cat167
Participant
Nombre d'articles : 16

Sinon voici les rapports de mes actions preliminaires de hier soir…

Malwarebytes …
[spoiler:vof68nik]Malwarebytes Anti-Malware
http://www.malwarebytes.org » onclick= »window.open(this.href);return false;

Scan Date: 06/07/2014
Scan Time: 22:26:37
Logfile: malw am report.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.06.07
Rootkit Database: v2014.07.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Vista

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 279898
Time Elapsed: 26 min, 58 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.Installex, C:UsersVistaDownloadsDownload (1).exe, Quarantined, [232c009cabd0043226d6a269ca3746ba],
PUP.Optional.Installex, C:UsersVistaDownloadsDownload.exe, Quarantined, [3d120399e5964aecaf4dd5369b6637c9],

Physical Sectors: 0
(No malicious items detected)

(end)[/spoiler:vof68nik]

[spoiler:vof68nik]# AdwCleaner v3.214 – Rapport créé le 06/07/2014 à 22:05:44
# Mis à jour le 29/06/2014 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Vista – PC-DE-VISTA
# Exécuté depuis : C:UsersVistaDownloadsadwcleaner_3.214.exe
# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

Fichier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramseBay.lnk

***** [ Raccourcis ] *****

***** [ Registre ] *****

Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho
Clé Supprimée : HKLMSOFTWAREClassesprotector_dll.protectorbho.1
Clé Supprimée : HKLMSOFTWAREClassesS
Clé Supprimée : HKLMSOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{13086CD4-88B6-45E3-9182-3BC2664199F7}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{731D436C-464C-4F29-BFB2-DE9C458535AE}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{EEF00686-CAB8-4885-9CCB-78FF483041AA}
Clé Supprimée : HKLMSOFTWAREClassesCLSID{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Valeur Supprimée : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

***** [ Navigateurs ] *****

-\ Internet Explorer v9.0.8112.16555

-\ Mozilla Firefox v3.0.17 (fr)

[ Fichier : C:UsersVistaAppDataRoamingMozillaFirefoxProfilesxi383v70.defaultprefs.js ]

-\ Google Chrome v35.0.1916.153

[ Fichier : C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultpreferences ]

*************************

AdwCleaner[R0].txt – [2884 octets] – [06/07/2014 22:01:39]
AdwCleaner[S0].txt – [2827 octets] – [06/07/2014 22:05:44]

########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [2887 octets] ##########[/spoiler:vof68nik]

[spoiler:vof68nik]~ Rapport de ZHPDiag v2014.6.25.98 – Nicolas Coolman (25/06/2014)
~ Lancé par Vista (06/07/2014 23:22:42)
~ Adresse du Site Web http://nicolascoolman.fr » onclick= »window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

—\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox v3.0.17 (fr)
GCIE: Google Chrome v35.0.1916.153 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Windows Operating System – Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK

—\ Logiciels de protection du système
avast! Free Antivirus v9.0.2018
Malwarebytes Anti-Malware version 2.0.2.1012

—\ Logiciels d'optimisation du système

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 14 Plugin
Adobe Reader 9 – Français
Java 7 Update 60

—\ Informations sur le système
~ Processor: x86 Family 15 Model 104 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1982 MB (24% free)
System Restore: Activé (Enable)
System drive C: has 45 GB (32%) free of 136 GB

—\ Mode de connexion au système
~ Computer Name: PC-DE-VISTA
~ User Name: Vista
~ All Users Names: Vista, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d'environnement
~ System Unit : C:
~ %AppZHP% : C:UsersVistaAppDataRoamingZHP
~ %AppData% : C:UsersVistaAppDataRoaming
~ %Desktop% : C:UsersVistaDesktop
~ %Favorites% : C:UsersVistaFavorites
~ %LocalAppData% : C:UsersVistaAppDataLocal
~ %StartMenu% : C:UsersVistaAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:WINDOWS
~ %System% : C:WINDOWSSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 136 Go)
D: Hard drive, Flash drive, Thumb drive (Free 7 Go of 13 Go)
E: CD-ROM drive (Free 0 Go of 0 Go)
F: CD-ROM drive (Free 0 Go of 0 Go)
G: Floppy drive, Flash card reader, USB Key (Free 4 Go of 7 Go)

—\ Etat du Centre de Sécurité Windows
~ Security Center: 47 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] – (.Microsoft Corporation – Explorateur Windows.) (.11/04/2009 – 07:27:36.) — C:WINDOWSExplorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] – (.Microsoft Corporation – Application de démarrage de Windows.) (.19/01/2008 – 08:33:37.) — C:WINDOWSSystem32Wininit.exe [96768]
[MD5.CFD26829131439B71D0109F9D5345573] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.28/05/2014 – 17:32:59.) — C:WINDOWSSystem32wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] – (.Microsoft Corporation – Application d'ouverture de session Windows.) (.11/04/2009 – 07:28:13.) — C:WINDOWSSystem32Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.21/04/2011 – 14:58:27.) — C:WINDOWSsystem32DriversAFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.11/04/2009 – 07:32:26.) — C:WINDOWSsystem32Driversatapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.19/01/2008 – 06:28:02.) — C:WINDOWSsystem32DriversCdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.11/04/2009 – 05:39:17.) — C:WINDOWSsystem32DriversCdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.14/04/2011 – 15:59:03.) — C:WINDOWSsystem32DriversDfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.11/04/2009 – 05:42:42.) — C:WINDOWSsystem32DriversHDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] – (.Microsoft Corporation – Pilote de port i8042.) (.19/01/2008 – 06:49:18.) — C:WINDOWSsystem32Driversi8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] – (.Microsoft Corporation – IP Network Address Translator.) (.19/01/2008 – 06:56:28.) — C:WINDOWSsystem32DriversIpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.29/04/2011 – 14:24:40.) — C:WINDOWSsystem32DriversMRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] – (.Microsoft Corporation – MBT Transport driver.) (.11/04/2009 – 05:45:37.) — C:WINDOWSsystem32DriversnetBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.03/03/2013 – 20:07:52.) — C:WINDOWSsystem32Driversntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] – (.Microsoft Corporation – Pilote de port parallèle.) (.02/11/2006 – 09:51:30.) — C:WINDOWSsystem32DriversParport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.19/01/2008 – 06:56:34.) — C:WINDOWSsystem32DriversRasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.02/11/2006 – 10:03:00.) — C:WINDOWSsystem32Driversrdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] – (.Microsoft Corporation – SMB Transport driver.) (.11/04/2009 – 05:45:22.) — C:WINDOWSsystem32Driverssmb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] – (.Microsoft Corporation – TDI Translation Driver.) (.11/04/2009 – 05:45:56.) — C:WINDOWSsystem32Driverstdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/08/2012 – 12:47:42.) — C:WINDOWSsystem32Driversvolsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4318
~ Mes musiques (My Musics) : 1/3452
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 1/154
~ Mon Bureau (My Desktop) : 15/225
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 05s

—\ Processus lancés
[MD5.4FBC630768570E6AC35C3DE8F6EC79F5] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembam.exe [6970168] [PID.2964]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] – (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe [1008184] [PID.3628]
[MD5.041AF1711BF3D6BFF12FD9D28F0AC303] – (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe [176128] [PID.3636]
[MD5.A04BE1DBBA0E554B2F33555CCBA5F969] – (. Hewlett-Packard Development Company, L.P. – QLB Controller.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe [159744] [PID.3660]
[MD5.AF849798ECA383184C88ED436CF3EFB2] – (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe [472776] [PID.3692]
[MD5.F533507FE318B46629E84DF630A316F8] – (.Hewlett-Packard Development Company, L.P. – Module to process WiFi messages..) — C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe [317128] [PID.3700]
[MD5.4D042B1F1375CF371AFBE0E0276BA627] – (.Adobe Systems Inc. – AcroTray.) — C:Program FilesAdobeAcrobat 8.0Acrobatacrotray.exe [624248] [PID.3748]
[MD5.89D583FC41D48328128A974C25AFAEB7] – (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program FilesCommon FilesRealUpdate_OBrealsched.exe [185896] [PID.3832]
[MD5.8465733657D188C6DD509A222B55B9CF] – (…) — C:Program FilesWinampwinampa.exe [37376] [PID.3840]
[MD5.4B555106290BD117334E9A08761C035A] – (…) — ystem32rundll32.exe [0] [PID.1488]
[MD5.2218928CF528D7BC295B1B4C69E9846C] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastui.exe [3890208] [PID.3884]
[MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe [256896] [PID.3908]
[MD5.BF08674925F151BD4537B89A493E3E0C] – (.Microsoft Corporation – Media Center Tray Applet.) — C:WINDOWSehomeehtray.exe [125952] [PID.3924]
[MD5.6809CE70D9679E208D13210DFFD50362] – (…) — C:Program FilesCurseCurseClient.exe [4789760] [PID.3940]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] – (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [39408] [PID.3948]
[MD5.25D88E97B23FD208C07FA65C6A870E0B] – (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe [1176632] [PID.3956]
[MD5.3E9C9E7AA2B89CC59F37A80BDDE85121] – (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe [6189624] [PID.3980]
[MD5.D653D895588DF213CA85164FB6901576] – (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe [20924576] [PID.3996]
[MD5.CCCDC7B64CFF96C977B0FADC24434628] – (.Dropbox, Inc. – Dropbox.) — C:UsersVistaAppDataRoamingDropboxbinDropbox.exe [33322312] [PID.1376]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] – (.Microsoft Corporation – Media Center Media Status Aggregator Servic.) — C:Windowsehomeehmsas.exe [37376] [PID.3408]
[MD5.241B74792CC295DFDCB7940BBF52B226] – (.Pas de propriétaire – HpqToaster Module.) — C:Program FilesHewlett-PackardSharedHpqToaster.exe [677576] [PID.4936]
[MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] – (.Microsoft Corporation – Windows Media Player.) — C:Program FilesWindows Media Playerwmplayer.exe [168960] [PID.4640]
[MD5.62BF806E38150D8179296D9A81C5CF6D] – (…) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyHelper.exe [598072] [PID.5932]
[MD5.A5FCD42334CCC682DA1882A54338686C] – (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe [860488] [PID.5308]
[MD5.6080A176D09435FC8E6E800996656E18] – (.Microsoft Corporation – Console IME.) — C:Windowssystem32conime.exe [69120] [PID.5376]
[MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8071680] [PID.532]
[MD5.CF672C71844A3B407EB86042829BCE09] – (.NVIDIA Corporation – NVIDIA Driver Helper Service, Version 177.1.) — C:Windowssystem32nvvsvc.exe [203296] [PID.988]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] – (.Microsoft Corporation – Service de gestion des licences Microsoft.) — C:Windowssystem32SLsvc.exe [3408896] [PID.1356]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [50344] [PID.1816]
[MD5.F293992F9CEEF6EA00CE52C3094E59E9] – (.Apple Inc. – Apple Mobile Device Service.) — C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [116040] [PID.1912]
[MD5.3F56903E124E820AEECE6D471583C6C1] – (.Apple Inc. – Bonjour Service.) — C:Program FilesBonjourmDNSResponder.exe [238888] [PID.1112]
[MD5.84F483BB929D4C6A9997978ACF4EE463] – (.Juniper Networks – Network Connect Service.) — C:Program FilesJuniper NetworksCommon FilesdsNcService.exe [688240] [PID.904]
[MD5.559C9B7800FAC92FC515CD0003D7C631] – (.Hewlett-Packard Company – Pas de description.) — C:Program FilesCommon FilesLightScribeLSSrvc.exe [61440] [PID.1780]
[MD5.D84AEA3F3329D622DFC1297DDDF6163B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe [1809720] [PID.920]
[MD5.4F45ED469906494F9BF754E476390DBD] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembamservice.exe [860472] [PID.2200]
[MD5.7CF1B716372B89568AE4C0FE769F5869] – (.Microsoft Corporation – Machine Debug Manager.) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe [335872] [PID.2304]
[MD5.A1DD33D16F277CE34124EE52AB2C0F14] – (…) — C:Windowssystem32PnkBstrA.exe [75064] [PID.2344]
[MD5.15A317674A08DF26BE65164D959E9203] – (.Conexant Systems, Inc. – Modem Audio Service.) — C:Windowssystem32DRIVERSxaudio.exe [386560] [PID.2812]
[MD5.04C1DCBB226C6AE647B794833CE3CEB6] – (.Hewlett-Packard Development Company, L.P. – hpqwmiex Module.) — C:Program FilesHewlett-PackardSharedhpqwmiex.exe [135168] [PID.2824]
[MD5.227846995AFEEFA70D328BF5334A86A5] – (.Macrovision Europe Ltd. – Activation Licensing Service.) — C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [654848] [PID.4960]
[MD5.2CEEB349216FEBD91A907013D4ABCFF7] – (.Hewlett-Packard – HP Health Check Service.) — C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe [62984] [PID.5764]
~ Processes Running: Scanned in 00mn 03s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultPreferences
G2 – GCE: Preference [User DataDefault] [gmekamlpkbcegncocdmhnoogddkeekgn] cats v.1 (Activé)
G2 – GCE: Preference [User DataDefault] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 – GCE: Preference [User DataDefault] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 – GCE: Preference [User DataDefault] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 – GCE: Preference [User DataDefault] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

—\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 51s

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:UsersVistaAppDataRoamingMozillaFirefoxProfilesxi383v70.defaultprefs.js
M2 – MFEP: prefs.js [Vista – xi383v70.defaultbattlefieldheroespatcher@ea.com] [] Battlefield Heroes Updater v4.0.27.0 (..)
P2 – FPN:Firefox Plugin Navigator . (.CNN – NPTURNMED.) — C:Program FilesMozilla FirefoxPluginsNPTURNMED.dll
~ Firefox Browser: 44 Legitimates Filtered in 00mn 00s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32Userinit.exe,
F2 – REG:system.ini: Shell=C:WINDOWSexplorer.exe
F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL « sysdm.cpl »
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: Adobe PDF – [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated – Adobe PDF Toolbar for Internet Explorer.) — C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O3 – Toolbar: Contribute Toolbar – [HKLM]{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} . (.Adobe Systems Incorporated. – Contribute IE Plugin.) — C:Program FilesAdobe\Adobe Contribute CS3contributeieplugin.dll
O3 – Toolbar: EndNote Capture – [HKLM]{945C8270-A848-11D5-A805-00B0D092F45B} . (.Thomson Reuters – EndNote 3.8.1.) — C:Program FilesEndNote Plug-InsENWIEPlug.dll
O3 – ToolbarWebBrowser: (no name) – [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Applications lancées au démarrage du système (O4)
O4 – HKLM..Run: [Windows Defender] . (.Microsoft Corporation – Windows Defender User Interface.) — C:Program FilesWindows DefenderMSASCui.exe
O4 – HKLM..Run: [QPService] . (.CyberLink Corp. – HP QuickPlay Resident Program.) — C:Program FilesHPQuickPlayQPService.exe
O4 – HKLM..Run: [QlbCtrl] . (. Hewlett-Packard Development Company, L.P. – QLB Controller.) — C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe
O4 – HKLM..Run: [HP Health Check Scheduler] . (.Hewlett-Packard – HP Health Check Scheduler.) — C:Program FilesHewlett-PackardHP Health CheckHPHC_Scheduler.exe
O4 – HKLM..Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. – HPWAMain Module.) — C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
O4 – HKLM..Run: [WAWifiMessage] . (.Hewlett-Packard Development Company, L.P. – Module to process WiFi messages..) — C:Program FilesHewlett-PackardHP Wireless AssistantWiFiMsg.exe
O4 – HKLM..Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program FilesAdobeReader 9.0ReaderReader_sl.exe
O4 – HKLM..Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. – AcroTray.) — C:Program FilesAdobeAcrobat 8.0AcrobatAcrotray.exe
O4 – HKLM..Run: [Adobe_ID0EYTHM] . (.Adobe Systems Incorporated – Adobe Version Cue CS3.) — C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3Tray.exe =>.Adobe Systems Incorporated
O4 – HKLM..Run: [TkBellExe] . (.RealNetworks, Inc. – RealNetworks Scheduler.) — C:Program FilesCommon FilesRealUpdate_OBrealsched.exe =>.RealNetworks, Inc
O4 – HKLM..Run: [WinampAgent] . (…) — C:Program FilesWinampwinampa.exe
O4 – HKLM..Run: [NvCplDaemon] . (.NVIDIA Corporation – NVIDIA Display Properties Extension.) — C:Windowssystem32NvCpl.dll =>.NVIDIA Corporation
O4 – HKLM..Run: [NvMediaCenter] . (.NVIDIA Corporation – NVIDIA Media Center Library.) — C:Windowssystem32NvMcTray.dll
O4 – HKLM..Run: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
O4 – HKLM..Run: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe =>.Oracle Corporation
O4 – HKLM..RunOnce: [Launcher] . (.soft thinks – Launcher.) — C:WINDOWSSMINSTlauncher.exe
O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKCU..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
O4 – HKCU..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
O4 – HKCU..Run: [CurseClient] . (…) — C:Program FilesCurseCurseClient.exe
O4 – HKCU..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 – HKCU..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe
O4 – HKCU..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe
O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..Run: [WindowsWelcomeCenter] Clé orpheline
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [WindowsWelcomeCenter] Clé orpheline
O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Sidebar] . (.Microsoft Corporation – Volet Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [ehTray.exe] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WindowsehomeehTray.exe
O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [msnmsgr] C:Program FilesMSN Messengermsnmsgr.exe (.not file.)
O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [CurseClient] . (…) — C:Program FilesCurseCurseClient.exe
O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [swg] . (.Google Inc. – GoogleToolbarNotifier.) — C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersVistaAppDataRoamingSpotifyDataSpotifyWebHelper.exe
O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersVistaAppDataRoamingSpotifyspotify.exe
O4 – HKUSS-1-5-21-460120755-3036941430-2461728175-1001..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 – Extra button: Console Java (Sun) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} — Clé orpheline
O9 – Extra button: Recherche – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOFFICE11REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Objets ActiveX (Downloaded Program Files)(O16)
O16 – DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} ((no name)) – https://juniper.net/dana-cached/sc/JuniperSetupClient.cab » onclick= »window.open(this.href);return false;
~ Objets ActiveX: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS1ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS2ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS3ServicesTcpip..{7FD84EC9-A46E-4A64-967B-16021021820F}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS3ServicesTcpip..{EA1DB2B2-EE46-4FD8-8530-E35CADC9B15C}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: vbscript – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:Windowssystem32mshtml.dll =>.Microsoft Corporation
O18 – Filter: text/xml – {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation – Bibliothèque de l'interface utilisateur du.) — C:WINDOWSSystem32browseui.dll
~ STS/SSO: Scanned in 00mn 00s

—\ Enumération Active Desktop & MHTML Editor (O24)
O24 – Desktop General: BackupWallPaper – .(…) – C:UsersVistaDownloads558559_109165502567022_139051064_n (1).jpg
O24 – Desktop General: WallPaper – .(…) – C:UsersVistaDownloads558559_109165502567022_139051064_n (1).jpg
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

—\ Tâches planifiées en automatique (O39)
O39 – APT: – (..) — C:WINDOWSSystem32TasksAdobe Flash Player Updater [1002]
O39 – APT: – (..) — C:WINDOWSSystem32TasksGoogleUpdateTaskMachineCore [1052]
O39 – APT: – (..) — C:WINDOWSSystem32TasksGoogleUpdateTaskMachineUA [1056]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 08s

—\ Logiciels installés (O42)
O42 – Logiciel: TBS WMP Plug-in – (.CNN.) [HKLM] — InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}
O42 – Logiciel: e-Wörterbücher – (…) [HKLM] — {4737AD9F-13AA-4E4C-B86F-B631D557F6A7}
~ Logic: 23 Legitimates Filtered in 00mn 02s

—\ HKCU & HKLM Software Keys
[HKCUSoftwareCD-MP3-Ripper]
[HKCUSoftwarePopup Woerterbuch EWB]
[HKLMSoftwarePopup Woerterbuch EWB]
[HKLMSoftwareWAR]
~ Key Software: 331 Legitimates Filtered in 00mn 02s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 20/09/2012 – 16:10:19 – [] —-D C:ProgramDataLKG
O43 – CFD: 15/09/2008 – 17:13:56 – [] —-D C:ProgramData{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
O43 – CFD: 04/11/2013 – 21:28:41 – [] —-D C:UsersVistaAppDataRoamingcge
~ Program Folder: 190 Legitimates Filtered in 00mn 01s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] – 06/07/2014 – 21:03:53 —A- . (.SQLite Development Team – SQLite Dynamic Link Library (No TCL).) — C:WINDOWSSystem32sqlite3.dll [536576]
~ Files: 12 Legitimates Filtered in 00mn 36s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – « FilterAdministratorToken »=0
O55 – MWPS:[HKLM…PoliciesSystem] – « EnableUIADesktopToggle »=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:02/09/2008 – 21:48:00 —A- . (.Oak Technology Inc. – Audio File System.) — C:WINDOWSSystem32DriversAFS.SYS [77004]
O58 – SDL:04/05/2014 – 23:29:53 —A- . (…) — C:WINDOWSSystem32DriversaswHwid.sys [24184] =>.ALWIL Software
O58 – SDL:04/05/2014 – 23:29:53 —A- . (…) — C:WINDOWSSystem32DriversaswRvrt.sys [49944] =>.ALWIL Software
O58 – SDL:04/05/2014 – 23:29:54 —A- . (…) — C:WINDOWSSystem32DriversaswVmm.sys [180632] =>.ALWIL Software
O58 – SDL:02/11/2006 – 10:51:34 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WINDOWSSystem32Driverselxstor.sys [316520]
O58 – SDL:02/11/2006 – 10:50:07 —A- . (.Integrated Technology Express, Inc. – ITE IT8211 ATA/ATAPI SCSI miniport.) — C:WINDOWSSystem32Driversiteatapi.sys [35944]
O58 – SDL:02/11/2006 – 10:50:09 —A- . (.Integrated Technology Express, Inc. – ITE IT8212 ATA RAID SCSI miniport.) — C:WINDOWSSystem32Driversiteraid.sys [35944]
O58 – SDL:27/11/2009 – 15:46:03 —A- . (…) — C:WINDOWSSystem32DriversPnkBstrK.sys [139456]
O58 – SDL:24/02/2007 – 15:42:22 —A- . (.REDC – RICOH SD Driver.) — C:WINDOWSSystem32Driversrimmptsk.sys [39936]
O58 – SDL:23/01/2007 – 17:40:20 —A- . (.REDC – RICOH MS Driver.) — C:WINDOWSSystem32Driversrimsptsk.sys [42496]
O58 – SDL:23/01/2007 – 18:03:28 —A- . (.REDC – RICOH XD SM Driver.) — C:WINDOWSSystem32Driversrixdptsk.sys [37376]
O58 – SDL:02/11/2006 – 10:51:25 —A- . (.ULi Electronics Inc. – ULi SATA Controller Driver.) — C:WINDOWSSystem32Driversuliahci.sys [235112]
O58 – SDL:02/11/2006 – 10:50:35 —A- . (.Promise Technology, Inc. – Promise Ultra/Sata Series Driver for Win2003.) — C:WINDOWSSystem32Driversulsata.sys [98408]
O58 – SDL:02/11/2006 – 10:50:45 —A- . (.Promise Technology, Inc. – Promise SATAII150 Series Windows Drivers.) — C:WINDOWSSystem32Driversulsata2.sys [115816]
O58 – SDL:02/11/2006 – 08:09:42 —A- . (…) — C:WINDOWSSystem32ANSI.SYS [9029]
O58 – SDL:02/11/2006 – 08:09:45 —A- . (…) — C:WINDOWSSystem32country.sys [27097]
O58 – SDL:02/11/2006 – 08:09:41 —A- . (…) — C:WINDOWSSystem32HIMEM.SYS [4768]
O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WINDOWSSystem32KEY01.SYS [42809]
O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WINDOWSSystem32KEYBOARD.SYS [42537]
O58 – SDL:02/11/2006 – 08:09:29 —A- . (…) — C:WINDOWSSystem32NTDOS.SYS [27866]
O58 – SDL:02/11/2006 – 08:09:35 —A- . (…) — C:WINDOWSSystem32NTDOS404.SYS [29146]
O58 – SDL:02/11/2006 – 08:09:38 —A- . (…) — C:WINDOWSSystem32NTDOS411.SYS [29370]
O58 – SDL:02/11/2006 – 08:09:40 —A- . (…) — C:WINDOWSSystem32NTDOS412.SYS [29274]
O58 – SDL:02/11/2006 – 08:09:31 —A- . (…) — C:WINDOWSSystem32NTDOS804.SYS [29146]
O58 – SDL:02/11/2006 – 08:09:20 —A- . (…) — C:WINDOWSSystem32NTIO.SYS [33952]
O58 – SDL:02/11/2006 – 08:09:23 —A- . (…) — C:WINDOWSSystem32NTIO404.SYS [34672]
O58 – SDL:02/11/2006 – 08:09:24 —A- . (…) — C:WINDOWSSystem32NTIO411.SYS [35776]
O58 – SDL:02/11/2006 – 08:09:26 —A- . (…) — C:WINDOWSSystem32NTIO412.SYS [35536]
O58 – SDL:02/11/2006 – 08:09:22 —A- . (…) — C:WINDOWSSystem32NTIO804.SYS [34672]
O58 – SDL:25/10/2013 – 09:33:53 —A- . (…) — C:WINDOWSSystem32TrueSight.sys [26624]
~ Drivers: 102 Legitimates Filtered in 00mn 50s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 06/07/2014 – 23:27:00 —A- . (…) — C:UsersVistaDownloadsadwcleaner_3.214.exe [1346519]
~ 56 Fichiers temporaires (Temporary files)
~ 905 Fichiers cookies (Cookies files)
~ Files: 15 Legitimates Filtered in 00mn 07s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.) » onclick= »window.open(this.href);return false; [HKLM] — Usbfix
O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Liste les services legacy du registre (LALS) (O64)
O64 – Services: CurCS – 02/09/2008 – C:WINDOWSSystem32DriversAFS.sys (AFS) .(.Oak Technology Inc. – Audio File System.) – LEGACY_AFS
O64 – Services: CurCS – 04/05/2014 – C:WINDOWSsystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
~ Legacy: 78 Legitimates Filtered in 00mn 16s

—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
~ FASS Keys: 13 Legitimates Filtered in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com » onclick= »window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] – (Google) – http://www.google.fr » onclick= »window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {74303AF0-EB91-4696-AD5E-7C2E2FC5A921} – (Yahoo! France) – http://fr.search.yahoo.com » onclick= »window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage =>.Crack,Keygen
C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage-journal =>.Crack,Keygen
C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage =>.Crack,Keygen
C:UsersVistaAppDataLocalGoogleChromeUser DataDefaultLocal Storagehttp_www.cracked.com_0.localstorage-journal =>.Crack,Keygen
~ Files: Scanned in 04mn 01s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.8EAC7D7A9E0C5D143E572232D991A8E0] [SPRF][29/11/2008] (…) — C:ProgramDataezsidmv.dat [56]
[MD5.306EC60D64E8150B036ECA4449353EDC] [SPRF][04/07/2014] (…) — C:ProgramDatanvModes.dat [361751]
[MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [SPRF][26/11/2009] (…) — C:UsersVistaAppDataRoamingPnkBstrK.sys [138056]
[MD5.111135A5AADFB450A83D3CD4ED07C114] [SPRF][08/06/2013] (…) — C:UsersVistaAppDataRoamingwklnhst.dat [662]
[MD5.9EDD46B257B3A7E710DCA356EC08F502] [SPRF][10/04/2014] (…) — C:WINDOWSDownloaded Program FilesJuniperExt.exe [417328]
~ Files: 9 Legitimates Filtered in 00mn 00s

—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Demand 20/03/2007 153792 | (Adobe Version Cue CS3) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeAdobe Version Cue CS3ServerbinVersionCueCS3.exe =>.Adobe Systems Incorporated
SS – | Demand 13/06/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
SS – | Auto 08/02/2010 135664 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
SS – | Demand 08/02/2010 135664 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
SS – | Demand 28/08/2012 194032 | (gusvc) . (.Google.) – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
SS – | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) – C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
SS – | Demand 10/09/2008 536872 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
SS – | Demand 12/02/2007 880640 | (RoxMediaDB9) . (.Sonic Solutions.) – C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe
SS – | Demand 17/02/2007 74656 | (stllssvr) . (.MicroVision Development, Inc..) – C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
SR – | Auto 10/09/2008 116040 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
SR – | Auto 04/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
SR – | Auto 12/12/2008 238888 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
SR – | Auto 10/04/2014 688240 | (dsNcService) . (.Juniper Networks.) – C:Program FilesJuniper NetworksCommon FilesdsNcService.exe
SR – | Demand 21/08/2008 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) – C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
SR – | Auto 14/03/2007 62984 | (HP Health Check Service) . (.Hewlett-Packard.) – C:Program FilesHewlett-PackardHP Health Checkhphc_service.exe
SR – | Auto 02/05/2006 135168 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) – C:Program FilesHewlett-PackardSharedhpqwmiex.exe
SR – | Auto 14/12/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) – C:Program FilesCommon FilesLightScribeLSSrvc.exe
SR – | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe
SR – | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamservice.exe
SR – | Auto 04/12/2008 203296 | (nvsvc) . (.NVIDIA Corporation.) – C:WINDOWSSystem32nvvsvc.exe
SR – | Auto 26/11/2009 75064 | (PnkBstrA) . (…) – C:Windowssystem32PnkBstrA.exe
SR – | Auto 19/01/2008 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WINDOWSSystem32svchost.exe
SR – | Auto 19/01/2008 21504 | C:WINDOWSSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WINDOWSSystem32svchost.exe
SR – | Auto 28/11/2006 386560 | (XAudioService) . (.Conexant Systems, Inc..) – C:WINDOWSSystem32DRIVERSxaudio.exe
~ Services: Scanned in 00mn 46s

—\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net » onclick= »window.open(this.href);return false;
~ MBR: 1 Legitimates Filtered in 00mn 02s

—\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog » onclick= »window.open(this.href);return false;
Run by Vista at 06/07/2014 23:32:37
********* Dump file Name *********
C:PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s

—\ Scan Additionnel (O88)
Database Version : 13026 – (25/06/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 582594 Items scanned in 02mn 10s

—\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ » onclick= »window.open(this.href);return false; =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ » onclick= »window.open(this.href);return false; =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ » onclick= »window.open(this.href);return false; =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ » onclick= »window.open(this.href);return false; =>.Applications lancées au démarrage du système (O4)
~ AMI: 4 Legitimates Filtered in 00mn 00s

~ 858 Legitimates filtered by white list
End of the scan (517 lines in 12mn 09s)(4)[/spoiler:vof68nik]