pdfcmon.) -- C:\Windows\System32\pdfcmon.dll [88576]
O44 - LFC:[MD5.E8922B113747A410C11D6AF7042F4A0B] - 10/03/2013 - 17:27:47 ---A- . (...) -- C:\Windows\Q-Dir.ini [12953]
O44 - LFC:[MD5.60FEE6F524865950EF0A40D49F969320] - 09/06/2012 - 19:21:56 ---A- . (...) -- C:\Windows\System32\unrar.dll [178688]
O44 - LFC:[MD5.995AE326D98358B7822542538FE4E851] - 17/10/2005 - 18:13:34 ---A- . (...) -- C:\Windows\System32\splus.cpl [447488]
~ Files: 73 Legitimates Scanned in 00mn 02s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Keys Export: 4 Legitimates Scanned in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 8 Legitimates Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 3 Legitimates Scanned in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=1
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Scanned in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 05/12/2012 - C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BstHdDrv) .(.BlueStack Systems - BlueStacks Hypervisor for x86.) - LEGACY_BSTHDDRV
~ Legacy: 74 Legitimates Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
~ Keys: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 32 Legitimates Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.EAFF5F43AA51848E7F7A087B9B4F4BB4] [SPRF][26/03/2013] (.Ellora Assets Corporation - Freemake Video Converter Setup.) -- C:\Users\Mad\AppData\Local\Temp\FreemakeVideoConverter_4.0.0.1.exe [26413600]
[MD5.FEA8181EB5D54DD6EC2F8C712BA85640] [SPRF][30/03/2013] (...) -- C:\Users\Mad\AppData\Local\Temp\ICReinstall_mp3tagv250setup.exe [667016]
[MD5.7EC6C8E88BECD3C40AE35AAD1DF6EB0A] [SPRF][13/02/2013] (.RealNetworks, Inc. - RealDownloader Application.) -- C:\Users\Mad\AppData\Local\Temp\stubhelper.dll [90624]
[MD5.AAACA015ECED630E7F7C0DD996412B98] [SPRF][30/03/2013] (...) -- C:\Users\Mad\AppData\Local\Temp\temp_presets.dat [2664]
[MD5.887173F53072CD2D238014F4199B35CF] [SPRF][02/11/2012] (...) -- C:\Users\Mad\AppData\Local\Temp\xmlUpdater.exe [118784]
[MD5.4EAD115CF40445118BA41F070296669F] [SPRF][30/03/2013] (...) -- C:\Users\Mad\AppData\Local\Temp\~glaryutilities-version.dat [514]
[MD5.49F3EF3560FFE11FC756518BB092FB58] [SPRF][30/03/2013] (...) -- C:\Users\Mad\AppData\Local\Temp\~gu-ver.dat [112]
[MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616]
[MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648]
[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272]
~ Files: Scanned in 00mn 01s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{07C3EECA-9C0B-4435-BB3D-48E6E168B70E}C:\users\mad\appdata\local\radiosure\radiosure.exe" | In - Private - P6 - TRUE | .(.TheBestWare Studio - RadioSure.) -- C:\users\mad\appdata\local\radiosure\radiosure.exe
O87 - FAEL: "UDP Query User{CE2ADDAC-4E51-4156-AA74-25D900C78BF6}C:\users\mad\appdata\local\radiosure\radiosure.exe" | In - Private - P17 - TRUE | .(.TheBestWare Studio - RadioSure.) -- C:\users\mad\appdata\local\radiosure\radiosure.exe
O87 - FAEL: "TCP Query User{A93D434E-19B5-4D6D-8C8F-EB2B23E88B65}C:\program files\stream what you hear\swyh.exe" | In - Private - P6 - TRUE | .(.Sebastien.warin.fr - Stream What You Hear.) -- C:\program files\stream what you hear\swyh.exe
O87 - FAEL: "UDP Query User{B29E5384-B176-4C97-B40B-3194DF178C23}C:\program files\stream what you hear\swyh.exe" | In - Private - P17 - TRUE | .(.Sebastien.warin.fr - Stream What You Hear.) -- C:\program files\stream what you hear\swyh.exe
O87 - FAEL: "TCP Query User{D08AD1DB-607C-4382-9994-89DCC1562E12}C:\program files\pifreepc\pifreepc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files\pifreepc\pifreepc.exe
O87 - FAEL: "UDP Query User{A89B0DE5-2873-401B-89E2-653EC4CB6C46}C:\program files\pifreepc\pifreepc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files\pifreepc\pifreepc.exe
O87 - FAEL: "TCP Query User{FA61D44E-AE48-4E35-8196-5B2E7FA7CF6F}C:\program files\stream what you hear\swyh.exe" | In - Public - P6 - TRUE | .(.Sebastien.warin.fr - Stream What You Hear.) -- C:\program files\stream what you hear\swyh.exe
O87 - FAEL: "UDP Query User{5180289D-8255-4FF7-9B54-4E181A7D6CF2}C:\program files\stream what you hear\swyh.exe" | In - Public - P17 - TRUE | .(.Sebastien.warin.fr - Stream What You Hear.) -- C:\program files\stream what you hear\swyh.exe
~ Firewall: 211 Legitimates Scanned in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : v2.11349 - (31/03/2013)
Cl�s trouv�es (Keys found) : 5
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
~ Additionnel: Scanned in 00mn 47s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "44870A0846AC4ED4BA163DD7BD8E70F4" . (.PDF Architect.) -- C:\Windows\Installer\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}\main_icon
O90 - PUC: "7672DADFAC1183D4C94C8477C03ECCB7" . (.Notification Center.) -- C:\Windows\Installer\{FDAD2767-11CA-4D38-9CC4-48770CE3CC7B}\BlueStacksIcon
~ Update Products: 36 Legitimates Scanned in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 07/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Auto 05/12/2012 393080 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-Service.exe
SR - | Auto 05/12/2012 384888 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
SR - | Auto 05/12/2012 67584 | (cbVSCService11) . (.CobianSoft, Luis Cobian.) - C:\Program Files\Cobian Backup 11\cbVSCService11.exe
SR - | Auto 05/12/2012 1131008 | (CobianBackup11) . (.Luis Cobian, CobianSoft.) - C:\Program Files\Cobian Backup 11\cbService.exe
SS - | Demand 06/03/2013 30192 | (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 05/03/2013 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/03/2013 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/03/2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 07/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 09/01/2013 1324104 | (PDF Architect Helper Service) . (.pdfforge GbR.) - C:\Program Files\PDF Architect\HelperService.exe
SR - | Auto 09/01/2013 795208 | (PDF Architect Service) . (.pdfforge GbR.) - C:\Program Files\PDF Architect\ConversionService.exe
SR - | Auto 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
SS - | Auto 07/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Scanned in 00mn 02s
End of the scan (705 lines in 04mn 06s)(0)