Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.6.4.7 par Nicolas Coolman, Update du 04/06/2013
Run by Anthony at 05/06/2013 5:57:38
WebSite: http://nicolascoolman.webs.com
State : Probl�me connexion internet
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by user
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
MFIE: Mozilla Firefox 21.0
OPIE: Opera v12.15
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : VKM6G
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
Avira Free Antivirus v13.0.0.3640
COMODO Internet Security v6.0.64131.2674
Malwarebytes Anti-Malware version 1.75.0.1300
Secunia PSI
Windows Defender W7
---\\ System Optimizer
CCleaner v4.00 =>Piriform Ltd
---\\ Peer To Peer (P2P)
eMule
�Torrent v3.3.0.29625 =>P2P.�Torrent
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21
Java 7 Update 21
---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4000 MB (44% free)
System Restore: Activ� (Enable)
System drive D: has 44 GB (37%) free of 119 GB
---\\ Logged in mode
~ Computer Name: ANTHONY-PC
~ User Name: Anthony
~ All Users Names: Guest, fbwuser, Anthony, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : D:\
~ %AppData% : D:\Users\Anthony\AppData\Roaming\
~ %Desktop% : D:\Users\Anthony\Desktop\
~ %Favorites% : D:\Users\Anthony\Favorites\
~ %LocalAppData% : D:\Users\Anthony\AppData\Local\
~ %StartMenu% : D:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : D:\Windows\
~ %System% : D:\Windows\System32\
---\\ DOS/Devices
C:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 15 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 119 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 154 Go)
F:\ CD-ROM drive (Not Inserted)
H:\ Hard drive, Flash drive, Thumb drive (Free 23 Go of 25 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 34 Legitimates Filtered in 0:mn 0 s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/09/2012 - 1:02:11 .) -- D:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 2:39:52 .) -- D:\Windows\System32\Wininit.exe [129024]
[MD5.563C71A913CAC0C3DE5FFCD36EDB43A0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/04/2013 - 2:00:30 .) -- D:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 4:24:29 .) -- D:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 4:24:16 .) -- D:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2012 - 1:19:22 .) -- D:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 2:52:21 .) -- D:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 12:19:47 .) -- D:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 4:23:47 .) -- D:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 4:24:32 .) -- D:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 4:23:47 .) -- D:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 12:19:57 .) -- D:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 1:10:03 .) -- D:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/09/2012 - 1:05:33 .) -- D:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 4:23:51 .) -- D:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 3:45:08 .) -- D:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 1:00:41 .) -- D:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 4:24:33 .) -- D:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 4:25:07 .) -- D:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 1:09:09 .) -- D:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 4:24:32 .) -- D:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/11/2010 - 4:23:47 .) -- D:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 0:mn 2 s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/133
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/21498
~ Mon Bureau (My Desktop) : 1/456
~ Menu demarrer (Programs) : 1/62
~ Hidden Files: Scanned in 2:mn 4 s
---\\ Processus lanc�s
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.1308]
[MD5.BA48CCEC781FD10B6C869F7C45CAA23E] - (.ASUSTek Computer Inc. - ATKOSD2.) -- D:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208] [PID.4092]
[MD5.35F97E7C110FC49D4FFB290D5FD8A0DE] - (.Druide informatique inc. - AgentAntidote.) -- H:\Programmes32\AgentAntidote.exe [1130280] [PID.3604]
[MD5.EF58B39CB67D7F2D2A404A7D2EA7BFFA] - (.Tonec Inc. - Internet Download Manager (IDM).) -- H:\Internet Download Manager\IDMan.exe [3573624] [PID.4716]
[MD5.783F7F39A134AA5A9FE78A137980190B] - (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- D:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2009 - �tudes DVD\EDICT.exe [351000] [PID.4828]
[MD5.795A332E62D8113FDD7EFBC1DBF2FD48] - (...) -- H:\FastStone Capture\FSCapture.exe [1115136] [PID.0]
[MD5.FD579C25D253A47DF82A76B7EE96ADB5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.5100]
[MD5.5041D28614C0278A089BEF977C501439] - (.ASUSTek Computer Inc. - ATK Media.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752] [PID.980]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.4228]
[MD5.C1DB9BDF885C2F1ADC15264FBEA2788F] - (.Pas de propri�taire - HOSTS Anti-PUPs/Adwares.) -- D:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961] [PID.4748]
[MD5.FAA729BC3B4EC2900D14E1F0F4D30ED0] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- H:\Internet Download Manager\IEMonitor.exe [268248] [PID.4688]
[MD5.B4CD0AEF1378282D236C61B3EAA054E7] - (.AnchorFree Inc. - Hotspot Shield 2.93.) -- D:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe [1280808] [PID.5056]
[MD5.581D8AD206E0DE14DB6B76884E144AF5] - (.Intel Corporation - IAStorIcon.) -- D:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704] [PID.4396]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- D:\Users\Anthony\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.4656]
[MD5.9F777E35DE4788DD939E94D905EDCCFE] - (.Nicolas Coolman - ZHPDiag.) -- D:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7457792] [PID.5448]
[MD5.E8459E07AE7C0C7C88D7064DF0B596E5] - (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe [804352] [PID.5488]
[MD5.09E411E1DC92D813F49DFEEB4039CBCA] - (.Google - Google Talk Plugin.) -- D:\Users\Anthony\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe [79384] [PID.5724]
[MD5.24F550155BE440C899DA926CD499E6CD] - (.Microsoft Corporation - Microsoft Office Excel.) -- D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.exe [18367336] [PID.7272]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512] [PID.1440]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- D:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1496]
[MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752] [PID.1632]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- D:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.1876]
[MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1916]
[MD5.8B4D1FDD3F31F2DD39B3C658A22208EE] - (.AnchorFree Inc. - Hotspot Shield 2.93.) -- D:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [570664] [PID.1956]
[MD5.FDA5E88BE1333B69BED57AADAA16991F] - (.AnchorFree Inc. - Hotspot Shield 2.93.) -- D:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [463656] [PID.1172]
[MD5.EDFE7B17B537397DF184E8D7AD55378B] - (...) -- D:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [390440] [PID.1472]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1280]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1784]
[MD5.2504725939338177E1F627DA0EDA2FEF] - (.ASUSTek Computer Inc. - HControl.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [178848] [PID.1712]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.3412]
[MD5.4F870EF9292559AB9DE6F31527A1DCBF] - (.ASUSTek Computer Inc. - KBFiltr.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113312] [PID.3672]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.3920]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1020]
[MD5.306F9390976E41063D21AB9AB6D48122] - (.Secunia - Secunia PSI Agent.) -- D:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312] [PID.3932]
[MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- D:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.3008]
[MD5.851C5080261DFC1FCDC21DF0E5EA3BCB] - (.TeamViewer GmbH - TeamViewer 8.) -- H:\Version8\TeamViewer_Service.exe [3463080] [PID.3324]
[MD5.7281AED93FB30FDD1CBAF07591FA453A] - (.Intel Corporation - IAStorDataSvc.) -- D:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344] [PID.3636]
[MD5.BF5D3A2624177C413680DEF19A465AF8] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.3880]
[MD5.3EA307C51069BC72DD74A4964F2A30A9] - (.Intel Corporation - Intel(R) Local Management Service.) -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [366552] [PID.3776]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.4656]
~ Processes Running: Scanned in 0:mn 3 s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
D:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] http://iron-start.com
G2 - GCE: Preference [User Data\Default] [agljkoinmcdnopnlbhhjibjiablccgoh] Radio v.1.0.56 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [ahmiiblnmmnijkhboligioinfchkeagi] Minimalist for Facebook (DEPRECATED!) v.0.5.21 (Activ�)
G2 - GCE: Preference [User Data\Default] [apeeedokdcajckokidhdkbkflkpfpgko] GreaseGoogle v.1.61 (Activ�)
G2 - GCE: Preference [User Data\Default] [baampgkagbmhnlhleemfbpecfjpakffj] M�t�o Europe v.4.2 (Activ�)
G2 - GCE: Preference [User Data\Default] [bdglbbcbmgnimogcmcdenggkpdmihlga] Bookmark Sentry v.1.7.13 (Activ�)
G2 - GCE: Preference [User Data\Default] [ckdcpbflcbeillmamogkpmdhnbeggfja] Do Not Track v.0.1.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [dpkiidbpeijnaaacjlfnijncdlkicejg] MaskMe v.1.17.235, (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [epanfjkfahimkgomnigadpkobaefekcd] DoNotTrackMe v.2.2.9.520, (Activ�)
G2 - GCE: Preference [User Data\Default] [fapbbpdnlcmiolkdfjnnjhabmcndadad] M�t�o v.0.9.0.6 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [gegkoiakifeoejnjkbnnojkkdoegeofp] Chuck Anderson v.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [jefnaahehlimdapgicdacbgklnedgoje] World Weather v.2.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [jpcokheimfkcoofnbgalbeogbgpjlajo] SFR / NEUF Hotspot AutoFill v.4.5 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [kneloppijbcidgidihgdjnooihjcdbij] HootSuite v.5.244 (Activ�)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Iron v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [mlaimhahlbmcocjhajnommcialflcpik] Crazy Simon v.1.0 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [nffchahhjecejoiigmnhhicpoabngedk] SkyDrive v.1.0.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [nolijncfnkgaikbjbdaogikpmpbdcdef] Personal Blocklist (by Google) v.2.4.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [npgonnihpamikjkfckpolamefpniicak] Iconized Bookmarks Popup v.1.8.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [oagbmpiphimaihffccikjjbdembceaff] FREE Hotspot AutoFill v.1.0 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [odklcfojpedohplkimfdpcamkjnhanaj] Picky Wallpapers v.1.0.0 (Activ�)
G2 - GCE: Preference [User Data\Default] [pjejbgheonogbpfkkjigbmahaljipoej] Weather Underground v.1.6 (Activ�)
~ Google Browser: 54 Legitimates Filtered in 0:mn 6 s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
D:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\m24tl2u5.default\prefs.js
M3 - MFPP: Plugins - [Anthony] -- D:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\m24tl2u5.default\searchplugins\yahoo-answers.xml
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\antidote7_win_firefox_103@druide.com] [] Module d'Antidote v8.16.14 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\firefox@ghostery.com] [] Ghostery v2.9.5 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\foxyproxy@eric.h.jung] [] FoxyProxy Basic v3.1.4 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\ich@maltegoetz.de] [] ProxTube - Gesperrte YouTube Videos entsperren v1.4.8 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\webrank-toolbar@probcomp.com] [] WebRank Toolbar v4.4 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}] [] Forecastfox v2.2.2 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{3d7eb24f-2740-49df-8937-200b1cc08f8a}] [] Flashblock v1.5.17 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{7c6cdf7c-8ea8-4be7-ae5a-0b3effe14d66}] [] Facebook Photo Zoom v0.4 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{ada4b710-8346-4b82-8199-5de2b400a6ae}] [] ReminderFox v2.1 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}] [] Flash and Video Download v1.32 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}] [] Memory Fox v7.4 (..)
~ Firefox Browser: 30 Legitimates Filtered in 0:mn 2 s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 0:mn 0 s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=D:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=D:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=D:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 0:mn 0 s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 0:mn 0 s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {F156768E-81EF-470C-9057-481BA8380DBA} Cl� orpheline
~ BHO: 5 Legitimates Filtered in 0:mn 0 s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Cl� orpheline
~ Toolbar: Scanned in 0:mn 0 s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- D:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- D:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [AgentAntidote32] . (.Druide informatique inc. - AgentAntidote.) -- H:\Programmes32\AgentAntidote.exe
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- D:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- H:\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- D:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.exe
O4 - HKCU\..\Run: [L09FXLRD_11854827] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- D:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2009 - �tudes DVD\EDICT.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- D:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUSTek Computer Inc. - ATK Media.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [AntiLogger] . (.Zemana Ltd. - Zemana AntiLogger User Interface.) -- D:\Program Files (x86)\AntiLogger\AntiLogger.exe
O4 - HKLM\..\Wow6432Node\Run: [HOSTS Anti-Adware_PUPs] . (.Pas de propri�taire - HOSTS Anti-PUPs/Adwares.) -- D:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O4 - HKUS\S-1-5-21-1417946021-2629690742-3359177087-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- H:\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-1417946021-2629690742-3359177087-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- D:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.exe
O4 - HKUS\S-1-5-21-1417946021-2629690742-3359177087-1000\..\Run: [L09FXLRD_11854827] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- D:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2009 - �tudes DVD\EDICT.exe
~ Application: Scanned in 0:mn 0 s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- D:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- D:\Windows\system32\WFS.exe
O4 - GS\Desktop: AD-R.lnk . (...) -- D:\Program Files (x86)\Ad-Remover\main.exe
O4 - GS\Desktop: SopCast.lnk . (...) -- H:\SopCast\SopCast.exe (.not file.)
O4 - GS\Desktop: Xenu.lnk . (...) -- D:\Program Files (x86)\Xenu\Xenu.exe (.not file.)
O4 - GS\TaskBar: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- D:\Program Files (x86)\Opera\opera.exe
O4 - GS\TaskBar: SRWare Iron.lnk . (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe
O4 - GS\Programs: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- H:\FileHippo.com\UpdateChecker.exe
O4 - GS\Programs: Windows 7 Logon Background Changer.lnk . (...) -- D:\Users\Anthony\AppData\Roaming\Microsoft\Installer\{2E6044C5-3495-485F-91BC-46D1B6430E51}\_38CF379FC0A8080C8E407C.exe
O4 - GS\QuickLaunch: ALZip.lnk . (.ESTsoft Corp. - ALZip.) -- H:\ALZip\ALZip.exe
O4 - GS\SendTo: Dropbox.lnk . (...) -- D:\Users\Anthony\Dropbox
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- D:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\SendTo: VirusTotal.lnk . (...) -- D:\Program Files (x86)\VirusTotalUploader\VirusTotalUpload.exe
O4 - GS\Desktop: Ace Utilities.lnk . (.Acelogix Software - Ace Utilities.) -- D:\Program Files\aulaunch.exe
O4 - GS\Desktop: AlertInfo.lnk . (...) -- H:\AlertInfo\alertinfo.exe
O4 - GS\Desktop: Anthony.lnk . (...) -- E:\Users\Anthony
O4 - GS\Desktop: an_ang.lnk . (...) -- D:\Users\Anthony\Documents\an_angella.docx
O4 - GS\Desktop: ASUS Live Update.Lnk . (.ASUSTeK Computer Inc. - ASUS Live Update.) -- D:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
O4 - GS\Desktop: Auslogics Reg.lnk . (.Auslogics - Registry Cleaner.) -- D:\Program Files (x86)\Auslogics\Auslogics Registry Cleaner\RegCleaner.exe
O4 - GS\Desktop: chromium.lnk . (.The Chromium Authors - Chromium.) -- D:\Users\Anthony\AppData\Local\Chromium\Application\chrome.exe
O4 - GS\Desktop: CltJah.lnk . (...) -- E:\Users\Anthony\Documents\CltJah.xlsm
O4 - GS\Desktop: CMH.lnk . (...) -- D:\Users\Anthony\Desktop\divers\Blogger.docx
O4 - GS\Desktop: culte pur.lnk . (.Watch Tower Bible and Tract Society of Penn - Watchtower Library 2011 - �dition fran�aise.) -- H:\Watchtower Library 2011\F\WTLibrary.exe
O4 - GS\Desktop: Docs.lnk . (...) -- E:\Users\Anthony\Documents
O4 - GS\Desktop: GestDplc.lnk . (...) -- E:\Users\Anthony\Documents\GestDplc.xlsm
O4 - GS\Desktop: HJ-Sidou.lnk . (...) -- D:\Users\Anthony\Desktop\divers\HJ-Sidou66.doc
O4 - GS\Desktop: Magn..lnk . (.Microsoft Corporation - Magn�tophone Windows.) -- D:\Windows\system32\SoundRecorder.exe
O4 - GS\Desktop: Mes images.lnk . (...) -- E:\Users\Anthony\Pictures
O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop: musc.lnk . (...) -- E:\Users\Anthony\Pictures\cpt ecrans\exercices-de-musculation-avec-halteres.pdf
O4 - GS\Desktop: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- D:\Program Files (x86)\Opera\opera.exe
O4 - GS\Desktop: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) -- H:\PeerBlock\peerblock.exe
O4 - GS\Desktop: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- H:\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop: SS.lnk . (...) -- E:\Users\Anthony\Documents\SS.xlsm
O4 - GS\Desktop: Tel.lnk . (...) -- E:\Users\Anthony\Downloads
O4 - GS\Desktop: TG.lnk . (...) -- E:\Users\Anthony\Documents\culturel educatif\Religions\TJ\Tour de Garde
O4 - GS\Desktop: T�l�charg.lnk . (...) -- D:\Users\Anthony\Downloads
O4 - GS\Desktop: VII.lnk . (...) -- D:\Users\Anthony\Desktop\divers\ma vie-autobiographie_psycha.docx
O4 - GS\Desktop: Win Update.lnk . (.Microsoft Corporation - Windows Update Application Launcher.) -- D:\Windows\system32\wuapp.exe
O4 - GS\Desktop: Word.lnk . (...) -- D:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: wrc.lnk . (.WiseCleaner.com - Wise Registry Cleaner.) -- H:\Wise Registry Cleaner\WiseRegCleaner.exe
O4 - GS\Desktop: x.xlsm.lnk . (...) -- D:\Users\Anthony\Documents\x.xlsm
O4 - GS\Desktop: Y.lnk . (...) -- E:\Users\Anthony\Documents\Y.xlsm
O4 - GS\Desktop: Zuma.lnk . (...) -- D:\Users\Anthony\Documents\Zuma Deluxe\Zuma.exe
O4 - GS\Desktop: �.lnk . (...) -- C:\�.xlsm
O4 - GS\TaskBar: Google Chrome.lnk . (...) -- D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- D:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- D:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (...) -- D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop: Google Chrome.lnk . (...) -- D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
~ Global Startup: Scanned in 0:mn 4 s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Barre de recherche Encarta [64Bits] - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} -- Cl� orpheline
~ IE Extra Buttons: Scanned in 0:mn 0 s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpNameServer = 172.17.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpDomain = accesslog.loc
O17 - HKLM\System\CS1\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpNameServer = 172.17.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpDomain = accesslog.loc
O17 - HKLM\System\CS2\Services\Tcpip\..\{867881EE-5D44-459E-9423-C971F053CEC0}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpNameServer = 172.17.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpDomain = accesslog.loc
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.17.2.1
~ Domain: Scanned in 0:mn 0 s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- D:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 0:mn 0 s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- D:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 0:mn 0 s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.COMODO - COMODO Internet Security.) - D:\Windows\SysWOW64\guard32.dll
~ AppInit DLL: Scanned in 0:mn 0 s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {E31004D1-A431-41B8-826F-E902F9D95C81} - (.not file.)
~ STS/SSO: Scanned in 0:mn 0 s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Unsigned Themes (UnsignedThemes) . (.The Within Network, LLC - Unsigned Themes Service.) - D:\Windows\UnsignedThemesSvc.exe
~ Services: 20 Legitimates Filtered in 0:mn 4 s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - D:\Windows\Tasks\{AFD02BBB-832B-4A0C-B797-D4C26E9C7869}.job [348]
[MD5.5728482236CFF47D901D18D7FD3E7649] [APT] [AceUtilsSkipUAC] (.Acelogix Software.) -- D:\Program Files\au.exe [4203688]
[MD5.E8459E07AE7C0C7C88D7064DF0B596E5] [APT] [{5A5F76E5-33B2-48A2-A877-EB561AA0170C}] (.SRWare.) -- h:\srware iron\iron.exe [804352]
~ Scheduled Task: 22 Legitimates Filtered in 0:mn 6 s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (AntiLog32) . (.Zemana Ltd. - Zemana AntiLogger Driver.) - D:\Windows\system32\drivers\AntiLog64.sys
O41 - Driver: (pwipf6) . (.Privacyware/PWI, Inc. - pwipf6.) - D:\Windows\System32\DRIVERS\pwipf6.sys
~ Drivers: 99 Legitimates Filtered in 0:mn 5 s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Ace Utilities - (.Acelogix Software.) [HKLM][64Bits] -- Ace Utilities_is1
O42 - Logiciel: AlertInfo - (.i-Systems Inc..) [HKLM][64Bits] -- AlertInfo_is1
O42 - Logiciel: Efficient WMA MP3 Converter version 0.99.9.3 - (...) [HKLM][64Bits] -- Efficient WMA MP3 Converter_is1
O42 - Logiciel: FixAuto 1.1.7 - (.Trinh Duc Thang.) [HKLM][64Bits] -- {84C9CD33-1525-4500-BC16-139522A71B98}_is1
O42 - Logiciel: La carte du ciel - (...) [HKLM][64Bits] -- La carte du ciel
O42 - Logiciel: Les cantons suisses - (...) [HKLM][64Bits] -- Les cantons suisses
O42 - Logiciel: Les pays d'Afrique - (...) [HKLM][64Bits] -- Les pays d'Afrique
O42 - Logiciel: Les pays d'Europe - (...) [HKLM][64Bits] -- Les pays d'Europe
O42 - Logiciel: Les pays d'Oc�anie - (...) [HKLM][64Bits] -- Les pays d'Oc�anie
O42 - Logiciel: Les �tats d'Am�rique du Nord - (...) [HKLM][64Bits] -- Les �tats d'Am�rique du Nord
O42 - Logiciel: SummerProperties 1.2 - (.Johny Mattsson.) [HKLM][64Bits] -- 97149975-b4b1-4d2b-b9fe-7ba413d0efeb_is1
O42 - Logiciel: Watchtower Library 2011 - Fran�ais - (.Watchtower Bible and Tract Society of Pennsylvania, Inc..) [HKLM][64Bits] -- {84AE3F05-F600-4C40-BFC8-0B53E45B9B12}
O42 - Logiciel: cbgeo - (...) [HKLM][64Bits] -- cbgeo
~ Logic: 145 Legitimates Filtered in 0:mn 1 s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Acelogix]
[HKCU\Software\FixAuto]
[HKCU\Software\Google Hacks]
[HKCU\Software\HDSoft]
[HKCU\Software\Peer2Me]
[HKCU\Software\Watchtower]
[HKLM\Software\Wow6432Node\FixAuto]
[HKLM\Software\Wow6432Node\WATCHTOWER]
~ Key Software: 288 Legitimates Filtered in 0:mn 1 s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/06/2013 - 6:23:43 - [2,044] ----D D:\Program Files (x86)\FixAuto
O43 - CFD: 15/12/2012 - 11:25:36 - [0,104] ----D D:\Program Files (x86)\VirusTotalUploader
O43 - CFD: 21/05/2013 - 12:26:34 - [0,483] ----D D:\ProgramData\Privacyware
O43 - CFD: 02/06/2013 - 8:53:07 - [0] --H-D D:\ProgramData\{3D3D405B-A26F-46DE-8E42-8BCC08AC2C4B}
O43 - CFD: 02/05/2013 - 10:35:17 - [196,591] ----D D:\Users\Anthony\AppData\Roaming\AlertInfo
O43 - CFD: 11/01/2013 - 9:59:30 - [0] ----D D:\Users\Anthony\AppData\Roaming\K-Meleon
O43 - CFD: 17/12/2012 - 9:54:00 - [0] ----D D:\Users\Anthony\AppData\Roaming\Watchtower
O43 - CFD: 31/05/2013 - 11:13:14 - [0,001] ----D D:\Users\Anthony\AppData\Local\Akamai
O43 - CFD: 11/01/2013 - 9:59:30 - [0] ----D D:\Users\Anthony\AppData\Local\K-Meleon
O43 - CFD: 28/05/2013 - 10:24:05 - [0] ----D D:\Users\Anthony\AppData\Local\Privatefirewall
O43 - CFD: 03/02/2013 - 12:10:35 - [0] ----D D:\Users\Anthony\AppData\Local\WmaMp3-Converter.com
O43 - CFD: 01/06/2013 - 9:18:04 - [0,020] ----D D:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Utilities
O43 - CFD: 21/12/2012 - 7:55:13 - [0,001] ----D D:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Hacks
~ Program Folder: 249 Legitimates Filtered in 1:mn 0 s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.052D9A64A826C56DB1EB3A73A2BDDBC9] - 01/06/2013 - 8:45:29 ---A- . (...) -- D:\Windows\DirectX.log [10085]
O44 - LFC:[MD5.6DC0EAB69F7A0AEA6604026F722F8CB6] - 01/06/2013 - 9:45:36 ---A- . (...) -- D:\Windows\SysNative\ServiceFilter.ini [2040]
O44 - LFC:[MD5.6DC0EAB69F7A0AEA6604026F722F8CB6] - 01/06/2013 - 9:45:36 RSHAD . (...) -- D:\Windows\System32\ServiceFilter.ini [2040]
O44 - LFC:[MD5.898ADED880961EB034461303C647F449] - 01/06/2013 - 9:59:46 RSHAD . (.Zemana Ltd. - Zemana AntiLogger Driver.) -- D:\Windows\System32\Drivers\AntiLog64.sys [49240]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 03/06/2013 - 5:25:17 R-HA- . (...) -- D:\Windows\WindowsShell.Manifest [749]
O44 - LFC:[MD5.E13F489F0B1E52319A86BDD996263F4B] - 04/06/2013 - 8:37:17 ---A- . (...) -- D:\Windows\win.ini [478]
O44 - LFC:[MD5.0B70AF14069E93B164B87E2FE1D66B56] - 04/06/2013 - 8:42:18 ---A- . (...) -- D:\Windows\SysNative\AutoRunFilter.ini [2263]
O44 - LFC:[MD5.0B70AF14069E93B164B87E2FE1D66B56] - 04/06/2013 - 8:42:18 RSHAD . (...) -- D:\Windows\System32\AutoRunFilter.ini [2263]
O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 --HA- . (...) -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26352]
O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 --HA- . (...) -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26352]
O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 RSHAD . (...) -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26352]
O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 RSHAD . (...) -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26352]
O44 - LFC:[MD5.F61AAE2E133C3DCE8BA1705E301D4224] - 28/05/2013 - 9:17:48 RSHAD . (.Privacyware/PWI, Inc. - pwipf6.) -- D:\Windows\System32\Drivers\pwipf6.sys [130744]
O44 - LFC:[MD5.3D6C79A2099B7E8CEE90EF3031BF3DCD] - 29/05/2013 - 7:51:22 ---A- . (...) -- D:\Windows\ODBC.INI [28]
O44 - LFC:[MD5.97688E64F62D1BCCF8011AF307C5570C] - 04/06/2013 - 11:44:53 RSHAD . (...) -- D:\Windows\System32\Drivers\fvstore.dat [8544]
O44 - LFC:[MD5.1EA008D809C2B3BFB66ECD51E3788FED] - 04/06/2013 - 11:27:04 ---A- . (...) -- D:\Ad-Report-CLEAN[1].txt [5714]
O44 - LFC:[MD5.C491449348C2E70988ECB14B9E721522] - 04/06/2013 - 11:17:41 ---A- . (...) -- D:\Ad-Report-SCAN[1].txt [5486]
O44 - LFC:[MD5.6123C8DEB15EB37453C4D609723C15D9] - 04/06/2013 - 10:51:47 ---A- . (...) -- D:\Windows\SysNative\dopdf6.ctm [7481]
O44 - LFC:[MD5.6BDFD4C6E53260C59484814963E6AC2E] - 04/06/2013 - 10:51:47 ---A- . (.Softland - doPDF Port Monitor User Interface.) -- D:\Windows\SysNative\dopdfmi6.dll [18072]
O44 - LFC:[MD5.E2868E18CEA740A63C4736C99AB2965F] - 04/06/2013 - 10:51:47 ---A- . (.Softland - doPDF Port Monitor.) -- D:\Windows\SysNative\dopdfmn6.dll [21656]
O44 - LFC:[MD5.6123C8DEB15EB37453C4D609723C15D9] - 04/06/2013 - 10:51:47 RSHAD . (...) -- D:\Windows\System32\dopdf6.ctm [7481]
O44 - LFC:[MD5.6BDFD4C6E53260C59484814963E6AC2E] - 04/06/2013 - 10:51:47 RSHAD . (.Softland - doPDF Port Monitor User Interface.) -- D:\Windows\System32\dopdfmi6.dll [18072]
O44 - LFC:[MD5.E2868E18CEA740A63C4736C99AB2965F] - 04/06/2013 - 10:51:47 RSHAD . (.Softland - doPDF Port Monitor.) -- D:\Windows\System32\dopdfmn6.dll [21656]
~ Files: 224 Legitimates Filtered in 2:mn 9 s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{30ce1649-46df-11e2-b379-806e6f6e6963}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.)
~ Keys: Scanned in 0:mn 0 s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\HDSoft [Key] . (.HDSoft - iFree Skype Recorder.) -- H:\iFree Skype Recorder\irecorder.exe
O53 - SMSR:HKLM\...\startupreg\TrojanScanner [Key] . (.Simply Super Software - Trojan Scanner.) -- H:\Trojan Remover\Trjscan.exe
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - �Torrent.) -- H:\uTorrent.exe =>P2P.�Torrent
~ SMSR Keys: 12 Legitimates Filtered in 0:mn 0 s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
~ MWPS: 8 Legitimates Filtered in 0:mn 0 s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 2:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- D:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.6C572A50FB2BF1F70281FEB67188A486] - 22/11/2012 - 8:51:26 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- D:\Windows\System32\athrx.sys [3831808]
~ Drivers: Scanned in 0:mn 0 s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.)
~ ADS: Scanned in 0:mn 0 s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 25/12/2012 - D:\Windows\System32\DRIVERS\pwipf6.sys (pwipf6) .(.Privacyware/PWI, Inc. - pwipf6.) - LEGACY_PWIPF6
~ Legacy: 93 Legitimates Filtered in 0:mn 1 s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe
O67 - Shell Spawning: <.html>[HKCR\..\open\Command] (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe
~ FASS Keys: 19 Legitimates Filtered in 0:mn 0 s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- D:\Program Files (x86)\Opera\Opera.exe
~ Keys: Scanned in 0:mn 0 s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Anthony - m24tl2u5.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} - (Yahoo! Search) - http://fr.search.yahoo.com
~ Keys: Scanned in 0:mn 0 s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.0A90C8A3F94564E7EAF541981EAFA52A] [SPRF][04/06/2013] (...) -- D:\Users\Anthony\Desktop\AdwCleaner-2.301.exe [632031]
[MD5.1F2FF002A6A48EE32ACEBB299A39A837] [SPRF][07/12/2011] (.NirSoft - BlueScreenView.) -- D:\Users\Anthony\Desktop\BlueScreenView.exe [54272]
[MD5.2725723B77882B9118320FCA9FB271B4] [SPRF][14/07/2005] (.Pas de propri�taire - Safe XP.) -- D:\Users\Anthony\Desktop\SafeXP.exe [345600]
~ Files: Scanned in 0:mn 0 s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{B0B56D05-7532-4BCB-818C-20722928FCC7}" | In - Public - P6 - TRUE | .(.ZGuideTV Team - ZGuideTV.NET.) -- H:\ZGuideTVDotNet\ZGuideTVDotNet.exe
O87 - FAEL: "{C24542DD-DF45-465A-AB66-E7AE4BBF7CA5}" | In - Public - P17 - TRUE | .(.ZGuideTV Team - ZGuideTV.NET.) -- H:\ZGuideTVDotNet\ZGuideTVDotNet.exe
~ Firewall: 200 Legitimates Filtered in 0:mn 2 s
---\\ Scan Additionnel (O88)
Database Version : v2.12397 - (04/06/2013)
Cl�s trouv�es (Keys found) : 2
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0
[HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] =>Toolbar.Agent
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
~ Additionnel Scan: 221937 Items scanned in 0:mn 7 s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 14/05/2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - D:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
SR - | Demand 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 31/05/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 03/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - D:\Windows\system32\FBAgent.exe
SR - | Auto 04/04/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 04/04/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/11/2011 80512 | (ASLDRService) . (.ASUS.) - D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - D:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 25/04/2013 5784472 | (cmdAgent) . (.COMODO.) - D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SS - | Demand 15/04/2013 158928 | (cmdvirth) . (.COMODO.) - D:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
SS - | Demand 22/03/2013 279024 | (cphs) . (.Intel Corporation.) - D:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 16/12/2012 116648 | (gupdate) . (.Google Inc..) - D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 16/12/2012 116648 | (gupdate1ce4b1dce282616) . (.Google Inc..) - D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/12/2012 116648 | (gupdatem) . (.Google Inc..) - D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - D:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 26/04/2013 570664 | (hshld) . (.AnchorFree Inc..) - D:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
SR - | Auto 26/04/2013 463656 | (HssSrv) . (.AnchorFree Inc..) - D:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
SS - | Demand 78512 | (HssTrayService) . (...) - D:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe
SR - | Auto 390440 | (HssWd) . (...) - D:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
SR - | Auto 30/04/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - D:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - D:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 07/09/2012 2464400 | (IconMan_R) . (.Realsil Microelectronics Inc..) - D:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - D:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - D:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SS - | Demand 08/02/2013 359664 | (LBTServ) . (.Logitech, Inc..) - D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 15/05/2013 1144144 | (MaConfigAgent) . (.CybelSoft.) - D:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - H:\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - H:\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 11/05/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 05/09/2008 68760 | (SandraAgentSrv) . (.SiSoftware.) - H:\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe
SR - | Demand 26/11/2012 1225312 | (Secunia PSI Agent) . (.Secunia.) - D:\Program Files (x86)\Secunia\PSI\PSIA.exe
SS - | Demand 11/06/2012 724376 | (ServiceLayer) . (.Nokia.) - D:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SS - | Demand 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - D:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 29/11/2012 3463080 | (TeamViewer8) . (.TeamViewer GmbH.) - H:\Version8\TeamViewer_Service.exe
SR - | Auto 13/07/2009 24168 | (UnsignedThemes) . (.The Within Network, LLC.) - D:\Windows\UnsignedThemesSvc.exe
SS - | Demand 14/07/2009 27136 | D:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - D:\Windows\System32\svchost.exe
SS - | Disabled 0 | (WMPNetworkSvc) . (...) - D:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | D:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - D:\Windows\System32\svchost.exe
~ Services: Scanned in 0:mn 4 s
~ 1487 Legitimates filtered by white list
End of the scan (622 lines in 2:mn 2 s)(0)
Run by Anthony at 05/06/2013 5:57:38
WebSite: http://nicolascoolman.webs.com
State : Probl�me connexion internet
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by user
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
MFIE: Mozilla Firefox 21.0
OPIE: Opera v12.15
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : VKM6G
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
Avira Free Antivirus v13.0.0.3640
COMODO Internet Security v6.0.64131.2674
Malwarebytes Anti-Malware version 1.75.0.1300
Secunia PSI
Windows Defender W7
---\\ System Optimizer
CCleaner v4.00 =>Piriform Ltd
---\\ Peer To Peer (P2P)
eMule
�Torrent v3.3.0.29625 =>P2P.�Torrent
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21
Java 7 Update 21
---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4000 MB (44% free)
System Restore: Activ� (Enable)
System drive D: has 44 GB (37%) free of 119 GB
---\\ Logged in mode
~ Computer Name: ANTHONY-PC
~ User Name: Anthony
~ All Users Names: Guest, fbwuser, Anthony, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : D:\
~ %AppData% : D:\Users\Anthony\AppData\Roaming\
~ %Desktop% : D:\Users\Anthony\Desktop\
~ %Favorites% : D:\Users\Anthony\Favorites\
~ %LocalAppData% : D:\Users\Anthony\AppData\Local\
~ %StartMenu% : D:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : D:\Windows\
~ %System% : D:\Windows\System32\
---\\ DOS/Devices
C:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 15 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 119 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 154 Go)
F:\ CD-ROM drive (Not Inserted)
H:\ Hard drive, Flash drive, Thumb drive (Free 23 Go of 25 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 34 Legitimates Filtered in 0:mn 0 s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/09/2012 - 1:02:11 .) -- D:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 2:39:52 .) -- D:\Windows\System32\Wininit.exe [129024]
[MD5.563C71A913CAC0C3DE5FFCD36EDB43A0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/04/2013 - 2:00:30 .) -- D:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 4:24:29 .) -- D:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 4:24:16 .) -- D:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2012 - 1:19:22 .) -- D:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 2:52:21 .) -- D:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 12:19:47 .) -- D:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 4:23:47 .) -- D:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 4:24:32 .) -- D:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 4:23:47 .) -- D:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 12:19:57 .) -- D:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 1:10:03 .) -- D:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/09/2012 - 1:05:33 .) -- D:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 4:23:51 .) -- D:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 3:45:08 .) -- D:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 1:00:41 .) -- D:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 4:24:33 .) -- D:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 4:25:07 .) -- D:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 1:09:09 .) -- D:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 4:24:32 .) -- D:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/11/2010 - 4:23:47 .) -- D:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 0:mn 2 s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/133
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/21498
~ Mon Bureau (My Desktop) : 1/456
~ Menu demarrer (Programs) : 1/62
~ Hidden Files: Scanned in 2:mn 4 s
---\\ Processus lanc�s
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.1308]
[MD5.BA48CCEC781FD10B6C869F7C45CAA23E] - (.ASUSTek Computer Inc. - ATKOSD2.) -- D:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208] [PID.4092]
[MD5.35F97E7C110FC49D4FFB290D5FD8A0DE] - (.Druide informatique inc. - AgentAntidote.) -- H:\Programmes32\AgentAntidote.exe [1130280] [PID.3604]
[MD5.EF58B39CB67D7F2D2A404A7D2EA7BFFA] - (.Tonec Inc. - Internet Download Manager (IDM).) -- H:\Internet Download Manager\IDMan.exe [3573624] [PID.4716]
[MD5.783F7F39A134AA5A9FE78A137980190B] - (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- D:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2009 - �tudes DVD\EDICT.exe [351000] [PID.4828]
[MD5.795A332E62D8113FDD7EFBC1DBF2FD48] - (...) -- H:\FastStone Capture\FSCapture.exe [1115136] [PID.0]
[MD5.FD579C25D253A47DF82A76B7EE96ADB5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.5100]
[MD5.5041D28614C0278A089BEF977C501439] - (.ASUSTek Computer Inc. - ATK Media.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752] [PID.980]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.4228]
[MD5.C1DB9BDF885C2F1ADC15264FBEA2788F] - (.Pas de propri�taire - HOSTS Anti-PUPs/Adwares.) -- D:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961] [PID.4748]
[MD5.FAA729BC3B4EC2900D14E1F0F4D30ED0] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- H:\Internet Download Manager\IEMonitor.exe [268248] [PID.4688]
[MD5.B4CD0AEF1378282D236C61B3EAA054E7] - (.AnchorFree Inc. - Hotspot Shield 2.93.) -- D:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe [1280808] [PID.5056]
[MD5.581D8AD206E0DE14DB6B76884E144AF5] - (.Intel Corporation - IAStorIcon.) -- D:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704] [PID.4396]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- D:\Users\Anthony\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.4656]
[MD5.9F777E35DE4788DD939E94D905EDCCFE] - (.Nicolas Coolman - ZHPDiag.) -- D:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7457792] [PID.5448]
[MD5.E8459E07AE7C0C7C88D7064DF0B596E5] - (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe [804352] [PID.5488]
[MD5.09E411E1DC92D813F49DFEEB4039CBCA] - (.Google - Google Talk Plugin.) -- D:\Users\Anthony\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe [79384] [PID.5724]
[MD5.24F550155BE440C899DA926CD499E6CD] - (.Microsoft Corporation - Microsoft Office Excel.) -- D:\Program Files (x86)\Microsoft Office\Office12\EXCEL.exe [18367336] [PID.7272]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [80512] [PID.1440]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- D:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1496]
[MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752] [PID.1632]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- D:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.1876]
[MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1916]
[MD5.8B4D1FDD3F31F2DD39B3C658A22208EE] - (.AnchorFree Inc. - Hotspot Shield 2.93.) -- D:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [570664] [PID.1956]
[MD5.FDA5E88BE1333B69BED57AADAA16991F] - (.AnchorFree Inc. - Hotspot Shield 2.93.) -- D:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe [463656] [PID.1172]
[MD5.EDFE7B17B537397DF184E8D7AD55378B] - (...) -- D:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [390440] [PID.1472]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1280]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.1784]
[MD5.2504725939338177E1F627DA0EDA2FEF] - (.ASUSTek Computer Inc. - HControl.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [178848] [PID.1712]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.3412]
[MD5.4F870EF9292559AB9DE6F31527A1DCBF] - (.ASUSTek Computer Inc. - KBFiltr.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113312] [PID.3672]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.3920]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1020]
[MD5.306F9390976E41063D21AB9AB6D48122] - (.Secunia - Secunia PSI Agent.) -- D:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312] [PID.3932]
[MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- D:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.3008]
[MD5.851C5080261DFC1FCDC21DF0E5EA3BCB] - (.TeamViewer GmbH - TeamViewer 8.) -- H:\Version8\TeamViewer_Service.exe [3463080] [PID.3324]
[MD5.7281AED93FB30FDD1CBAF07591FA453A] - (.Intel Corporation - IAStorDataSvc.) -- D:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344] [PID.3636]
[MD5.BF5D3A2624177C413680DEF19A465AF8] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.3880]
[MD5.3EA307C51069BC72DD74A4964F2A30A9] - (.Intel Corporation - Intel(R) Local Management Service.) -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [366552] [PID.3776]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648] [PID.4656]
~ Processes Running: Scanned in 0:mn 3 s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
D:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] http://iron-start.com
G2 - GCE: Preference [User Data\Default] [agljkoinmcdnopnlbhhjibjiablccgoh] Radio v.1.0.56 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [ahmiiblnmmnijkhboligioinfchkeagi] Minimalist for Facebook (DEPRECATED!) v.0.5.21 (Activ�)
G2 - GCE: Preference [User Data\Default] [apeeedokdcajckokidhdkbkflkpfpgko] GreaseGoogle v.1.61 (Activ�)
G2 - GCE: Preference [User Data\Default] [baampgkagbmhnlhleemfbpecfjpakffj] M�t�o Europe v.4.2 (Activ�)
G2 - GCE: Preference [User Data\Default] [bdglbbcbmgnimogcmcdenggkpdmihlga] Bookmark Sentry v.1.7.13 (Activ�)
G2 - GCE: Preference [User Data\Default] [ckdcpbflcbeillmamogkpmdhnbeggfja] Do Not Track v.0.1.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [dpkiidbpeijnaaacjlfnijncdlkicejg] MaskMe v.1.17.235, (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [epanfjkfahimkgomnigadpkobaefekcd] DoNotTrackMe v.2.2.9.520, (Activ�)
G2 - GCE: Preference [User Data\Default] [fapbbpdnlcmiolkdfjnnjhabmcndadad] M�t�o v.0.9.0.6 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [gegkoiakifeoejnjkbnnojkkdoegeofp] Chuck Anderson v.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [jefnaahehlimdapgicdacbgklnedgoje] World Weather v.2.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [jpcokheimfkcoofnbgalbeogbgpjlajo] SFR / NEUF Hotspot AutoFill v.4.5 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [kneloppijbcidgidihgdjnooihjcdbij] HootSuite v.5.244 (Activ�)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Iron v.0.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [mlaimhahlbmcocjhajnommcialflcpik] Crazy Simon v.1.0 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [nffchahhjecejoiigmnhhicpoabngedk] SkyDrive v.1.0.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [nolijncfnkgaikbjbdaogikpmpbdcdef] Personal Blocklist (by Google) v.2.4.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [npgonnihpamikjkfckpolamefpniicak] Iconized Bookmarks Popup v.1.8.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [oagbmpiphimaihffccikjjbdembceaff] FREE Hotspot AutoFill v.1.0 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [odklcfojpedohplkimfdpcamkjnhanaj] Picky Wallpapers v.1.0.0 (Activ�)
G2 - GCE: Preference [User Data\Default] [pjejbgheonogbpfkkjigbmahaljipoej] Weather Underground v.1.6 (Activ�)
~ Google Browser: 54 Legitimates Filtered in 0:mn 6 s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
D:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\m24tl2u5.default\prefs.js
M3 - MFPP: Plugins - [Anthony] -- D:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\m24tl2u5.default\searchplugins\yahoo-answers.xml
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\antidote7_win_firefox_103@druide.com] [] Module d'Antidote v8.16.14 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\firefox@ghostery.com] [] Ghostery v2.9.5 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\foxyproxy@eric.h.jung] [] FoxyProxy Basic v3.1.4 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\ich@maltegoetz.de] [] ProxTube - Gesperrte YouTube Videos entsperren v1.4.8 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\webrank-toolbar@probcomp.com] [] WebRank Toolbar v4.4 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}] [] Forecastfox v2.2.2 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{3d7eb24f-2740-49df-8937-200b1cc08f8a}] [] Flashblock v1.5.17 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{7c6cdf7c-8ea8-4be7-ae5a-0b3effe14d66}] [] Facebook Photo Zoom v0.4 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{ada4b710-8346-4b82-8199-5de2b400a6ae}] [] ReminderFox v2.1 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}] [] Flash and Video Download v1.32 (..)
M2 - MFEP: prefs.js [Anthony - m24tl2u5.default\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}] [] Memory Fox v7.4 (..)
~ Firefox Browser: 30 Legitimates Filtered in 0:mn 2 s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 0:mn 0 s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=D:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=D:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=D:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 0:mn 0 s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 0:mn 0 s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {F156768E-81EF-470C-9057-481BA8380DBA} Cl� orpheline
~ BHO: 5 Legitimates Filtered in 0:mn 0 s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} Cl� orpheline
~ Toolbar: Scanned in 0:mn 0 s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- D:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- D:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [AgentAntidote32] . (.Druide informatique inc. - AgentAntidote.) -- H:\Programmes32\AgentAntidote.exe
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- D:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- H:\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- D:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.exe
O4 - HKCU\..\Run: [L09FXLRD_11854827] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- D:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2009 - �tudes DVD\EDICT.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- D:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUSTek Computer Inc. - ATK Media.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [AntiLogger] . (.Zemana Ltd. - Zemana AntiLogger User Interface.) -- D:\Program Files (x86)\AntiLogger\AntiLogger.exe
O4 - HKLM\..\Wow6432Node\Run: [HOSTS Anti-Adware_PUPs] . (.Pas de propri�taire - HOSTS Anti-PUPs/Adwares.) -- D:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
O4 - HKUS\S-1-5-21-1417946021-2629690742-3359177087-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- H:\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-1417946021-2629690742-3359177087-1000\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- D:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.exe
O4 - HKUS\S-1-5-21-1417946021-2629690742-3359177087-1000\..\Run: [L09FXLRD_11854827] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- D:\Program Files (x86)\Microsoft Etudes\Microsoft Encarta 2009 - �tudes DVD\EDICT.exe
~ Application: Scanned in 0:mn 0 s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- D:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- D:\Windows\system32\WFS.exe
O4 - GS\Desktop: AD-R.lnk . (...) -- D:\Program Files (x86)\Ad-Remover\main.exe
O4 - GS\Desktop: SopCast.lnk . (...) -- H:\SopCast\SopCast.exe (.not file.)
O4 - GS\Desktop: Xenu.lnk . (...) -- D:\Program Files (x86)\Xenu\Xenu.exe (.not file.)
O4 - GS\TaskBar: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- D:\Program Files (x86)\Opera\opera.exe
O4 - GS\TaskBar: SRWare Iron.lnk . (.SRWare - SRWare Iron.) -- H:\SRWare Iron\iron.exe
O4 - GS\Programs: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- H:\FileHippo.com\UpdateChecker.exe
O4 - GS\Programs: Windows 7 Logon Background Changer.lnk . (...) -- D:\Users\Anthony\AppData\Roaming\Microsoft\Installer\{2E6044C5-3495-485F-91BC-46D1B6430E51}\_38CF379FC0A8080C8E407C.exe
O4 - GS\QuickLaunch: ALZip.lnk . (.ESTsoft Corp. - ALZip.) -- H:\ALZip\ALZip.exe
O4 - GS\SendTo: Dropbox.lnk . (...) -- D:\Users\Anthony\Dropbox
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- D:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\SendTo: VirusTotal.lnk . (...) -- D:\Program Files (x86)\VirusTotalUploader\VirusTotalUpload.exe
O4 - GS\Desktop: Ace Utilities.lnk . (.Acelogix Software - Ace Utilities.) -- D:\Program Files\aulaunch.exe
O4 - GS\Desktop: AlertInfo.lnk . (...) -- H:\AlertInfo\alertinfo.exe
O4 - GS\Desktop: Anthony.lnk . (...) -- E:\Users\Anthony
O4 - GS\Desktop: an_ang.lnk . (...) -- D:\Users\Anthony\Documents\an_angella.docx
O4 - GS\Desktop: ASUS Live Update.Lnk . (.ASUSTeK Computer Inc. - ASUS Live Update.) -- D:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
O4 - GS\Desktop: Auslogics Reg.lnk . (.Auslogics - Registry Cleaner.) -- D:\Program Files (x86)\Auslogics\Auslogics Registry Cleaner\RegCleaner.exe
O4 - GS\Desktop: chromium.lnk . (.The Chromium Authors - Chromium.) -- D:\Users\Anthony\AppData\Local\Chromium\Application\chrome.exe
O4 - GS\Desktop: CltJah.lnk . (...) -- E:\Users\Anthony\Documents\CltJah.xlsm
O4 - GS\Desktop: CMH.lnk . (...) -- D:\Users\Anthony\Desktop\divers\Blogger.docx
O4 - GS\Desktop: culte pur.lnk . (.Watch Tower Bible and Tract Society of Penn - Watchtower Library 2011 - �dition fran�aise.) -- H:\Watchtower Library 2011\F\WTLibrary.exe
O4 - GS\Desktop: Docs.lnk . (...) -- E:\Users\Anthony\Documents
O4 - GS\Desktop: GestDplc.lnk . (...) -- E:\Users\Anthony\Documents\GestDplc.xlsm
O4 - GS\Desktop: HJ-Sidou.lnk . (...) -- D:\Users\Anthony\Desktop\divers\HJ-Sidou66.doc
O4 - GS\Desktop: Magn..lnk . (.Microsoft Corporation - Magn�tophone Windows.) -- D:\Windows\system32\SoundRecorder.exe
O4 - GS\Desktop: Mes images.lnk . (...) -- E:\Users\Anthony\Pictures
O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop: musc.lnk . (...) -- E:\Users\Anthony\Pictures\cpt ecrans\exercices-de-musculation-avec-halteres.pdf
O4 - GS\Desktop: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- D:\Program Files (x86)\Opera\opera.exe
O4 - GS\Desktop: PeerBlock.lnk . (.PeerBlock, LLC - PeerBlock.) -- H:\PeerBlock\peerblock.exe
O4 - GS\Desktop: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- H:\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop: SS.lnk . (...) -- E:\Users\Anthony\Documents\SS.xlsm
O4 - GS\Desktop: Tel.lnk . (...) -- E:\Users\Anthony\Downloads
O4 - GS\Desktop: TG.lnk . (...) -- E:\Users\Anthony\Documents\culturel educatif\Religions\TJ\Tour de Garde
O4 - GS\Desktop: T�l�charg.lnk . (...) -- D:\Users\Anthony\Downloads
O4 - GS\Desktop: VII.lnk . (...) -- D:\Users\Anthony\Desktop\divers\ma vie-autobiographie_psycha.docx
O4 - GS\Desktop: Win Update.lnk . (.Microsoft Corporation - Windows Update Application Launcher.) -- D:\Windows\system32\wuapp.exe
O4 - GS\Desktop: Word.lnk . (...) -- D:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: wrc.lnk . (.WiseCleaner.com - Wise Registry Cleaner.) -- H:\Wise Registry Cleaner\WiseRegCleaner.exe
O4 - GS\Desktop: x.xlsm.lnk . (...) -- D:\Users\Anthony\Documents\x.xlsm
O4 - GS\Desktop: Y.lnk . (...) -- E:\Users\Anthony\Documents\Y.xlsm
O4 - GS\Desktop: Zuma.lnk . (...) -- D:\Users\Anthony\Documents\Zuma Deluxe\Zuma.exe
O4 - GS\Desktop: �.lnk . (...) -- C:\�.xlsm
O4 - GS\TaskBar: Google Chrome.lnk . (...) -- D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- D:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- D:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (...) -- D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop: Google Chrome.lnk . (...) -- D:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
~ Global Startup: Scanned in 0:mn 4 s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Barre de recherche Encarta [64Bits] - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} -- Cl� orpheline
~ IE Extra Buttons: Scanned in 0:mn 0 s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpNameServer = 172.17.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpDomain = accesslog.loc
O17 - HKLM\System\CS1\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpNameServer = 172.17.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpDomain = accesslog.loc
O17 - HKLM\System\CS2\Services\Tcpip\..\{867881EE-5D44-459E-9423-C971F053CEC0}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpNameServer = 172.17.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FC541CDF-0E67-4A11-A5D0-27C538DCD8D2}: DhcpDomain = accesslog.loc
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.17.2.1
~ Domain: Scanned in 0:mn 0 s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- D:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- D:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 0:mn 0 s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- D:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- d:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 0:mn 0 s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.COMODO - COMODO Internet Security.) - D:\Windows\SysWOW64\guard32.dll
~ AppInit DLL: Scanned in 0:mn 0 s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {E31004D1-A431-41B8-826F-E902F9D95C81} - (.not file.)
~ STS/SSO: Scanned in 0:mn 0 s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Unsigned Themes (UnsignedThemes) . (.The Within Network, LLC - Unsigned Themes Service.) - D:\Windows\UnsignedThemesSvc.exe
~ Services: 20 Legitimates Filtered in 0:mn 4 s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - D:\Windows\Tasks\{AFD02BBB-832B-4A0C-B797-D4C26E9C7869}.job [348]
[MD5.5728482236CFF47D901D18D7FD3E7649] [APT] [AceUtilsSkipUAC] (.Acelogix Software.) -- D:\Program Files\au.exe [4203688]
[MD5.E8459E07AE7C0C7C88D7064DF0B596E5] [APT] [{5A5F76E5-33B2-48A2-A877-EB561AA0170C}] (.SRWare.) -- h:\srware iron\iron.exe [804352]
~ Scheduled Task: 22 Legitimates Filtered in 0:mn 6 s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (AntiLog32) . (.Zemana Ltd. - Zemana AntiLogger Driver.) - D:\Windows\system32\drivers\AntiLog64.sys
O41 - Driver: (pwipf6) . (.Privacyware/PWI, Inc. - pwipf6.) - D:\Windows\System32\DRIVERS\pwipf6.sys
~ Drivers: 99 Legitimates Filtered in 0:mn 5 s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Ace Utilities - (.Acelogix Software.) [HKLM][64Bits] -- Ace Utilities_is1
O42 - Logiciel: AlertInfo - (.i-Systems Inc..) [HKLM][64Bits] -- AlertInfo_is1
O42 - Logiciel: Efficient WMA MP3 Converter version 0.99.9.3 - (...) [HKLM][64Bits] -- Efficient WMA MP3 Converter_is1
O42 - Logiciel: FixAuto 1.1.7 - (.Trinh Duc Thang.) [HKLM][64Bits] -- {84C9CD33-1525-4500-BC16-139522A71B98}_is1
O42 - Logiciel: La carte du ciel - (...) [HKLM][64Bits] -- La carte du ciel
O42 - Logiciel: Les cantons suisses - (...) [HKLM][64Bits] -- Les cantons suisses
O42 - Logiciel: Les pays d'Afrique - (...) [HKLM][64Bits] -- Les pays d'Afrique
O42 - Logiciel: Les pays d'Europe - (...) [HKLM][64Bits] -- Les pays d'Europe
O42 - Logiciel: Les pays d'Oc�anie - (...) [HKLM][64Bits] -- Les pays d'Oc�anie
O42 - Logiciel: Les �tats d'Am�rique du Nord - (...) [HKLM][64Bits] -- Les �tats d'Am�rique du Nord
O42 - Logiciel: SummerProperties 1.2 - (.Johny Mattsson.) [HKLM][64Bits] -- 97149975-b4b1-4d2b-b9fe-7ba413d0efeb_is1
O42 - Logiciel: Watchtower Library 2011 - Fran�ais - (.Watchtower Bible and Tract Society of Pennsylvania, Inc..) [HKLM][64Bits] -- {84AE3F05-F600-4C40-BFC8-0B53E45B9B12}
O42 - Logiciel: cbgeo - (...) [HKLM][64Bits] -- cbgeo
~ Logic: 145 Legitimates Filtered in 0:mn 1 s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Acelogix]
[HKCU\Software\FixAuto]
[HKCU\Software\Google Hacks]
[HKCU\Software\HDSoft]
[HKCU\Software\Peer2Me]
[HKCU\Software\Watchtower]
[HKLM\Software\Wow6432Node\FixAuto]
[HKLM\Software\Wow6432Node\WATCHTOWER]
~ Key Software: 288 Legitimates Filtered in 0:mn 1 s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/06/2013 - 6:23:43 - [2,044] ----D D:\Program Files (x86)\FixAuto
O43 - CFD: 15/12/2012 - 11:25:36 - [0,104] ----D D:\Program Files (x86)\VirusTotalUploader
O43 - CFD: 21/05/2013 - 12:26:34 - [0,483] ----D D:\ProgramData\Privacyware
O43 - CFD: 02/06/2013 - 8:53:07 - [0] --H-D D:\ProgramData\{3D3D405B-A26F-46DE-8E42-8BCC08AC2C4B}
O43 - CFD: 02/05/2013 - 10:35:17 - [196,591] ----D D:\Users\Anthony\AppData\Roaming\AlertInfo
O43 - CFD: 11/01/2013 - 9:59:30 - [0] ----D D:\Users\Anthony\AppData\Roaming\K-Meleon
O43 - CFD: 17/12/2012 - 9:54:00 - [0] ----D D:\Users\Anthony\AppData\Roaming\Watchtower
O43 - CFD: 31/05/2013 - 11:13:14 - [0,001] ----D D:\Users\Anthony\AppData\Local\Akamai
O43 - CFD: 11/01/2013 - 9:59:30 - [0] ----D D:\Users\Anthony\AppData\Local\K-Meleon
O43 - CFD: 28/05/2013 - 10:24:05 - [0] ----D D:\Users\Anthony\AppData\Local\Privatefirewall
O43 - CFD: 03/02/2013 - 12:10:35 - [0] ----D D:\Users\Anthony\AppData\Local\WmaMp3-Converter.com
O43 - CFD: 01/06/2013 - 9:18:04 - [0,020] ----D D:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Utilities
O43 - CFD: 21/12/2012 - 7:55:13 - [0,001] ----D D:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Hacks
~ Program Folder: 249 Legitimates Filtered in 1:mn 0 s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.052D9A64A826C56DB1EB3A73A2BDDBC9] - 01/06/2013 - 8:45:29 ---A- . (...) -- D:\Windows\DirectX.log [10085]
O44 - LFC:[MD5.6DC0EAB69F7A0AEA6604026F722F8CB6] - 01/06/2013 - 9:45:36 ---A- . (...) -- D:\Windows\SysNative\ServiceFilter.ini [2040]
O44 - LFC:[MD5.6DC0EAB69F7A0AEA6604026F722F8CB6] - 01/06/2013 - 9:45:36 RSHAD . (...) -- D:\Windows\System32\ServiceFilter.ini [2040]
O44 - LFC:[MD5.898ADED880961EB034461303C647F449] - 01/06/2013 - 9:59:46 RSHAD . (.Zemana Ltd. - Zemana AntiLogger Driver.) -- D:\Windows\System32\Drivers\AntiLog64.sys [49240]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 03/06/2013 - 5:25:17 R-HA- . (...) -- D:\Windows\WindowsShell.Manifest [749]
O44 - LFC:[MD5.E13F489F0B1E52319A86BDD996263F4B] - 04/06/2013 - 8:37:17 ---A- . (...) -- D:\Windows\win.ini [478]
O44 - LFC:[MD5.0B70AF14069E93B164B87E2FE1D66B56] - 04/06/2013 - 8:42:18 ---A- . (...) -- D:\Windows\SysNative\AutoRunFilter.ini [2263]
O44 - LFC:[MD5.0B70AF14069E93B164B87E2FE1D66B56] - 04/06/2013 - 8:42:18 RSHAD . (...) -- D:\Windows\System32\AutoRunFilter.ini [2263]
O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 --HA- . (...) -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26352]
O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 --HA- . (...) -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26352]
O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 RSHAD . (...) -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26352]
O44 - LFC:[MD5.CF3513A3084B2632D60637FEDC16C37C] - 05/06/2013 - 5:03:16 RSHAD . (...) -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26352]
O44 - LFC:[MD5.F61AAE2E133C3DCE8BA1705E301D4224] - 28/05/2013 - 9:17:48 RSHAD . (.Privacyware/PWI, Inc. - pwipf6.) -- D:\Windows\System32\Drivers\pwipf6.sys [130744]
O44 - LFC:[MD5.3D6C79A2099B7E8CEE90EF3031BF3DCD] - 29/05/2013 - 7:51:22 ---A- . (...) -- D:\Windows\ODBC.INI [28]
O44 - LFC:[MD5.97688E64F62D1BCCF8011AF307C5570C] - 04/06/2013 - 11:44:53 RSHAD . (...) -- D:\Windows\System32\Drivers\fvstore.dat [8544]
O44 - LFC:[MD5.1EA008D809C2B3BFB66ECD51E3788FED] - 04/06/2013 - 11:27:04 ---A- . (...) -- D:\Ad-Report-CLEAN[1].txt [5714]
O44 - LFC:[MD5.C491449348C2E70988ECB14B9E721522] - 04/06/2013 - 11:17:41 ---A- . (...) -- D:\Ad-Report-SCAN[1].txt [5486]
O44 - LFC:[MD5.6123C8DEB15EB37453C4D609723C15D9] - 04/06/2013 - 10:51:47 ---A- . (...) -- D:\Windows\SysNative\dopdf6.ctm [7481]
O44 - LFC:[MD5.6BDFD4C6E53260C59484814963E6AC2E] - 04/06/2013 - 10:51:47 ---A- . (.Softland - doPDF Port Monitor User Interface.) -- D:\Windows\SysNative\dopdfmi6.dll [18072]
O44 - LFC:[MD5.E2868E18CEA740A63C4736C99AB2965F] - 04/06/2013 - 10:51:47 ---A- . (.Softland - doPDF Port Monitor.) -- D:\Windows\SysNative\dopdfmn6.dll [21656]
O44 - LFC:[MD5.6123C8DEB15EB37453C4D609723C15D9] - 04/06/2013 - 10:51:47 RSHAD . (...) -- D:\Windows\System32\dopdf6.ctm [7481]
O44 - LFC:[MD5.6BDFD4C6E53260C59484814963E6AC2E] - 04/06/2013 - 10:51:47 RSHAD . (.Softland - doPDF Port Monitor User Interface.) -- D:\Windows\System32\dopdfmi6.dll [18072]
O44 - LFC:[MD5.E2868E18CEA740A63C4736C99AB2965F] - 04/06/2013 - 10:51:47 RSHAD . (.Softland - doPDF Port Monitor.) -- D:\Windows\System32\dopdfmn6.dll [21656]
~ Files: 224 Legitimates Filtered in 2:mn 9 s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{30ce1649-46df-11e2-b379-806e6f6e6963}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.)
~ Keys: Scanned in 0:mn 0 s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\HDSoft [Key] . (.HDSoft - iFree Skype Recorder.) -- H:\iFree Skype Recorder\irecorder.exe
O53 - SMSR:HKLM\...\startupreg\TrojanScanner [Key] . (.Simply Super Software - Trojan Scanner.) -- H:\Trojan Remover\Trjscan.exe
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - �Torrent.) -- H:\uTorrent.exe =>P2P.�Torrent
~ SMSR Keys: 12 Legitimates Filtered in 0:mn 0 s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
~ MWPS: 8 Legitimates Filtered in 0:mn 0 s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 2:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- D:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.6C572A50FB2BF1F70281FEB67188A486] - 22/11/2012 - 8:51:26 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- D:\Windows\System32\athrx.sys [3831808]
~ Drivers: Scanned in 0:mn 0 s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.)
~ ADS: Scanned in 0:mn 0 s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 25/12/2012 - D:\Windows\System32\DRIVERS\pwipf6.sys (pwipf6) .(.Privacyware/PWI, Inc. - pwipf6.) - LEGACY_PWIPF6
~ Legacy: 93 Legitimates Filtered in 0:mn 1 s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.html>
~ FASS Keys: 19 Legitimates Filtered in 0:mn 0 s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 0:mn 0 s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Anthony - m24tl2u5.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} - (Yahoo! Search) - http://fr.search.yahoo.com
~ Keys: Scanned in 0:mn 0 s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.0A90C8A3F94564E7EAF541981EAFA52A] [SPRF][04/06/2013] (...) -- D:\Users\Anthony\Desktop\AdwCleaner-2.301.exe [632031]
[MD5.1F2FF002A6A48EE32ACEBB299A39A837] [SPRF][07/12/2011] (.NirSoft - BlueScreenView.) -- D:\Users\Anthony\Desktop\BlueScreenView.exe [54272]
[MD5.2725723B77882B9118320FCA9FB271B4] [SPRF][14/07/2005] (.Pas de propri�taire - Safe XP.) -- D:\Users\Anthony\Desktop\SafeXP.exe [345600]
~ Files: Scanned in 0:mn 0 s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{B0B56D05-7532-4BCB-818C-20722928FCC7}" | In - Public - P6 - TRUE | .(.ZGuideTV Team - ZGuideTV.NET.) -- H:\ZGuideTVDotNet\ZGuideTVDotNet.exe
O87 - FAEL: "{C24542DD-DF45-465A-AB66-E7AE4BBF7CA5}" | In - Public - P17 - TRUE | .(.ZGuideTV Team - ZGuideTV.NET.) -- H:\ZGuideTVDotNet\ZGuideTVDotNet.exe
~ Firewall: 200 Legitimates Filtered in 0:mn 2 s
---\\ Scan Additionnel (O88)
Database Version : v2.12397 - (04/06/2013)
Cl�s trouv�es (Keys found) : 2
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0
[HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] =>Toolbar.Agent
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] =>Toolbar.Agent
~ Additionnel Scan: 221937 Items scanned in 0:mn 7 s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 14/05/2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - D:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
SR - | Demand 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 31/05/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 03/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - D:\Windows\system32\FBAgent.exe
SR - | Auto 04/04/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 04/04/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/11/2011 80512 | (ASLDRService) . (.ASUS.) - D:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - D:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 25/04/2013 5784472 | (cmdAgent) . (.COMODO.) - D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SS - | Demand 15/04/2013 158928 | (cmdvirth) . (.COMODO.) - D:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
SS - | Demand 22/03/2013 279024 | (cphs) . (.Intel Corporation.) - D:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 16/12/2012 116648 | (gupdate) . (.Google Inc..) - D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 16/12/2012 116648 | (gupdate1ce4b1dce282616) . (.Google Inc..) - D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/12/2012 116648 | (gupdatem) . (.Google Inc..) - D:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - D:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 26/04/2013 570664 | (hshld) . (.AnchorFree Inc..) - D:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
SR - | Auto 26/04/2013 463656 | (HssSrv) . (.AnchorFree Inc..) - D:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
SS - | Demand 78512 | (HssTrayService) . (...) - D:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe
SR - | Auto 390440 | (HssWd) . (...) - D:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
SR - | Auto 30/04/2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - D:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - D:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 07/09/2012 2464400 | (IconMan_R) . (.Realsil Microelectronics Inc..) - D:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - D:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - D:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SS - | Demand 08/02/2013 359664 | (LBTServ) . (.Logitech, Inc..) - D:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 15/05/2013 1144144 | (MaConfigAgent) . (.CybelSoft.) - D:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - H:\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - H:\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 11/05/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 05/09/2008 68760 | (SandraAgentSrv) . (.SiSoftware.) - H:\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe
SR - | Demand 26/11/2012 1225312 | (Secunia PSI Agent) . (.Secunia.) - D:\Program Files (x86)\Secunia\PSI\PSIA.exe
SS - | Demand 11/06/2012 724376 | (ServiceLayer) . (.Nokia.) - D:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SS - | Demand 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - D:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 29/11/2012 3463080 | (TeamViewer8) . (.TeamViewer GmbH.) - H:\Version8\TeamViewer_Service.exe
SR - | Auto 13/07/2009 24168 | (UnsignedThemes) . (.The Within Network, LLC.) - D:\Windows\UnsignedThemesSvc.exe
SS - | Demand 14/07/2009 27136 | D:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - D:\Windows\System32\svchost.exe
SS - | Disabled 0 | (WMPNetworkSvc) . (...) - D:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | D:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - D:\Windows\System32\svchost.exe
~ Services: Scanned in 0:mn 4 s
~ 1487 Legitimates filtered by white list
End of the scan (622 lines in 2:mn 2 s)(0)