Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.4.13.73 par Nicolas Coolman, Update du 13/04/2013
Run by G�raud at 14/04/2013 11:38:35
State : Version � jour.
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 17.0.1 v17.0.1
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
avast! Free Antivirus v8.0.1483.0
---\\ System Optimizer
CCleaner v3.28
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 17
---\\ System Information
~ Processor: x86 Family 6 Model 14 Stepping 8, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (51% free)
System Restore: Activ� (Enable)
System drive C: has 356 GB (76%) free of 466 GB
---\\ Logged in mode
~ Computer Name: DETERSON
~ User Name: G�raud
~ All Users Names: SUPPORT_388945a0, HelpAssistant, G�raud, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\G�raud\Application Data\
~ %Desktop% : C:\Documents and Settings\G�raud\Bureau\
~ %Favorites% : C:\Documents and Settings\G�raud\Favoris\
~ %LocalAppData% : C:\Documents and Settings\G�raud\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\G�raud\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 356 Go of 466 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.48309E1F5ED8E72783EEFBA04898BDA1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/03/2013 - 02:55:11.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 19:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/12
~ Mes musiques (My Musics) : 3/145
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/12
~ Mes Documents (My Documents) : 1/22954
~ Mon Bureau (My Desktop) : 0/7772
~ Menu demarrer (Programs) : 1/119
~ Hidden Files: Scanned in 00mn 19s
---\\ Processus lanc�s
[MD5.F96E450937BAD69FE4804D46829AA5C7] - (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753] [PID.1484]
[MD5.99647323602BE0E77A9737E6EADA65BA] - (.Intel Corporation - Wireless Management Service.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745] [PID.1520]
[MD5.E876C33293AA5FFA81A1AA28D594712E] - (.Intel(R) Corporation - WLANKEEPER.) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [262217] [PID.1544]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.120]
[MD5.522215532916836B9CA19EE30658F3C1] - (...) -- C:\WINDOWS\Nhksrv.exe [28672] [PID.1632]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1708]
[MD5.621022468E8D240B15BF98E5B5E2DAEC] - (.Uniblue Systems Limited - Uniblue DriverScanner Monitor.) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe [26016] [PID.372]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.436]
[MD5.8B4B572753419FE601220526205F9455] - (.http://libusb-win32.sourceforge.net - LibUsb-Win32 - Generic USB Library.) -- C:\WINDOWS\system32\libusbd-nt.exe [18944] [PID.1780]
[MD5.143F50273CFB6D970F06A1C2D7FBBF78] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 156.8.) -- C:\WINDOWS\system32\nvsvc32.exe [155716] [PID.1988]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\rundll32.exe [0] [PID.2164]
[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [189728] [PID.2612]
[MD5.B8C80DCCD4CE7CBF1FE8600B68418536] - (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718] [PID.2844]
[MD5.6210679582240D54CC7FCC6278CA8B04] - (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164] [PID.2972]
[MD5.DA199948BDF65D2EF9109B60EC4621D0] - (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182] [PID.3060]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304] [PID.3072]
[MD5.9F3E7CABE86BBDECA009DE291DB6D9E2] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [3467768] [PID.3320]
[MD5.C4C11F8A363B2596A647B1A079B39C89] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [509816] [PID.3456]
[MD5.012844A8E13BE3941C9CAF1F91F47DF2] - (.SigmaTel, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504] [PID.3640]
[MD5.8E2A7F1F62467A7DCB8AB2C0642F47CA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.3856]
[MD5.B70EFFF003D51A94FCC4C6C66F5E610F] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [57680] [PID.776]
[MD5.DFC8186972EB21F75E5B532194AF4C3A] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [54640] [PID.2128]
[MD5.7A42A8E161DC32C5A40C5813ED64DF03] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [54744] [PID.2448]
[MD5.E46B17060D3962A384AE484094614788] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.3468]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [252848] [PID.3520]
[MD5.755DB0FABD639DE8D9FA6D446BA90D36] - (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [487424] [PID.3100]
[MD5.1CC87053C28DCA5CD94CAC36DC56E7B4] - (.Intel Corporation - Intel 802.1x Server.) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe [397381] [PID.3180]
[MD5.F99DB28C5D47A940883BCF695DD654B1] - (...) -- C:\Program Files\Free Net\Freenet\freenet.exe [474097] [PID.272]
[MD5.F00C92F723D81F1405238432007D7DCC] - (.Tanuki Software, Ltd. - Java Service Wrapper Community Edition 3.3..) -- C:\Program Files\Free Net\Freenet\wrapper\freenetwrapper.exe [241664] [PID.244]
[MD5.1307C55F9FF45A1FD18F09C88321021C] - (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe [969104] [PID.4480]
[MD5.831347571C0F5006CE3913D32F21AB69] - (.Microsoft Corporation - Contr�le du volume.) -- C:\WINDOWS\system32\SNDVOL32.exe [139264] [PID.7844]
[MD5.04F4D7D7B97C616C33DC3EFFD48875E0] - (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\java.exe [174496] [PID.2328]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1312720] [PID.1680]
[MD5.00E193148E1DC8145CE4219900593705] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6742016] [PID.656]
[MD5.67949CC8A865296C1333C96A4E1A2D66] - (.Microsoft Corporation - Serveur de gestion de ressources des cartes.) -- C:\WINDOWS\System32\SCardSvr.exe [100352] [PID.868]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.4016]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\G�raud\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\G�raud\Application Data\Mozilla\Firefox\Profiles\vdd5n7wv.default\prefs.js
~ Firefox Browser: 18 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
~ IE Browser: 9 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
~ BHO: 4 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] bthprops.cpl
O4 - HKLM\..\Run: [IntelZeroConfig] . (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] . (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [DellTouch] . (.Netropa Corp. - Netropa(tm) Hot Key.) -- C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] . (.SigmaTel, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe
O4 - HKLM\..\Run: [NVHotkey] nvHotkey.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] . (.Pas de propri�taire - Stardock BootSkin!.) -- C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files\Google\Drive\googledrivesync.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E1AB64F4BED446AD887BD7CAAB5C76D5] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files\Google\Drive\googledrivesync.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [GoogleChromeAutoLaunch_E1AB64F4BED446AD887BD7CAAB5C76D5] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Programs: Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
O4 - GS\Programs: Audacity.lnk . (.The Audacity Team - Audacity�, the Free, Cross-Platform Sound E.) -- C:\Program Files\Audacity\audacity.exe
O4 - GS\Programs: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP - GNU Image Manipulation Program.) -- C:\Program Files\GIMP 2\bin\gimp-2.8.exe
O4 - GS\Programs: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - GS\Programs: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - GS\Programs: VideoPad - Logiciel de montage vid�o.lnk . (.NCH Software - VideoPad - Logiciel de montage vid�o.) -- C:\Program Files\NCH Software\VideoPad\videopad.exe
O4 - GS\Programs: WinDirStat.lnk . (.Seifert - Windows Directory Statistics.) -- C:\Program Files\windirstat\windirstat.exe
O4 - GS\Programs: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Assistance � distance.lnk . (.Microsoft Corporation - Assistance � distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: FireArc Arcade.lnk . (...) -- C:\Documents and Settings\G�raud\Application Data\Microsoft\Installer\{617E8819-16F5-4216-9455-E06EA5743F81}\icon.ico
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 5 Legitimates Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356913275437
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1262D5B4-0C69-40D7-974C-41EAB76C3011}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1262D5B4-0C69-40D7-974C-41EAB76C3011}: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 5 Legitimates Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Netropa NHK Server (Nhksrv) . (...) - C:\WINDOWS\Nhksrv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) . (.Intel(R) Corporation - WLANKEEPER.) - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
~ Services: 15 Legitimates Scanned in 00mn 10s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\G�raud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\G�raud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\videopadShakeIcon.job [282]
[MD5.0BC5E597995EF53F6EE777D5B254208D] [APT] [videopadShakeIcon] (.NCH Software.) -- C:\Program Files\NCH Software\VideoPad\videopad.exe [3419140]
~ Scheduled Task: 15 Legitimates Scanned in 00mn 00s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 21 Legitimates Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
~ Drivers: 66 Legitimates Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Algodoo v2.0.1 - (.Algoryx.) [HKLM] -- Algodoo_is1
O42 - Logiciel: Automap 4.6 - (.Focusrite Audio Engineering Ltd..) [HKLM] -- Automap Universal_is1
O42 - Logiciel: BootSkin - (...) [HKLM] -- BootSkin
O42 - Logiciel: ChrisPC Free Anonymous Proxy 3.50 - (.Chris P.C. srl.) [HKLM] -- {6006089C-84B5-4F18-8113-D96792AED0DE}_is1
O42 - Logiciel: ClipConverter - (.Lunaweb.) [HKLM] -- {86134348-6422-4486-AB6A-0E01DBA39DE6}
O42 - Logiciel: Defcon v1.6 - (.Introversion Software Ltd.) [HKLM] -- Defcon_is1
O42 - Logiciel: FireArc Arcade - (.FireArc.com.) [HKLM] -- {617E8819-16F5-4216-9455-E06EA5743F81}
O42 - Logiciel: Freenet - (...) [HKCU] -- Freenet
O42 - Logiciel: FunnyGames - Happy Wheels - (.FunnyGames.) [HKCU] -- FunnyGames - happy_wheels
O42 - Logiciel: Gymnast v1.0 - (.Walaber.) [HKLM] -- Gymnast_is1
O42 - Logiciel: Mario Sokoban 1.0 - (.Le Site du Z�r0.) [HKLM] -- Mario Sokoban_is1
O42 - Logiciel: Max 5.1.8 - (.Cycling '74.) [HKLM] -- {261FDE14-0B8C-4B7A-8E37-A6F70FE5CEEA}
O42 - Logiciel: Novation USB Audio Driver 2.3 - (.Novation DMS Ltd..) [HKLM] -- Novation USB Audio Driver_is1
O42 - Logiciel: SPlayer - (...) [HKLM] -- SPlayer
O42 - Logiciel: TouchCopy 12 - (.Wide Angle Software.) [HKLM] -- {391A94D9-20EC-44FF-9E20-3F3166FF68E4}
O42 - Logiciel: Unique Demo - (.Sugar Bytes.) [HKLM] -- Unique Demo
O42 - Logiciel: Uplink (remove only) - (...) [HKLM] -- Uplink
O42 - Logiciel: Viper 3.0.04 - (.Kerigwa.) [HKLM] -- Viper
O42 - Logiciel: Wise JetSearch 1.24 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise JetSearch_is1
O42 - Logiciel: XILS 3 - (.XILS-lab.) [HKLM] -- XILS 3 DEMO_is1
O42 - Logiciel: YAMAHA Musicsoft Downloader 5 - (...) [HKLM] -- {6D3C6846-CDB6-418F-8FDB-DA21FE064F86}
O42 - Logiciel: Yamaha USB-MIDI Driver - (.Nom de votre soci�t�.) [HKLM] -- {271A659B-A7D3-405E-AE31-3086133BE0B7}
O42 - Logiciel: You Have to Win the Game - (...) [HKLM] -- TheGame
O42 - Logiciel: �Torrent - (.BitTorrent Inc..) [HKLM] -- uTorrent
~ Logic: 180 Legitimates Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Algodoo]
[HKCU\Software\Artichoke]
[HKCU\Software\BitTorrent]
[HKCU\Software\Bossa Studios]
[HKCU\Software\Data Realms]
[HKCU\Software\FileWall]
[HKCU\Software\FunnyGames]
[HKCU\Software\GoforFiles]
[HKCU\Software\Lunaweb]
[HKCU\Software\Netropa]
[HKCU\Software\Novation]
[HKCU\Software\RightMark]
[HKCU\Software\SPlayer]
[HKCU\Software\allen]
[HKLM\Software\Cycling '74]
[HKLM\Software\GoforFiles]
[HKLM\Software\Lenovo]
[HKLM\Software\Novation]
[HKLM\Software\TheGame"]
[HKLM\Software\Toribash]
[HKLM\Software\XILS-lab]
[HKLM\Software\YAMAHA]
~ Key Software: 270 Legitimates Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/02/2013 - 19:16:43 - [88,145] ----D C:\Program Files\Algodoo
O43 - CFD: 09/02/2013 - 01:44:49 - [11,500] ----D C:\Program Files\ChrisPC Free Anonymous Proxy
O43 - CFD: 19/01/2013 - 16:15:22 - [2,332] ----D C:\Program Files\CPU Rightmark Clock Utility
O43 - CFD: 10/03/2013 - 16:54:51 - [268,055] ----D C:\Program Files\Cycling '74
O43 - CFD: 30/03/2013 - 23:07:52 - [95,395] ----D C:\Program Files\Data Realms
O43 - CFD: 17/03/2013 - 20:27:44 - [59,373] ----D C:\Program Files\Defcon
O43 - CFD: 16/03/2013 - 19:06:15 - [25,526] ----D C:\Program Files\Dwarf Fortress
O43 - CFD: 26/02/2013 - 20:17:24 - [2,194] ----D C:\Program Files\EX096
O43 - CFD: 07/04/2013 - 16:21:20 - [156,429] ----D C:\Program Files\Faster Than Light
O43 - CFD: 03/04/2013 - 18:33:44 - [0,935] ----D C:\Program Files\FileWall
O43 - CFD: 17/02/2013 - 23:34:52 - [37,821] ----D C:\Program Files\FireArc Arcade
O43 - CFD: 03/04/2013 - 18:33:07 - [586,834] ----D C:\Program Files\Free Net
O43 - CFD: 28/03/2013 - 22:30:09 - [4,612] ----D C:\Program Files\FunnyGames
O43 - CFD: 30/03/2013 - 23:13:40 - [51,463] ----D C:\Program Files\Garage Games
O43 - CFD: 30/03/2013 - 20:26:43 - [30,036] ----D C:\Program Files\Gymnast
O43 - CFD: 14/04/2013 - 11:27:53 - [93,241] ----D C:\Program Files\Hacker Evolution
O43 - CFD: 13/04/2013 - 22:18:38 - [0] ----D C:\Program Files\Hacker Evolution Untold
O43 - CFD: 28/02/2013 - 15:59:46 - [177,981] ----D C:\Program Files\Ib
O43 - CFD: 03/04/2013 - 18:51:49 - [2,390] ----D C:\Program Files\Kerigwa
O43 - CFD: 21/01/2013 - 14:55:48 - [55,064] ----D C:\Program Files\Mad Father
O43 - CFD: 29/03/2013 - 03:26:55 - [1,771] ----D C:\Program Files\Mario Sokoban
O43 - CFD: 31/03/2013 - 03:03:41 - [5,739] ----D C:\Program Files\Noctis
O43 - CFD: 02/01/2013 - 15:50:37 - [505,006] ----D C:\Program Files\Novation
O43 - CFD: 21/03/2013 - 19:47:59 - [81,793] ----D C:\Program Files\Prison Architect (Alpha 5)
O43 - CFD: 21/03/2013 - 23:37:06 - [89,111] ----D C:\Program Files\Prison Architect (Alpha 7)
O43 - CFD: 07/04/2013 - 19:08:50 - [0,029] ----D C:\Program Files\REAPER
O43 - CFD: 10/04/2013 - 16:32:12 - [3,562] ----D C:\Program Files\SDL
O43 - CFD: 31/03/2013 - 18:45:06 - [19,862] ----D C:\Program Files\Slender2D
O43 - CFD: 30/03/2013 - 20:09:10 - [22,194] ----D C:\Program Files\Spewer
O43 - CFD: 13/04/2013 - 22:20:02 - [20,396] ----D C:\Program Files\SPlayer
O43 - CFD: 24/03/2013 - 18:47:38 - [4,676] ----D C:\Program Files\Sumotori Dreams
O43 - CFD: 29/01/2013 - 21:50:09 - [73,201] ----D C:\Program Files\Surgeon Simulator 2013
O43 - CFD: 31/03/2013 - 03:14:21 - [2,181] ----D C:\Program Files\TestPilot
O43 - CFD: 12/04/2013 - 00:12:10 - [62,290] ----D C:\Program Files\Uplink
O43 - CFD: 11/04/2013 - 00:09:18 - [18,201] ----D C:\Program Files\uplink backup
O43 - CFD: 13/01/2013 - 15:26:27 - [0,924] ----D C:\Program Files\uTorrent
O43 - CFD: 07/02/2013 - 14:44:16 - [8,132] ----D C:\Program Files\VSTHost
O43 - CFD: 26/01/2013 - 18:03:37 - [69,672] ----D C:\Program Files\WorldOfGoo
O43 - CFD: 29/01/2013 - 18:27:29 - [6,599] ----D C:\Program Files\YAMAHA
O43 - CFD: 20/03/2013 - 17:01:50 - [4,188] ----D C:\Program Files\You Have to Win the Game
O43 - CFD: 31/03/2013 - 02:52:59 - [0,055] ----D C:\Documents and Settings\G�raud\Application Data\Broken Rules
O43 - CFD: 10/03/2013 - 17:50:09 - [0,003] ----D C:\Documents and Settings\G�raud\Application Data\Cycling '74
O43 - CFD: 28/03/2013 - 22:30:09 - [0,024] ----D C:\Documents and Settings\G�raud\Application Data\FunnyGames
O43 - CFD: 03/04/2013 - 18:31:19 - [0,017] ----D C:\Documents and Settings\G�raud\Application Data\hideip_firefox_plugin
O43 - CFD: 26/02/2013 - 22:47:59 - [70,448] ----D C:\Documents and Settings\G�raud\Application Data\Lunaweb
O43 - CFD: 07/04/2013 - 19:07:04 - [14,343] ----D C:\Documents and Settings\G�raud\Application Data\REAPER
O43 - CFD: 13/04/2013 - 22:20:02 - [0,011] ----D C:\Documents and Settings\G�raud\Application Data\SPlayer
O43 - CFD: 26/01/2013 - 15:40:39 - [0] ----D C:\Documents and Settings\G�raud\Application Data\Toribash
O43 - CFD: 14/04/2013 - 11:38:34 - [2,970] ----D C:\Documents and Settings\G�raud\Application Data\uTorrent
O43 - CFD: 02/01/2013 - 16:14:06 - [0,001] ----D C:\Documents and Settings\G�raud\Local Settings\Application Data\Focusrite_Audio_Engineeri
O43 - CFD: 19/03/2013 - 02:21:07 - [19,480] ----D C:\Documents and Settings\G�raud\Local Settings\Application Data\Introversion
O43 - CFD: 02/01/2013 - 16:11:26 - [0,000] ----D C:\Documents and Settings\G�raud\Local Settings\Application Data\Novation
O43 - CFD: 26/02/2013 - 22:47:38 - [0,001] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\ClipConverter
O43 - CFD: 30/03/2013 - 23:09:24 - [0,002] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\Cortex Command
O43 - CFD: 28/03/2013 - 22:30:09 - [0,003] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\FunnyGames
O43 - CFD: 22/03/2013 - 01:29:41 - [0,004] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\Uplink
O43 - CFD: 03/04/2013 - 18:51:50 - [0,002] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\Viper
O43 - CFD: 29/03/2013 - 00:17:49 - [0,035] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\WinCustomize
O43 - CFD: 20/03/2013 - 17:01:51 - [0,003] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\You Have to Win the Game
~ Program Folder: 247 Legitimates Scanned in 00mn 10s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.EE9053E94DA66F1E02B73BB5E4D0FDD2] - 14/04/2013 - 10:25:29 ---A- . (...) -- C:\WINDOWS\system32\nvModes.001 [67110]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 13/04/2013 - 16:12:36 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.F5C397BEFBE878EBBAA17055D06359C7] - 13/04/2013 - 16:12:36 ---A- . (...) -- C:\WINDOWS\win.ini [507]
O44 - LFC:[MD5.B02570293375AA95365D75732A8E2C95] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [30914]
O44 - LFC:[MD5.FDE700EA64FA7A9E699D1B7D080D11A7] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [2125]
O44 - LFC:[MD5.BF8D5F83B2AF0309BEADD8C02E8CF433] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\comsetup.log [10282]
O44 - LFC:[MD5.82CCEE539EFF0BBC97932B9D0287EA58] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\iis6.log [33549]
O44 - LFC:[MD5.E975C66CE1DDD4BADE931D3F2C5FE737] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.0EC3AB5F636CCDDECC22E2686CA3B4C1] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\msgsocm.log [1545]
O44 - LFC:[MD5.EE354BB7E011917BBABCF5F53AD6CEEC] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\netfxocm.log [5415]
O44 - LFC:[MD5.A3E61E78E4191CF77A9CCD93BA6474DE] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [6217]
O44 - LFC:[MD5.1D15BE62BC1EEF5266D0184224E1E7EB] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\ocgen.log [14780]
O44 - LFC:[MD5.2B321CD9E9DBCD6E76A5A0756C4A8A30] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\ocmsn.log [1710]
O44 - LFC:[MD5.1969E4A55C53CFC6BB3AD3B241D2091B] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\tabletoc.log [1555]
O44 - LFC:[MD5.AEF8E0B36067981B273C057BBAA2AA85] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\tsoc.log [14108]
O44 - LFC:[MD5.3FAFE30155667F931EB6E52F40B4CFF5] - 12/04/2013 - 17:45:56 ---A- . (...) -- C:\WINDOWS\msmqinst.log [9586]
O44 - LFC:[MD5.F1C24D6857046DB8BECFC37384FE358D] - 12/04/2013 - 17:45:44 ---A- . (...) -- C:\WINDOWS\updspapi.log [3651]
O44 - LFC:[MD5.E0C10E92BC558CF8D55519ED91D2C5A0] - 12/04/2013 - 17:45:06 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.EE9053E94DA66F1E02B73BB5E4D0FDD2] - 11/04/2013 - 23:47:32 ---A- . (...) -- C:\WINDOWS\system32\nvModes.dat [67110]
O44 - LFC:[MD5.C358E930AEEFECDCF9CA0496D2A29D58] - 07/04/2013 - 22:45:49 ---A- . (...) -- C:\WINDOWS\wiadebug.log [411]
O44 - LFC:[MD5.8FE95BC008DB041A5EE896379B621F39] - 07/04/2013 - 22:42:29 ---A- . (...) -- C:\WINDOWS\system32\Drivers\vidstub.sys [163712]
O44 - LFC:[MD5.D4233FEF1C96033912AD54DA285C6DC8] - 07/04/2013 - 21:15:48 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/04/2013 - 16:36:49 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.87DFD728C430F7833ECD52863CCC9596] - 07/04/2013 - 01:15:20 ---A- . (...) -- C:\WINDOWS\unins000.dat [69333]
O44 - LFC:[MD5.BE3CF4CE7959756AA5D65B04768559C0] - 07/04/2013 - 01:14:49 ---A- . (.Pas de propri�taire - Setup/Uninstall.) -- C:\WINDOWS\unins000.exe [714939]
O44 - LFC:[MD5.4965107D112666D3835308A831A29274] - 03/04/2013 - 17:48:26 ---A- . (.Pas de propri�taire - zlib data compression library.) -- C:\WINDOWS\system32\zlib.dll [53248]
O44 - LFC:[MD5.55BA61592748E42A0795AB87E08FF1B0] - 03/04/2013 - 17:33:42 ---A- . (.HummerStudio - FileWall Driver for x86.) -- C:\WINDOWS\system32\Drivers\FileWall.sys [177544]
O44 - LFC:[MD5.9E36A07658685B0F18A35394F58A0CBA] - 01/04/2013 - 14:19:06 ---A- . (.http://libusb-win32.sourceforge.net - LibUsb-Win32 - Generic USB Library.) -- C:\WINDOWS\system32\libusbd-9x.exe [19456]
O44 - LFC:[MD5.8B4B572753419FE601220526205F9455] - 01/04/2013 - 14:19:06 ---A- . (.http://libusb-win32.sourceforge.net - LibUsb-Win32 - Generic USB Library.) -- C:\WINDOWS\system32\libusbd-nt.exe [18944]
O44 - LFC:[MD5.0950D588F816CE8079928FB9DA4FB9E2] - 01/04/2013 - 14:16:48 ---A- . (.Logicool Co. Ltd. - Logicool Force Feedback Driver.) -- C:\WINDOWS\system32\MijFrc.dll [255496]
O44 - LFC:[MD5.7229688F8B55E80D340F3897942FD5A0] - 31/03/2013 - 01:52:46 ---A- . (...) -- C:\WINDOWS\d3dx.dat [4096]
O44 - LFC:[MD5.814DED6A705FEFBCDD8A50E7B449463F] - 28/03/2013 - 22:59:01 ---A- . (.RealVNC Ltd. - VNC Mirror Driver.) -- C:\WINDOWS\system32\vncmirror.dll [20992]
O44 - LFC:[MD5.3B8F222B23917C041E4DA29CCC57E7D0] - 28/03/2013 - 22:59:01 ---A- . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\WINDOWS\system32\Drivers\vncmirror.sys [4608]
O44 - LFC:[MD5.5319BF20F48884E594F84097A600424B] - 09/07/2004 - 04:26:40 ---A- . (...) -- C:\WINDOWS\system32\psisdecd.dll [354816]
O44 - LFC:[MD5.E93D7D262A33D14AEF13398AB83FE08B] - 09/07/2004 - 04:26:40 ---A- . (...) -- C:\WINDOWS\system32\psisrndr.ax [30208]
O44 - LFC:[MD5.DDB9B5C1CE074274D74B8A7910C97208] - 09/07/2004 - 04:26:38 ---A- . (...) -- C:\WINDOWS\system32\msdvbnp.ax [52224]
~ Files: 89 Legitimates Scanned in 00mn 04s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Novation\Automap\AutomapServer.exe" [Enabled] .(.Focusrite Audio Engineering Ltd..) -- C:\Program Files\Novation\Automap\AutomapServer.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Terraria\TerrariaServer.exe" [Enabled] .(.Re-Logic.) -- C:\Program Files\Terraria\TerrariaServer.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Defcon\defcon.exe" [Enabled] .(.Introversion Software.) -- C:\Program Files\Defcon\defcon.exe
O47 - AAKE:Key Export SP - "C:\Program Files\You Have to Win the Game\TheGame.exe" [Enabled] .(.Pas de propri�taire.) -- C:\Program Files\You Have to Win the Game\TheGame.exe
~ Keys Export: 20 Legitimates Scanned in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 6 Legitimates Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 23 Legitimates Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"midi7"="xgusb.cpl" . (.Yamaha Corporation - USB-MIDI Driver Control Panel.) -- C:\WINDOWS\system32\xgusb.cpl
O52 - TDSD: \drivers.desc\"xgusb.cpl"="Yamaha Corporation USB MIDI Driver" . (.Yamaha Corporation - USB-MIDI Driver Control Panel.) -- C:\WINDOWS\system32\xgusb.cpl
~ TDSD: 20 Legitimates Scanned in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
~ MSCP: 6 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
~ MWPS: 5 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 2 Legitimates Scanned in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.91F3DF93F40A74D222CD166FE95DB633] - 28/12/2012 - 22:43:58 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\Drivers\AegisP.sys [21275]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 07/04/2013 - Pas de propri�taire (BootScreen) .(...) - LEGACY_BOOTSCREEN
O64 - Services: CurCS - 11/12/2011 - C:\WINDOWS\system32\drivers\FileWall.sys (FileWall) .(.HummerStudio - FileWall Driver for x86.) - LEGACY_FILEWALL
O64 - Services: CurCS - 14/12/2012 - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Hamachi2Svc) .(.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - LEGACY_HAMACHI2SVC
O64 - Services: CurCS - 29/12/2012 - Pas de propri�taire (Nhksrv) .(...) - LEGACY_NHKSRV
O64 - Services: CurCS - 10/03/2010 - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe (PSI_SVC_2) .(.Protexis Inc. - PsiService PsiService.) - LEGACY_PSI_SVC_2
O64 - Services: CurCS - 25/05/2005 - Pas de propri�taire (RTCore32) .(...) - LEGACY_RTCORE32
O64 - Services: CurCS - 17/07/2012 - C:\Program Files\Wise\Wise Care 365\BootTime.exe (WiseBootAssistant) .(.WiseCleaner.com - Wise BootTime Service.) - LEGACY_WISEBOOTASSISTANT
O64 - Services: CurCS - 01/05/2006 - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (WLANKEEPER) .(.Intel(R) Corporation - WLANKEEPER.) - LEGACY_WLANKEEPER
~ Legacy: 141 Legitimates Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 17 Legitimates Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {CFEFE5CF-DF18-4978-B754-CB1BC1161070} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 40 Legitimates Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11523 - (13/04/2013)
Cl�s trouv�es (Keys found) : 0
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0
~ Additionnel: Scanned in 00mn 29s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "9D49A193CE02FF44E902F31366FF864E" . (.TouchCopy 12.) -- C:\WINDOWS\Installer\{391A94D9-20EC-44FF-9E20-3F3166FF68E4}\_853F67D554F05449430E7E.exe
~ Update Products: 68 Legitimates Scanned in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 06/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 01/05/2006 114753 | (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
SS - | Auto 28/12/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 28/12/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 14/12/2012 1436160 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
SR - | Demand 20/02/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 10/04/2013 170912 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto ??\??\???? 0 | C:\WINDOWS\system32\libusbd-nt.exe (libusbd) . (.http://libusb-win32.sourceforge.net.) - c:\system32\libusbd-nt.exe
SS - | Demand 28/10/2012 312264 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SR - | Auto 28672 | (Nhksrv) . (...) - C:\WINDOWS\Nhksrv.exe
SR - | Auto 17/11/2007 155716 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
SR - | Auto 01/05/2006 217164 | (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
SR - | Auto 01/05/2006 540745 | (S24EventMonitor) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 14/12/2012 3467768 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
SS - | Auto 17/07/2012 580648 | (WiseBootAssistant) . (.WiseCleaner.com.) - C:\Program Files\Wise\Wise Care 365\BootTime.exe
SR - | Auto 01/05/2006 262217 | (WLANKEEPER) . (.Intel(R) Corporation.) - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
~ Services: Scanned in 00mn 00s
~ 1105 Legitimates filtered by white list
End of the scan (664 lines in 01mn 24s)(0)
Run by G�raud at 14/04/2013 11:38:35
State : Version � jour.
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 17.0.1 v17.0.1
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
avast! Free Antivirus v8.0.1483.0
---\\ System Optimizer
CCleaner v3.28
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 17
---\\ System Information
~ Processor: x86 Family 6 Model 14 Stepping 8, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (51% free)
System Restore: Activ� (Enable)
System drive C: has 356 GB (76%) free of 466 GB
---\\ Logged in mode
~ Computer Name: DETERSON
~ User Name: G�raud
~ All Users Names: SUPPORT_388945a0, HelpAssistant, G�raud, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\G�raud\Application Data\
~ %Desktop% : C:\Documents and Settings\G�raud\Bureau\
~ %Favorites% : C:\Documents and Settings\G�raud\Favoris\
~ %LocalAppData% : C:\Documents and Settings\G�raud\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\G�raud\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 356 Go of 466 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.48309E1F5ED8E72783EEFBA04898BDA1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/03/2013 - 02:55:11.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 19:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/12
~ Mes musiques (My Musics) : 3/145
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/12
~ Mes Documents (My Documents) : 1/22954
~ Mon Bureau (My Desktop) : 0/7772
~ Menu demarrer (Programs) : 1/119
~ Hidden Files: Scanned in 00mn 19s
---\\ Processus lanc�s
[MD5.F96E450937BAD69FE4804D46829AA5C7] - (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753] [PID.1484]
[MD5.99647323602BE0E77A9737E6EADA65BA] - (.Intel Corporation - Wireless Management Service.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745] [PID.1520]
[MD5.E876C33293AA5FFA81A1AA28D594712E] - (.Intel(R) Corporation - WLANKEEPER.) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [262217] [PID.1544]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.120]
[MD5.522215532916836B9CA19EE30658F3C1] - (...) -- C:\WINDOWS\Nhksrv.exe [28672] [PID.1632]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1708]
[MD5.621022468E8D240B15BF98E5B5E2DAEC] - (.Uniblue Systems Limited - Uniblue DriverScanner Monitor.) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe [26016] [PID.372]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.436]
[MD5.8B4B572753419FE601220526205F9455] - (.http://libusb-win32.sourceforge.net - LibUsb-Win32 - Generic USB Library.) -- C:\WINDOWS\system32\libusbd-nt.exe [18944] [PID.1780]
[MD5.143F50273CFB6D970F06A1C2D7FBBF78] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 156.8.) -- C:\WINDOWS\system32\nvsvc32.exe [155716] [PID.1988]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\rundll32.exe [0] [PID.2164]
[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [189728] [PID.2612]
[MD5.B8C80DCCD4CE7CBF1FE8600B68418536] - (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718] [PID.2844]
[MD5.6210679582240D54CC7FCC6278CA8B04] - (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164] [PID.2972]
[MD5.DA199948BDF65D2EF9109B60EC4621D0] - (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182] [PID.3060]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304] [PID.3072]
[MD5.9F3E7CABE86BBDECA009DE291DB6D9E2] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [3467768] [PID.3320]
[MD5.C4C11F8A363B2596A647B1A079B39C89] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [509816] [PID.3456]
[MD5.012844A8E13BE3941C9CAF1F91F47DF2] - (.SigmaTel, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504] [PID.3640]
[MD5.8E2A7F1F62467A7DCB8AB2C0642F47CA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.3856]
[MD5.B70EFFF003D51A94FCC4C6C66F5E610F] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [57680] [PID.776]
[MD5.DFC8186972EB21F75E5B532194AF4C3A] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [54640] [PID.2128]
[MD5.7A42A8E161DC32C5A40C5813ED64DF03] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [54744] [PID.2448]
[MD5.E46B17060D3962A384AE484094614788] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.3468]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [252848] [PID.3520]
[MD5.755DB0FABD639DE8D9FA6D446BA90D36] - (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [487424] [PID.3100]
[MD5.1CC87053C28DCA5CD94CAC36DC56E7B4] - (.Intel Corporation - Intel 802.1x Server.) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe [397381] [PID.3180]
[MD5.F99DB28C5D47A940883BCF695DD654B1] - (...) -- C:\Program Files\Free Net\Freenet\freenet.exe [474097] [PID.272]
[MD5.F00C92F723D81F1405238432007D7DCC] - (.Tanuki Software, Ltd. - Java Service Wrapper Community Edition 3.3..) -- C:\Program Files\Free Net\Freenet\wrapper\freenetwrapper.exe [241664] [PID.244]
[MD5.1307C55F9FF45A1FD18F09C88321021C] - (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe [969104] [PID.4480]
[MD5.831347571C0F5006CE3913D32F21AB69] - (.Microsoft Corporation - Contr�le du volume.) -- C:\WINDOWS\system32\SNDVOL32.exe [139264] [PID.7844]
[MD5.04F4D7D7B97C616C33DC3EFFD48875E0] - (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\java.exe [174496] [PID.2328]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1312720] [PID.1680]
[MD5.00E193148E1DC8145CE4219900593705] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6742016] [PID.656]
[MD5.67949CC8A865296C1333C96A4E1A2D66] - (.Microsoft Corporation - Serveur de gestion de ressources des cartes.) -- C:\WINDOWS\System32\SCardSvr.exe [100352] [PID.868]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.4016]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\G�raud\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\G�raud\Application Data\Mozilla\Firefox\Profiles\vdd5n7wv.default\prefs.js
~ Firefox Browser: 18 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
~ IE Browser: 9 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
~ BHO: 4 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] bthprops.cpl
O4 - HKLM\..\Run: [IntelZeroConfig] . (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] . (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [DellTouch] . (.Netropa Corp. - Netropa(tm) Hot Key.) -- C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] . (.SigmaTel, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe
O4 - HKLM\..\Run: [NVHotkey] nvHotkey.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] . (.Pas de propri�taire - Stardock BootSkin!.) -- C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files\Google\Drive\googledrivesync.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E1AB64F4BED446AD887BD7CAAB5C76D5] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files\Google\Drive\googledrivesync.exe
O4 - HKUS\S-1-5-21-1757981266-329068152-1606980848-1003\..\Run: [GoogleChromeAutoLaunch_E1AB64F4BED446AD887BD7CAAB5C76D5] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Programs: Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
O4 - GS\Programs: Audacity.lnk . (.The Audacity Team - Audacity�, the Free, Cross-Platform Sound E.) -- C:\Program Files\Audacity\audacity.exe
O4 - GS\Programs: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP - GNU Image Manipulation Program.) -- C:\Program Files\GIMP 2\bin\gimp-2.8.exe
O4 - GS\Programs: Inkscape.lnk . (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape\inkscape.exe
O4 - GS\Programs: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - GS\Programs: VideoPad - Logiciel de montage vid�o.lnk . (.NCH Software - VideoPad - Logiciel de montage vid�o.) -- C:\Program Files\NCH Software\VideoPad\videopad.exe
O4 - GS\Programs: WinDirStat.lnk . (.Seifert - Windows Directory Statistics.) -- C:\Program Files\windirstat\windirstat.exe
O4 - GS\Programs: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Assistance � distance.lnk . (.Microsoft Corporation - Assistance � distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: FireArc Arcade.lnk . (...) -- C:\Documents and Settings\G�raud\Application Data\Microsoft\Installer\{617E8819-16F5-4216-9455-E06EA5743F81}\icon.ico
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 5 Legitimates Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356913275437
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1262D5B4-0C69-40D7-974C-41EAB76C3011}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1262D5B4-0C69-40D7-974C-41EAB76C3011}: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 5 Legitimates Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Netropa NHK Server (Nhksrv) . (...) - C:\WINDOWS\Nhksrv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) . (.Intel(R) Corporation - WLANKEEPER.) - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
~ Services: 15 Legitimates Scanned in 00mn 10s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\G�raud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\G�raud\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\videopadShakeIcon.job [282]
[MD5.0BC5E597995EF53F6EE777D5B254208D] [APT] [videopadShakeIcon] (.NCH Software.) -- C:\Program Files\NCH Software\VideoPad\videopad.exe [3419140]
~ Scheduled Task: 15 Legitimates Scanned in 00mn 00s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 21 Legitimates Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
~ Drivers: 66 Legitimates Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Algodoo v2.0.1 - (.Algoryx.) [HKLM] -- Algodoo_is1
O42 - Logiciel: Automap 4.6 - (.Focusrite Audio Engineering Ltd..) [HKLM] -- Automap Universal_is1
O42 - Logiciel: BootSkin - (...) [HKLM] -- BootSkin
O42 - Logiciel: ChrisPC Free Anonymous Proxy 3.50 - (.Chris P.C. srl.) [HKLM] -- {6006089C-84B5-4F18-8113-D96792AED0DE}_is1
O42 - Logiciel: ClipConverter - (.Lunaweb.) [HKLM] -- {86134348-6422-4486-AB6A-0E01DBA39DE6}
O42 - Logiciel: Defcon v1.6 - (.Introversion Software Ltd.) [HKLM] -- Defcon_is1
O42 - Logiciel: FireArc Arcade - (.FireArc.com.) [HKLM] -- {617E8819-16F5-4216-9455-E06EA5743F81}
O42 - Logiciel: Freenet - (...) [HKCU] -- Freenet
O42 - Logiciel: FunnyGames - Happy Wheels - (.FunnyGames.) [HKCU] -- FunnyGames - happy_wheels
O42 - Logiciel: Gymnast v1.0 - (.Walaber.) [HKLM] -- Gymnast_is1
O42 - Logiciel: Mario Sokoban 1.0 - (.Le Site du Z�r0.) [HKLM] -- Mario Sokoban_is1
O42 - Logiciel: Max 5.1.8 - (.Cycling '74.) [HKLM] -- {261FDE14-0B8C-4B7A-8E37-A6F70FE5CEEA}
O42 - Logiciel: Novation USB Audio Driver 2.3 - (.Novation DMS Ltd..) [HKLM] -- Novation USB Audio Driver_is1
O42 - Logiciel: SPlayer - (...) [HKLM] -- SPlayer
O42 - Logiciel: TouchCopy 12 - (.Wide Angle Software.) [HKLM] -- {391A94D9-20EC-44FF-9E20-3F3166FF68E4}
O42 - Logiciel: Unique Demo - (.Sugar Bytes.) [HKLM] -- Unique Demo
O42 - Logiciel: Uplink (remove only) - (...) [HKLM] -- Uplink
O42 - Logiciel: Viper 3.0.04 - (.Kerigwa.) [HKLM] -- Viper
O42 - Logiciel: Wise JetSearch 1.24 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise JetSearch_is1
O42 - Logiciel: XILS 3 - (.XILS-lab.) [HKLM] -- XILS 3 DEMO_is1
O42 - Logiciel: YAMAHA Musicsoft Downloader 5 - (...) [HKLM] -- {6D3C6846-CDB6-418F-8FDB-DA21FE064F86}
O42 - Logiciel: Yamaha USB-MIDI Driver - (.Nom de votre soci�t�.) [HKLM] -- {271A659B-A7D3-405E-AE31-3086133BE0B7}
O42 - Logiciel: You Have to Win the Game - (...) [HKLM] -- TheGame
O42 - Logiciel: �Torrent - (.BitTorrent Inc..) [HKLM] -- uTorrent
~ Logic: 180 Legitimates Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Algodoo]
[HKCU\Software\Artichoke]
[HKCU\Software\BitTorrent]
[HKCU\Software\Bossa Studios]
[HKCU\Software\Data Realms]
[HKCU\Software\FileWall]
[HKCU\Software\FunnyGames]
[HKCU\Software\GoforFiles]
[HKCU\Software\Lunaweb]
[HKCU\Software\Netropa]
[HKCU\Software\Novation]
[HKCU\Software\RightMark]
[HKCU\Software\SPlayer]
[HKCU\Software\allen]
[HKLM\Software\Cycling '74]
[HKLM\Software\GoforFiles]
[HKLM\Software\Lenovo]
[HKLM\Software\Novation]
[HKLM\Software\TheGame"]
[HKLM\Software\Toribash]
[HKLM\Software\XILS-lab]
[HKLM\Software\YAMAHA]
~ Key Software: 270 Legitimates Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/02/2013 - 19:16:43 - [88,145] ----D C:\Program Files\Algodoo
O43 - CFD: 09/02/2013 - 01:44:49 - [11,500] ----D C:\Program Files\ChrisPC Free Anonymous Proxy
O43 - CFD: 19/01/2013 - 16:15:22 - [2,332] ----D C:\Program Files\CPU Rightmark Clock Utility
O43 - CFD: 10/03/2013 - 16:54:51 - [268,055] ----D C:\Program Files\Cycling '74
O43 - CFD: 30/03/2013 - 23:07:52 - [95,395] ----D C:\Program Files\Data Realms
O43 - CFD: 17/03/2013 - 20:27:44 - [59,373] ----D C:\Program Files\Defcon
O43 - CFD: 16/03/2013 - 19:06:15 - [25,526] ----D C:\Program Files\Dwarf Fortress
O43 - CFD: 26/02/2013 - 20:17:24 - [2,194] ----D C:\Program Files\EX096
O43 - CFD: 07/04/2013 - 16:21:20 - [156,429] ----D C:\Program Files\Faster Than Light
O43 - CFD: 03/04/2013 - 18:33:44 - [0,935] ----D C:\Program Files\FileWall
O43 - CFD: 17/02/2013 - 23:34:52 - [37,821] ----D C:\Program Files\FireArc Arcade
O43 - CFD: 03/04/2013 - 18:33:07 - [586,834] ----D C:\Program Files\Free Net
O43 - CFD: 28/03/2013 - 22:30:09 - [4,612] ----D C:\Program Files\FunnyGames
O43 - CFD: 30/03/2013 - 23:13:40 - [51,463] ----D C:\Program Files\Garage Games
O43 - CFD: 30/03/2013 - 20:26:43 - [30,036] ----D C:\Program Files\Gymnast
O43 - CFD: 14/04/2013 - 11:27:53 - [93,241] ----D C:\Program Files\Hacker Evolution
O43 - CFD: 13/04/2013 - 22:18:38 - [0] ----D C:\Program Files\Hacker Evolution Untold
O43 - CFD: 28/02/2013 - 15:59:46 - [177,981] ----D C:\Program Files\Ib
O43 - CFD: 03/04/2013 - 18:51:49 - [2,390] ----D C:\Program Files\Kerigwa
O43 - CFD: 21/01/2013 - 14:55:48 - [55,064] ----D C:\Program Files\Mad Father
O43 - CFD: 29/03/2013 - 03:26:55 - [1,771] ----D C:\Program Files\Mario Sokoban
O43 - CFD: 31/03/2013 - 03:03:41 - [5,739] ----D C:\Program Files\Noctis
O43 - CFD: 02/01/2013 - 15:50:37 - [505,006] ----D C:\Program Files\Novation
O43 - CFD: 21/03/2013 - 19:47:59 - [81,793] ----D C:\Program Files\Prison Architect (Alpha 5)
O43 - CFD: 21/03/2013 - 23:37:06 - [89,111] ----D C:\Program Files\Prison Architect (Alpha 7)
O43 - CFD: 07/04/2013 - 19:08:50 - [0,029] ----D C:\Program Files\REAPER
O43 - CFD: 10/04/2013 - 16:32:12 - [3,562] ----D C:\Program Files\SDL
O43 - CFD: 31/03/2013 - 18:45:06 - [19,862] ----D C:\Program Files\Slender2D
O43 - CFD: 30/03/2013 - 20:09:10 - [22,194] ----D C:\Program Files\Spewer
O43 - CFD: 13/04/2013 - 22:20:02 - [20,396] ----D C:\Program Files\SPlayer
O43 - CFD: 24/03/2013 - 18:47:38 - [4,676] ----D C:\Program Files\Sumotori Dreams
O43 - CFD: 29/01/2013 - 21:50:09 - [73,201] ----D C:\Program Files\Surgeon Simulator 2013
O43 - CFD: 31/03/2013 - 03:14:21 - [2,181] ----D C:\Program Files\TestPilot
O43 - CFD: 12/04/2013 - 00:12:10 - [62,290] ----D C:\Program Files\Uplink
O43 - CFD: 11/04/2013 - 00:09:18 - [18,201] ----D C:\Program Files\uplink backup
O43 - CFD: 13/01/2013 - 15:26:27 - [0,924] ----D C:\Program Files\uTorrent
O43 - CFD: 07/02/2013 - 14:44:16 - [8,132] ----D C:\Program Files\VSTHost
O43 - CFD: 26/01/2013 - 18:03:37 - [69,672] ----D C:\Program Files\WorldOfGoo
O43 - CFD: 29/01/2013 - 18:27:29 - [6,599] ----D C:\Program Files\YAMAHA
O43 - CFD: 20/03/2013 - 17:01:50 - [4,188] ----D C:\Program Files\You Have to Win the Game
O43 - CFD: 31/03/2013 - 02:52:59 - [0,055] ----D C:\Documents and Settings\G�raud\Application Data\Broken Rules
O43 - CFD: 10/03/2013 - 17:50:09 - [0,003] ----D C:\Documents and Settings\G�raud\Application Data\Cycling '74
O43 - CFD: 28/03/2013 - 22:30:09 - [0,024] ----D C:\Documents and Settings\G�raud\Application Data\FunnyGames
O43 - CFD: 03/04/2013 - 18:31:19 - [0,017] ----D C:\Documents and Settings\G�raud\Application Data\hideip_firefox_plugin
O43 - CFD: 26/02/2013 - 22:47:59 - [70,448] ----D C:\Documents and Settings\G�raud\Application Data\Lunaweb
O43 - CFD: 07/04/2013 - 19:07:04 - [14,343] ----D C:\Documents and Settings\G�raud\Application Data\REAPER
O43 - CFD: 13/04/2013 - 22:20:02 - [0,011] ----D C:\Documents and Settings\G�raud\Application Data\SPlayer
O43 - CFD: 26/01/2013 - 15:40:39 - [0] ----D C:\Documents and Settings\G�raud\Application Data\Toribash
O43 - CFD: 14/04/2013 - 11:38:34 - [2,970] ----D C:\Documents and Settings\G�raud\Application Data\uTorrent
O43 - CFD: 02/01/2013 - 16:14:06 - [0,001] ----D C:\Documents and Settings\G�raud\Local Settings\Application Data\Focusrite_Audio_Engineeri
O43 - CFD: 19/03/2013 - 02:21:07 - [19,480] ----D C:\Documents and Settings\G�raud\Local Settings\Application Data\Introversion
O43 - CFD: 02/01/2013 - 16:11:26 - [0,000] ----D C:\Documents and Settings\G�raud\Local Settings\Application Data\Novation
O43 - CFD: 26/02/2013 - 22:47:38 - [0,001] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\ClipConverter
O43 - CFD: 30/03/2013 - 23:09:24 - [0,002] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\Cortex Command
O43 - CFD: 28/03/2013 - 22:30:09 - [0,003] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\FunnyGames
O43 - CFD: 22/03/2013 - 01:29:41 - [0,004] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\Uplink
O43 - CFD: 03/04/2013 - 18:51:50 - [0,002] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\Viper
O43 - CFD: 29/03/2013 - 00:17:49 - [0,035] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\WinCustomize
O43 - CFD: 20/03/2013 - 17:01:51 - [0,003] ----D C:\Documents and Settings\G�raud\Menu D�marrer\Programmes\You Have to Win the Game
~ Program Folder: 247 Legitimates Scanned in 00mn 10s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.EE9053E94DA66F1E02B73BB5E4D0FDD2] - 14/04/2013 - 10:25:29 ---A- . (...) -- C:\WINDOWS\system32\nvModes.001 [67110]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 13/04/2013 - 16:12:36 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.F5C397BEFBE878EBBAA17055D06359C7] - 13/04/2013 - 16:12:36 ---A- . (...) -- C:\WINDOWS\win.ini [507]
O44 - LFC:[MD5.B02570293375AA95365D75732A8E2C95] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [30914]
O44 - LFC:[MD5.FDE700EA64FA7A9E699D1B7D080D11A7] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [2125]
O44 - LFC:[MD5.BF8D5F83B2AF0309BEADD8C02E8CF433] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\comsetup.log [10282]
O44 - LFC:[MD5.82CCEE539EFF0BBC97932B9D0287EA58] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\iis6.log [33549]
O44 - LFC:[MD5.E975C66CE1DDD4BADE931D3F2C5FE737] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.0EC3AB5F636CCDDECC22E2686CA3B4C1] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\msgsocm.log [1545]
O44 - LFC:[MD5.EE354BB7E011917BBABCF5F53AD6CEEC] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\netfxocm.log [5415]
O44 - LFC:[MD5.A3E61E78E4191CF77A9CCD93BA6474DE] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [6217]
O44 - LFC:[MD5.1D15BE62BC1EEF5266D0184224E1E7EB] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\ocgen.log [14780]
O44 - LFC:[MD5.2B321CD9E9DBCD6E76A5A0756C4A8A30] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\ocmsn.log [1710]
O44 - LFC:[MD5.1969E4A55C53CFC6BB3AD3B241D2091B] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\tabletoc.log [1555]
O44 - LFC:[MD5.AEF8E0B36067981B273C057BBAA2AA85] - 12/04/2013 - 17:45:57 ---A- . (...) -- C:\WINDOWS\tsoc.log [14108]
O44 - LFC:[MD5.3FAFE30155667F931EB6E52F40B4CFF5] - 12/04/2013 - 17:45:56 ---A- . (...) -- C:\WINDOWS\msmqinst.log [9586]
O44 - LFC:[MD5.F1C24D6857046DB8BECFC37384FE358D] - 12/04/2013 - 17:45:44 ---A- . (...) -- C:\WINDOWS\updspapi.log [3651]
O44 - LFC:[MD5.E0C10E92BC558CF8D55519ED91D2C5A0] - 12/04/2013 - 17:45:06 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.EE9053E94DA66F1E02B73BB5E4D0FDD2] - 11/04/2013 - 23:47:32 ---A- . (...) -- C:\WINDOWS\system32\nvModes.dat [67110]
O44 - LFC:[MD5.C358E930AEEFECDCF9CA0496D2A29D58] - 07/04/2013 - 22:45:49 ---A- . (...) -- C:\WINDOWS\wiadebug.log [411]
O44 - LFC:[MD5.8FE95BC008DB041A5EE896379B621F39] - 07/04/2013 - 22:42:29 ---A- . (...) -- C:\WINDOWS\system32\Drivers\vidstub.sys [163712]
O44 - LFC:[MD5.D4233FEF1C96033912AD54DA285C6DC8] - 07/04/2013 - 21:15:48 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/04/2013 - 16:36:49 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.87DFD728C430F7833ECD52863CCC9596] - 07/04/2013 - 01:15:20 ---A- . (...) -- C:\WINDOWS\unins000.dat [69333]
O44 - LFC:[MD5.BE3CF4CE7959756AA5D65B04768559C0] - 07/04/2013 - 01:14:49 ---A- . (.Pas de propri�taire - Setup/Uninstall.) -- C:\WINDOWS\unins000.exe [714939]
O44 - LFC:[MD5.4965107D112666D3835308A831A29274] - 03/04/2013 - 17:48:26 ---A- . (.Pas de propri�taire - zlib data compression library.) -- C:\WINDOWS\system32\zlib.dll [53248]
O44 - LFC:[MD5.55BA61592748E42A0795AB87E08FF1B0] - 03/04/2013 - 17:33:42 ---A- . (.HummerStudio - FileWall Driver for x86.) -- C:\WINDOWS\system32\Drivers\FileWall.sys [177544]
O44 - LFC:[MD5.9E36A07658685B0F18A35394F58A0CBA] - 01/04/2013 - 14:19:06 ---A- . (.http://libusb-win32.sourceforge.net - LibUsb-Win32 - Generic USB Library.) -- C:\WINDOWS\system32\libusbd-9x.exe [19456]
O44 - LFC:[MD5.8B4B572753419FE601220526205F9455] - 01/04/2013 - 14:19:06 ---A- . (.http://libusb-win32.sourceforge.net - LibUsb-Win32 - Generic USB Library.) -- C:\WINDOWS\system32\libusbd-nt.exe [18944]
O44 - LFC:[MD5.0950D588F816CE8079928FB9DA4FB9E2] - 01/04/2013 - 14:16:48 ---A- . (.Logicool Co. Ltd. - Logicool Force Feedback Driver.) -- C:\WINDOWS\system32\MijFrc.dll [255496]
O44 - LFC:[MD5.7229688F8B55E80D340F3897942FD5A0] - 31/03/2013 - 01:52:46 ---A- . (...) -- C:\WINDOWS\d3dx.dat [4096]
O44 - LFC:[MD5.814DED6A705FEFBCDD8A50E7B449463F] - 28/03/2013 - 22:59:01 ---A- . (.RealVNC Ltd. - VNC Mirror Driver.) -- C:\WINDOWS\system32\vncmirror.dll [20992]
O44 - LFC:[MD5.3B8F222B23917C041E4DA29CCC57E7D0] - 28/03/2013 - 22:59:01 ---A- . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\WINDOWS\system32\Drivers\vncmirror.sys [4608]
O44 - LFC:[MD5.5319BF20F48884E594F84097A600424B] - 09/07/2004 - 04:26:40 ---A- . (...) -- C:\WINDOWS\system32\psisdecd.dll [354816]
O44 - LFC:[MD5.E93D7D262A33D14AEF13398AB83FE08B] - 09/07/2004 - 04:26:40 ---A- . (...) -- C:\WINDOWS\system32\psisrndr.ax [30208]
O44 - LFC:[MD5.DDB9B5C1CE074274D74B8A7910C97208] - 09/07/2004 - 04:26:38 ---A- . (...) -- C:\WINDOWS\system32\msdvbnp.ax [52224]
~ Files: 89 Legitimates Scanned in 00mn 04s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Novation\Automap\AutomapServer.exe" [Enabled] .(.Focusrite Audio Engineering Ltd..) -- C:\Program Files\Novation\Automap\AutomapServer.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Terraria\TerrariaServer.exe" [Enabled] .(.Re-Logic.) -- C:\Program Files\Terraria\TerrariaServer.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Defcon\defcon.exe" [Enabled] .(.Introversion Software.) -- C:\Program Files\Defcon\defcon.exe
O47 - AAKE:Key Export SP - "C:\Program Files\You Have to Win the Game\TheGame.exe" [Enabled] .(.Pas de propri�taire.) -- C:\Program Files\You Have to Win the Game\TheGame.exe
~ Keys Export: 20 Legitimates Scanned in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 6 Legitimates Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 23 Legitimates Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"midi7"="xgusb.cpl" . (.Yamaha Corporation - USB-MIDI Driver Control Panel.) -- C:\WINDOWS\system32\xgusb.cpl
O52 - TDSD: \drivers.desc\"xgusb.cpl"="Yamaha Corporation USB MIDI Driver" . (.Yamaha Corporation - USB-MIDI Driver Control Panel.) -- C:\WINDOWS\system32\xgusb.cpl
~ TDSD: 20 Legitimates Scanned in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
~ MSCP: 6 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
~ MWPS: 5 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 2 Legitimates Scanned in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.91F3DF93F40A74D222CD166FE95DB633] - 28/12/2012 - 22:43:58 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\Drivers\AegisP.sys [21275]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 07/04/2013 - Pas de propri�taire (BootScreen) .(...) - LEGACY_BOOTSCREEN
O64 - Services: CurCS - 11/12/2011 - C:\WINDOWS\system32\drivers\FileWall.sys (FileWall) .(.HummerStudio - FileWall Driver for x86.) - LEGACY_FILEWALL
O64 - Services: CurCS - 14/12/2012 - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Hamachi2Svc) .(.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - LEGACY_HAMACHI2SVC
O64 - Services: CurCS - 29/12/2012 - Pas de propri�taire (Nhksrv) .(...) - LEGACY_NHKSRV
O64 - Services: CurCS - 10/03/2010 - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe (PSI_SVC_2) .(.Protexis Inc. - PsiService PsiService.) - LEGACY_PSI_SVC_2
O64 - Services: CurCS - 25/05/2005 - Pas de propri�taire (RTCore32) .(...) - LEGACY_RTCORE32
O64 - Services: CurCS - 17/07/2012 - C:\Program Files\Wise\Wise Care 365\BootTime.exe (WiseBootAssistant) .(.WiseCleaner.com - Wise BootTime Service.) - LEGACY_WISEBOOTASSISTANT
O64 - Services: CurCS - 01/05/2006 - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (WLANKEEPER) .(.Intel(R) Corporation - WLANKEEPER.) - LEGACY_WLANKEEPER
~ Legacy: 141 Legitimates Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 17 Legitimates Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {CFEFE5CF-DF18-4978-B754-CB1BC1161070} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 40 Legitimates Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11523 - (13/04/2013)
Cl�s trouv�es (Keys found) : 0
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0
~ Additionnel: Scanned in 00mn 29s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "9D49A193CE02FF44E902F31366FF864E" . (.TouchCopy 12.) -- C:\WINDOWS\Installer\{391A94D9-20EC-44FF-9E20-3F3166FF68E4}\_853F67D554F05449430E7E.exe
~ Update Products: 68 Legitimates Scanned in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 06/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 01/05/2006 114753 | (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
SS - | Auto 28/12/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 28/12/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 14/12/2012 1436160 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
SR - | Demand 20/02/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 10/04/2013 170912 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto ??\??\???? 0 | C:\WINDOWS\system32\libusbd-nt.exe (libusbd) . (.http://libusb-win32.sourceforge.net.) - c:\system32\libusbd-nt.exe
SS - | Demand 28/10/2012 312264 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SR - | Auto 28672 | (Nhksrv) . (...) - C:\WINDOWS\Nhksrv.exe
SR - | Auto 17/11/2007 155716 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
SR - | Auto 01/05/2006 217164 | (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
SR - | Auto 01/05/2006 540745 | (S24EventMonitor) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 14/12/2012 3467768 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
SS - | Auto 17/07/2012 580648 | (WiseBootAssistant) . (.WiseCleaner.com.) - C:\Program Files\Wise\Wise Care 365\BootTime.exe
SR - | Auto 01/05/2006 262217 | (WLANKEEPER) . (.Intel(R) Corporation.) - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
~ Services: Scanned in 00mn 00s
~ 1105 Legitimates filtered by white list
End of the scan (664 lines in 01mn 24s)(0)